diff --git a/.ci/containers/README.md b/.ci/containers/README.md index 5f10bf0bfff3..46bf443c51a3 100644 --- a/.ci/containers/README.md +++ b/.ci/containers/README.md @@ -24,6 +24,6 @@ Before you begin, set up Docker (including configuring it to [authenticate with ``` 4. Update cloudbuild yaml files to reference the image you just pushed by adding the `:testing` suffix 5. Update files that will cause the cloudbuild yaml changes (and therefore your changes) to be exercised - - Tip: Modifying `mmv1/third_party/terraform/services/compute/metadata.go.erb` will trigger builds for TPG, TPGB, and TGC. + - Tip: Modifying `mmv1/third_party/terraform/services/compute/metadata.go.tmpl` will trigger builds for TPG, TPGB, and TGC. 6. Create a PR with these changes. 7. Verify that the cloudbuild steps that should use your testing image _are_ using your testing image (in the Execution Details tab for the step.) diff --git a/.ci/gcb-pr-downstream-generation-and-test.yml b/.ci/gcb-pr-downstream-generation-and-test.yml index 9699417a831f..9e753b8d5174 100644 --- a/.ci/gcb-pr-downstream-generation-and-test.yml +++ b/.ci/gcb-pr-downstream-generation-and-test.yml @@ -264,7 +264,7 @@ steps: - $COMMIT_SHA - $BUILD_ID - $PROJECT_ID - - "22" # Build step + - "23" # Build step - name: 'gcr.io/graphite-docker-images/go-plus' entrypoint: '/workspace/.ci/scripts/go-plus/magician/exec.sh' diff --git a/.ci/gcb-vcr-nightly.yml b/.ci/gcb-vcr-nightly.yml index 4979fe89bb3e..b92735ae8721 100644 --- a/.ci/gcb-vcr-nightly.yml +++ b/.ci/gcb-vcr-nightly.yml @@ -2,10 +2,15 @@ steps: - name: 'gcr.io/graphite-docker-images/go-plus' id: gcb-vcr-nightly - entrypoint: '/workspace/.ci/scripts/go-plus/vcr-cassette-update/vcr_cassette_update.sh' - secretEnv: ["GOOGLE_BILLING_ACCOUNT", "GOOGLE_CUST_ID", "GOOGLE_IDENTITY_USER", "GOOGLE_MASTER_BILLING_ACCOUNT", "GOOGLE_ORG", "GOOGLE_ORG_2", "GOOGLE_ORG_DOMAIN", "GOOGLE_PROJECT", "GOOGLE_PROJECT_NUMBER", "GOOGLE_SERVICE_ACCOUNT", "SA_KEY", "GOOGLE_PUBLIC_AVERTISED_PREFIX_DESCRIPTION"] + entrypoint: '/workspace/.ci/scripts/go-plus/magician/exec.sh' + secretEnv: ["GOOGLE_BILLING_ACCOUNT", "GOOGLE_CUST_ID", "GOOGLE_IDENTITY_USER", "GOOGLE_MASTER_BILLING_ACCOUNT", "GOOGLE_ORG", "GOOGLE_ORG_2", "GOOGLE_ORG_DOMAIN", "GOOGLE_PROJECT", "GOOGLE_PROJECT_NUMBER", "GOOGLE_SERVICE_ACCOUNT", "SA_KEY", "GOOGLE_PUBLIC_AVERTISED_PREFIX_DESCRIPTION", "GITHUB_TOKEN_CLASSIC"] + env: + - "GOOGLE_REGION=us-central1" + - "GOOGLE_ZONE=us-central1-a" + - "USER=magician" args: - - $BUILD_ID + - 'vcr-cassette-update' + - $BUILD_ID # Long timeout to enable waiting on VCR test timeout: 20000s @@ -39,3 +44,5 @@ availableSecrets: env: SA_KEY - versionName: projects/673497134629/secrets/ci-test-public-advertised-prefix-description/versions/latest env: GOOGLE_PUBLIC_AVERTISED_PREFIX_DESCRIPTION + - versionName: projects/673497134629/secrets/github-classic--repo-workflow/versions/latest + env: GITHUB_TOKEN_CLASSIC diff --git a/.ci/infra/terraform/main.tf b/.ci/infra/terraform/main.tf index 6837ed8af83f..0b93ae88bb5f 100644 --- a/.ci/infra/terraform/main.tf +++ b/.ci/infra/terraform/main.tf @@ -376,8 +376,6 @@ resource "google_project_service_identity" "sqladmin_sa" { service = "sqladmin.googleapis.com" } -# TODO: Replace these permissions with bootstrapped permissions - # TestAccComposerEnvironment_fixPyPiPackages # TestAccComposerEnvironmentComposer2_private # TestAccComposerEnvironment_withEncryptionConfigComposer1 @@ -409,6 +407,24 @@ resource "google_project_iam_member" "compute_agent_secret_accessor" { member = "serviceAccount:${google_project.proj.number}-compute@developer.gserviceaccount.com" } +# TestAccHealthcarePipelineJob_healthcarePipelineJobMappingReconDestExample +# TestAccHealthcarePipelineJob_healthcarePipelineJobReconciliationExample +# TestAccHealthcarePipelineJob_healthcarePipelineJobWhistleMappingExample +resource "google_project_iam_member" "healthcare_agent_storage_object_admin" { + project = google_project.proj.project_id + role = "roles/storage.objectAdmin" + member = "serviceAccount:service-${google_project.proj.number}@gcp-sa-healthcare.iam.gserviceaccount.com" +} + +# TestAccHealthcarePipelineJob_healthcarePipelineJobMappingReconDestExample +# TestAccHealthcarePipelineJob_healthcarePipelineJobReconciliationExample +# TestAccHealthcarePipelineJob_healthcarePipelineJobWhistleMappingExample +resource "google_project_iam_member" "healthcare_agent_fhir_resource_editor" { + project = google_project.proj.project_id + role = "roles/healthcare.fhirResourceEditor" + member = "serviceAccount:service-${google_project.proj.number}@gcp-sa-healthcare.iam.gserviceaccount.com" +} + # TestAccVertexAIEndpoint_vertexAiEndpointNetwork # TestAccVertexAIFeaturestoreEntitytype_vertexAiFeaturestoreEntitytypeExample # TestAccVertexAIFeaturestoreEntitytype_vertexAiFeaturestoreEntitytypeWithBetaFieldsExample @@ -423,6 +439,21 @@ resource "google_project_iam_member" "aiplatform_agent_encrypter_decrypter" { member = "serviceAccount:service-${google_project.proj.number}@gcp-sa-aiplatform.iam.gserviceaccount.com" } +# TestAccComputeInstance_confidentialHyperDiskBootDisk +resource "google_project_iam_member" "compute_default_sa_encrypter_decrypter" { + project = google_project.proj.project_id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + member = "serviceAccount:${google_project.proj.number}-compute@developer.gserviceaccount.com" +} + +# TestAccComputeInstance_confidentialHyperDiskBootDisk +resource "google_project_iam_member" "compute_agent_encrypter_decrypter" { + project = google_project.proj.project_id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + member = "serviceAccount:service-${google_project.proj.number}@compute-system.iam.gserviceaccount.com" +} + + data "google_organization" "org2" { organization = var.org2_id } diff --git a/.ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl b/.ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl deleted file mode 100644 index 62b5ef2fba2e..000000000000 --- a/.ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl +++ /dev/null @@ -1,14 +0,0 @@ -{{ if lt .SinceDays 30 -}} -@{{.User}}, this PR is waiting for action from you. Please address any comments or change requests, or [re-request review](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review) from a core reviewer if no action is required. - -![Image showing the re-request review button](https://docs.github.com/assets/cb-28785/mw-1440/images/help/pull_requests/request-re-review.webp) - -If no action is taken, this PR will be closed in -{{- if eq .SinceDays 10 }} 28 days.{{end}} -{{- if eq .SinceDays 20 }} 14 days.{{end}} -{{- if eq .SinceDays 28 }} 2 weekdays.{{end}} - -This notification can be disabled with the `disable-automatic-closure` label. -{{ else -}} -@{{.User}}, this PR is being closed due to inactivity. -{{ end -}} \ No newline at end of file diff --git a/.ci/magician/cmd/check_cassettes.go b/.ci/magician/cmd/check_cassettes.go index bd0e8f1b9693..e149dd370844 100644 --- a/.ci/magician/cmd/check_cassettes.go +++ b/.ci/magician/cmd/check_cassettes.go @@ -64,7 +64,7 @@ var checkCassettesCmd = &cobra.Command{ ctlr := source.NewController(env["GOPATH"], "modular-magician", githubToken, rnr) - vt, err := vcr.NewTester(env, rnr) + vt, err := vcr.NewTester(env, "ci-vcr-cassettes", "vcr-check-cassettes", rnr) if err != nil { return fmt.Errorf("error creating VCR tester: %w", err) } @@ -110,7 +110,10 @@ func execCheckCassettes(commit string, vt *vcr.Tester, ctlr *source.Controller) if err != nil { fmt.Println("Error running VCR: ", err) } - if err := vt.UploadLogs("vcr-check-cassettes", "", "", false, false, vcr.Replaying, provider.Beta); err != nil { + if err := vt.UploadLogs(vcr.UploadLogsOptions{ + Mode: vcr.Replaying, + Version: provider.Beta, + }); err != nil { return fmt.Errorf("error uploading logs: %w", err) } fmt.Println(len(result.FailedTests), " failed tests: ", result.FailedTests) diff --git a/.ci/magician/cmd/generate_comment.go b/.ci/magician/cmd/generate_comment.go index f1a963d8f3f9..20a5d41b5d2d 100644 --- a/.ci/magician/cmd/generate_comment.go +++ b/.ci/magician/cmd/generate_comment.go @@ -40,7 +40,7 @@ import ( ) var ( - //go:embed DIFF_COMMENT.md + //go:embed templates/DIFF_COMMENT.md.tmpl diffComment string ) @@ -504,9 +504,9 @@ func detectMissingTests(diffProcessorPath, tpgbLocalPath string, rnr ExecRunner) } func formatDiffComment(data diffCommentData) (string, error) { - tmpl, err := template.New("DIFF_COMMENT.md").Parse(diffComment) + tmpl, err := template.New("DIFF_COMMENT.md.tmpl").Parse(diffComment) if err != nil { - panic(fmt.Sprintf("Unable to parse DIFF_COMMENT.md: %s", err)) + return "", fmt.Errorf("unable to parse template DIFF_COMMENT.md.tmpl: %s", err) } sb := new(strings.Builder) err = tmpl.Execute(sb, data) diff --git a/.ci/magician/cmd/interfaces.go b/.ci/magician/cmd/interfaces.go index b7007b89e934..ff4b1a2db97c 100644 --- a/.ci/magician/cmd/interfaces.go +++ b/.ci/magician/cmd/interfaces.go @@ -47,6 +47,7 @@ type ExecRunner interface { PushDir(path string) error PopDir() error WriteFile(name, data string) error + AppendFile(name, data string) error // Not used (yet). Run(name string, args []string, env map[string]string) (string, error) MustRun(name string, args []string, env map[string]string) string } diff --git a/.ci/magician/cmd/mock_runner_test.go b/.ci/magician/cmd/mock_runner_test.go index c3a1abccbde3..166a97412d8f 100644 --- a/.ci/magician/cmd/mock_runner_test.go +++ b/.ci/magician/cmd/mock_runner_test.go @@ -113,6 +113,10 @@ func (mr *mockRunner) WriteFile(name, data string) error { return nil } +func (mr *mockRunner) AppendFile(name, data string) error { + return nil +} + func (mr *mockRunner) Copy(src, dest string) error { mr.calledMethods["Copy"] = append(mr.calledMethods["Copy"], ParameterList{src, dest}) return nil diff --git a/.ci/magician/cmd/scheduled_pr_reminders.go b/.ci/magician/cmd/scheduled_pr_reminders.go index 6cfac38f013c..d0ae3c33041a 100644 --- a/.ci/magician/cmd/scheduled_pr_reminders.go +++ b/.ci/magician/cmd/scheduled_pr_reminders.go @@ -38,13 +38,13 @@ var ( // used for flags dryRun bool - //go:embed SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl + //go:embed templates/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl waitingForContributorTemplate string - //go:embed SCHEDULED_PR_WAITING_FOR_MERGE.md.tmpl + //go:embed templates/SCHEDULED_PR_WAITING_FOR_MERGE.md.tmpl waitingForMergeTemplate string - //go:embed SCHEDULED_PR_WAITING_FOR_REVIEW.md.tmpl + //go:embed templates/SCHEDULED_PR_WAITING_FOR_REVIEW.md.tmpl waitingForReviewTemplate string ) diff --git a/.ci/magician/cmd/templates.go b/.ci/magician/cmd/templates.go new file mode 100644 index 000000000000..ec6aa3a568cd --- /dev/null +++ b/.ci/magician/cmd/templates.go @@ -0,0 +1,23 @@ +package cmd + +import ( + "fmt" +) + +func color(color, text string) string { + if color == "" || text == "" { + return text + } + var emoji string + switch color { + case "red": + emoji = "🔴" + case "yellow": + emoji = "🟡" + case "green": + emoji = "🟢" + default: + return text + } + return fmt.Sprintf("%s %s", emoji, text) +} diff --git a/.ci/magician/cmd/DIFF_COMMENT.md b/.ci/magician/cmd/templates/DIFF_COMMENT.md.tmpl similarity index 100% rename from .ci/magician/cmd/DIFF_COMMENT.md rename to .ci/magician/cmd/templates/DIFF_COMMENT.md.tmpl diff --git a/.ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl b/.ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl new file mode 100644 index 000000000000..e23967c07e46 --- /dev/null +++ b/.ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_CONTRIBUTOR.md.tmpl @@ -0,0 +1,14 @@ +{{ if lt .SinceDays 30 -}} +@{{.User}}, this PR is waiting for action from you. If no action is taken, this PR will be closed in +{{- if eq .SinceDays 10 }} 28 days.{{end}} +{{- if eq .SinceDays 20 }} 14 days.{{end}} +{{- if eq .SinceDays 28 }} 2 weekdays.{{end}} + +Please address any comments or change requests, or [re-request review](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review) from a core reviewer if no action is required. + +![Image showing the re-request review button](https://docs.github.com/assets/cb-28785/mw-1440/images/help/pull_requests/request-re-review.webp) + +This notification can be disabled with the `disable-automatic-closure` label. +{{ else -}} +@{{.User}}, this PR is being closed due to inactivity. +{{ end -}} \ No newline at end of file diff --git a/.ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_MERGE.md.tmpl b/.ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_MERGE.md.tmpl similarity index 100% rename from .ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_MERGE.md.tmpl rename to .ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_MERGE.md.tmpl diff --git a/.ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_REVIEW.md.tmpl b/.ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_REVIEW.md.tmpl similarity index 100% rename from .ci/magician/cmd/SCHEDULED_PR_WAITING_FOR_REVIEW.md.tmpl rename to .ci/magician/cmd/templates/SCHEDULED_PR_WAITING_FOR_REVIEW.md.tmpl diff --git a/.ci/magician/cmd/test_terraform_vcr_non_exercised_tests.tmpl b/.ci/magician/cmd/templates/vcr/non_exercised_tests.tmpl similarity index 100% rename from .ci/magician/cmd/test_terraform_vcr_non_exercised_tests.tmpl rename to .ci/magician/cmd/templates/vcr/non_exercised_tests.tmpl diff --git a/.ci/magician/cmd/templates/vcr/record_replay.tmpl b/.ci/magician/cmd/templates/vcr/record_replay.tmpl new file mode 100644 index 000000000000..522a56c698a2 --- /dev/null +++ b/.ci/magician/cmd/templates/vcr/record_replay.tmpl @@ -0,0 +1,31 @@ +{{- if gt (len .RecordingResult.PassedTests) 0 -}} +{{color "green" "Tests passed during RECORDING mode:"}} +{{range .RecordingResult.PassedTests}}`{{.}}`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/recording/{{.}}.log)] +{{end}} + +{{- if gt (len .ReplayingAfterRecordingResult.FailedTests ) 0 -}} +{{color "red" "Tests failed when rerunning REPLAYING mode:"}} +{{range .ReplayingAfterRecordingResult.FailedTests}}`{{.}}`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/build-log/replaying_build_after_recording/{{.}}_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/replaying_after_recording/{{.}}.log)] +{{end}} + +Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made. + +Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer. + +{{else}} +{{color "green" "No issues found for passed tests after REPLAYING rerun."}} +{{end}}{{/* end of if gt (len .ReplayingAfterRecordingResult.FailedTests ) 0 */}} +--- +{{end}}{{/* end of if gt (len .RecordingResult.PassedTests) 0 */}} + +{{if gt (len .RecordingResult.FailedTests) 0 -}} +{{color "red" "Tests failed during RECORDING mode:"}} +{{range .RecordingResult.FailedTests}}`{{.}}`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/build-log/recording_build/{{.}}_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/recording/{{.}}.log)] +{{end}} +{{end}} {{- /* end of if gt (len .RecordingResult.FailedTests) 0 */ -}} + +{{if .HasTerminatedTests}}{{color "red" "Several tests got terminated during RECORDING mode."}}{{end}} +{{if .RecordingErr}}{{color "red" "Errors occurred during RECORDING mode. Please fix them to complete your PR."}}{{end}} +{{if .AllRecordingPassed}}{{color "green" "All tests passed!"}}{{end}} + +View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/recording) for each test diff --git a/.ci/magician/cmd/test_terraform_vcr_test_analytics.tmpl b/.ci/magician/cmd/templates/vcr/test_analytics.tmpl similarity index 100% rename from .ci/magician/cmd/test_terraform_vcr_test_analytics.tmpl rename to .ci/magician/cmd/templates/vcr/test_analytics.tmpl diff --git a/.ci/magician/cmd/vcr_cassettes_update_recording.tmpl b/.ci/magician/cmd/templates/vcr/vcr_cassettes_update_recording.tmpl similarity index 85% rename from .ci/magician/cmd/vcr_cassettes_update_recording.tmpl rename to .ci/magician/cmd/templates/vcr/vcr_cassettes_update_recording.tmpl index 8e4b55af5e71..4dfc042d8799 100644 --- a/.ci/magician/cmd/vcr_cassettes_update_recording.tmpl +++ b/.ci/magician/cmd/templates/vcr/vcr_cassettes_update_recording.tmpl @@ -5,6 +5,7 @@ The provider crashed while running the VCR tests in RECORDING mode {{- else -}} ################################# RECORDING Tests Report +################################# {{if .RecordingResult.PassedTests}} Tests passed during RECORDING mode: @@ -18,7 +19,7 @@ Tests failed during RECORDING mode: {{if .HasTerminatedTests}}Several tests got terminated during RECORDING mode{{end}} -{{if .RecordingErr}}Errors occurred during RECORDING mode.{{end}} +{{if .RecordingErr}}Errors occurred during RECORDING mode: {{.RecordingErr}}.{{end}} {{if .AllRecordingPassed}}All tests passed!{{end}} diff --git a/.ci/magician/cmd/vcr_cassettes_update_replaying.tmpl b/.ci/magician/cmd/templates/vcr/vcr_cassettes_update_replaying.tmpl similarity index 90% rename from .ci/magician/cmd/vcr_cassettes_update_replaying.tmpl rename to .ci/magician/cmd/templates/vcr/vcr_cassettes_update_replaying.tmpl index c827e2ed4729..5c0f891c3e7c 100644 --- a/.ci/magician/cmd/vcr_cassettes_update_replaying.tmpl +++ b/.ci/magician/cmd/templates/vcr/vcr_cassettes_update_replaying.tmpl @@ -3,6 +3,8 @@ The provider crashed while running the VCR tests in REPLAYING mode {{- else}} ################################# Tests Analytics +################################# + Total tests: {{add (add (len .ReplayingResult.PassedTests) (len .ReplayingResult.SkippedTests)) (len .ReplayingResult.FailedTests) }} Passed tests: {{len .ReplayingResult.PassedTests}} Skipped tests: {{len .ReplayingResult.SkippedTests}} @@ -15,7 +17,7 @@ Affected tests list: {{- end}} {{if .ReplayingErr}} ################################# -Errors occurred during REPLAYING mode. +Errors occurred during REPLAYING mode: {{.ReplayingErr}}. ################################# {{- end}} {{if .AllReplayingPassed}} diff --git a/.ci/magician/cmd/test_terraform_vcr_with_replay_failed_tests.tmpl b/.ci/magician/cmd/templates/vcr/with_replay_failed_tests.tmpl similarity index 100% rename from .ci/magician/cmd/test_terraform_vcr_with_replay_failed_tests.tmpl rename to .ci/magician/cmd/templates/vcr/with_replay_failed_tests.tmpl diff --git a/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl b/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl new file mode 100644 index 000000000000..215c5f3ef5ce --- /dev/null +++ b/.ci/magician/cmd/templates/vcr/without_replay_failed_tests.tmpl @@ -0,0 +1,7 @@ +{{- if .ReplayingErr -}} +{{color "red" "Errors occurred during REPLAYING mode. Please fix them to complete your PR."}} +{{- else -}} +{{color "green" "All tests passed!"}} +{{- end}} + +View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/build-log/replaying_test.log) diff --git a/.ci/magician/cmd/templates_test.go b/.ci/magician/cmd/templates_test.go new file mode 100644 index 000000000000..2de0e832daaf --- /dev/null +++ b/.ci/magician/cmd/templates_test.go @@ -0,0 +1,58 @@ +package cmd + +import ( + "testing" +) + +func TestColor(t *testing.T) { + cases := []struct { + name string + color string + text string + want string + }{ + { + name: "red", + color: "red", + text: "Test text", + want: "🔴 Test text", + }, + { + name: "yellow", + color: "yellow", + text: "Test text", + want: "🟡 Test text", + }, + { + name: "green", + color: "green", + text: "Test text", + want: "🟢 Test text", + }, + { + name: "unsupported color", + color: "mauve", + text: "Test text", + want: "Test text", + }, + { + name: "empty color", + text: "Test text", + want: "Test text", + }, + { + name: "empty text", + color: "green", + want: "", + }, + } + + for _, tc := range cases { + t.Run(tc.name, func(t *testing.T) { + got := color(tc.color, tc.text) + if got != tc.want { + t.Errorf("color(%s, %s) got %s; want %s", tc.color, tc.text, got, tc.want) + } + }) + } +} diff --git a/.ci/magician/cmd/test_terraform_vcr.go b/.ci/magician/cmd/test_terraform_vcr.go index 042be4732129..519d1ef1a39e 100644 --- a/.ci/magician/cmd/test_terraform_vcr.go +++ b/.ci/magician/cmd/test_terraform_vcr.go @@ -21,15 +21,15 @@ import ( ) var ( - //go:embed test_terraform_vcr_test_analytics.tmpl + //go:embed templates/vcr/test_analytics.tmpl testsAnalyticsTmplText string - //go:embed test_terraform_vcr_non_exercised_tests.tmpl + //go:embed templates/vcr/non_exercised_tests.tmpl nonExercisedTestsTmplText string - //go:embed test_terraform_vcr_with_replay_failed_tests.tmpl + //go:embed templates/vcr/with_replay_failed_tests.tmpl withReplayFailedTestsTmplText string - //go:embed test_terraform_vcr_without_replay_failed_tests.tmpl + //go:embed templates/vcr/without_replay_failed_tests.tmpl withoutReplayFailedTestsTmplText string - //go:embed test_terraform_vcr_record_replay.tmpl + //go:embed templates/vcr/record_replay.tmpl recordReplayTmplText string ) @@ -120,7 +120,7 @@ var testTerraformVCRCmd = &cobra.Command{ } ctlr := source.NewController(env["GOPATH"], "modular-magician", env["GITHUB_TOKEN_DOWNSTREAMS"], rnr) - vt, err := vcr.NewTester(env, rnr) + vt, err := vcr.NewTester(env, "ci-vcr-cassettes", "ci-vcr-logs", rnr) if err != nil { return fmt.Errorf("error creating VCR tester: %w", err) } @@ -180,7 +180,7 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, } fmt.Println("Running tests: Go files or test fixtures changed") - if err := vt.FetchCassettes(provider.Beta, baseBranch, prNumber); err != nil { + if err := vt.FetchCassettes(provider.Beta, baseBranch, newBranch); err != nil { return fmt.Errorf("error fetching cassettes: %w", err) } @@ -195,7 +195,12 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, testState = "failure" } - if err := vt.UploadLogs("ci-vcr-logs", prNumber, buildID, false, false, vcr.Replaying, provider.Beta); err != nil { + if err := vt.UploadLogs(vcr.UploadLogsOptions{ + Head: newBranch, + BuildID: buildID, + Mode: vcr.Replaying, + Version: provider.Beta, + }); err != nil { return fmt.Errorf("error uploading replaying logs: %w", err) } @@ -256,11 +261,17 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, testState = "success" } - if err := vt.UploadCassettes("ci-vcr-cassettes", prNumber, provider.Beta); err != nil { + if err := vt.UploadCassettes(newBranch, provider.Beta); err != nil { return fmt.Errorf("error uploading cassettes: %w", err) } - if err := vt.UploadLogs("ci-vcr-logs", prNumber, buildID, true, false, vcr.Recording, provider.Beta); err != nil { + if err := vt.UploadLogs(vcr.UploadLogsOptions{ + Head: newBranch, + BuildID: buildID, + Parallel: true, + Mode: vcr.Recording, + Version: provider.Beta, + }); err != nil { return fmt.Errorf("error uploading recording logs: %w", err) } @@ -283,9 +294,17 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, testState = "failure" } - if err := vt.UploadLogs("ci-vcr-logs", prNumber, buildID, true, true, vcr.Replaying, provider.Beta); err != nil { + if err := vt.UploadLogs(vcr.UploadLogsOptions{ + Head: newBranch, + BuildID: buildID, + AfterRecording: true, + Parallel: true, + Mode: vcr.Replaying, + Version: provider.Beta, + }); err != nil { return fmt.Errorf("error uploading recording logs: %w", err) } + } hasTerminatedTests := (len(recordingResult.PassedTests) + len(recordingResult.FailedTests)) < len(replayingResult.FailedTests) @@ -331,7 +350,7 @@ func execTestTerraformVCR(prNumber, mmCommitSha, buildID, projectID, buildStep, return nil } -var addedTestsRegexp = regexp.MustCompile(`(?m)^\+func (Test\w+)\(t \*testing.T\) {`) +var addedTestsRegexp = regexp.MustCompile(`(?m)^\+func (TestAcc\w+)\(t \*testing.T\) {`) func notRunTests(gaDiff, betaDiff string, result vcr.Result) ([]string, []string) { fmt.Println("Checking for new acceptance tests that were not run") @@ -436,9 +455,9 @@ func runReplaying(runFullVCR bool, services map[string]struct{}, vt *vcr.Tester) func handlePanics(prNumber, buildID, buildStatusTargetURL, mmCommitSha string, result vcr.Result, mode vcr.Mode, gh GithubClient) (bool, error) { if len(result.Panics) > 0 { - comment := fmt.Sprintf(`$\textcolor{red}{\textsf{The provider crashed while running the VCR tests in %s mode}}$ -$\textcolor{red}{\textsf{Please fix it to complete your PR}}$ -View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-%s/artifacts/%s/build-log/%s_test.log)`, mode.Upper(), prNumber, buildID, mode.Lower()) + comment := color("red", fmt.Sprintf("The provider crashed while running the VCR tests in %s mode\n", mode.Upper())) + comment += fmt.Sprintf(`Please fix it to complete your PR. +View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-%s/artifacts/%s/build-log/%s_test.log)`, prNumber, buildID, mode.Lower()) if err := gh.PostComment(prNumber, comment); err != nil { return true, fmt.Errorf("error posting comment: %v", err) } @@ -458,6 +477,7 @@ func formatComment(fileName string, tmplText string, data any) (string, error) { funcs := template.FuncMap{ "join": strings.Join, "add": func(i, j int) int { return i + j }, + "color": color, } tmpl, err := template.New(fileName).Funcs(funcs).Parse(tmplText) if err != nil { @@ -472,21 +492,21 @@ func formatComment(fileName string, tmplText string, data any) (string, error) { } func formatTestsAnalytics(data analytics) (string, error) { - return formatComment("test_terraform_vcr_test_analytics.tmpl", testsAnalyticsTmplText, data) + return formatComment("test_analytics.tmpl", testsAnalyticsTmplText, data) } func formatNonExercisedTests(data nonExercisedTests) (string, error) { - return formatComment("test_terraform_vcr_recording_mode_results.tmpl", nonExercisedTestsTmplText, data) + return formatComment("non_exercised_tests.tmpl", nonExercisedTestsTmplText, data) } func formatWithReplayFailedTests(data withReplayFailedTests) (string, error) { - return formatComment("test_terraform_vcr_with_replay_failed_tests.tmpl", withReplayFailedTestsTmplText, data) + return formatComment("with_replay_failed_tests.tmpl", withReplayFailedTestsTmplText, data) } func formatWithoutReplayFailedTests(data withoutReplayFailedTests) (string, error) { - return formatComment("test_terraform_vcr_without_replay_failed_tests.tmpl", withoutReplayFailedTestsTmplText, data) + return formatComment("without_replay_failed_tests.tmpl", withoutReplayFailedTestsTmplText, data) } func formatRecordReplay(data recordReplay) (string, error) { - return formatComment("test_terraform_vcr_record_replay.tmpl", recordReplayTmplText, data) + return formatComment("record_replay.tmpl", recordReplayTmplText, data) } diff --git a/.ci/magician/cmd/test_terraform_vcr_record_replay.tmpl b/.ci/magician/cmd/test_terraform_vcr_record_replay.tmpl deleted file mode 100644 index d5c7535798f8..000000000000 --- a/.ci/magician/cmd/test_terraform_vcr_record_replay.tmpl +++ /dev/null @@ -1,31 +0,0 @@ -{{- if gt (len .RecordingResult.PassedTests) 0 -}} -$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$ -{{range .RecordingResult.PassedTests}}`{{.}}`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/recording/{{.}}.log)] -{{end}} - -{{- if gt (len .ReplayingAfterRecordingResult.FailedTests ) 0 -}} -$\textcolor{red}{\textsf{Tests failed when rerunning REPLAYING mode:}}$ -{{range .ReplayingAfterRecordingResult.FailedTests}}`{{.}}`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/build-log/replaying_build_after_recording/{{.}}_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/replaying_after_recording/{{.}}.log)] -{{end}} - -Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made. - -Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer. - -{{else}} -$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$ -{{end}}{{/* end of if gt (len .ReplayingAfterRecordingResult.FailedTests ) 0 */}} ---- -{{end}}{{/* end of if gt (len .RecordingResult.PassedTests) 0 */}} - -{{if gt (len .RecordingResult.FailedTests) 0 -}} -$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$ -{{range .RecordingResult.FailedTests}}`{{.}}`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/build-log/recording_build/{{.}}_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{$.PRNumber}}/artifacts/{{$.BuildID}}/recording/{{.}}.log)] -{{end}} -{{end}} {{- /* end of if gt (len .RecordingResult.FailedTests) 0 */ -}} - -{{if .HasTerminatedTests}}$\textcolor{red}{\textsf{Several tests got terminated during RECORDING mode.}}${{end}} -{{if .RecordingErr}}$\textcolor{red}{\textsf{Errors occurred during RECORDING mode. Please fix them to complete your PR.}}${{end}} -{{if .AllRecordingPassed}}$\textcolor{green}{\textsf{All tests passed!}}${{end}} - -View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/recording) for each test diff --git a/.ci/magician/cmd/test_terraform_vcr_test.go b/.ci/magician/cmd/test_terraform_vcr_test.go index 393dd5057bb7..8c7c931c3333 100644 --- a/.ci/magician/cmd/test_terraform_vcr_test.go +++ b/.ci/magician/cmd/test_terraform_vcr_test.go @@ -469,38 +469,30 @@ func TestWithoutReplayFailedTests(t *testing.T) { tests := []struct { name string data withoutReplayFailedTests - want string + wantContains []string }{ { name: "with replay error", data: withoutReplayFailedTests{ ReplayingErr: fmt.Errorf("some error"), BuildID: "build-123", - PRNumber: "pr-123", + PRNumber: "123", + }, + wantContains: []string{ + color("red", "Errors occurred during REPLAYING mode. Please fix them to complete your PR."), + "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/replaying_test.log)", }, - want: strings.Join( - []string{ - "$\\textcolor{red}{\\textsf{Errors occurred during REPLAYING mode. Please fix them to complete your PR.}}$", - "", - "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/replaying_test.log)", - }, - "\n", - ), }, { name: "without replay error", data: withoutReplayFailedTests{ BuildID: "build-123", - PRNumber: "pr-123", + PRNumber: "123", + }, + wantContains: []string{ + color("green", "All tests passed!"), + "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/replaying_test.log)", }, - want: strings.Join( - []string{ - "$\\textcolor{green}{\\textsf{All tests passed!}}$", - "", - "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/replaying_test.log)", - }, - "\n", - ), }, } for _, tc := range tests { @@ -509,8 +501,10 @@ func TestWithoutReplayFailedTests(t *testing.T) { if err != nil { t.Fatalf("Failed to format comment: %v", err) } - if diff := cmp.Diff(tc.want, got); diff != "" { - t.Errorf("formatWithoutReplayFailedTests() returned unexpected difference (-want +got):\n%s", diff) + for _, wc := range tc.wantContains { + if !strings.Contains(got, wc) { + t.Errorf("formatWithoutReplayFailedTests() returned %q, which does not contain %q", got, wc) + } } }) } @@ -520,7 +514,7 @@ func TestRecordReplay(t *testing.T) { tests := []struct { name string data recordReplay - want string + wantContains []string }{ { name: "ReplayingAfterRecordingResult has failed tests", @@ -536,38 +530,25 @@ func TestRecordReplay(t *testing.T) { HasTerminatedTests: true, RecordingErr: fmt.Errorf("some error"), BuildID: "build-123", - PRNumber: "pr-123", + PRNumber: "123", + }, + wantContains: []string{ + color("green", "Tests passed during RECORDING mode:"), + "`a`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/a.log)]", + "`b`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/b.log)]", + "`c`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/c.log)]", + color("red", "Tests failed when rerunning REPLAYING mode:"), + "`b`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/replaying_build_after_recording/b_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/replaying_after_recording/b.log)]", + "`c`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/replaying_build_after_recording/c_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/replaying_after_recording/c.log)]", + "Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.", + "Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.", + color("red", "Tests failed during RECORDING mode:"), + "`d`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/recording_build/d_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/d.log)]", + "`e`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/recording_build/e_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/e.log)]", + color("red", "Several tests got terminated during RECORDING mode."), + "Errors occurred during RECORDING mode. Please fix them to complete your PR.", + "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording) for each test", }, - want: strings.Join( - []string{ - "$\\textcolor{green}{\\textsf{Tests passed during RECORDING mode:}}$", "`a`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/a.log)]", - "`b`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/b.log)]", - "`c`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/c.log)]", - "$\\textcolor{red}{\\textsf{Tests failed when rerunning REPLAYING mode:}}$", - "`b`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/replaying_build_after_recording/b_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/replaying_after_recording/b.log)]", - "`c`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/replaying_build_after_recording/c_replaying_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/replaying_after_recording/c.log)]", - "", - "", - "Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.", - "", - "Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.", - "", - "", - "---", - "", - "", - "$\\textcolor{red}{\\textsf{Tests failed during RECORDING mode:}}$", - "`d`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/recording_build/d_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/d.log)]", - "`e`[[Error message](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/recording_build/e_recording_test.log)] [[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/e.log)]", - "", - "$\\textcolor{red}{\\textsf{Several tests got terminated during RECORDING mode.}}$", - "$\\textcolor{red}{\\textsf{Errors occurred during RECORDING mode. Please fix them to complete your PR.}}$", - "", - "", - "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording) for each test", - }, - "\n", - ), }, { name: "ReplayingAfterRecordingResult does not have failed tests", @@ -580,27 +561,17 @@ func TestRecordReplay(t *testing.T) { }, AllRecordingPassed: true, BuildID: "build-123", - PRNumber: "pr-123", + PRNumber: "123", + }, + wantContains: []string{ + color("green", "Tests passed during RECORDING mode:"), + "`a`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/a.log)]", + "`b`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/b.log)]", + "`c`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording/c.log)]", + color("green", "No issues found for passed tests after REPLAYING rerun."), + color("green", "All tests passed!"), + "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-123/artifacts/build-123/recording) for each test", }, - want: strings.Join( - []string{ - "$\\textcolor{green}{\\textsf{Tests passed during RECORDING mode:}}$", "`a`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/a.log)]", - "`b`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/b.log)]", - "`c`[[Debug log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording/c.log)]", - "", - "$\\textcolor{green}{\\textsf{No issues found for passed tests after REPLAYING rerun.}}$", - "", - "---", - "", - "", - "", - "", - "$\\textcolor{green}{\\textsf{All tests passed!}}$", - "", - "View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/build-log/recording_test.log) or the [debug log](https://console.cloud.google.com/storage/browser/ci-vcr-logs/beta/refs/heads/auto-pr-pr-123/artifacts/build-123/recording) for each test", - }, - "\n", - ), }, } for _, tc := range tests { @@ -609,8 +580,10 @@ func TestRecordReplay(t *testing.T) { if err != nil { t.Fatalf("Failed to format comment: %v", err) } - if diff := cmp.Diff(tc.want, got); diff != "" { - t.Errorf("formatRecordReplay() returned unexpected difference (-want +got):\n%s", diff) + for _, wc := range tc.wantContains { + if !strings.Contains(got, wc) { + t.Errorf("formatRecordReplay() returned %q, which does not contain %q", got, wc) + } } }) } diff --git a/.ci/magician/cmd/test_terraform_vcr_without_replay_failed_tests.tmpl b/.ci/magician/cmd/test_terraform_vcr_without_replay_failed_tests.tmpl deleted file mode 100644 index 9c342f06f610..000000000000 --- a/.ci/magician/cmd/test_terraform_vcr_without_replay_failed_tests.tmpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- if .ReplayingErr -}} -$\textcolor{red}{\textsf{Errors occurred during REPLAYING mode. Please fix them to complete your PR.}}$ -{{- else -}} -$\textcolor{green}{\textsf{All tests passed!}}$ -{{- end}} - -View the [build log](https://storage.cloud.google.com/ci-vcr-logs/beta/refs/heads/auto-pr-{{.PRNumber}}/artifacts/{{.BuildID}}/build-log/replaying_test.log) diff --git a/.ci/magician/cmd/vcr_cassette_update.go b/.ci/magician/cmd/vcr_cassette_update.go index bcf6642e6586..91588e676195 100644 --- a/.ci/magician/cmd/vcr_cassette_update.go +++ b/.ci/magician/cmd/vcr_cassette_update.go @@ -39,9 +39,9 @@ var vcuEnvironmentVariables = [...]string{ } var ( - //go:embed vcr_cassettes_update_replaying.tmpl + //go:embed templates/vcr/vcr_cassettes_update_replaying.tmpl replayingTmplText string - //go:embed vcr_cassettes_update_recording.tmpl + //go:embed templates/vcr/vcr_cassettes_update_recording.tmpl recordingTmplText string ) @@ -90,7 +90,7 @@ var vcrCassetteUpdateCmd = &cobra.Command{ } ctlr := source.NewController(env["GOPATH"], "hashicorp", env["GITHUB_TOKEN_CLASSIC"], rnr) - vt, err := vcr.NewTester(env, rnr) + vt, err := vcr.NewTester(env, "ci-vcr-cassettes", "", rnr) if err != nil { return fmt.Errorf("error creating VCR tester: %w", err) } @@ -133,12 +133,12 @@ func execVCRCassetteUpdate(buildID, today string, rnr ExecRunner, ctlr *source.C // upload replay build and test logs buildLogPath := filepath.Join(rnr.GetCWD(), "testlogs", fmt.Sprintf("%s_test.log", vcr.Replaying.Lower())) if _, err := uploadLogsToGCS(buildLogPath, bucketPrefix+"/logs/replaying/", rnr); err != nil { - return fmt.Errorf("error uploading replaying test log: %w", err) + fmt.Printf("Warning: error uploading replaying test log: %s\n", err) } testLogPath := vt.LogPath(vcr.Replaying, provider.Beta) if _, err := uploadLogsToGCS(filepath.Join(testLogPath, "*"), bucketPrefix+"/logs/build-log/", rnr); err != nil { - return fmt.Errorf("error uploading replaying build log: %w", err) + fmt.Printf("Warning: error uploading replaying build log: %s\n", err) } replayingData := vcrCassetteUpdateReplayingResult{ @@ -169,17 +169,19 @@ func execVCRCassetteUpdate(buildID, today string, rnr ExecRunner, ctlr *source.C // uploading cassettes failed because recording not work buildLogPath := filepath.Join(rnr.GetCWD(), "testlogs", fmt.Sprintf("%s_test.log", vcr.Recording.Lower())) if _, err := uploadLogsToGCS(buildLogPath, bucketPrefix+"/logs/recording/", rnr); err != nil { - return fmt.Errorf("error uploading recording test log: %w", err) + fmt.Printf("Warning: error uploading recording test log: %s\n", err) } testLogPath := vt.LogPath(vcr.Recording, provider.Beta) if _, err := uploadLogsToGCS(filepath.Join(testLogPath, "*"), bucketPrefix+"/logs/build-log/", rnr); err != nil { - return fmt.Errorf("error uploading recording build log: %w", err) + fmt.Printf("Warning: error uploading recording build log: %s\n", err) } + if len(recordingResult.PassedTests) > 0 { cassettesPath := vt.CassettePath(provider.Beta) - if _, err := uploadCassettesToGCS(cassettesPath, "gs://ci-vcr-cassettes/beta/fixtures/", rnr); err != nil { - return fmt.Errorf("error uploading cassettes: %w", err) + if _, err := uploadCassettesToGCS(cassettesPath+"/*", "gs://ci-vcr-cassettes/beta/fixtures/", rnr); err != nil { + // There could be cases that the tests do not generate any cassettes. + fmt.Printf("Warning: error uploading cassettes: %s\n", err) } } else { fmt.Println("No tests passed in recording mode, not uploading cassettes.") diff --git a/.ci/magician/cmd/vcr_cassette_update_test.go b/.ci/magician/cmd/vcr_cassette_update_test.go index bd1f4ce9d58d..beb96423869f 100644 --- a/.ci/magician/cmd/vcr_cassette_update_test.go +++ b/.ci/magician/cmd/vcr_cassette_update_test.go @@ -34,6 +34,8 @@ func TestFormatVCRCassettesUpdateReplaying(t *testing.T) { []string{ "#################################", "Tests Analytics", + "#################################", + "", "Total tests: 5", "Passed tests: 2", "Skipped tests: 1", @@ -47,7 +49,8 @@ func TestFormatVCRCassettesUpdateReplaying(t *testing.T) { "#################################", "", "#################################", - "Errors occurred during REPLAYING mode.", "#################################", + "Errors occurred during REPLAYING mode: some error.", + "#################################", }, "\n", ), @@ -65,6 +68,8 @@ func TestFormatVCRCassettesUpdateReplaying(t *testing.T) { []string{ "#################################", "Tests Analytics", + "#################################", + "", "Total tests: 3", "Passed tests: 2", "Skipped tests: 1", @@ -74,7 +79,8 @@ func TestFormatVCRCassettesUpdateReplaying(t *testing.T) { "", "", "#################################", - "All tests passed in REPLAYING mode.", "#################################", + "All tests passed in REPLAYING mode.", + "#################################", }, "\n", ), @@ -93,6 +99,8 @@ func TestFormatVCRCassettesUpdateReplaying(t *testing.T) { []string{ "#################################", "Tests Analytics", + "#################################", + "", "Total tests: 5", "Passed tests: 2", "Skipped tests: 1", @@ -160,6 +168,7 @@ func TestFormatVCRCassettesUpdateRecording(t *testing.T) { []string{ "#################################", "RECORDING Tests Report", + "#################################", "", "", "Tests passed during RECORDING mode:", @@ -173,7 +182,7 @@ func TestFormatVCRCassettesUpdateRecording(t *testing.T) { "", "", "", - "Errors occurred during RECORDING mode.", + "Errors occurred during RECORDING mode: some error.", }, "\n", ), @@ -190,6 +199,7 @@ func TestFormatVCRCassettesUpdateRecording(t *testing.T) { []string{ "#################################", "RECORDING Tests Report", + "#################################", "", "", "Tests passed during RECORDING mode:", @@ -219,6 +229,7 @@ func TestFormatVCRCassettesUpdateRecording(t *testing.T) { []string{ "#################################", "RECORDING Tests Report", + "#################################", "", "", "Tests passed during RECORDING mode:", @@ -264,6 +275,7 @@ func TestFormatVCRCassettesUpdateRecording(t *testing.T) { []string{ "#################################", "RECORDING Tests Report", + "#################################", "", "", "Tests passed during RECORDING mode:", @@ -371,7 +383,7 @@ func TestExecVCRCassetteUpdate(t *testing.T) { }}, {"/mock/dir/magic-modules/.ci/magician", "gsutil", []string{"-h", "Content-Type:text/plain", "-q", "cp", "-r", "/mock/dir/magic-modules/.ci/magician/testlogs/recording_test.log", "gs://vcr-nightly/beta/2024-07-08/buildID/logs/recording/"}, map[string]string(nil)}, {"/mock/dir/magic-modules/.ci/magician", "gsutil", []string{"-h", "Content-Type:text/plain", "-q", "cp", "-r", "/mock/dir/magic-modules/.ci/magician/testlogs/recording/beta/*", "gs://vcr-nightly/beta/2024-07-08/buildID/logs/build-log/"}, map[string]string(nil)}, - {"/mock/dir/magic-modules/.ci/magician", "gsutil", []string{"-m", "-q", "cp", "/mock/dir/magic-modules/.ci/magician/cassettes/beta", "gs://ci-vcr-cassettes/beta/fixtures/"}, map[string]string(nil)}, + {"/mock/dir/magic-modules/.ci/magician", "gsutil", []string{"-m", "-q", "cp", "/mock/dir/magic-modules/.ci/magician/cassettes/beta/*", "gs://ci-vcr-cassettes/beta/fixtures/"}, map[string]string(nil)}, }, }, }, @@ -389,7 +401,7 @@ func TestExecVCRCassetteUpdate(t *testing.T) { ctlr := source.NewController("gopath", "hashicorp", "token", rnr) vt, err := vcr.NewTester(map[string]string{ "SA_KEY": "sa_key", - }, rnr) + }, "ci-vcr-cassettes", "", rnr) if err != nil { t.Fatalf("Failed to create new tester: %v", err) } diff --git a/.ci/magician/exec/runner.go b/.ci/magician/exec/runner.go index 4d85ece99189..c1bdc79525c5 100644 --- a/.ci/magician/exec/runner.go +++ b/.ci/magician/exec/runner.go @@ -100,6 +100,19 @@ func (ar *Runner) ReadFile(name string) (string, error) { return string(data), nil } +// Note: This is not used yet. +func (ar *Runner) AppendFile(name, data string) error { + f, err := os.OpenFile(ar.abs(name), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + if err != nil { + return fmt.Errorf("error opening file %s: %v", name, err) + } + defer f.Close() + if _, err := f.Write([]byte(data)); err != nil { + return fmt.Errorf("error writing to file %s: %v", name, err) + } + return nil +} + // Run the given command with the given args and env, return output and error if any func (ar *Runner) Run(name string, args []string, env map[string]string) (string, error) { cmd := exec.Command(name, args...) diff --git a/.ci/magician/github/membership_data.go b/.ci/magician/github/membership_data.go index b43449058d81..caca9267c716 100644 --- a/.ci/magician/github/membership_data.go +++ b/.ci/magician/github/membership_data.go @@ -35,6 +35,11 @@ var ( // startDate: newDate(2024, 3, 28, pdtLoc), // endDate: newDate(2024, 4, 2, pdtLoc), // }, + { + id: "BBBmau", + startDate: newDate(2024, 9, 26, pdtLoc), + endDate: newDate(2024, 10, 2, pdtLoc), + }, { id: "hao-nan-li", startDate: newDate(2024, 9, 24, pdtLoc), @@ -45,20 +50,15 @@ var ( startDate: newDate(2024, 4, 30, pdtLoc), endDate: newDate(2024, 7, 31, pdtLoc), }, - { - id: "SarahFrench", - startDate: newDate(2024, 8, 2, bstLoc), - endDate: newDate(2024, 8, 6, bstLoc), - }, { id: "shuyama1", - startDate: newDate(2024, 5, 22, pdtLoc), - endDate: newDate(2024, 5, 28, pdtLoc), + startDate: newDate(2024, 9, 26, pdtLoc), + endDate: newDate(2024, 10, 4, pdtLoc), }, { id: "melinath", - startDate: newDate(2024, 6, 26, pdtLoc), - endDate: newDate(2024, 7, 22, pdtLoc), + startDate: newDate(2024, 9, 18, pdtLoc), + endDate: newDate(2024, 9, 23, pdtLoc), }, { id: "slevenick", @@ -90,5 +90,20 @@ var ( startDate: newDate(2024, 8, 24, pdtLoc), endDate: newDate(2024, 9, 2, pdtLoc), }, + { + id: "roaks3", + startDate: newDate(2024, 9, 13, pdtLoc), + endDate: newDate(2024, 9, 20, pdtLoc), + }, + { + id: "SarahFrench", + startDate: newDate(2024, 9, 20, bstLoc), + endDate: newDate(2024, 9, 23, bstLoc), + }, + { + id: "c2thorn", + startDate: newDate(2024, 10, 2, bstLoc), + endDate: newDate(2024, 10, 14, bstLoc), + }, } ) diff --git a/.ci/magician/provider/version.go b/.ci/magician/provider/version.go index c8c65fc8e82b..6372ff7fd297 100644 --- a/.ci/magician/provider/version.go +++ b/.ci/magician/provider/version.go @@ -6,9 +6,10 @@ const ( None Version = iota GA Beta + Alpha ) -const NumVersions = 2 +const NumVersions = 3 func (v Version) String() string { switch v { @@ -16,6 +17,8 @@ func (v Version) String() string { return "ga" case Beta: return "beta" + case Alpha: + return "alpha" } return "unknown" } @@ -33,6 +36,8 @@ func (v Version) RepoName() string { return "terraform-provider-google" case Beta: return "terraform-provider-google-beta" + case Alpha: + return "terraform-next" } return "unknown" } diff --git a/.ci/magician/vcr/tester.go b/.ci/magician/vcr/tester.go index 63d6f1445079..471f4448bbcd 100644 --- a/.ci/magician/vcr/tester.go +++ b/.ci/magician/vcr/tester.go @@ -48,13 +48,15 @@ type logKey struct { } type Tester struct { - env map[string]string // shared environment variables for running tests - rnr ExecRunner // for running commands and manipulating files - baseDir string // the directory in which this tester was created - saKeyPath string // where sa_key.json is relative to baseDir - cassettePaths map[provider.Version]string // where cassettes are relative to baseDir by version - logPaths map[logKey]string // where logs are relative to baseDir by version and mode - repoPaths map[provider.Version]string // relative paths of already cloned repos by version + env map[string]string // shared environment variables for running tests + rnr ExecRunner // for running commands and manipulating files + cassetteBucket string // name of GCS bucket to store cassettes + logBucket string // name of GCS bucket to store logs + baseDir string // the directory in which this tester was created + saKeyPath string // where sa_key.json is relative to baseDir + cassettePaths map[provider.Version]string // where cassettes are relative to baseDir by version + logPaths map[logKey]string // where logs are relative to baseDir by version and mode + repoPaths map[provider.Version]string // relative paths of already cloned repos by version } const accTestParallelism = 32 @@ -66,20 +68,63 @@ var testResultsExpression = regexp.MustCompile(`(?m:^--- (PASS|FAIL|SKIP): (Test var testPanicExpression = regexp.MustCompile(`^panic: .*`) +var safeToLog = map[string]bool{ + "ACCTEST_PARALLELISM": true, + "COMMIT_SHA": true, + "GITHUB_TOKEN": false, + "GITHUB_TOKEN_CLASSIC": false, + "GITHUB_TOKEN_DOWNSTREAMS": false, + "GITHUB_TOKEN_MAGIC_MODULES": false, + "GOCACHE": true, + "GOOGLE_APPLICATION_CREDENTIALS": false, + "GOOGLE_BILLING_ACCOUNT": false, + "GOOGLE_CREDENTIALS": false, + "GOOGLE_CUST_ID": true, + "GOOGLE_IDENTITY_USER": true, + "GOOGLE_MASTER_BILLING_ACCOUNT": false, + "GOOGLE_ORG": true, + "GOOGLE_ORG_2": true, + "GOOGLE_ORG_DOMAIN": true, + "GOOGLE_PROJECT": true, + "GOOGLE_PROJECT_NUMBER": true, + "GOOGLE_PUBLIC_AVERTISED_PREFIX_DESCRIPTION": true, + "GOOGLE_REGION": true, + "GOOGLE_SERVICE_ACCOUNT": true, + "GOOGLE_TEST_DIRECTORY": true, + "GOOGLE_ZONE": true, + "GOPATH": true, + "HOME": true, + "PATH": true, + "SA_KEY": false, + "TF_ACC": true, + "TF_LOG": true, + "TF_LOG_PATH_MASK": true, + "TF_LOG_SDK_FRAMEWORK": true, + "TF_SCHEMA_PANIC_ON_ERROR": true, + "USER": true, + "VCR_MODE": true, + "VCR_PATH": true, +} // true if shown, false if hidden (default false) + // Create a new tester in the current working directory and write the service account key file. -func NewTester(env map[string]string, rnr ExecRunner) (*Tester, error) { - saKeyPath := "sa_key.json" - if err := rnr.WriteFile(saKeyPath, env["SA_KEY"]); err != nil { - return nil, err +func NewTester(env map[string]string, cassetteBucket, logBucket string, rnr ExecRunner) (*Tester, error) { + var saKeyPath string + if saKeyVal, ok := env["SA_KEY"]; ok { + saKeyPath = "sa_key.json" + if err := rnr.WriteFile(saKeyPath, saKeyVal); err != nil { + return nil, err + } } return &Tester{ - env: env, - rnr: rnr, - baseDir: rnr.GetCWD(), - saKeyPath: saKeyPath, - cassettePaths: make(map[provider.Version]string, provider.NumVersions), - logPaths: make(map[logKey]string, provider.NumVersions*numModes), - repoPaths: make(map[provider.Version]string, provider.NumVersions), + env: env, + rnr: rnr, + cassetteBucket: cassetteBucket, + logBucket: logBucket, + baseDir: rnr.GetCWD(), + saKeyPath: saKeyPath, + cassettePaths: make(map[provider.Version]string, provider.NumVersions), + logPaths: make(map[logKey]string, provider.NumVersions*numModes), + repoPaths: make(map[provider.Version]string, provider.NumVersions), }, nil } @@ -89,7 +134,7 @@ func (vt *Tester) SetRepoPath(version provider.Version, repoPath string) { // Fetch the cassettes for the current version if not already fetched. // Should be run from the base dir. -func (vt *Tester) FetchCassettes(version provider.Version, baseBranch, prNumber string) error { +func (vt *Tester) FetchCassettes(version provider.Version, baseBranch, head string) error { _, ok := vt.cassettePaths[version] if ok { return nil @@ -98,19 +143,19 @@ func (vt *Tester) FetchCassettes(version provider.Version, baseBranch, prNumber vt.rnr.Mkdir(cassettePath) if baseBranch != "FEATURE-BRANCH-major-release-6.0.0" { // pull main cassettes (major release uses branch specific casssettes as primary ones) - bucketPath := fmt.Sprintf("gs://ci-vcr-cassettes/%sfixtures/*", version.BucketPath()) + bucketPath := fmt.Sprintf("gs://%s/%sfixtures/*", vt.cassetteBucket, version.BucketPath()) if err := vt.fetchBucketPath(bucketPath, cassettePath); err != nil { fmt.Println("Error fetching cassettes: ", err) } } if baseBranch != "main" { - bucketPath := fmt.Sprintf("gs://ci-vcr-cassettes/%srefs/branches/%s/fixtures/*", version.BucketPath(), baseBranch) + bucketPath := fmt.Sprintf("gs://%s/%srefs/branches/%s/fixtures/*", vt.cassetteBucket, version.BucketPath(), baseBranch) if err := vt.fetchBucketPath(bucketPath, cassettePath); err != nil { fmt.Println("Error fetching cassettes: ", err) } } - if prNumber != "" { - bucketPath := fmt.Sprintf("gs://ci-vcr-cassettes/%srefs/heads/auto-pr-%s/fixtures/*", version.BucketPath(), prNumber) + if head != "" { + bucketPath := fmt.Sprintf("gs://%s/%srefs/heads/%s/fixtures/*", vt.cassetteBucket, version.BucketPath(), head) if err := vt.fetchBucketPath(bucketPath, cassettePath); err != nil { fmt.Println("Error fetching cassettes: ", err) } @@ -124,7 +169,7 @@ func (vt *Tester) fetchBucketPath(bucketPath, cassettePath string) error { args := []string{"-m", "-q", "cp", bucketPath, cassettePath} fmt.Println("Fetching cassettes:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { - return err + return fmt.Errorf("error running gsutil: %v", err) } return nil } @@ -218,7 +263,7 @@ func (vt *Tester) Run(opt RunOptions) (Result, error) { } var printedEnv string for ev, val := range env { - if ev == "SA_KEY" || ev == "GOOGLE_CREDENTIALS" || strings.HasPrefix(ev, "GITHUB_TOKEN") { + if !safeToLog[ev] { val = "{hidden}" } printedEnv += fmt.Sprintf("%s=%s\n", ev, val) @@ -396,49 +441,91 @@ func (vt *Tester) getLogPath(mode Mode, version provider.Version) (string, error return logPath, nil } -func (vt *Tester) UploadLogs(logBucket, prNumber, buildID string, parallel, afterRecording bool, mode Mode, version provider.Version) error { - bucketPath := fmt.Sprintf("gs://%s/%s/", logBucket, version) - if prNumber != "" { - bucketPath += fmt.Sprintf("refs/heads/auto-pr-%s/", prNumber) +type UploadLogsOptions struct { + Head string + BuildID string + Parallel bool + AfterRecording bool + Mode Mode + Version provider.Version +} + +func (vt *Tester) UploadLogs(opts UploadLogsOptions) error { + bucketPath := fmt.Sprintf("gs://%s/%s/", vt.logBucket, opts.Version) + if opts.Head != "" { + bucketPath += fmt.Sprintf("refs/heads/%s/", opts.Head) } - if buildID != "" { - bucketPath += fmt.Sprintf("artifacts/%s/", buildID) + if opts.BuildID != "" { + bucketPath += fmt.Sprintf("artifacts/%s/", opts.BuildID) } - lgky := logKey{mode, version} + lgky := logKey{opts.Mode, opts.Version} logPath, ok := vt.logPaths[lgky] if !ok { - return fmt.Errorf("no log path found for mode %s and version %s", mode.Lower(), version) + return fmt.Errorf("no log path found for mode %s and version %s", opts.Mode.Lower(), opts.Version) + } + args := []string{ + "-h", + "Content-Type:text/plain", + "-q", + "cp", + "-r", + filepath.Join(vt.baseDir, "testlogs", fmt.Sprintf("%s_test.log", opts.Mode.Lower())), + bucketPath + "build-log/", } - args := []string{"-h", "Content-Type:text/plain", "-q", "cp", "-r", filepath.Join(vt.baseDir, "testlogs", fmt.Sprintf("%s_test.log", mode.Lower())), bucketPath + "build-log/"} fmt.Println("Uploading build log:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { fmt.Println("Error uploading build log: ", err) } var suffix string - if afterRecording { + if opts.AfterRecording { suffix = "_after_recording" } - if parallel { - args := []string{"-h", "Content-Type:text/plain", "-m", "-q", "cp", "-r", filepath.Join(vt.baseDir, "testlogs", mode.Lower()+"_build", "*"), fmt.Sprintf("%sbuild-log/%s_build%s/", bucketPath, mode.Lower(), suffix)} + if opts.Parallel { + args := []string{ + "-h", + "Content-Type:text/plain", + "-m", + "-q", + "cp", + "-r", + filepath.Join(vt.baseDir, "testlogs", opts.Mode.Lower()+"_build", "*"), + fmt.Sprintf("%sbuild-log/%s_build%s/", bucketPath, opts.Mode.Lower(), suffix), + } fmt.Println("Uploading build logs:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { fmt.Println("Error uploading build logs: ", err) } } - args = []string{"-h", "Content-Type:text/plain", "-m", "-q", "cp", "-r", filepath.Join(logPath, "*"), fmt.Sprintf("%s%s%s/", bucketPath, mode.Lower(), suffix)} + args = []string{ + "-h", + "Content-Type:text/plain", + "-m", + "-q", + "cp", + "-r", + filepath.Join(logPath, "*"), + fmt.Sprintf("%s%s%s/", bucketPath, opts.Mode.Lower(), suffix), + } fmt.Println("Uploading logs:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { fmt.Println("Error uploading logs: ", err) + vt.printLogs(logPath) } return nil } -func (vt *Tester) UploadCassettes(logBucket, prNumber string, version provider.Version) error { +func (vt *Tester) UploadCassettes(head string, version provider.Version) error { cassettePath, ok := vt.cassettePaths[version] if !ok { return fmt.Errorf("no cassettes found for version %s", version) } - args := []string{"-m", "-q", "cp", filepath.Join(cassettePath, "*"), fmt.Sprintf("gs://%s/%s/refs/heads/auto-pr-%s/fixtures/", logBucket, version, prNumber)} + args := []string{ + "-m", + "-q", + "cp", + filepath.Join(cassettePath, "*"), + fmt.Sprintf("gs://%s/%s/refs/heads/%s/fixtures/", vt.cassetteBucket, version, head), + } fmt.Println("Uploading cassettes:\n", "gsutil", strings.Join(args, " ")) if _, err := vt.rnr.Run("gsutil", args, nil); err != nil { fmt.Println("Error uploading cassettes: ", err) diff --git a/.github/workflows/disallow-submodules.yml b/.github/workflows/disallow-submodules.yml new file mode 100644 index 000000000000..c61685931565 --- /dev/null +++ b/.github/workflows/disallow-submodules.yml @@ -0,0 +1,22 @@ +name: "Disallow submodules" +permissions: read-all + +on: + pull_request + +jobs: + disallow-submodules: + runs-on: ubuntu-22.04 + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2 + - name: Check for submodules + run: | + output=$(git submodule status --recursive 2>&1) + if [ ! -z $output ]; then + echo $output + echo "Submodules are not allowed" + exit 1 + else + echo "No submodules found" + fi diff --git a/.github/workflows/repository-documentation-deploy.yml b/.github/workflows/repository-documentation-deploy.yml index c21bc900150d..630b49fdcd8a 100644 --- a/.github/workflows/repository-documentation-deploy.yml +++ b/.github/workflows/repository-documentation-deploy.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2 with: - submodules: true # Fetch Hugo themes (true OR recursive) + submodules: false # Fetch Hugo themes (true OR recursive) fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod - name: Setup Hugo diff --git a/.github/workflows/repository-documentation-test.yml b/.github/workflows/repository-documentation-test.yml index b425ecb58ca7..ea15e4aa3188 100644 --- a/.github/workflows/repository-documentation-test.yml +++ b/.github/workflows/repository-documentation-test.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2 with: - submodules: true # Fetch Hugo themes (true OR recursive) + submodules: false # Fetch Hugo themes (true OR recursive) fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod - name: Setup Hugo diff --git a/GNUmakefile b/GNUmakefile index a462c011415e..da35083f2e58 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -9,9 +9,7 @@ ifeq ($(ENGINE),tpgtools) # exist so exclusively build base tpgtools implementation mmv1_compile=-p does-not-exist else ifneq ($(PRODUCT),) - mmv1_compile=-p products/$(PRODUCT) -else - mmv1_compile=-a + mmv1_compile=--product $(PRODUCT) endif # tpgtools setup @@ -26,12 +24,12 @@ else endif ifneq ($(RESOURCE),) - mmv1_compile += -t $(RESOURCE) + mmv1_compile += --resource $(RESOURCE) tpgtools_compile += --resource $(RESOURCE) endif ifneq ($(OVERRIDES),) - mmv1_compile += -r $(OVERRIDES) + mmv1_compile += --overrides $(OVERRIDES) tpgtools_compile += --overrides $(OVERRIDES)/tpgtools/overrides --path $(OVERRIDES)/tpgtools/api serialize_compile = --overrides $(OVERRIDES)/tpgtools/overrides --path $(OVERRIDES)/tpgtools/api else @@ -62,12 +60,11 @@ terraform build provider: mmv1: cd mmv1;\ - bundle; \ if [ "$(VERSION)" = "ga" ]; then \ - bundle exec compiler.rb -e terraform -o $(OUTPUT_PATH) -v ga --no-docs $(mmv1_compile); \ - bundle exec compiler.rb -e terraform -o $(OUTPUT_PATH) -v beta --no-code $(mmv1_compile); \ + go run . --output $(OUTPUT_PATH) --version ga --no-docs $(mmv1_compile); \ + go run . --output $(OUTPUT_PATH) --version beta --no-code $(mmv1_compile); \ else \ - bundle exec compiler.rb -e terraform -o $(OUTPUT_PATH) -v $(VERSION) $(mmv1_compile); \ + go run . --output $(OUTPUT_PATH) --version $(VERSION) $(mmv1_compile); \ fi tpgtools: @@ -91,19 +88,16 @@ clean-tgc: tgc: cd mmv1;\ - bundle;\ - bundle exec compiler -e terraform -f tgc -v beta -o $(OUTPUT_PATH)/tfplan2cai $(mmv1_compile);\ - bundle exec compiler -e terraform -f tgc_cai2hcl -v beta -o $(OUTPUT_PATH)/cai2hcl $(mmv1_compile);\ + go run . --version beta --provider tgc --output $(OUTPUT_PATH)/tfplan2cai $(mmv1_compile);\ + go run . --version beta --provider tgc_cai2hcl --output $(OUTPUT_PATH)/cai2hcl $(mmv1_compile);\ tf-oics: cd mmv1;\ - bundle;\ - bundle exec compiler.rb -e terraform -f oics -o $(OUTPUT_PATH) $(mmv1_compile);\ + go run . --version ga --provider oics --output $(OUTPUT_PATH) $(mmv1_compile);\ test: cd mmv1; \ - bundle; \ - bundle exec rake test + go test ./... serialize: cd tpgtools;\ @@ -120,7 +114,7 @@ upgrade-dcl: MOD_LINE=$$(grep declarative-resource-client-library go.mod);\ SUM_LINE=$$(grep declarative-resource-client-library go.sum);\ cd ../mmv1/third_party/terraform && \ - sed ${SED_I} "s!.*declarative-resource-client-library.*!$$MOD_LINE!" go.mod.erb; echo "$$SUM_LINE" >> go.sum + sed ${SED_I} "s!.*declarative-resource-client-library.*!$$MOD_LINE!" go.mod; echo "$$SUM_LINE" >> go.sum validate_environment: diff --git a/docs/content/best-practices/_index.md b/docs/content/best-practices/_index.md index 901d1ae39193..86683b8c510a 100644 --- a/docs/content/best-practices/_index.md +++ b/docs/content/best-practices/_index.md @@ -67,8 +67,8 @@ When adding a new `labels` field, please make the changes below to support the n 1. Use the type `KeyValueLabels` for the standard resource `labels` field. The standard resource `labels` field could be the top level `labels` field or the nested `labels` field inside the top level `metadata` field. Don't add `default_from_api: true` to this field or don't use this type for other `labels` fields in the resource. `KeyValueLabels` will add all of changes required for the new model automatically. ```yaml -- !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | The labels associated with this dataset. You can use these to organize and group your datasets. @@ -155,9 +155,10 @@ When adding a new `annotations` field, please make the changes below below to su 1. Use the type `KeyValueAnnotations` for the standard resource `annotations` field. The standard resource `annotations` field could be the top level `annotations` field or the nested `annotations` field inside the top level `metadata` field. Don't add `default_from_api: true` to this field or don't use this type for other `annotations` fields in the resource. `KeyValueAnnotations` will add all of changes required for the new model automatically. ```yaml -- !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' - description: 'Client-specified annotations. This is distinct from labels.' +- name: 'annotations' + type: KeyValueAnnotations + description: | + Client-specified annotations. This is distinct from labels. ``` 2. In the handwritten acceptance tests, add `annotations` to `ImportStateVerifyIgnore` if `annotations` field is in the configuration. diff --git a/docs/content/develop/add-handwritten-datasource.md b/docs/content/develop/add-handwritten-datasource.md index 23f52243281c..2bc5800a50f4 100644 --- a/docs/content/develop/add-handwritten-datasource.md +++ b/docs/content/develop/add-handwritten-datasource.md @@ -24,7 +24,7 @@ a new datasource there are 5 steps to doing so. 1. Add Schema and Read operation implementation - If there is `labels` field with type `KeyValueLabels` in the corresponding resource, in the datasource Read operation implementation, after the resource read method, call the function `tpgresource.SetDataSourceLabels(d)` to make `labels` and `terraform_labels` have all of the labels on the resource. - If there is `annotations` field with type `KeyValueAnnotations` in the corresponding resource, in the datasource Read operation implementation, after the resource read method, call the function `tpgresource.SetDataSourceAnnotations(d)` to make `annotations` have all of the annotations on the resource. -1. Register the datasource to `handwrittenDatasources` in [`magic-modules/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb) +1. Register the datasource to `handwrittenDatasources` in [`magic-modules/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.tmpl`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.tmpl) 1. Implement a test which will create and resources and read the corresponding datasource 1. [Add documentation](#add-documentation) diff --git a/docs/content/develop/breaking-changes/make-a-breaking-change.md b/docs/content/develop/breaking-changes/make-a-breaking-change.md index 3282c5ed83e9..47f3e09d227c 100644 --- a/docs/content/develop/breaking-changes/make-a-breaking-change.md +++ b/docs/content/develop/breaking-changes/make-a-breaking-change.md @@ -91,11 +91,11 @@ provider at runtime as well as in documentation. Set `deprecation_message` on the field. For example: ```yaml -- !ruby/object:Api::Type::String - name: 'apiFieldName' +- name: 'apiFieldName' + type: String description: | MULTILINE_FIELD_DESCRIPTION - deprecation_message: "`api_field_name` is deprecated and will be removed in a future major release. Use `other_field_name` instead." + deprecation_message: '`api_field_name` is deprecated and will be removed in a future major release. Use `other_field_name` instead.' ``` Replace the second sentence with an appropriate short description of the replacement path and/or the reason for diff --git a/docs/content/develop/client-side-fields.md b/docs/content/develop/client-side-fields.md index 6e446da6be5f..8fb86446f220 100644 --- a/docs/content/develop/client-side-fields.md +++ b/docs/content/develop/client-side-fields.md @@ -21,8 +21,8 @@ Instead of adding the field in `parameters` or `properties`, use a section calle Example: ```yaml virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'deletion_protection' + - name: 'deletion_protection' + type: Boolean default_value: true description: | Whether Terraform will be prevented from destroying the CertificateAuthority. diff --git a/docs/content/develop/custom-code.md b/docs/content/develop/custom-code.md index d05bc793bc34..536861f33c21 100644 --- a/docs/content/develop/custom-code.md +++ b/docs/content/develop/custom-code.md @@ -10,12 +10,12 @@ This document covers how to add "custom code" to [MMv1 resources]({{< ref "/get- Most custom code attributes are strings that contain a path to a template file relative to the `mmv1` directory. For example: ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - # References mmv1/templates/terraform/custom_delete/resource_name_custom_delete.go.erb - custom_delete: templates/terraform/custom_delete/resource_name_custom_delete.go.erb +custom_code: + # References mmv1/templates/terraform/custom_delete/resource_name_custom_delete.go.tmpl + custom_delete: templates/terraform/custom_delete/resource_name_custom_delete.go.tmpl ``` -By convention, the template files are stored in a directory matching the type of custom code, and the name of the file includes the resource (and, if relevant, field) impacted by the custom code. Like handwritten resource and test code, custom code is written as ruby templates which render go code. +By convention, the template files are stored in a directory matching the type of custom code, and the name of the file includes the resource (and, if relevant, field) impacted by the custom code. Like handwritten resource and test code, custom code is written as go templates which render go code. When in doubt about the behavior of custom code, write the custom code, [generate the providers]({{< ref "/get-started/generate-providers" >}}), and inspect what changed in the providers using `git diff`. @@ -24,8 +24,8 @@ The following sections describe types of custom code in more detail. ## Add reusable variables and functions ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/PRODUCT_RESOURCE.go.erb +custom_code: + constants: templates/terraform/constants/PRODUCT_RESOURCE.go.tmpl ``` Use `custom_code.constants` to inject top-level code in a resource file. This is useful for anything that should be referenced from other parts of the resource, such as: @@ -53,15 +53,15 @@ These are described in more detail in the following sections. ### Modify the API request value for a specific field {#custom_expand} ```yaml -- !ruby/object:Api::Type::String - name: 'FIELD' - custom_expand: 'templates/terraform/custom_expand/PRODUCT_RESOURCE_FIELD.go.erb' +- name: 'FIELD' + type: String + custom_expand: 'templates/terraform/custom_expand/PRODUCT_RESOURCE_FIELD.go.tmpl' ``` Set `custom_expand` on a field to inject code that modifies the value to send to the API for that field. Custom expanders run _before_ any [`encoder` or `update_encoder`]({{< ref "#encoder" >}}). The referenced file must include the function signature for the expander. For example: ```erb -func expand<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { +func expand{{$.GetPrefix}}{{$.TitlelizeProperty}}(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { if v == nil { return nil, nil } @@ -81,9 +81,9 @@ The function returns a final value that will be sent to the API. ### Modify the API request data for an entire resource {#encoder} ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoder/PRODUCT_RESOURCE.go.erb - update_encoder: templates/terraform/update_encoder/PRODUCT_RESOURCE.go.erb +custom_code: + encoder: templates/terraform/encoder/PRODUCT_RESOURCE.go.tmpl + update_encoder: templates/terraform/update_encoder/PRODUCT_RESOURCE.go.tmpl ``` Use `custom_code.encoder` to inject code that modifies the data that will be sent in the API request. This is useful if the API expects the data to be in a significantly different structure than Terraform does - for example, if the API expects the entire object to be nested under a key, or a particular field must never be sent to the API. The encoder will run _after_ any [`custom_expand`]({{< ref "#custom_expand" >}}) code. @@ -110,8 +110,8 @@ If the Create and Update methods for the resource need different logic, set `cus ### Modify the API response data for an entire resource {#decoder} ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - decoder: templates/terraform/decoder/PRODUCT_RESOURCE.go.erb +custom_code: + decoder: templates/terraform/decoder/PRODUCT_RESOURCE.go.tmpl ``` @@ -136,15 +136,15 @@ The function returns data that will be set in Terraform state and an optional er ### Modify the API response value for a specific field {#custom_flatten} ```yaml -- !ruby/object:Api::Type::String - name: 'FIELD' - custom_flatten: 'templates/terraform/custom_flatten/PRODUCT_RESOURCE_FIELD.go.erb' +- name: 'FIELD' + type: String + custom_flatten: 'templates/terraform/custom_flatten/PRODUCT_RESOURCE_FIELD.go.tmpl' ``` Set `custom_flatten` on a field to inject code that modifies the value returned by the API prior to storing it in Terraform state. Custom flatteners run _after_ any [`decoder`]({{< ref "#encoder" >}}). The referenced file must include the function signature for the flattener. For example: ```erb -func flatten<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { +func flatten{{$.GetPrefix}}{{$.TitlelizeProperty}}(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { if v == nil { return "0" } @@ -163,19 +163,19 @@ The function returns a final value that will be stored in Terraform state for th ## Inject code before / after CRUD operations and Import {#pre_post_injection} ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/PRODUCT_RESOURCE.go.erb - post_create: templates/terraform/post_create/PRODUCT_RESOURCE.go.erb +custom_code: + pre_create: templates/terraform/pre_create/PRODUCT_RESOURCE.go.tmpl + post_create: templates/terraform/post_create/PRODUCT_RESOURCE.go.tmpl - pre_read: templates/terraform/pre_read/PRODUCT_RESOURCE.go.erb + pre_read: templates/terraform/pre_read/PRODUCT_RESOURCE.go.tmpl - pre_update: templates/terraform/pre_update/PRODUCT_RESOURCE.go.erb - post_update: templates/terraform/post_update/PRODUCT_RESOURCE.go.erb + pre_update: templates/terraform/pre_update/PRODUCT_RESOURCE.go.tmpl + post_update: templates/terraform/post_update/PRODUCT_RESOURCE.go.tmpl - pre_delete: templates/terraform/pre_delete/PRODUCT_RESOURCE.go.erb - post_delete: templates/terraform/post_delete/PRODUCT_RESOURCE.go.erb + pre_delete: templates/terraform/pre_delete/PRODUCT_RESOURCE.go.tmpl + post_delete: templates/terraform/post_delete/PRODUCT_RESOURCE.go.tmpl - post_import: templates/terraform/post_import/PRODUCT_RESOURCE.go.erb + post_import: templates/terraform/post_import/PRODUCT_RESOURCE.go.tmpl ``` CRUD operations can be modified with pre/post hooks. This code will be injected directly into the relevant CRUD method as close as possible to the related API call and will have access to any variables that are present when it runs. `pre_create` and `pre_update` run after any [`encoder`]({{< ref "#encoder" >}}). Some example use cases: @@ -187,8 +187,8 @@ CRUD operations can be modified with pre/post hooks. This code will be injected ### Custom create error handling ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create_failure: templates/terraform/post_create_failure/PRODUCT_RESOURCE.go.erb +custom_code: + post_create_failure: templates/terraform/post_create_failure/PRODUCT_RESOURCE.go.tmpl ``` Use `custom_code.post_create_failure` to inject code that runs if a Create request to the API returns an error. @@ -209,11 +209,11 @@ The parameters the function receives are: ## Replace entire CRUD methods ```yaml -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_create: templates/terraform/custom_create/PRODUCT_RESOURCE.go.erb - custom_update: templates/terraform/custom_update/PRODUCT_RESOURCE.go.erb - custom_delete: templates/terraform/custom_delete/PRODUCT_RESOURCE.go.erb - custom_import: templates/terraform/custom_import/PRODUCT_RESOURCE.go.erb +custom_code: + custom_create: templates/terraform/custom_create/PRODUCT_RESOURCE.go.tmpl + custom_update: templates/terraform/custom_update/PRODUCT_RESOURCE.go.tmpl + custom_delete: templates/terraform/custom_delete/PRODUCT_RESOURCE.go.tmpl + custom_import: templates/terraform/custom_import/PRODUCT_RESOURCE.go.tmpl ``` Custom methods replace the entire contents of the Create, Update, Delete, or Import methods. For example: @@ -237,7 +237,7 @@ Use `custom_code.extra_schema_entry` to add additional fields to a resource. Do Any fields added in this way will need to be have documentation manually added using the top-level `docs` field: ```yaml -docs: !ruby/object:Provider::Terraform::Docs +docs: optional_properties: | * `FIELD_NAME` - (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)) FIELD_DESCRIPTION ``` diff --git a/docs/content/develop/field-reference.md b/docs/content/develop/field-reference.md index daa35b6afa8a..c7e4eab84567 100644 --- a/docs/content/develop/field-reference.md +++ b/docs/content/develop/field-reference.md @@ -8,7 +8,7 @@ aliases: # MMv1 field reference This page documents commonly-used properties for fields. For a full list of -available properties, see [type.rb ↗](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/type.rb). +available properties, see [type.go ↗](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/type.go). ## Shared properties @@ -44,13 +44,13 @@ update_url: 'projects/{{project}}/locations/{{location}}/resourcenames/{{name}}/ ### `update_verb` If update_url is also set, overrides the verb used to update this specific -field. Allowed values: :POST, :PUT, :PATCH. Default: Resource's update_verb -(which defaults to :PUT if unset). +field. Allowed values: 'POST', 'PUT', 'PATCH'. Default: Resource's update_verb +(which defaults to 'PUT' if unset). Example: ```yaml -update_verb: :POST +update_verb: 'POST' ``` ### `required` @@ -99,7 +99,7 @@ Nested fields currently [do not support `ignore_read`](https://github.com/hashicorp/terraform-provider-google/issues/12410) but can replicate the behavior by implementing a [`custom_flatten`]({{< ref "/develop/custom-code#custom_flatten" >}}) -that always ignores the value returned by the API. [Example](https://github.com/GoogleCloudPlatform/magic-modules/blob/5923d4cb878396a04bed9beaf22a8478e8b1e6a5/mmv1/templates/terraform/custom_flatten/source_representation_instance_configuration_password.go.erb). +that always ignores the value returned by the API. [Example](https://github.com/GoogleCloudPlatform/magic-modules/blob/5923d4cb878396a04bed9beaf22a8478e8b1e6a5/mmv1/templates/terraform/custom_flatten/source_representation_instance_configuration_password.go.tmpl). Any fields using a custom flatten also need to be added to `ignore_read_extra` for any examples where the field is set. @@ -112,7 +112,7 @@ ignore_read: true Example: Custom flatten ```go -func flatten<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { +func flatten{{$.GetPrefix}}{{$.TitlelizeProperty}}(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { return d.Get("password") } ``` @@ -171,8 +171,8 @@ all listed fields. Not supported within Example: ```yaml -- !ruby/object:Api::Type::String - name: 'fieldOne' +- name: 'fieldOne' + type: String conflicts: - field_two - nested_object.0.nested_field @@ -186,8 +186,8 @@ must be set. Must be set separately on all listed fields. Not supported within Example: ```yaml -- !ruby/object:Api::Type::String - name: 'fieldOne' +- name: 'fieldOne' + type: String exactly_one_of: - field_one - field_two @@ -203,8 +203,8 @@ set separately on all listed fields. Not supported within Example: ```yaml -- !ruby/object:Api::Type::String - name: 'fieldOne' +- name: 'fieldOne' + type: String at_least_one_of: - field_one - field_two @@ -225,8 +225,8 @@ The function specified can be a Example: ```yaml -- !ruby/object:Api::Type::String - name: 'fieldOne' +- name: 'fieldOne' + type: String diff_suppress_func: 'tpgresource.CaseDiffSuppress' ``` @@ -258,18 +258,18 @@ elements in the array can be validated using [`item_validation`]({{}}) is provi Example: ```yaml -values: - - :VALUE_ONE - - :VALUE_TWO +enum_values: + - 'VALUE_ONE' + - 'VALUE_TWO' ``` ## `Array` properties @@ -325,27 +324,29 @@ define the attributes of the nested type. Example: Primitive value ```yaml -item_type: Api::Type::String +item_type: + type: String ``` Example: Enum value ```yaml -item_type: !ruby/object:Api::Type::Enum - name: 'required but unused' +item_type: + type: Enum description: 'required but unused' values: - - :VALUE_ONE - - :VALUE_TWO + - 'VALUE_ONE' + - 'VALUE_TWO' ``` Example: Nested object ```yaml -item_type: !ruby/object:Api::Type::NestedObject +item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'FIELD_NAME' + - name: 'FIELD_NAME' + type: String description: | MULTI_LINE_FIELD_DESCRIPTION ``` @@ -361,35 +362,38 @@ values are correct. Example: Provider-specific function ```yaml -- !ruby/object:Api::Type::Array - name: 'fieldOne' - item_type: Api::Type::String - item_validation: !ruby/object:Provider::Terraform::Validation +- name: 'fieldOne' + type: Array + item_type: + type: String + item_validation: function: 'verify.ValidateBase64String' ``` Example: Regex ```yaml -- !ruby/object:Api::Type::Array - name: 'fieldOne' - item_type: Api::Type::String - item_validation: !ruby/object:Provider::Terraform::Validation +- name: 'fieldOne' + type: Array + item_type: + type: String + item_validation: regex: '^[a-zA-Z][a-zA-Z0-9_]*$' ``` Example: Enum ```yaml -- !ruby/object:Api::Type::Array - name: 'fieldOne' - item_type: !ruby/object:Api::Type::Enum - name: 'required but unused' +- name: 'fieldOne' + type: Array + item_type: + type: Enum description: 'required but unused' values: - - :VALUE_ONE - - :VALUE_TWO - item_validation: 'customFunction' + - 'VALUE_ONE' + - 'VALUE_TWO' + item_validation: + function: 'customFunction' ``` @@ -402,8 +406,8 @@ Example: ```yaml properties: - - !ruby/object:Api::Type::String - name: 'FIELD_NAME' + - name: 'FIELD_NAME' + type: String description: | MULTI_LINE_FIELD_DESCRIPTION ``` diff --git a/docs/content/develop/permadiff.md b/docs/content/develop/permadiff.md index 88c3fffa8940..ca1b94c48b04 100644 --- a/docs/content/develop/permadiff.md +++ b/docs/content/develop/permadiff.md @@ -86,7 +86,7 @@ Use a flattener to store the default value in state if the response has an empty Use the standard `default_if_empty` flattener. ```yaml -custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' +custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' ``` {{< /tab >}} {{< tab "Handwritten" >}} @@ -118,10 +118,10 @@ The `tpgresource` package in each provider supplies diff suppress functions for {{< tab "MMv1" >}} ```yaml # Use a built-in function -diff_suppress_func: tpgresource.CaseDiffSuppress +diff_suppress_func: 'tpgresource.CaseDiffSuppress' # Reference a resource-specific function -diff_suppress_func: resourceNameFieldNameDiffSuppress +diff_suppress_func: 'resourceNameFieldNameDiffSuppress' ``` Define resource-specific functions in a [`custom_code.constants`](https://googlecloudplatform.github.io/magic-modules/develop/custom-code/#add-reusable-variables-and-functions) file. @@ -185,7 +185,7 @@ ignore_read: true For nested fields, `ignore_read` is [not currently supported](https://github.com/hashicorp/terraform-provider-google/issues/12410), so this must be implemented with a [custom flattener]({{< ref "/develop/custom-code#custom_flatten" >}}). You will also need to add the field to `ignore_read_extra` on any examples that are used to generate tests; this will cause tests to ignore the field when checking that the values in the API match the user's configuration. ```go -func flatten<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { +func flatten{{$.GetPrefix}}{{$.TitlelizeProperty}}(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { // We want to ignore read on this field, but cannot because it is nested return d.Get("path.0.to.0.nested.0.field") } @@ -193,7 +193,6 @@ func flatten<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d ```yaml examples: - - !ruby/object:Provider::Terraform::Examples # example configuration ignore_read_extra: - "path.0.to.0.nested.0.field" @@ -234,7 +233,7 @@ For an Array of unique string values (or nested objects with unique string ident Add a [custom flattener]({{< ref "/develop/custom-code#custom_flatten" >}}) for the field. ```go -func flatten<%= prefix -%><%= titlelize_property(property) -%>(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { +func flatten{{$.GetPrefix}}{{$.TitlelizeProperty}}(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { configValue := d.Get("path.0.to.0.parent_field.0.nested_field").([]string) sorted, err := tpgresource.SortStringsByConfigOrder(configValue, v.([]string)) diff --git a/docs/content/develop/promote-to-ga.md b/docs/content/develop/promote-to-ga.md index 4fb33f240bb9..04eaf0bd4f54 100644 --- a/docs/content/develop/promote-to-ga.md +++ b/docs/content/develop/promote-to-ga.md @@ -7,7 +7,7 @@ weight: 50 This document describes how to promote an existing resource or field that uses MMv1 and/or handwritten code from the `google-beta` provider to the `google` (also known as "GA") provider. -Handwritten code (including `custom_code`) commonly uses "version guards" in the form of `<% unless version == 'ga' -%>...<% end -%>` to wrap code that is beta-specific, which need to be removed during promotion. +Handwritten code (including `custom_code`) commonly uses "version guards" in the form of `{{- if ne $.TargetVersionName "ga" -}}...{{- end }}` to wrap code that is beta-specific, which need to be removed during promotion. For more information about types of resources and the generation process overall, see [How Magic Modules works]({{< ref "/get-started/how-magic-modules-works.md" >}}). @@ -28,10 +28,10 @@ For more information about types of resources and the generation process overall {{< tabs "resources" >}} {{< tab "MMv1" >}} -1. Remove `min_version: beta` from the resource's or field's configuration in `ResourceName.yaml`. +1. Remove `min_version: 'beta'` from the resource's or field's configuration in `ResourceName.yaml`. 2. If necessary, remove version guards from resource-level `custom_code`. -3. Add `min_version: beta` on any fields or subfields that should not be promoted. -4. If necessary, add `<% unless version == 'ga' -%>...<% end -%>` version guards to resource-level `custom_code` that should not be promoted. +3. Add `min_version: 'beta'` on any fields or subfields that should not be promoted. +4. If necessary, add `{{- if ne $.TargetVersionName "ga" -}}...{{- end }} ` version guards to resource-level `custom_code` that should not be promoted. {{< /tab >}} {{< tab "Handwritten" >}} 1. Remove version guards from the resource's implementation for any functionality being promoted. Be sure to check: @@ -40,7 +40,7 @@ For more information about types of resources and the generation process overall - For top-level fields, the resource's `Create`, `Update`, and `Read` methods - For other fields, expanders and flatteners - Any other resource-specific code -2. Add `<% unless version == 'ga' -%>...<% end -%>` version guards to any parts of the resource or field implementation that should not be promoted. Be sure to check: +2. Add `{{- if ne $.TargetVersionName "ga" -}}...{{- end }}` version guards to any parts of the resource or field implementation that should not be promoted. Be sure to check: - The resource schema - For top-level fields, the resource's `Create`, `Update`, and `Read` methods - For other fields, expanders and flatteners diff --git a/docs/content/develop/resource-reference.md b/docs/content/develop/resource-reference.md index c4255242efbc..3f2001ce9b7f 100644 --- a/docs/content/develop/resource-reference.md +++ b/docs/content/develop/resource-reference.md @@ -9,7 +9,7 @@ aliases: # MMv1 resource reference This page documents commonly-used properties for resources. For a full list of -available properties, see [resource.rb ↗](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/resource.rb). +available properties, see [resource.go ↗](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/resource.go). ## Basic @@ -26,7 +26,9 @@ Example: ```yaml description: | This is a multi-line description - of a resource. + of a resource. All multi-line descriptions must follow + this format of using a vertical bar followed by a line-break, + with the remaining description being indented. ``` ### `references` @@ -39,10 +41,10 @@ Links to reference documentation for a resource. Contains two attributes: Example: ```yaml -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Create and connect to a database': 'https://cloud.google.com/alloydb/docs/quickstart/create-and-connect' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups' +references: + guides: + 'Create and connect to a database': 'https://cloud.google.com/alloydb/docs/quickstart/create-and-connect' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups' ``` ### `min_version: beta` @@ -59,7 +61,7 @@ documentation. Can contain two attributes: Example: ```yaml -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | This is a multi-line warning and will be displayed on a yellow background. @@ -114,7 +116,7 @@ Overrides one or more timeouts, in minutes. All timeouts default to 20. Example: ```yaml -timeouts: !ruby/object:Api::Timeouts +timeouts: insert_minutes: 40 update_minutes: 40 delete_minutes: 40 @@ -135,12 +137,12 @@ create_url: 'projects/{{project}}/locations/{{location}}/resourcenames?resourceI ### `create_verb` Overrides the HTTP verb used to create a new resource. -Allowed values: `:POST`, `:PUT`, `:PATCH`. +Allowed values: `'POST'`, `'PUT'`, `'PATCH'`. -Default: `:POST` +Default: `'POST'` ```yaml -create_verb: :PATCH +create_verb: 'PATCH' ``` ### `update_url` @@ -155,14 +157,14 @@ update_url: 'projects/{{project}}/locations/{{location}}/resourcenames/{{name}}' ### `update_verb` -The HTTP verb used to update a resource. Allowed values: `:POST`, `:PUT`, `:PATCH`. +The HTTP verb used to update a resource. Allowed values: `'POST'`, `'PUT'`, `'PATCH'`. -Default: `:PUT`. +Default: `'PUT'`. Example: ```yaml -update_verb: :PATCH +update_verb: 'PATCH' ``` ### `update_mask` @@ -193,14 +195,14 @@ delete_url: 'projects/{{project}}/locations/{{location}}/resourcenames/{{name}}' ### `delete_verb` Overrides the HTTP verb used to delete a resource. -Allowed values: `:POST`, `:PUT`, `:PATCH`, `:DELETE`. +Allowed values: `'POST'`, `'PUT'`, `'PATCH'`, `'DELETE'`. -Default: `:DELETE` +Default: `'DELETE'` Example: ```yaml -delete_verb: :POST +delete_verb: 'POST' ``` ### `autogen_async` @@ -229,11 +231,11 @@ Sets parameters for handling operations returned by the API. Can contain several Example: ```yaml -async: !ruby/object:Api::OpAsync +async: actions: ['create', 'update', 'delete'] - operation: !ruby/object:Api::OpAsync::Operation + operation: base_url: '{{op_id}}' - result: !ruby/object:Api::OpAsync::Result + result: resource_inside_response: true ``` @@ -266,14 +268,13 @@ attributes – for a full reference, see Example: ```yaml -iam_policy: !ruby/object:Api::Resource::IamPolicy +iam_policy: parent_resource_attribute: 'cloud_function' method_name_separator: ':' fetch_iam_policy_verb: :POST - import_format: [ - 'projects/{{project}}/locations/{{location}}/resourcenames/{{cloud_function}}', - '{{cloud_function}}' - ] + import_format: + - 'projects/{{project}}/locations/{{location}}/resourcenames/{{cloud_function}}', + - '{{cloud_function}}' allowed_iam_role: 'roles/viewer' iam_conditions_request_type: :REQUEST_BODY min_version: beta @@ -294,11 +295,17 @@ curly braces are replaced with the field values from the resource at runtime. Example: ```yaml -mutex: alloydb/instance/{{name}} +mutex: 'alloydb/instance/{{name}}' ``` ## Fields +### `virtual_fields` + +Contains a list of [virtual_fields]({{< ref "/develop/client-side-fields" >}}). By convention, +these should be fields that do not get sent to the API, and are instead used to modify +the behavior of a Terraform resource such as `deletion_protection`. + ### `parameters` Contains a list of [fields]({{< ref "/develop/field-reference" >}}). By convention, @@ -313,6 +320,6 @@ Example: ```yaml properties: - - !ruby/object:Api::Type::String - name: 'fieldOne' + - name: 'fieldOne' + type: String ``` diff --git a/docs/content/develop/resource.md b/docs/content/develop/resource.md index 7eb9d67b5929..01dd27bbc3c7 100644 --- a/docs/content/develop/resource.md +++ b/docs/content/develop/resource.md @@ -62,13 +62,13 @@ For more information about types of resources and the generation process overall # See the License for the specific language governing permissions and # limitations under the License. - --- !ruby/object:Api::Resource + --- # API resource name name: 'ResourceName' # Resource description for the provider documentation. description: | RESOURCE_DESCRIPTION - references: !ruby/object:Api::Resource::ReferenceLinks + references: guides: # Link to quickstart in the API's Guides section. For example: # 'Create and connect to a database': 'https://cloud.google.com/alloydb/docs/quickstart/create-and-connect' @@ -106,7 +106,7 @@ For more information about types of resources and the generation process overall # the field values from the resource at runtime. # update_url: 'projects/{{project}}/locations/{{location}}/resourcenames/{{name}}' # The HTTP verb used to update a resource. Allowed values: :POST, :PUT, :PATCH. Default: :PUT. - update_verb: :PATCH + update_verb: 'PATCH' # If true, the resource sets an `updateMask` query parameter listing modified # fields when updating the resource. If false, it does not. update_mask: true @@ -115,23 +115,23 @@ For more information about types of resources and the generation process overall # the resource. If false, that code is not generated. autogen_async: true # Sets parameters for handling operations returned by the API. - async: !ruby/object:Api::OpAsync + async: # Overrides which API calls return operations. Default: ['create', # 'update', 'delete'] # actions: ['create', 'update', 'delete'] - operation: !ruby/object:Api::OpAsync::Operation + operation: base_url: '{{op_id}}' parameters: - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String required: true immutable: true url_param_only: true description: | LOCATION_DESCRIPTION - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String required: true immutable: true url_param_only: true @@ -162,9 +162,8 @@ For more information about types of resources and the generation process overall - Remove the `Example` suffix from all test function names. - Remove the comments at the top of the file. - If beta-only fields are being tested, do the following: - - Change the file suffix to `.go.erb` - - Add `<% autogen_exception -%>` to the top of the file - - Wrap each beta-only test in a separate version guard: `<% unless version == 'ga' -%>...<% else -%>...<% end -%>` + - Change the file suffix to `.go.tmpl` + - Wrap each beta-only test in a separate version guard: `{{- if ne $.TargetVersionName "ga" -}}...{{- else }}...{{- end }}` 5. Register the resource `handwrittenResources` in [`magic-modules/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb) - Add a version guard for any beta-only resources. 6. Optional: Complete other handwritten tasks that require the MMv1 configuration file. @@ -189,8 +188,8 @@ additional work to implement. {{< tabs "MMv1 types" >}} {{< tab "Simple" >}} ```yaml -- !ruby/object:Api::Type::String - name: 'API_FIELD_NAME' +- name: 'API_FIELD_NAME' + type: String description: | MULTILINE_FIELD_DESCRIPTION min_version: beta @@ -218,8 +217,8 @@ Replace `String` in the field type with one of the following options: {{< /tab >}} {{< tab "Enum" >}} ```yaml -- !ruby/object:Api::Type::Enum - name: 'API_FIELD_NAME' +- name: 'API_FIELD_NAME' + type: Enum description: | MULTILINE_FIELD_DESCRIPTION min_version: beta @@ -232,15 +231,15 @@ Replace `String` in the field type with one of the following options: exactly_one_of: - field_one - nested_object.0.nested_field - values: - - :VALUE_ONE - - :VALUE_TWO + enum_values: + - 'VALUE_ONE' + - 'VALUE_TWO' ``` {{< /tab >}} {{< tab "ResourceRef" >}} ```yaml -- !ruby/object:Api::Type::ResourceRef - name: 'API_FIELD_NAME' +- name: 'API_FIELD_NAME' + type: ResourceRef description: | MULTILINE_FIELD_DESCRIPTION min_version: beta @@ -259,8 +258,8 @@ Replace `String` in the field type with one of the following options: {{< /tab >}} {{< tab "Array" >}} ```yaml -- !ruby/object:Api::Type::Array - name: 'API_FIELD_NAME' +- name: 'API_FIELD_NAME' + type: Array description: | MULTILINE_FIELD_DESCRIPTION min_version: beta @@ -274,21 +273,23 @@ Replace `String` in the field type with one of the following options: - field_one - nested_object.0.nested_field # Array of primitives - item_type: Api::Type::String + item_type: + type: String # Array of nested objects - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'FIELD_NAME' + - name: 'FIELD_NAME' + type: String description: | MULTI_LINE_FIELD_DESCRIPTION ``` {{< /tab >}} {{< tab "NestedObject" >}} ```yaml -- !ruby/object:Api::Type::Array - name: 'API_FIELD_NAME' +- name: 'API_FIELD_NAME' + type: NestedObject description: | MULTILINE_FIELD_DESCRIPTION min_version: beta @@ -302,27 +303,29 @@ Replace `String` in the field type with one of the following options: - field_one - nested_object.0.nested_field properties: - - !ruby/object:Api::Type::String - name: 'FIELD_NAME' + - name: 'FIELD_NAME' + type: String description: | MULTI_LINE_FIELD_DESCRIPTION ``` {{< /tab >}} {{< tab "Map" >}} ```yaml - - !ruby/object:Api::Type::Map - name: 'API_FIELD_NAME' + - name: 'API_FIELD_NAME' + type: Map description: | MULTILINE_FIELD_DESCRIPTION - key_name: KEY_NAME + key_name: 'KEY_NAME' key_description: | MULTILINE_KEY_FIELD_DESCRIPTION - value_type: !ruby/object:Api::Type::NestedObject + value_type: + name: mapObjectName + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'FIELD_NAME' - description: | - MULTI_LINE_FIELD_DESCRIPTION + - name: 'FIELD_NAME' + type: String + description: | + MULTI_LINE_FIELD_DESCRIPTION ``` This type is only used for string -> complex type mappings, use "KeyValuePairs" for simple mappings. Complex maps can't be represented natively in Terraform, and this type is transformed into an associative array (TypeSet) with the key merged into the object alongside other top-level fields. @@ -350,7 +353,7 @@ For `key_name` and `key_description`, provide a domain-appropriate name and desc - "Flatteners" convert API response data to Terraform resource data. - For top level fields, add a flattener. Call `d.Set()` on the flattened API response value to store it in Terraform state. - For other fields, add logic to the parent field's flattener to convert the value from the API response to the Terraform state value. Use a nested flattener for complex logic. -4. If any of the added Go code (including any imports) is beta-only, change the file suffix to `.go.erb` and wrap the beta-only code in a version guard: `<% unless version == 'ga' -%>...<% else -%>...<% end -%>`. +4. If any of the added Go code (including any imports) is beta-only, change the file suffix to `.go.tmpl` and wrap the beta-only code in a version guard: `{{- if ne $.TargetVersionName "ga" -}}...{{- else }}...{{- end }}`. - Add a new guard rather than adding the field to an existing guard; it is easier to read. {{< /tab >}} {{< /tabs >}} @@ -367,30 +370,29 @@ IAM support for MMv1-generated resources is configured within the `ResourceName. 1. Add the following top-level block to `ResourceName.yaml` directly above `parameters`. ```yaml -iam_policy: !ruby/object:Api::Resource::IamPolicy +iam_policy: # Name of the field on the terraform IAM resources which references # the parent resource. Update to match the parent resource's name. parent_resource_attribute: 'resource_name' # Character preceding setIamPolicy in the full URL for the API method. # Usually `:` method_name_separator: ':' - # HTTP method for getIamPolicy. Usually :POST. - fetch_iam_policy_verb: :POST - # Overrides the HTTP method for setIamPolicy. Default: :POST - # set_iam_policy_verb: :POST + # HTTP method for getIamPolicy. Usually 'POST'. + fetch_iam_policy_verb: 'POST' + # Overrides the HTTP method for setIamPolicy. Default: 'POST' + # set_iam_policy_verb: 'POST' # Must match the parent resource's `import_format` (or `self_link` if # `import_format` is unset), but with the `parent_resource_attribute` # value substituted for the final field. - import_format: [ - 'projects/{{project}}/locations/{{location}}/resourcenames/{{resource_name}}' - ] + import_format: + - 'projects/{{project}}/locations/{{location}}/resourcenames/{{resource_name}}' # If IAM conditions are supported, set this attribute to indicate how the - # conditions should be passed to the API. Allowed values: :QUERY_PARAM, - # :REQUEST_BODY, :QUERY_PARAM_NESTED. Note: :QUERY_PARAM_NESTED should + # conditions should be passed to the API. Allowed values: 'QUERY_PARAM', + # 'REQUEST_BODY', 'QUERY_PARAM_NESTED'. Note: 'QUERY_PARAM_NESTED' should # only be used if the query param field contains a `.` - # iam_conditions_request_type: :REQUEST_BODY + # iam_conditions_request_type: 'REQUEST_BODY' # Marks IAM support as beta-only # min_version: beta @@ -427,10 +429,9 @@ iam_policy: !ruby/object:Api::Resource::IamPolicy - Replace all occurrences of `github.com/hashicorp/terraform-provider-google-beta/google-beta` with `github.com/hashicorp/terraform-provider-google/google` - Remove the comments at the top of the file. - If any of the added Go code is beta-only: - - Change the file suffix to `.go.erb` - - Add `<% autogen_exception -%>` to the top of the file - - Wrap each beta-only code block (including any imports) in a separate version guard: `<% unless version == 'ga' -%>...<% else -%>...<% end -%>` -4. Register the binding, member, and policy resources `handwrittenIAMResources` in [`magic-modules/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb) + - Change the file suffix to `.go.tmpl` + - Wrap each beta-only code block (including any imports) in a separate version guard: `{{- if ne $.TargetVersionName "ga" -}}...{{- else }}...{{- end }}` +4. Register the binding, member, and policy resources `handwrittenIAMResources` in [`magic-modules/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.tmpl`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/provider/provider_mmv1_resources.go.tmpl) - Add a version guard for any beta-only resources. {{< /tab >}} {{< /tabs >}} diff --git a/docs/content/develop/test/test.md b/docs/content/develop/test/test.md index fe638ed52903..38754fdff36a 100644 --- a/docs/content/develop/test/test.md +++ b/docs/content/develop/test/test.md @@ -38,7 +38,7 @@ A create test is a test that creates the target resource and immediately destroy {{< tabs "create" >}} {{< tab "MMv1" >}} -1. Using an editor of your choice, create a `*.tf.erb` file in [`mmv1/templates/terraform/examples/`](https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/templates/terraform/examples). The name of the file should include the service name, resource name, and a descriptor. For example, `compute_subnetwork_basic.tf.erb`. +1. Using an editor of your choice, create a `*.tf.tmpl` file in [`mmv1/templates/terraform/examples/`](https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/templates/terraform/examples). The name of the file should include the service name, resource name, and a descriptor. For example, `compute_subnetwork_basic.tf.tmpl`. 2. Write the Terraform configuration for your test. This should include all of the required dependencies. For example, `google_compute_subnetwork` has a dependency on `google_compute_network`: ```tf resource "google_compute_subnetwork" "primary" { @@ -56,37 +56,36 @@ A create test is a test that creates the target resource and immediately destroy 3. If beta-only fields are being tested: - Add `provider = google-beta` to every resource in the file. 4. Modify the configuration to use templated values. - - Replace the id of the primary resource you are testing with `<%= ctx[:primary_resource_id] %>`. - - Replace fields that are identifiers, like `id` or `name`, with an appropriately named variable. For example, `<%= ctx[:vars]['subnetwork_name'] %>`. + - Replace the id of the primary resource you are testing with `{{$.PrimaryResourceId}}`. + - Replace fields that are identifiers, like `id` or `name`, with an appropriately named variable. For example, `{{index $.Vars "subnetwork_name"}}`. - The resulting configuration for the above example would look like this: ```tf - resource "google_compute_subnetwork" "<%= ctx[:primary_resource_id] %>" { - name = "<%= ctx[:vars]['subnetwork_name'] %>" + resource "google_compute_subnetwork" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "subnetwork_name"}}" ip_cidr_range = "10.1.0.0/16" region = "us-central1" network = google_compute_network.network.name } resource "google_compute_network" "network" { - name = "<%= ctx[:vars]['network_name'] %>" + name = "{{index $.Vars "network_name"}}" auto_create_subnetworks = false } ``` -5. Modify the relevant `RESOURCE_NAME.yaml` file under [magic-modules/mmv1/products](https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/products) to include an [`examples`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/provider/terraform/examples.rb) block with your test. The `name` must match the name of your `*.tf.erb` file. For example: +5. Modify the relevant `RESOURCE_NAME.yaml` file under [magic-modules/mmv1/products](https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/products) to include an [`examples`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/resource/examples.go) block with your test. The `name` must match the name of your `*.tf.tmpl` file. For example: ```yaml examples: - - !ruby/object:Provider::Terraform::Examples - name: "compute_subnetwork_basic" + - name: "compute_subnetwork_basic" primary_resource_id: "example" vars: subnetwork_name: "example-subnet" network_name: "example-network" ``` {{< hint warning >}} -**Warning:** Values in `vars` must include a `-` (or `_`). They [trigger the addition of a `tf-test` prefix](https://github.com/GoogleCloudPlatform/magic-modules/blob/6858338f013f5dc57729ec037883a3594441ea62/mmv1/provider/terraform/examples.rb#L244), which the sweeper uses to clean them up after tests run. +**Warning:** Values in `vars` must include a `-` (or `_`). They [trigger the addition of a `tf-test` prefix](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/resource/examples.go#L224), which the sweeper uses to clean them up after tests run. {{< /hint >}} 6. If beta-only fields are being tested: - - Add `min_version: beta` to the `examples` block in `RESOURCE_NAME.yaml`. + - Add `min_version: 'beta'` to the `examples` block in `RESOURCE_NAME.yaml`. {{< /tab >}} {{< tab "Handwritten" >}} This section assumes you've used the [Add a resource]({{< ref "/develop/resource.md" >}}) guide to create your handwritten resource, and you have a working MMv1 config. @@ -101,9 +100,8 @@ This section assumes you've used the [Add a resource]({{< ref "/develop/resource - Remove the comments at the top of the file. - Remove the `Example` suffix from all function names. - If beta-only fields are being tested, do the following: - - Change the file suffix to `.go.erb` - - Add `<% autogen_exception -%>` to the top of the file - - Wrap each beta-only test in a separate version guard: `<% unless version == 'ga' -%>...<% else -%>...<% end -%>` + - Change the file suffix to `.go.tmpl` + - Wrap each beta-only test in a separate version guard: `{{- if ne $.TargetVersionName "ga" -}}...{{- else }}...{{- end }}` {{< /tab >}} {{< /tabs >}} @@ -165,19 +163,19 @@ An update test is a test that creates the target resource and then makes updates - Modify the template function ending in `_update` so that updatable fields are changed or removed. This may require additions to the `context` map in the test function. - Remove the comments at the top of the file. - If beta-only fields are being tested, do the following: - - Change the file suffix to `.go.erb` - - Add `<% autogen_exception -%>` to the top of the file - - Wrap each beta-only test in a separate version guard: `<% unless version == 'ga' -%>...<% else -%>...<% end -%>` + - Change the file suffix to `.go.tmpl` + - Wrap each beta-only test in a separate version guard: `{{- if ne $.TargetVersionName "ga" -}}...{{- else }}...{{- end }}` - In each beta-only test, ensure that the TestCase sets `ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t)` - In each beta-only test, ensure that all Terraform resources in all configs have `provider = google-beta` set {{< /tab >}} {{< tab "Handwritten" >}} -1. Using an editor of your choice, open the existing `*_test.go` or `*_test.go.erb` file in the appropriate service folder inside [`magic-modules/mmv1/third_party/terraform/services`](https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/third_party/terraform/services) which contains your create tests. +1. Using an editor of your choice, open the existing `*_test.go` or `*_test.go.tmpl` file in the appropriate service folder inside [`magic-modules/mmv1/third_party/terraform/services`](https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/third_party/terraform/services) which contains your create tests. 2. Copy the `TestAcc*` *test function* for the existing "full" test. If there is no "full" test, use the "basic" test. This will be the starting point for your new update test. 3. Modify the test function to support updates. - Change the suffix of the test function to `_update`. - Copy the 2 `TestStep` blocks and paste them immediately after, so that there are 4 total test steps. - Change the suffix of the second `Config` value to `_update`. + - Add `ConfigPlanChecks` to the update step of the test to ensure the resource is updated in-place. - The resulting test function would look similar to this: ```go func TestAccPubsubTopic_update(t *testing.T) { @@ -193,6 +191,11 @@ An update test is a test that creates the target resource and then makes updates }, { Config: testAccPubsubTopic_update(...), + ConfigPlanChecks: resource.ConfigPlanChecks{ + PreApply: []plancheck.PlanCheck{ + plancheck.ExpectResourceAction("google_pubsub_topic.foo", plancheck.ResourceActionUpdate), + }, + }, }, { ... @@ -214,9 +217,8 @@ An update test is a test that creates the target resource and then makes updates - Modify the new template function so that updatable fields are changed or removed. This may require additions to the `context` map in the test function. - Remove the comments at the top of the file. - If beta-only fields are being tested, do the following: - - Change the file suffix to `.go.erb` - - Add `<% autogen_exception -%>` to the top of the file - - Wrap each beta-only test in a separate version guard: `<% unless version == 'ga' -%>...<% else -%>...<% end -%>` + - Change the file suffix to `.go.tmpl` + - Wrap each beta-only test in a separate version guard: `{{- if ne $.TargetVersionName "ga" -}}...{{- else }}...{{- end }}` - In each beta-only test, ensure that the TestCase sets `ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t)` - In each beta-only test, ensure that all Terraform resources in all configs have `provider = google-beta` set {{< /tab >}} diff --git a/docs/content/develop/update-dependencies.md b/docs/content/develop/update-dependencies.md index 6f33b70b13ec..cca8822406bf 100644 --- a/docs/content/develop/update-dependencies.md +++ b/docs/content/develop/update-dependencies.md @@ -27,7 +27,7 @@ cd $GOPATH/src/github.com/hashicorp/terraform-provider-google go get google.golang.org/api@v0.105.0 go mod tidy ``` -4. Copy the contents of the updated `go.mod` and `go.sum` file into [`mmv1/third_party/terraform/go.mod.erb`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/go.mod.erb) and [`mmv1/third_party/terraform/go.sum`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/go.sum) in the `magic-modules` respectively. Ensure `<% autogen_exception -%>` is still at the top of the file afterwards +4. Copy the contents of the updated `go.mod` and `go.sum` file into [`mmv1/third_party/terraform/go.mod`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/go.mod.erb) and [`mmv1/third_party/terraform/go.sum`](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/go.sum) in the `magic-modules` respectively. 5. Create a pull request containing _only_ the dependency changes. 6. Resolve any errors caused by the dependency upgrade. 7. After the dependency pull request is merged, continue with a separate pull request for any additional changes that were blocked by the upgrade. \ No newline at end of file diff --git a/docs/content/get-started/generate-providers.md b/docs/content/get-started/generate-providers.md index 2e0ad0736618..d7c6b9b82457 100644 --- a/docs/content/get-started/generate-providers.md +++ b/docs/content/get-started/generate-providers.md @@ -30,11 +30,6 @@ If you are familiar with Docker or Podman, you may want to use the experimental {{< /hint >}} 1. [Install git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) -1. [Install rbenv](https://github.com/rbenv/rbenv#installation), ensuring you follow **both** steps 1 and 2. -1. Use rbenv to install ruby 3.1.0 - ```bash - rbenv install 3.1.0 - ``` 1. [Install go](https://go.dev/doc/install) 1. Add the following values to your environment settings such as `.bashrc`: ```bash @@ -63,8 +58,6 @@ If you are familiar with Docker or Podman, you may want to use the experimental Expected output if everything is installed properly: ``` - Check for ruby in path... - found! Check for go in path... found! Check for goimports in path... @@ -81,8 +74,8 @@ If you are familiar with Docker or Podman, you may want to use the experimental 1. In your cloned magic-modules repository, edit `mmv1/products/bigqueryanalyticshub/DataExchange.yaml` to change the description for the `displayName` field: ```yaml - - !ruby/object:Api::Type::NestedObject - name: 'displayName' + - name: 'displayName' + type: NestedObject description: | UPDATED_DESCRIPTION ``` diff --git a/docs/content/get-started/how-magic-modules-works.md b/docs/content/get-started/how-magic-modules-works.md index e11d54bccda9..520bf739eb70 100644 --- a/docs/content/get-started/how-magic-modules-works.md +++ b/docs/content/get-started/how-magic-modules-works.md @@ -34,7 +34,7 @@ MMv1-based files start with the following header: ### Handwritten -Handwritten resources and datasources are technically part of MMv1; however, they are not generated from YAML configurations. Instead, they are written as Go code with minimal ruby "version guards" to exclude beta-only features from the `google` provider. +Handwritten resources and datasources are technically part of MMv1; however, they are not generated from YAML configurations. Instead, they are written as Go code with minimal go template "version guards" to exclude beta-only features from the `google` provider. Handwritten resources and datasources can be grouped by "service", which generally corresponds to the API subdomain the resource or datasource interacts with. diff --git a/docs/content/reference/ruby-go-changes.md b/docs/content/reference/ruby-go-changes.md new file mode 100644 index 000000000000..41cec6dd2745 --- /dev/null +++ b/docs/content/reference/ruby-go-changes.md @@ -0,0 +1,105 @@ +--- +title: "Ruby to Go Migration" +weight: 10 +--- +# What has changed in the MMv1 Go migration + +The Magic Modules code generator has been rewritten from Ruby to Go. For experienced contributors, this reference document lists what the expected changes are to the previous development workflow in Ruby. + +## YAML changes + +`.yaml` files within `mmv1/products` have had adjustments to the attribute typing. The initial Ruby lines `!ruby/object:Api::Type::` have been removed and replaced with a simpler `type: ` line. + +Old Ruby YAML +```yaml +- !ruby/object:Api::Type::String + name: 'apiFieldName' + description: | + MULTILINE_FIELD_DESCRIPTION +``` + +New Go YAML +```yaml +- name: 'apiFieldName' + type: String + description: | + MULTI_LINE_FIELD_DESCRIPTION +``` + +## Template `.erb` file changes + +Template files have all been converted Embedded Ruby (ERB) templates to Go's [text/template](https://pkg.go.dev/text/template) format. +All `.erb` files are replaced with equivalent `.tmpl` files. The MMv1 resource objects are passed to the Go templates for referencing, similar to the previous Ruby templates. For the list of available variables and functions within the templates, please reference: + +* [text/template standard library](https://pkg.go.dev/text/template) +* [mmv1/api/resource.go](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/api/resource.go) +* [mmv1/google/template_utils.go](https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/google/template_utils.go) + +### Common templating snippets + +#### Version guards + +Old Ruby template +```go +<% unless version == 'ga' -%> +// Go code here +<% end -%> +``` + +New Go template +```go +{{- if ne $.TargetVersionName "ga" }} +// Go code here +{{- end }} +``` + +#### Example `.tf.erb` variables + +Old Ruby template `pubsub_topic_basic.tf.erb` +```hcl +resource "google_pubsub_topic" "<%= ctx[:primary_resource_id] %>" { + name = "<%= ctx[:vars]['topic_name'] %>" + + labels = { + foo = "bar" + } + + message_retention_duration = "86600s" +} +``` + +New Go template `pubsub_topic_basic.tf.tmpl` +```hcl +resource "google_pubsub_topic" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "topic_name"}}" + + labels = { + foo = "bar" + } + + message_retention_duration = "86600s" +} +``` + +## Advanced: MMv1-specific generator command + +Most contributors should use the make commands referenced in [make-commands](https://googlecloudplatform.github.io/magic-modules/reference/make-commands/) reference page to generate the downstream `google` and `google-beta` providers. The input for these commands have not changed, and have already been correctly switched over to use the new Go engine. + +Some advanced contributors may be used to running the MMv1 generator commands. These commands have changed from Ruby's `bundle exec` to `go run`. + +**These are not generally recommended to use** + +Old Ruby MMv1 generator command in mmv1/: +```bash +bundle exec compiler -e terraform -o -v -f -p +``` + +New Go MMv1 generator command in mmv1/: +```bash +go run . --output --version --provider +``` + +## Advanced: MMv1 generator code locations + +Most previous Ruby compiler code has parallel Go code placed the same file locations. +For example, the Go replacements for `mmv1/compiler.rb` and `mmv1/provider/terraform.rb` are `mmv1/main.go` and `mmv1/provider/terraform.go` respectively. diff --git a/mmv1/api/compiler.go b/mmv1/api/compiler.go index b62aab20f7e3..1ec9354f060f 100644 --- a/mmv1/api/compiler.go +++ b/mmv1/api/compiler.go @@ -14,18 +14,23 @@ package api import ( + "bytes" "log" "os" "github.com/GoogleCloudPlatform/magic-modules/mmv1/google" ) -func Compile(yamlPath string, obj interface{}) { +func Compile(yamlPath string, obj interface{}, overrideDir string) { objYaml, err := os.ReadFile(yamlPath) if err != nil { log.Fatalf("Cannot open the file: %v", objYaml) } + if overrideDir != "" { + objYaml = bytes.ReplaceAll(objYaml, []byte("{{override_path}}"), []byte(overrideDir)) + } + yamlValidator := google.YamlValidator{} yamlValidator.Parse(objYaml, obj, yamlPath) } diff --git a/mmv1/api/product.go b/mmv1/api/product.go index ae357d7da75c..7539fa5eda9f 100644 --- a/mmv1/api/product.go +++ b/mmv1/api/product.go @@ -15,6 +15,7 @@ package api import ( "log" + "reflect" "strings" "unicode" @@ -231,3 +232,94 @@ func (p *Product) TerraformName() string { func (p Product) Lineage() string { return p.Name } + +func Merge(self, otherObj reflect.Value) { + + selfObj := reflect.Indirect(self) + for i := 0; i < selfObj.NumField(); i++ { + + // skip if the override is the "empty" value + emptyOverrideValue := reflect.DeepEqual(reflect.Zero(otherObj.Field(i).Type()).Interface(), otherObj.Field(i).Interface()) + + if emptyOverrideValue && selfObj.Type().Field(i).Name != "Required" { + continue + } + + if selfObj.Field(i).Kind() == reflect.Slice { + DeepMerge(selfObj.Field(i), otherObj.Field(i)) + } else { + selfObj.Field(i).Set(otherObj.Field(i)) + } + } +} + +func DeepMerge(arr1, arr2 reflect.Value) { + if arr1.Len() == 0 { + arr1.Set(arr2) + return + } + if arr2.Len() == 0 { + return + } + + // Scopes is an array of standard strings. In which case return the + // version in the overrides. This allows scopes to be removed rather + // than allowing for a merge of the two arrays + if arr1.Index(0).Kind() == reflect.String { + arr1.Set(arr2) + return + } + + // Merge any elements that exist in both + for i := 0; i < arr1.Len(); i++ { + currentVal := arr1.Index(i) + pointer := currentVal.Kind() == reflect.Ptr + if pointer { + currentVal = currentVal.Elem() + } + var otherVal reflect.Value + for j := 0; j < arr2.Len(); j++ { + currentName := currentVal.FieldByName("Name").Interface() + tempOtherVal := arr2.Index(j) + if pointer { + tempOtherVal = tempOtherVal.Elem() + } + otherName := tempOtherVal.FieldByName("Name").Interface() + + if otherName == currentName { + otherVal = tempOtherVal + break + } + } + if otherVal.IsValid() { + Merge(currentVal, otherVal) + } + } + + // Add any elements of arr2 that don't exist in arr1 + for i := 0; i < arr2.Len(); i++ { + otherVal := arr2.Index(i) + pointer := otherVal.Kind() == reflect.Ptr + if pointer { + otherVal = otherVal.Elem() + } + + found := false + for j := 0; j < arr1.Len(); j++ { + currentVal := arr1.Index(j) + if pointer { + currentVal = currentVal.Elem() + } + currentName := currentVal.FieldByName("Name").Interface() + otherName := otherVal.FieldByName("Name").Interface() + + if otherName == currentName { + found = true + break + } + } + if !found { + arr1.Set(reflect.Append(arr1, arr2.Index(i))) + } + } +} diff --git a/mmv1/api/resource.go b/mmv1/api/resource.go index 6a0b182f8020..e52477e68788 100644 --- a/mmv1/api/resource.go +++ b/mmv1/api/resource.go @@ -37,8 +37,14 @@ type Resource struct { // documentation. Description string - // [Required] (Api::Resource::ReferenceLinks) Reference links provided in - // downstream documentation. + // [Required] Reference links provided in + // downstream documentation. Expected to follow the format as follows: + // + // references: + // guides: + // 'Guide name': 'official_documentation_url' + // api: 'rest_api_reference_url/version' + // References resource.ReferenceLinks // [Required] The GCP "relative URI" of a resource, relative to the product @@ -179,6 +185,13 @@ type Resource struct { // Leading a token with `%` // i.e. {{%parent}}/resource/{{resource}} // will allow that token to hold multiple /'s. + // + // Expected to be formatted as follows: + // + // import_format: + // - example_import_one + // - example_import_two + // ImportFormat []string `yaml:"import_format"` CustomCode resource.CustomCode `yaml:"custom_code"` @@ -198,22 +211,6 @@ type Resource struct { // corresponding OiCS walkthroughs. Examples []resource.Examples - // Virtual fields are Terraform-only fields that control Terraform's - // behaviour. They don't map to underlying API fields (although they - // may map to parameters), and will require custom code to be added to - // control them. - // - // Virtual fields are similar to url_param_only fields in that they create - // a schema entry which is not read from or submitted to the API. However - // virtual fields are meant to provide toggles for Terraform-specific behavior in a resource - // (eg: delete_contents_on_destroy) whereas url_param_only fields _should_ - // be used for url construction. - // - // Both are resource level fields and do not make sense, and are also not - // supported, for nested fields. Nested fields that shouldn't be included - // in API payloads are better handled with custom expand/encoder logic. - VirtualFields []*Type `yaml:"virtual_fields"` - // If true, generates product operation handling logic. AutogenAsync bool `yaml:"autogen_async"` @@ -252,7 +249,7 @@ type Resource struct { StateUpgraders bool `yaml:"state_upgraders"` // Do not apply the default attribution label - SkipAttributionLabel bool `yaml:"skip_attribution_label"` + ExcludeAttributionLabel bool `yaml:"exclude_attribution_label"` // This block inserts the named function and its attribute into the // resource schema -- the code for the migrate_state function must @@ -267,12 +264,12 @@ type Resource struct { // Set to true for resources that are unable to be read from the API, such as // public ca external account keys - SkipRead bool `yaml:"skip_read"` + ExcludeRead bool `yaml:"exclude_read"` // Set to true for resources that wish to disable automatic generation of default provider // value customdiff functions // TODO rewrite: 1 instance used - SkipDefaultCdiff bool `yaml:"skip_default_cdiff"` + ExcludeDefaultCdiff bool `yaml:"exclude_default_cdiff"` // This enables resources that get their project via a reference to a different resource // instead of a project field to use User Project Overrides @@ -299,10 +296,29 @@ type Resource struct { Async *Async - Properties []*Type + // The three groups of []*Type fields are expected to be strictly ordered within a yaml file + // in the sequence of Virtual Fields -> Parameters -> Properties + + // Virtual fields are Terraform-only fields that control Terraform's + // behaviour. They don't map to underlying API fields (although they + // may map to parameters), and will require custom code to be added to + // control them. + // + // Virtual fields are similar to url_param_only fields in that they create + // a schema entry which is not read from or submitted to the API. However + // virtual fields are meant to provide toggles for Terraform-specific behavior in a resource + // (eg: delete_contents_on_destroy) whereas url_param_only fields _should_ + // be used for url construction. + // + // Both are resource level fields and do not make sense, and are also not + // supported, for nested fields. Nested fields that shouldn't be included + // in API payloads are better handled with custom expand/encoder logic. + VirtualFields []*Type `yaml:"virtual_fields"` Parameters []*Type + Properties []*Type + ProductMetadata *Product // The version name provided by the user through CI @@ -315,11 +331,6 @@ type Resource struct { } func (r *Resource) UnmarshalYAML(unmarshal func(any) error) error { - r.CreateVerb = "POST" - r.ReadVerb = "GET" - r.DeleteVerb = "DELETE" - r.UpdateVerb = "PUT" - type resourceAlias Resource aliasObj := (*resourceAlias)(r) @@ -328,6 +339,23 @@ func (r *Resource) UnmarshalYAML(unmarshal func(any) error) error { return err } + return nil +} + +func (r *Resource) SetDefault(product *Product) { + if r.CreateVerb == "" { + r.CreateVerb = "POST" + } + if r.ReadVerb == "" { + r.ReadVerb = "GET" + } + if r.DeleteVerb == "" { + r.DeleteVerb = "DELETE" + } + if r.UpdateVerb == "" { + r.UpdateVerb = "PUT" + } + if r.ApiName == "" { r.ApiName = r.Name } @@ -344,10 +372,6 @@ func (r *Resource) UnmarshalYAML(unmarshal func(any) error) error { } } - return nil -} - -func (r *Resource) SetDefault(product *Product) { r.ProductMetadata = product for _, property := range r.AllProperties() { property.SetDefault(r) @@ -358,6 +382,10 @@ func (r *Resource) SetDefault(product *Product) { if r.IamPolicy != nil && r.IamPolicy.MinVersion == "" { r.IamPolicy.MinVersion = r.MinVersion } + if r.Timeouts == nil { + r.Timeouts = NewTimeouts() + } + } func (r *Resource) Validate() { @@ -604,7 +632,7 @@ func (r *Resource) AddLabelsRelatedFields(props []*Type, parent *Type) []*Type { func (r *Resource) addLabelsFields(props []*Type, parent *Type, labels *Type) []*Type { if parent == nil || parent.FlattenObject { - if r.SkipAttributionLabel { + if r.ExcludeAttributionLabel { r.CustomDiff = append(r.CustomDiff, "tpgresource.SetLabelsDiffWithoutAttributionLabel") } else { r.CustomDiff = append(r.CustomDiff, "tpgresource.SetLabelsDiff") @@ -732,7 +760,7 @@ func getLabelsFieldNote(title string) string { } func (r Resource) StateMigrationFile() string { - return fmt.Sprintf("templates/terraform/state_migrations/go/%s_%s.go.tmpl", google.Underscore(r.ProductMetadata.Name), google.Underscore(r.Name)) + return fmt.Sprintf("templates/terraform/state_migrations/%s_%s.go.tmpl", google.Underscore(r.ProductMetadata.Name), google.Underscore(r.Name)) } // ==================== @@ -1192,8 +1220,7 @@ func (r Resource) ExtractIdentifiers(url string) []string { return result } -// For example, "projects/{{project}}/schemas/{{name}}", "{{project}}/{{name}}", "{{name}}" -func (r Resource) RawImportIdFormatsFromIam() []string { +func (r Resource) IamImportFormats() []string { var importFormat []string if r.IamPolicy != nil { @@ -1202,8 +1229,12 @@ func (r Resource) RawImportIdFormatsFromIam() []string { if len(importFormat) == 0 { importFormat = r.ImportFormat } + return importFormat +} - return ImportIdFormats(importFormat, r.Identity, r.BaseUrl) +// For example, "projects/{{project}}/schemas/{{name}}", "{{project}}/{{name}}", "{{name}}" +func (r Resource) RawImportIdFormatsFromIam() []string { + return ImportIdFormats(r.IamImportFormats(), r.Identity, r.BaseUrl) } // For example, projects/(?P[^/]+)/schemas/(?P[^/]+)", "(?P[^/]+)/(?P[^/]+)", "(?P[^/]+) @@ -1291,7 +1322,7 @@ func (r Resource) IamAttributes() []string { // we can reuse that config to create a resource to test IAM resources with. func (r Resource) FirstTestExample() resource.Examples { examples := google.Reject(r.Examples, func(e resource.Examples) bool { - return e.SkipTest + return e.ExcludeTest }) examples = google.Reject(examples, func(e resource.Examples) bool { return (r.ProductMetadata.VersionObjOrClosest(r.TargetVersionName).CompareTo(r.ProductMetadata.VersionObjOrClosest(e.MinVersion)) < 0) @@ -1302,7 +1333,7 @@ func (r Resource) FirstTestExample() resource.Examples { func (r Resource) ExamplePrimaryResourceId() string { examples := google.Reject(r.Examples, func(e resource.Examples) bool { - return e.SkipTest + return e.ExcludeTest }) examples = google.Reject(examples, func(e resource.Examples) bool { return (r.ProductMetadata.VersionObjOrClosest(r.TargetVersionName).CompareTo(r.ProductMetadata.VersionObjOrClosest(e.MinVersion)) < 0) @@ -1580,16 +1611,20 @@ func (r Resource) IsExcluded() bool { func (r Resource) TestExamples() []resource.Examples { return google.Reject(google.Reject(r.Examples, func(e resource.Examples) bool { - return e.SkipTest + return e.ExcludeTest }), func(e resource.Examples) bool { return e.MinVersion != "" && slices.Index(product.ORDER, r.TargetVersionName) < slices.Index(product.ORDER, e.MinVersion) }) } func (r Resource) VersionedProvider(exampleVersion string) bool { - vp := r.MinVersion + var vp string if exampleVersion != "" { vp = exampleVersion + } else if r.MinVersion == "" { + vp = r.ProductMetadata.lowestVersion().Name + } else { + vp = r.MinVersion } return vp != "" && vp != "ga" } @@ -1601,3 +1636,101 @@ func (r Resource) StateUpgradersCount() []int { } return nums } + +func (r Resource) CaiProductBaseUrl() string { + version := r.ProductMetadata.VersionObjOrClosest(r.TargetVersionName) + baseUrl := version.CaiBaseUrl + if baseUrl == "" { + baseUrl = version.BaseUrl + } + return baseUrl +} + +// Returns the Cai product backend name from the version base url +// base_url: https://accessapproval.googleapis.com/v1/ -> accessapproval +func (r Resource) CaiProductBackendName(caiProductBaseUrl string) string { + backendUrl := strings.Split(strings.Split(caiProductBaseUrl, "://")[1], ".googleapis.com")[0] + return strings.ToLower(backendUrl) +} + +// Gets the Cai asset name template, which could include version +// For example: //monitoring.googleapis.com/v3/projects/{{project}}/services/{{service_id}} +func (r Resource) rawCaiAssetNameTemplate(productBackendName string) string { + caiBaseUrl := "" + if r.CaiBaseUrl != "" { + caiBaseUrl = fmt.Sprintf("%s/{{name}}", r.CaiBaseUrl) + } + if caiBaseUrl == "" { + caiBaseUrl = r.SelfLink + } + if caiBaseUrl == "" { + caiBaseUrl = fmt.Sprintf("%s/{{name}}", r.BaseUrl) + } + return fmt.Sprintf("//%s.googleapis.com/%s", productBackendName, caiBaseUrl) +} + +// Gets the Cai asset name template, which doesn't include version +// For example: //monitoring.googleapis.com/projects/{{project}}/services/{{service_id}} +func (r Resource) CaiAssetNameTemplate(productBackendName string) string { + template := r.rawCaiAssetNameTemplate(productBackendName) + versionRegex, err := regexp.Compile(`\/(v\d[^\/]*)\/`) + if err != nil { + log.Fatalf("Cannot compile the regular expression: %v", err) + } + + return versionRegex.ReplaceAllString(template, "/") +} + +// Gets the Cai API version +func (r Resource) CaiApiVersion(productBackendName, caiProductBaseUrl string) string { + template := r.rawCaiAssetNameTemplate(productBackendName) + + versionRegex, err := regexp.Compile(`\/(v\d[^\/]*)\/`) + if err != nil { + log.Fatalf("Cannot compile the regular expression: %v", err) + } + + apiVersion := strings.ReplaceAll(versionRegex.FindString(template), "/", "") + if apiVersion != "" { + return apiVersion + } + + splits := strings.Split(caiProductBaseUrl, "/") + for i := 0; i < len(splits); i++ { + if splits[len(splits)-1-i] != "" { + return splits[len(splits)-1-i] + } + } + return "" +} + +// For example: the uri "projects/{{project}}/schemas/{{name}}" +// The paramerter is "schema" as "project" is not returned. +func (r Resource) CaiIamResourceParams() []string { + resourceUri := strings.ReplaceAll(r.IamResourceUri(), "{{name}}", fmt.Sprintf("{{%s}}", r.IamParentResourceName())) + + return google.Reject(r.ExtractIdentifiers(resourceUri), func(param string) bool { + return param == "project" + }) +} + +// Gets the Cai IAM asset name template +// For example: //monitoring.googleapis.com/v3/projects/{{project}}/services/{{service_id}} +func (r Resource) CaiIamAssetNameTemplate(productBackendName string) string { + iamImportFormat := r.IamImportFormats() + if len(iamImportFormat) > 0 { + name := strings.ReplaceAll(iamImportFormat[0], "{{name}}", fmt.Sprintf("{{%s}}", r.IamParentResourceName())) + name = strings.ReplaceAll(name, "%", "") + return fmt.Sprintf("//%s.googleapis.com/%s", productBackendName, name) + } + + caiBaseUrl := r.CaiBaseUrl + + if caiBaseUrl == "" { + caiBaseUrl = r.SelfLink + } + if caiBaseUrl == "" { + caiBaseUrl = r.BaseUrl + } + return fmt.Sprintf("//%s.googleapis.com/%s/{{%s}}", productBackendName, caiBaseUrl, r.IamParentResourceName()) +} diff --git a/mmv1/api/resource/examples.go b/mmv1/api/resource/examples.go index 5c82ade99b00..52975ea28847 100644 --- a/mmv1/api/resource/examples.go +++ b/mmv1/api/resource/examples.go @@ -122,13 +122,13 @@ type Examples struct { IgnoreReadExtra []string `yaml:"ignore_read_extra"` // Whether to skip generating tests for this resource - SkipTest bool `yaml:"skip_test"` + ExcludeTest bool `yaml:"exclude_test"` // Whether to skip generating docs for this example - SkipDocs bool `yaml:"skip_docs"` + ExcludeDocs bool `yaml:"exclude_docs"` // Whether to skip import tests for this example - SkipImportTest bool `yaml:"skip_import_test"` + ExcludeImportTest bool `yaml:"exclude_import_test"` // The name of the primary resource for use in IAM tests. IAM tests need // a reference to the primary resource to create IAM policies for @@ -156,6 +156,7 @@ type Examples struct { DocumentationHCLText string TestHCLText string + OicsHCLText string } // Set default value for fields @@ -169,7 +170,7 @@ func (e *Examples) UnmarshalYAML(unmarshal func(any) error) error { } if e.ConfigPath == "" { - e.ConfigPath = fmt.Sprintf("templates/terraform/examples/go/%s.tf.tmpl", e.Name) + e.ConfigPath = fmt.Sprintf("templates/terraform/examples/%s.tf.tmpl", e.Name) } e.SetHCLText() @@ -285,7 +286,7 @@ func ExecuteTemplate(e any, templatePath string, appendNewline bool) string { templates := []string{ templatePath, "templates/terraform/expand_resource_ref.tmpl", - "templates/terraform/custom_flatten/go/bigquery_table_ref.go.tmpl", + "templates/terraform/custom_flatten/bigquery_table_ref.go.tmpl", "templates/terraform/flatten_property_method.go.tmpl", "templates/terraform/expand_property_method.go.tmpl", "templates/terraform/update_mask.go.tmpl", @@ -359,3 +360,36 @@ func SubstituteTestPaths(config string) string { config = strings.ReplaceAll(config, "path/to/id_rsa.pub", "test-fixtures/ssh_rsa.pub") return config } + +// Executes example templates for documentation and tests +func (e *Examples) SetOiCSHCLText() { + originalVars := e.Vars + originalTestEnvVars := e.TestEnvVars + + // // Remove region tags + re1 := regexp.MustCompile(`# \[[a-zA-Z_ ]+\]\n`) + re2 := regexp.MustCompile(`\n# \[[a-zA-Z_ ]+\]`) + + testVars := make(map[string]string) + for key, value := range originalVars { + testVars[key] = fmt.Sprintf("%s-${local.name_suffix}", value) + } + + // Apply overrides from YAML + for key, value := range e.OicsVarsOverrides { + testVars[key] = value + } + + e.Vars = testVars + e.OicsHCLText = ExecuteTemplate(e, e.ConfigPath, true) + e.OicsHCLText = regexp.MustCompile(`\n\n$`).ReplaceAllString(e.OicsHCLText, "\n") + + // Remove region tags + e.OicsHCLText = re1.ReplaceAllString(e.OicsHCLText, "") + e.OicsHCLText = re2.ReplaceAllString(e.OicsHCLText, "") + e.OicsHCLText = SubstituteExamplePaths(e.OicsHCLText) + + // Reset the example + e.Vars = originalVars + e.TestEnvVars = originalTestEnvVars +} diff --git a/mmv1/api/resource/iam_policy.go b/mmv1/api/resource/iam_policy.go index bd384fb7a85a..37973ee462ae 100644 --- a/mmv1/api/resource/iam_policy.go +++ b/mmv1/api/resource/iam_policy.go @@ -32,7 +32,7 @@ type IamPolicy struct { // Boolean of if tests for IAM resources should exclude import test steps // Used to handle situations where typical generated IAM tests cannot import // due to the parent resource having an API-generated id - SkipImportTest bool `yaml:"skip_import_test"` + ExcludeImportTest bool `yaml:"exclude_import_test"` // Character that separates resource identifier from method call in URL // For example, PubSub subscription uses {resource}:getIamPolicy @@ -125,7 +125,7 @@ func (p *IamPolicy) UnmarshalYAML(unmarshal func(any) error) error { p.WrappedPolicyObj = true p.AllowedIamRole = "roles/viewer" p.ParentResourceAttribute = "id" - p.ExampleConfigBody = "templates/terraform/iam/go/iam_attributes.go.tmpl" + p.ExampleConfigBody = "templates/terraform/iam/iam_attributes.go.tmpl" p.SubstituteZoneValue = true type iamPolicyAlias IamPolicy diff --git a/mmv1/api/type.go b/mmv1/api/type.go index 9408b41cbe38..4d81f796f784 100644 --- a/mmv1/api/type.go +++ b/mmv1/api/type.go @@ -37,6 +37,12 @@ type Type struct { DefaultValue interface{} `yaml:"default_value"` + // Expected to follow the format as follows: + // + // description: | + // This is a description of a field. + // If it comprises multiple lines, it must continue to be indented. + // Description string Exclude bool @@ -135,7 +141,7 @@ type Type struct { EnumValues []string `yaml:"enum_values"` - SkipDocsValues bool `yaml:"skip_docs_values"` + ExcludeDocsValues bool `yaml:"exclude_docs_values"` // ==================== // Array Fields @@ -329,6 +335,11 @@ func (t *Type) SetDefault(r *Resource) { if t.Description == "" { t.Description = fmt.Sprintf("A reference to %s resource", t.Resource) } + case t.IsA("Fingerprint"): + // Represents a fingerprint. A fingerprint is an output-only + // field used for optimistic locking during updates. + // They are fetched from the GCP response. + t.Output = true default: } @@ -422,7 +433,8 @@ func (t *Type) GetPrefix() string { if t.Prefix == "" { if t.ParentMetadata == nil { nestedPrefix := "" - if t.ResourceMetadata.NestedQuery != nil { + // TODO: Use the nestedPrefix for tgc provider to be consistent with terraform provider + if t.ResourceMetadata.NestedQuery != nil && t.ResourceMetadata.Compiler != "terraformgoogleconversion-codegen" { nestedPrefix = "Nested" } @@ -640,17 +652,6 @@ func (t *Type) GetDescription() string { return strings.TrimSpace(strings.TrimRight(t.Description, "\n")) } -// TODO rewrite: validation -// Represents a fingerprint. A fingerprint is an output-only -// field used for optimistic locking during updates. -// They are fetched from the GCP response. -// class Fingerprint < FetchedExternal -// func (t *Type) validate -// super -// @output = true if @output.nil? -// end -// end - // TODO rewrite: validation // class Array < Composite // check :item_type, type: [::String, NestedObject, ResourceRef, Enum], required: true diff --git a/mmv1/compiler.rb b/mmv1/compiler.rb index 17ba95cca240..7920f9b92354 100755 --- a/mmv1/compiler.rb +++ b/mmv1/compiler.rb @@ -46,6 +46,7 @@ version = 'ga' override_dir = nil openapi_generate = false +go_yaml_files = [] ARGV << '-h' if ARGV.empty? Google::LOGGER.level = Logger::INFO @@ -98,6 +99,10 @@ opt.on('--go-yaml', 'Generate MMv1 Go YAML from Ruby YAML') do go_yaml = true end + opt.on('--go-yaml-files FILE[,FILE...]', Array, 'Generate temp Go YAML from files') do |f| + go_yaml = true + go_yaml_files = f + end end.parse! # rubocop:enable Metrics/BlockLength @@ -270,6 +275,8 @@ override_providers[force_provider].new(product_api, version, start_time) end + provider.go_yaml_files = go_yaml_files if go_yaml_files + unless products_to_generate.include?(product_name) Google::LOGGER.info "#{product_name}: Not specified, skipping generation" next { definitions: product_api, provider: provider } # rubocop:disable Style/HashSyntax diff --git a/mmv1/description-copy.go b/mmv1/description-copy.go index 4f45e7686ebe..08c8adaaad3c 100644 --- a/mmv1/description-copy.go +++ b/mmv1/description-copy.go @@ -7,10 +7,11 @@ import ( "os" "path/filepath" "regexp" + "slices" "strings" ) -func CopyAllDescriptions() { +func CopyAllDescriptions(tempMode bool) { identifiers := []string{ "description:", "note:", @@ -21,15 +22,36 @@ func CopyAllDescriptions() { "attributes:", } - for i, id := range identifiers { - CopyText(id, len(identifiers)-1 == i) + for _, id := range identifiers { + CopyText(id, tempMode) } + + copyComments(tempMode) } -// Used to copy/paste text from Ruby -> Go YAML files -func CopyText(identifier string, last bool) { +// TODO rewrite: ServicePerimeters.yaml is an exeption and needs manually fixing the comments over after switchover +// Used to copy/paste comments from Ruby -> Go YAML files +func copyComments(tempMode bool) { + log.Printf("Starting to copy comments from Ruby yaml files to Go yaml files") + + renamedFields := map[string]string{ + "skip_sweeper": "exclude_sweeper", + "skip_delete": "exclude_delete", + "skip_test": "exclude_test", + "skip_import_test": "exclude_import_test", + "skip_docs": "exclude_docs", + "skip_attribution_label": "exclude_attribution_label", + "skip_read": "exclude_read", + "skip_default_cdiff": "exclude_default_cdiff", + "skip_docs_values": "skip_docs_values", + "values": "enum_values", + } var allProductFiles []string = make([]string, 0) - files, err := filepath.Glob("products/**/go_product.yaml") + glob := "products/**/go_product.yaml" + if tempMode { + glob = "products/**/*.temp" + } + files, err := filepath.Glob(glob) if err != nil { return } @@ -38,6 +60,266 @@ func CopyText(identifier string, last bool) { allProductFiles = append(allProductFiles, fmt.Sprintf("products/%s", filepath.Base(dir))) } + for _, productPath := range allProductFiles { + // Gather go and ruby file pairs + yamlMap := make(map[string][]string) + yamlPaths, err := filepath.Glob(fmt.Sprintf("%s/*", productPath)) + if err != nil { + log.Fatalf("Cannot get yaml files: %v", err) + } + for _, yamlPath := range yamlPaths { + if strings.HasSuffix(yamlPath, "_new") { + continue + } + + if tempMode { + cutName, found := strings.CutSuffix(yamlPath, ".temp") + if !found { + continue + } + + baseName := filepath.Base(yamlPath) + yamlMap[baseName] = make([]string, 2) + yamlMap[baseName][1] = yamlPath + yamlMap[baseName][0] = cutName + continue + } + + fileName := filepath.Base(yamlPath) + baseName, found := strings.CutPrefix(fileName, "go_") + if yamlMap[baseName] == nil { + yamlMap[baseName] = make([]string, 2) + } + if found { + yamlMap[baseName][1] = yamlPath + } else { + yamlMap[baseName][0] = yamlPath + } + } + + for _, files := range yamlMap { + rubyPath := files[0] + goPath := files[1] + + recordingComments := false + comments := "" + commentsMap := make(map[string]string, 0) + nestedNameLine := "" + previousNameLine := "" + trimmedPreviousLine := "" + + // Ready Ruby yaml + wholeLineComment, err := regexp.Compile(`^\s*#.*?`) + if err != nil { + log.Fatalf("Cannot compile the regular expression: %v", err) + } + + if err != nil { + log.Fatalf("Cannot compile the regular expression: %v", err) + } + + file, _ := os.Open(rubyPath) + defer file.Close() + scanner := bufio.NewScanner(file) + for scanner.Scan() { + line := scanner.Text() + if line == "" { + if recordingComments { + comments = fmt.Sprintf("%s\n%s", comments, line) + } + continue + } + + if wholeLineComment.MatchString(line) { + if !recordingComments { + recordingComments = true + comments = line + } else { + comments = fmt.Sprintf("%s\n%s", comments, line) + } + } else { + normalizedLine := line + + indexOfComment := strings.Index(normalizedLine, " # ") + if indexOfComment > 0 { // The comments are in the same line with the code + comments = normalizedLine[indexOfComment:] + recordingComments = true + normalizedLine = strings.TrimRight(normalizedLine[:indexOfComment], " ") + } + + normalizedLine = strings.ReplaceAll(normalizedLine, "'", "") + normalizedLine = strings.ReplaceAll(normalizedLine, `"`, "") + normalizedLine = strings.ReplaceAll(normalizedLine, `\`, "") + normalizedLine = strings.ReplaceAll(normalizedLine, ": :", ": ") + normalizedLine = strings.ReplaceAll(normalizedLine, "- :", "- ") + trimmed := strings.TrimSpace(normalizedLine) + index := strings.Index(normalizedLine, trimmed) + + if index == 0 { + previousNameLine = "" + nestedNameLine = "" + } else if index >= 2 && (strings.HasPrefix(trimmedPreviousLine, "- !ruby/object") || strings.HasPrefix(trimmedPreviousLine, "--- !ruby/object")) { + normalizedLine = fmt.Sprintf("%s- %s", normalizedLine[:index-2], normalizedLine[index:]) + + if strings.HasPrefix(trimmed, "name:") { + if nestedNameLine != "" { + previousNameLine = nestedNameLine + } + nestedNameLine = normalizedLine + } + } + + trimmedPreviousLine = trimmed + + if recordingComments { + if !strings.HasPrefix(comments, "# Copyright") { + // The line is a type, for example - !ruby/object:Api::Type::Array. + // The lines of types are not present in Go yaml files + if strings.HasPrefix(trimmed, "- !ruby/object") || strings.HasPrefix(trimmed, "--- !ruby/object") { + continue + } + + // Remove suffix " !ruby/object" as the types are not present in Go yaml files + indexOfRuby := strings.Index(normalizedLine, ": !ruby/object") + if indexOfRuby >= 0 { + normalizedLine = normalizedLine[:indexOfRuby+1] + } + // Remove suffix Api::Type:: + indexOfRuby = strings.Index(normalizedLine, " Api::Type::") + if indexOfRuby >= 0 { + normalizedLine = normalizedLine[:indexOfRuby] + } + + // Some fields are renamed during yaml file conversion + field := strings.Split(normalizedLine, ":")[0] + if shouldUseFieldName(normalizedLine) { + normalizedLine = field + } + + field = strings.TrimSpace(field) + if goName, ok := renamedFields[field]; ok { + normalizedLine = strings.Replace(normalizedLine, field, goName, 1) + } + + key := fmt.Sprintf("%s$%s$%s", previousNameLine, nestedNameLine, normalizedLine) + commentsMap[key] = comments + } + recordingComments = false + comments = "" + } + } + } + + // Read Go yaml while writing to a temp file + firstLine := true + nestedNameLine = "" + previousNameLine = "" + newFilePath := fmt.Sprintf("%s_new", goPath) + fo, _ := os.Create(newFilePath) + w := bufio.NewWriter(fo) + file, _ = os.Open(goPath) + defer file.Close() + scanner = bufio.NewScanner(file) + for scanner.Scan() { + line := scanner.Text() + + if firstLine { + if strings.Contains(line, "NOT CONVERTED - RUN YAML MODE") { + firstLine = false + continue + } else { + break + } + } + + if len(commentsMap) > 0 && !wholeLineComment.MatchString(line) && line != "" { // This line is not a comment + normalizedLine := strings.ReplaceAll(line, "'", "") + normalizedLine = strings.ReplaceAll(normalizedLine, `"`, "") + trimmed := strings.TrimSpace(normalizedLine) + index := strings.Index(normalizedLine, trimmed) + + if index == 0 { + previousNameLine = "" + nestedNameLine = "" + } else if index >= 2 && strings.HasPrefix(trimmed, "- name:") { + if nestedNameLine != "" { + previousNameLine = nestedNameLine + } + nestedNameLine = normalizedLine + } + + field := strings.Split(normalizedLine, ":")[0] + if shouldUseFieldName(normalizedLine) { + normalizedLine = field + } + + key := fmt.Sprintf("%s$%s$%s", previousNameLine, nestedNameLine, normalizedLine) + if comments, ok := commentsMap[key]; ok { + delete(commentsMap, key) + line = fmt.Sprintf("%s\n%s", comments, line) + } + } + _, err := w.WriteString(fmt.Sprintf("%s\n", line)) + if err != nil { + log.Fatalf("Error when writing the line %s: %#v", line, err) + } + } + + if !firstLine { + // Flush writes any buffered data to the underlying io.Writer. + if err = w.Flush(); err != nil { + panic(err) + } + + if len(commentsMap) > 0 { + log.Printf("Some comments in rubyPath %s are not copied over: %#v", rubyPath, commentsMap) + } + // Overwrite original file with temp + os.Rename(newFilePath, goPath) + } else { + os.Remove(newFilePath) + } + } + } + log.Printf("Finished to copy comments from Ruby yaml files to Go yaml files") +} + +// custom template files in Go yaml files have different names +// The format of primary_resource_name for enum is different in Go yaml files +func shouldUseFieldName(line string) bool { + filedNames := []string{ + "templates/terraform/", + "primary_resource_name:", + "default_value:", + "deprecation_message:", + } + for _, fieldName := range filedNames { + if strings.Contains(line, fieldName) { + return true + } + } + return false +} + +// Used to copy/paste text from Ruby -> Go YAML files +func CopyText(identifier string, tempMode bool) { + var allProductFiles []string = make([]string, 0) + glob := "products/**/go_product.yaml" + if tempMode { + glob = "products/**/*.temp" + } + files, err := filepath.Glob(glob) + if err != nil { + return + } + for _, filePath := range files { + dir := filepath.Dir(filePath) + productPath := fmt.Sprintf("products/%s", filepath.Base(dir)) + if !slices.Contains(allProductFiles, productPath) { + allProductFiles = append(allProductFiles, productPath) + } + } + for _, productPath := range allProductFiles { if strings.Contains(productPath, "healthcare") || strings.Contains(productPath, "memorystore") { continue @@ -52,6 +334,20 @@ func CopyText(identifier string, last bool) { if strings.HasSuffix(yamlPath, "_new") { continue } + + if tempMode { + cutName, found := strings.CutSuffix(yamlPath, ".temp") + if !found { + continue + } + + baseName := filepath.Base(yamlPath) + yamlMap[baseName] = make([]string, 2) + yamlMap[baseName][1] = yamlPath + yamlMap[baseName][0] = cutName + continue + } + fileName := filepath.Base(yamlPath) baseName, found := strings.CutPrefix(fileName, "go_") if yamlMap[baseName] == nil { @@ -113,14 +409,13 @@ func CopyText(identifier string, last bool) { if firstLine { if strings.Contains(line, "NOT CONVERTED - RUN YAML MODE") { firstLine = false - if !last { - w.WriteString(fmt.Sprintf("NOT CONVERTED - RUN YAML MODE\n")) - } + w.WriteString(fmt.Sprintf("NOT CONVERTED - RUN YAML MODE\n")) continue } else { break } } + if strings.Contains(line, identifier) { if index >= len(text) { log.Printf("did not replace %s correctly! Is the file named correctly?", goPath) @@ -168,5 +463,10 @@ func terminateText(line string) bool { return false } + // Whole line comments + if regexp.MustCompile(`^\s*#.*?`).MatchString(line) { + return true + } + return regexp.MustCompile(`^\s*[a-z_]+:[\s$]*`).MatchString(line) } diff --git a/mmv1/go.mod b/mmv1/go.mod index 6ba2aa672c36..79316b0a09ea 100644 --- a/mmv1/go.mod +++ b/mmv1/go.mod @@ -8,3 +8,7 @@ require ( ) require github.com/golang/glog v1.2.0 + +require github.com/otiai10/copy v1.9.0 + +require golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect diff --git a/mmv1/go.sum b/mmv1/go.sum index 02e4ed2c5647..14b659976106 100644 --- a/mmv1/go.sum +++ b/mmv1/go.sum @@ -2,8 +2,16 @@ github.com/golang/glog v1.2.0 h1:uCdmnmatrKCgMBlM4rMuJZWOkPDqdbZPnrMXDY4gI68= github.com/golang/glog v1.2.0/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/otiai10/copy v1.9.0 h1:7KFNiCgZ91Ru4qW4CWPf/7jqtxLagGRmIxWldPP9VY4= +github.com/otiai10/copy v1.9.0/go.mod h1:hsfX19wcn0UWIHUQ3/4fHuehhk2UyArQ9dVFAn3FczI= +github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= +github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= +github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= +github.com/otiai10/mint v1.4.0/go.mod h1:gifjb2MYOoULtKLqUAEILUG/9KONW6f7YsJ6vQLTlFI= golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ= golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= diff --git a/mmv1/google/slice_utils.go b/mmv1/google/slice_utils.go index 75ad22de3b7d..20219c7c85e1 100644 --- a/mmv1/google/slice_utils.go +++ b/mmv1/google/slice_utils.go @@ -39,3 +39,19 @@ func Reject[T any](S []T, test func(T) bool) (ret []T) { func Concat[T any](S1 []T, S2 []T) (ret []T) { return append(S1, S2...) } + +// difference returns the elements in `S1` that aren't in `S2`. +func Diff(S1, S2 []string) []string { + var ret []string + mb := make(map[string]bool, len(S2)) + for _, x := range S2 { + mb[x] = true + } + + for _, x := range S1 { + if _, found := mb[x]; !found { + ret = append(ret, x) + } + } + return ret +} diff --git a/mmv1/google/template_utils.go b/mmv1/google/template_utils.go index 78eb2dea26ac..9a8c5480cde9 100644 --- a/mmv1/google/template_utils.go +++ b/mmv1/google/template_utils.go @@ -65,6 +65,7 @@ var TemplateFunctions = template.FuncMap{ "join": strings.Join, "lower": strings.ToLower, "upper": strings.ToUpper, + "hasSuffix": strings.HasSuffix, "dict": wrapMultipleParams, "format2regex": Format2Regex, "hasPrefix": strings.HasPrefix, diff --git a/mmv1/main.go b/mmv1/main.go index 1e8f08d0efb6..19ac6c6c7ec7 100644 --- a/mmv1/main.go +++ b/mmv1/main.go @@ -1,12 +1,14 @@ package main import ( + "errors" "flag" "fmt" "log" "os" "path" "path/filepath" + "reflect" "sort" "strings" "sync" @@ -28,6 +30,8 @@ var outputPath = flag.String("output", "", "path to output generated files to") // Example usage: --version beta var version = flag.String("version", "", "optional version name. If specified, this version is preferred for resource generation when applicable") +var overrideDirectory = flag.String("overrides", "", "directory containing yaml overrides") + var product = flag.String("product", "", "optional product name. If specified, the resources under the specific product will be generated. Otherwise, resources under all products will be generated.") var resourceToGenerate = flag.String("resource", "", "optional resource name. Limits generation to the specified resource within a particular product.") @@ -36,6 +40,8 @@ var doNotGenerateCode = flag.Bool("no-code", false, "do not generate code") var doNotGenerateDocs = flag.Bool("no-docs", false, "do not generate docs") +var forceProvider = flag.String("provider", "", "optional provider name. If specified, a non-default provider will be used.") + // Example usage: --yaml var yamlMode = flag.Bool("yaml", false, "copy text over from ruby yaml to go yaml") @@ -45,20 +51,27 @@ var templateMode = flag.Bool("template", false, "copy templates over from .erb t // Example usage: --handwritten var handwrittenMode = flag.Bool("handwritten", false, "copy handwritten files over from .erb to go .tmpl") +var yamlTempMode = flag.Bool("yaml-temp", false, "copy text over from ruby yaml to go yaml in a temp file") + +var handwrittenTempFiles = flag.String("handwritten-temp", "", "copy specific handwritten files over from .erb to go .tmpl.temp comma separated") +var templateTempFiles = flag.String("template-temp", "", "copy specific templates over from .erb to go .tmpl.temp comma separated") + +var showImportDiffs = flag.Bool("show-import-diffs", false, "write go import diffs to stdout") + func main() { flag.Parse() - if *yamlMode { - CopyAllDescriptions() + if *yamlMode || *yamlTempMode { + CopyAllDescriptions(*yamlTempMode) } - if *templateMode { - convertTemplates() + if *templateMode || *templateTempFiles != "" { + convertTemplates(*templateTempFiles) } - if *handwrittenMode { - convertAllHandwrittenFiles() + if *handwrittenMode || *handwrittenTempFiles != "" { + convertAllHandwrittenFiles(*handwrittenTempFiles) } if outputPath == nil || *outputPath == "" { @@ -86,13 +99,43 @@ func main() { files, err := filepath.Glob("products/**/product.yaml") if err != nil { - return + panic(err) } for _, filePath := range files { dir := filepath.Dir(filePath) allProductFiles = append(allProductFiles, fmt.Sprintf("products/%s", filepath.Base(dir))) } - // TODO rewrite: override directory + + if *overrideDirectory != "" { + log.Printf("Using override directory %s", *overrideDirectory) + + // Normalize override dir to a path that is relative to the magic-modules directory + // This is needed for templates that concatenate pwd + override dir + path + if filepath.IsAbs(*overrideDirectory) { + wd, err := os.Getwd() + if err != nil { + panic(err) + } + *overrideDirectory, err = filepath.Rel(wd, *overrideDirectory) + log.Printf("Override directory normalized to relative path %s", *overrideDirectory) + } + + overrideFiles, err := filepath.Glob(fmt.Sprintf("%s/products/**/product.yaml", *overrideDirectory)) + if err != nil { + panic(err) + } + for _, filePath := range overrideFiles { + product, err := filepath.Rel(*overrideDirectory, filePath) + if err != nil { + panic(err) + } + dir := filepath.Dir(product) + productFile := fmt.Sprintf("products/%s", filepath.Base(dir)) + if !slices.Contains(allProductFiles, productFile) { + allProductFiles = append(allProductFiles, productFile) + } + } + } if allProducts { productsToGenerate = allProductFiles @@ -105,6 +148,7 @@ func main() { startTime := time.Now() log.Printf("Generating MM output to '%s'", *outputPath) log.Printf("Using %s version", *version) + log.Printf("Using %s provider", *forceProvider) // Building compute takes a long time and can't be parallelized within the product // so lets build it first @@ -115,21 +159,28 @@ func main() { return false }) - var providerToGenerate *provider.Terraform - var productsForVersion []*api.Product + var providerToGenerate provider.Provider - ch := make(chan string, len(allProductFiles)) + productFileChannel := make(chan string, len(allProductFiles)) + productsForVersionChannel := make(chan *api.Product, len(allProductFiles)) for _, pf := range allProductFiles { - ch <- pf + productFileChannel <- pf } for i := 0; i < len(allProductFiles); i++ { wg.Add(1) - go GenerateProduct(ch, providerToGenerate, &productsForVersion, startTime, productsToGenerate, *resourceToGenerate, generateCode, generateDocs) + go GenerateProduct(productFileChannel, providerToGenerate, productsForVersionChannel, startTime, productsToGenerate, *resourceToGenerate, *overrideDirectory, generateCode, generateDocs) } wg.Wait() - close(ch) + close(productFileChannel) + close(productsForVersionChannel) + + var productsForVersion []*api.Product + + for p := range productsForVersionChannel { + productsForVersion = append(productsForVersion, p) + } slices.SortFunc(productsForVersion, func(p1, p2 *api.Product) int { return strings.Compare(strings.ToLower(p1.Name), strings.ToLower(p2.Name)) @@ -138,60 +189,116 @@ func main() { // In order to only copy/compile files once per provider this must be called outside // of the products loop. This will get called with the provider from the final iteration // of the loop - providerToGenerate = provider.NewTerraform(productsForVersion[0], *version, startTime) - + providerToGenerate = setProvider(*forceProvider, *version, productsForVersion[0], startTime) providerToGenerate.CopyCommonFiles(*outputPath, generateCode, generateDocs) - log.Printf("Compiling common files for terraform") if generateCode { providerToGenerate.CompileCommonFiles(*outputPath, productsForVersion, "") - - // TODO rewrite: product overrides } + + provider.FixImports(*outputPath, *showImportDiffs) } -func GenerateProduct(productChannel chan string, providerToGenerate *provider.Terraform, productsForVersion *[]*api.Product, startTime time.Time, productsToGenerate []string, resourceToGenerate string, generateCode, generateDocs bool) { +func GenerateProduct(productChannel chan string, providerToGenerate provider.Provider, productsForVersionChannel chan *api.Product, startTime time.Time, productsToGenerate []string, resourceToGenerate, overrideDirectory string, generateCode, generateDocs bool) { defer wg.Done() productName := <-productChannel - productYamlPath := path.Join(productName, "go_product.yaml") + productYamlPath := path.Join(productName, "product.yaml") - // TODO rewrite: uncomment the error check that if the product.yaml exists for each product - // after Go-converted product.yaml files are complete for all products - // if _, err := os.Stat(productYamlPath); errors.Is(err, os.ErrNotExist) { - // log.Fatalf("%s does not contain a product.yaml file", productName) - // } + var productOverridePath string + if overrideDirectory != "" { + productOverridePath = filepath.Join(overrideDirectory, productName, "product.yaml") + } + + _, baseProductErr := os.Stat(productYamlPath) + baseProductExists := !errors.Is(baseProductErr, os.ErrNotExist) - // TODO rewrite: product overrides + _, overrideProductErr := os.Stat(productOverridePath) + overrideProductExists := !errors.Is(overrideProductErr, os.ErrNotExist) - if _, err := os.Stat(productYamlPath); err == nil { - var resources []*api.Resource = make([]*api.Resource, 0) + if !(baseProductExists || overrideProductExists) { + log.Fatalf("%s does not contain a product.yaml file", productName) + } - productApi := &api.Product{} - api.Compile(productYamlPath, productApi) + productApi := &api.Product{} - if !productApi.ExistsAtVersionOrLower(*version) { - log.Printf("%s does not have a '%s' version, skipping", productName, *version) - return + if overrideProductExists { + if baseProductExists { + api.Compile(productYamlPath, productApi, overrideDirectory) + overrideApiProduct := &api.Product{} + api.Compile(productOverridePath, overrideApiProduct, overrideDirectory) + + api.Merge(reflect.ValueOf(productApi), reflect.ValueOf(*overrideApiProduct)) + } else { + api.Compile(productOverridePath, productApi, overrideDirectory) } + } else { + api.Compile(productYamlPath, productApi, overrideDirectory) + } - resourceFiles, err := filepath.Glob(fmt.Sprintf("%s/*", productName)) - if err != nil { - log.Fatalf("Cannot get resources files: %v", err) + var resources []*api.Resource = make([]*api.Resource, 0) + + if !productApi.ExistsAtVersionOrLower(*version) { + log.Printf("%s does not have a '%s' version, skipping", productName, *version) + return + } + + resourceFiles, err := filepath.Glob(fmt.Sprintf("%s/*", productName)) + if err != nil { + log.Fatalf("Cannot get resources files: %v", err) + } + // Base resource loop + for _, resourceYamlPath := range resourceFiles { + if filepath.Base(resourceYamlPath) == "product.yaml" || filepath.Ext(resourceYamlPath) != ".yaml" { + continue } - for _, resourceYamlPath := range resourceFiles { - if filepath.Base(resourceYamlPath) == "product.yaml" || filepath.Ext(resourceYamlPath) != ".yaml" { + + if overrideDirectory != "" { + // skip if resource will be merged in the override loop + resourceOverridePath := filepath.Join(overrideDirectory, resourceYamlPath) + _, overrideResourceErr := os.Stat(resourceOverridePath) + overrideResourceExists := !errors.Is(overrideResourceErr, os.ErrNotExist) + if overrideResourceExists { continue } + } + + resource := &api.Resource{} + api.Compile(resourceYamlPath, resource, overrideDirectory) - // Prepend "go_" to the Go yaml files' name to distinguish with the ruby yaml files - if filepath.Base(resourceYamlPath) == "go_product.yaml" || !strings.HasPrefix(filepath.Base(resourceYamlPath), "go_") { + resource.TargetVersionName = *version + resource.Properties = resource.AddLabelsRelatedFields(resource.PropertiesWithExcluded(), nil) + resource.SetDefault(productApi) + resource.Validate() + resources = append(resources, resource) + } + + // Override Resource Loop + if overrideDirectory != "" { + productOverrideDir := filepath.Dir(productOverridePath) + overrideFiles, err := filepath.Glob(fmt.Sprintf("%s/*", productOverrideDir)) + if err != nil { + log.Fatalf("Cannot get override files: %v", err) + } + for _, overrideYamlPath := range overrideFiles { + if filepath.Base(overrideYamlPath) == "product.yaml" || filepath.Ext(overrideYamlPath) != ".yaml" { continue } resource := &api.Resource{} - api.Compile(resourceYamlPath, resource) + + baseResourcePath := filepath.Join(productName, filepath.Base(overrideYamlPath)) + _, baseResourceErr := os.Stat(baseResourcePath) + baseResourceExists := !errors.Is(baseResourceErr, os.ErrNotExist) + if baseResourceExists { + api.Compile(baseResourcePath, resource, overrideDirectory) + overrideResource := &api.Resource{} + api.Compile(overrideYamlPath, overrideResource, overrideDirectory) + api.Merge(reflect.ValueOf(resource), reflect.ValueOf(*overrideResource)) + } else { + api.Compile(overrideYamlPath, resource, overrideDirectory) + } resource.TargetVersionName = *version resource.Properties = resource.AddLabelsRelatedFields(resource.PropertiesWithExcluded(), nil) @@ -200,27 +307,39 @@ func GenerateProduct(productChannel chan string, providerToGenerate *provider.Te resources = append(resources, resource) } - // TODO rewrite: override resources - // Sort resources by name sort.Slice(resources, func(i, j int) bool { return resources[i].Name < resources[j].Name }) - productApi.Objects = resources - productApi.Validate() + } - // TODO rewrite: set other providers via flag - providerToGenerate = provider.NewTerraform(productApi, *version, startTime) + productApi.Objects = resources + productApi.Validate() - *productsForVersion = append(*productsForVersion, productApi) + providerToGenerate = setProvider(*forceProvider, *version, productApi, startTime) - if !slices.Contains(productsToGenerate, productName) { - log.Printf("%s not specified, skipping generation", productName) - return - } + productsForVersionChannel <- productApi + + if !slices.Contains(productsToGenerate, productName) { + log.Printf("%s not specified, skipping generation", productName) + return + } + + log.Printf("%s: Generating files", productName) + providerToGenerate.Generate(*outputPath, productName, resourceToGenerate, generateCode, generateDocs) +} - log.Printf("%s: Generating files", productName) - providerToGenerate.Generate(*outputPath, productName, resourceToGenerate, generateCode, generateDocs) +// Sets provider via flag +func setProvider(forceProvider, version string, productApi *api.Product, startTime time.Time) provider.Provider { + switch forceProvider { + case "tgc": + return provider.NewTerraformGoogleConversion(productApi, version, startTime) + case "tgc_cai2hcl": + return provider.NewCaiToTerraformConversion(productApi, version, startTime) + case "oics": + return provider.NewTerraformOiCS(productApi, version, startTime) + default: + return provider.NewTerraform(productApi, version, startTime) } } diff --git a/mmv1/products/accessapproval/FolderSettings.yaml b/mmv1/products/accessapproval/FolderSettings.yaml index b16f1d807c30..a1dd54828251 100644 --- a/mmv1/products/accessapproval/FolderSettings.yaml +++ b/mmv1/products/accessapproval/FolderSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,67 +11,72 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: FolderSettings -base_url: 'folders/{{folder_id}}/accessApprovalSettings' -self_link: 'folders/{{folder_id}}/accessApprovalSettings' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true +--- +name: 'FolderSettings' +legacy_name: 'google_folder_access_approval_settings' description: | Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/folders' -legacy_name: 'google_folder_access_approval_settings' -import_format: ['folders/{{folder_id}}/accessApprovalSettings'] +docs: +base_url: 'folders/{{folder_id}}/accessApprovalSettings' +self_link: 'folders/{{folder_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'folders/{{folder_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/access_approval.go.tmpl' + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/clear_folder_access_approval_settings.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'folder_access_approval_full' + - name: 'folder_access_approval_full' primary_resource_id: 'folder_access_approval' vars: folder_name: 'my-folder' test_env_vars: - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'folder_access_approval_active_key_version' + org_id: 'ORG_ID' + exclude_test: true + - name: 'folder_access_approval_active_key_version' primary_resource_id: 'folder_access_approval' vars: folder_name: 'my-folder' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_folder_access_approval_settings.go.erb - pre_create: templates/terraform/update_mask.erb - constants: templates/terraform/constants/access_approval.go.erb + org_id: 'ORG_ID' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: folder_id + - name: 'folder_id' + type: String description: | ID of the folder of the access approval settings. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" output: true - - !ruby/object:Api::Type::Array - name: notificationEmails + - name: 'notificationEmails' + type: Array description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. - max_size: 50 - item_type: Api::Type::String is_set: true default_from_api: true - - !ruby/object:Api::Type::Array - name: enrolledServices - required: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -79,12 +84,13 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true + required: true set_hash_func: accessApprovalEnrolledServicesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: cloudProduct - required: true + - name: 'cloudProduct' + type: String description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): * all @@ -110,34 +116,35 @@ properties: * iam.googleapis.com * pubsub.googleapis.com * storage.googleapis.com - - !ruby/object:Api::Type::Enum - name: enrollmentLevel + required: true + - name: 'enrollmentLevel' + type: Enum description: | The enrollment level of the service. - default_value: :BLOCK_ALL - values: - - :BLOCK_ALL - - !ruby/object:Api::Type::Boolean - name: enrolledAncestor - output: true + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean description: | If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. - - !ruby/object:Api::Type::String - name: activeKeyVersion + output: true + - name: 'activeKeyVersion' + type: String description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - !ruby/object:Api::Type::Boolean - name: ancestorHasActiveKeyVersion - output: true + - name: 'ancestorHasActiveKeyVersion' + type: Boolean description: | If the field is true, that indicates that an ancestor of this Folder has set active_key_version. - - !ruby/object:Api::Type::Boolean - name: invalidKeyVersion output: true + - name: 'invalidKeyVersion' + type: Boolean description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. + output: true diff --git a/mmv1/products/accessapproval/OrganizationSettings.yaml b/mmv1/products/accessapproval/OrganizationSettings.yaml index 7e72511aedd5..5503efb7d19e 100644 --- a/mmv1/products/accessapproval/OrganizationSettings.yaml +++ b/mmv1/products/accessapproval/OrganizationSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,62 +11,67 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: OrganizationSettings -base_url: 'organizations/{{organization_id}}/accessApprovalSettings' -self_link: 'organizations/{{organization_id}}/accessApprovalSettings' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true +--- +name: 'OrganizationSettings' +legacy_name: 'google_organization_access_approval_settings' description: | Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations' -legacy_name: 'google_organization_access_approval_settings' -import_format: ['organizations/{{organization_id}}/accessApprovalSettings'] +docs: +base_url: 'organizations/{{organization_id}}/accessApprovalSettings' +self_link: 'organizations/{{organization_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'organizations/{{organization_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/clear_organization_access_approval_settings.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'organization_access_approval_full' + - name: 'organization_access_approval_full' primary_resource_id: 'organization_access_approval' test_env_vars: - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'organization_access_approval_active_key_version' + org_id: 'ORG_ID' + exclude_test: true + - name: 'organization_access_approval_active_key_version' primary_resource_id: 'organization_access_approval' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_organization_access_approval_settings.go.erb - pre_create: templates/terraform/update_mask.erb + org_id: 'ORG_ID' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: organization_id + - name: 'organization_id' + type: String description: | ID of the organization of the access approval settings. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings" output: true - - !ruby/object:Api::Type::Array - name: notificationEmails + - name: 'notificationEmails' + type: Array description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. - max_size: 50 - item_type: Api::Type::String is_set: true default_from_api: true - - !ruby/object:Api::Type::Array - name: enrolledServices - required: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -74,12 +79,13 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true + required: true set_hash_func: accessApprovalEnrolledServicesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: cloudProduct - required: true + - name: 'cloudProduct' + type: String description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all @@ -92,32 +98,33 @@ properties: iam.googleapis.com pubsub.googleapis.com storage.googleapis.com - - !ruby/object:Api::Type::Enum - name: enrollmentLevel + required: true + - name: 'enrollmentLevel' + type: Enum description: | The enrollment level of the service. - default_value: :BLOCK_ALL - values: - - :BLOCK_ALL - - !ruby/object:Api::Type::Boolean - name: enrolledAncestor - output: true + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean description: | This field will always be unset for the organization since organizations do not have ancestors. - - !ruby/object:Api::Type::String - name: activeKeyVersion + output: true + - name: 'activeKeyVersion' + type: String description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. - - !ruby/object:Api::Type::Boolean - name: ancestorHasActiveKeyVersion - output: true + - name: 'ancestorHasActiveKeyVersion' + type: Boolean description: | This field will always be unset for the organization since organizations do not have ancestors. - - !ruby/object:Api::Type::Boolean - name: invalidKeyVersion output: true + - name: 'invalidKeyVersion' + type: Boolean description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.). + output: true diff --git a/mmv1/products/accessapproval/ProjectSettings.yaml b/mmv1/products/accessapproval/ProjectSettings.yaml index 68eddf5026e8..adaa591ac172 100644 --- a/mmv1/products/accessapproval/ProjectSettings.yaml +++ b/mmv1/products/accessapproval/ProjectSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,64 +11,69 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: ProjectSettings -base_url: 'projects/{{project_id}}/accessApprovalSettings' -self_link: 'projects/{{project_id}}/accessApprovalSettings' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true +--- +name: 'ProjectSettings' +legacy_name: 'google_project_access_approval_settings' description: | Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/projects' -legacy_name: 'google_project_access_approval_settings' -import_format: ['projects/{{project_id}}/accessApprovalSettings'] +docs: +base_url: 'projects/{{project_id}}/accessApprovalSettings' +self_link: 'projects/{{project_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/clear_project_access_approval_settings.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'project_access_approval_full' + - name: 'project_access_approval_full' primary_resource_id: 'project_access_approval' test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'project_access_approval_active_key_version' + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + exclude_test: true + - name: 'project_access_approval_active_key_version' primary_resource_id: 'project_access_approval' test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_project_access_approval_settings.go.erb - pre_create: templates/terraform/update_mask.erb + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: project_id + - name: 'project_id' + type: String description: | ID of the project of the access approval settings. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the settings. Format is "projects/{project_id}/accessApprovalSettings" output: true - - !ruby/object:Api::Type::Array - name: notificationEmails + - name: 'notificationEmails' + type: Array description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. - max_size: 50 - item_type: Api::Type::String is_set: true default_from_api: true - - !ruby/object:Api::Type::Array - name: enrolledServices - required: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -76,12 +81,13 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true + required: true set_hash_func: accessApprovalEnrolledServicesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: cloudProduct - required: true + - name: 'cloudProduct' + type: String description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all @@ -94,40 +100,40 @@ properties: iam.googleapis.com pubsub.googleapis.com storage.googleapis.com - - !ruby/object:Api::Type::Enum - name: enrollmentLevel + required: true + - name: 'enrollmentLevel' + type: Enum description: | The enrollment level of the service. - default_value: :BLOCK_ALL - values: - - :BLOCK_ALL - - !ruby/object:Api::Type::Boolean - name: enrolledAncestor - output: true + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean description: | If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project. - - !ruby/object:Api::Type::String - name: activeKeyVersion + output: true + - name: 'activeKeyVersion' + type: String description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - !ruby/object:Api::Type::Boolean - name: ancestorHasActiveKeyVersion - output: true + - name: 'ancestorHasActiveKeyVersion' + type: Boolean description: | If the field is true, that indicates that an ancestor of this Project has set active_key_version. - - !ruby/object:Api::Type::Boolean - name: invalidKeyVersion output: true + - name: 'invalidKeyVersion' + type: Boolean description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Project (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. - - !ruby/object:Api::Type::String - name: project + output: true + - name: 'project' + type: String description: | Project id. - deprecation_message: >- - `project` is deprecated and will be removed in a future major release. Use `project_id` instead. + deprecation_message: '`project` is deprecated and will be removed in a future major release. Use `project_id` instead.' diff --git a/mmv1/products/accessapproval/go_FolderSettings.yaml b/mmv1/products/accessapproval/go_FolderSettings.yaml deleted file mode 100644 index a466d51e29dd..000000000000 --- a/mmv1/products/accessapproval/go_FolderSettings.yaml +++ /dev/null @@ -1,151 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'FolderSettings' -legacy_name: 'google_folder_access_approval_settings' -description: | - Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: - guides: - api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/folders' -docs: -base_url: 'folders/{{folder_id}}/accessApprovalSettings' -self_link: 'folders/{{folder_id}}/accessApprovalSettings' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'folders/{{folder_id}}/accessApprovalSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/access_approval.go.tmpl' - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_folder_access_approval_settings.go.tmpl' -examples: - - name: 'folder_access_approval_full' - primary_resource_id: 'folder_access_approval' - vars: - folder_name: 'my-folder' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true - - name: 'folder_access_approval_active_key_version' - primary_resource_id: 'folder_access_approval' - vars: - folder_name: 'my-folder' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true -parameters: - - name: 'folder_id' - type: String - description: | - ID of the folder of the access approval settings. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" - output: true - - name: 'notificationEmails' - type: Array - description: | - A list of email addresses to which notifications relating to approval requests should be sent. - Notifications relating to a resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are allowed. - is_set: true - default_from_api: true - item_type: - type: String - max_size: 50 - - name: 'enrolledServices' - type: Array - description: | - A list of Google Cloud Services for which the given resource has Access Approval enrolled. - Access requests for the resource given by name against any of these services contained here will be required - to have explicit approval. Enrollment can only be done on an all or nothing basis. - - A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. - is_set: true - required: true - set_hash_func: accessApprovalEnrolledServicesHash - item_type: - type: NestedObject - properties: - - name: 'cloudProduct' - type: String - description: | - The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): - * all - * App Engine - * BigQuery - * Cloud Bigtable - * Cloud Key Management Service - * Compute Engine - * Cloud Dataflow - * Cloud Identity and Access Management - * Cloud Pub/Sub - * Cloud Storage - * Persistent Disk - - Note: These values are supported as input, but considered a legacy format: - * all - * appengine.googleapis.com - * bigquery.googleapis.com - * bigtable.googleapis.com - * cloudkms.googleapis.com - * compute.googleapis.com - * dataflow.googleapis.com - * iam.googleapis.com - * pubsub.googleapis.com - * storage.googleapis.com - required: true - - name: 'enrollmentLevel' - type: Enum - description: | - The enrollment level of the service. - default_value: "BLOCK_ALL" - enum_values: - - 'BLOCK_ALL' - - name: 'enrolledAncestor' - type: Boolean - description: | - If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. - output: true - - name: 'activeKeyVersion' - type: String - description: | - The asymmetric crypto key version to use for signing approval requests. - Empty active_key_version indicates that a Google-managed key should be used for signing. - This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - name: 'ancestorHasActiveKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that an ancestor of this Folder has set active_key_version. - output: true - - name: 'invalidKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that there is some configuration issue with the active_key_version - configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the - correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, - as key versions are inherited top-down. - output: true diff --git a/mmv1/products/accessapproval/go_OrganizationSettings.yaml b/mmv1/products/accessapproval/go_OrganizationSettings.yaml deleted file mode 100644 index c486995d8b83..000000000000 --- a/mmv1/products/accessapproval/go_OrganizationSettings.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'OrganizationSettings' -legacy_name: 'google_organization_access_approval_settings' -description: | - Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: - guides: - api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations' -docs: -base_url: 'organizations/{{organization_id}}/accessApprovalSettings' -self_link: 'organizations/{{organization_id}}/accessApprovalSettings' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'organizations/{{organization_id}}/accessApprovalSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_organization_access_approval_settings.go.tmpl' -examples: - - name: 'organization_access_approval_full' - primary_resource_id: 'organization_access_approval' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true - - name: 'organization_access_approval_active_key_version' - primary_resource_id: 'organization_access_approval' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true -parameters: - - name: 'organization_id' - type: String - description: | - ID of the organization of the access approval settings. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings" - output: true - - name: 'notificationEmails' - type: Array - description: | - A list of email addresses to which notifications relating to approval requests should be sent. - Notifications relating to a resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are allowed. - is_set: true - default_from_api: true - item_type: - type: String - max_size: 50 - - name: 'enrolledServices' - type: Array - description: | - A list of Google Cloud Services for which the given resource has Access Approval enrolled. - Access requests for the resource given by name against any of these services contained here will be required - to have explicit approval. Enrollment can be done for individual services. - - A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. - is_set: true - required: true - set_hash_func: accessApprovalEnrolledServicesHash - item_type: - type: NestedObject - properties: - - name: 'cloudProduct' - type: String - description: | - The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): - all - appengine.googleapis.com - bigquery.googleapis.com - bigtable.googleapis.com - cloudkms.googleapis.com - compute.googleapis.com - dataflow.googleapis.com - iam.googleapis.com - pubsub.googleapis.com - storage.googleapis.com - required: true - - name: 'enrollmentLevel' - type: Enum - description: | - The enrollment level of the service. - default_value: "BLOCK_ALL" - enum_values: - - 'BLOCK_ALL' - - name: 'enrolledAncestor' - type: Boolean - description: | - This field will always be unset for the organization since organizations do not have ancestors. - output: true - - name: 'activeKeyVersion' - type: String - description: | - The asymmetric crypto key version to use for signing approval requests. - Empty active_key_version indicates that a Google-managed key should be used for signing. - - name: 'ancestorHasActiveKeyVersion' - type: Boolean - description: | - This field will always be unset for the organization since organizations do not have ancestors. - output: true - - name: 'invalidKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that there is some configuration issue with the active_key_version - configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the - correct permissions on it, etc.). - output: true diff --git a/mmv1/products/accessapproval/go_ProjectSettings.yaml b/mmv1/products/accessapproval/go_ProjectSettings.yaml deleted file mode 100644 index 806609b22c4f..000000000000 --- a/mmv1/products/accessapproval/go_ProjectSettings.yaml +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ProjectSettings' -legacy_name: 'google_project_access_approval_settings' -description: | - Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: - guides: - api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/projects' -docs: -base_url: 'projects/{{project_id}}/accessApprovalSettings' -self_link: 'projects/{{project_id}}/accessApprovalSettings' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project_id}}/accessApprovalSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_project_access_approval_settings.go.tmpl' -examples: - - name: 'project_access_approval_full' - primary_resource_id: 'project_access_approval' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' - skip_test: true - - name: 'project_access_approval_active_key_version' - primary_resource_id: 'project_access_approval' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' - skip_test: true -parameters: - - name: 'project_id' - type: String - description: | - ID of the project of the access approval settings. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the settings. Format is "projects/{project_id}/accessApprovalSettings" - output: true - - name: 'notificationEmails' - type: Array - description: | - A list of email addresses to which notifications relating to approval requests should be sent. - Notifications relating to a resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are allowed. - is_set: true - default_from_api: true - item_type: - type: String - max_size: 50 - - name: 'enrolledServices' - type: Array - description: | - A list of Google Cloud Services for which the given resource has Access Approval enrolled. - Access requests for the resource given by name against any of these services contained here will be required - to have explicit approval. Enrollment can only be done on an all or nothing basis. - - A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. - is_set: true - required: true - set_hash_func: accessApprovalEnrolledServicesHash - item_type: - type: NestedObject - properties: - - name: 'cloudProduct' - type: String - description: | - The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): - all - appengine.googleapis.com - bigquery.googleapis.com - bigtable.googleapis.com - cloudkms.googleapis.com - compute.googleapis.com - dataflow.googleapis.com - iam.googleapis.com - pubsub.googleapis.com - storage.googleapis.com - required: true - - name: 'enrollmentLevel' - type: Enum - description: | - The enrollment level of the service. - default_value: "BLOCK_ALL" - enum_values: - - 'BLOCK_ALL' - - name: 'enrolledAncestor' - type: Boolean - description: | - If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project. - output: true - - name: 'activeKeyVersion' - type: String - description: | - The asymmetric crypto key version to use for signing approval requests. - Empty active_key_version indicates that a Google-managed key should be used for signing. - This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - name: 'ancestorHasActiveKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that an ancestor of this Project has set active_key_version. - output: true - - name: 'invalidKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that there is some configuration issue with the active_key_version - configured on this Project (e.g. it doesn't exist or the Access Approval service account doesn't have the - correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, - as key versions are inherited top-down. - output: true - - name: 'project' - type: String - description: | - Project id. - deprecation_message: '`project` is deprecated and will be removed in a future major release. Use `project_id` instead.' diff --git a/mmv1/products/accessapproval/go_product.yaml b/mmv1/products/accessapproval/go_product.yaml deleted file mode 100644 index d925b1742897..000000000000 --- a/mmv1/products/accessapproval/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessApproval' -display_name: 'Access Approval' -versions: - - name: 'ga' - base_url: 'https://accessapproval.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/accessapproval/product.yaml b/mmv1/products/accessapproval/product.yaml index ec7d98243638..e79e232839c3 100644 --- a/mmv1/products/accessapproval/product.yaml +++ b/mmv1/products/accessapproval/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: AccessApproval -display_name: Access Approval +--- +name: 'AccessApproval' +display_name: 'Access Approval' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://accessapproval.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://accessapproval.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/accesscontextmanager/AccessLevel.yaml b/mmv1/products/accesscontextmanager/AccessLevel.yaml index e569f44574f4..f18ee80cf48e 100644 --- a/mmv1/products/accesscontextmanager/AccessLevel.yaml +++ b/mmv1/products/accesscontextmanager/AccessLevel.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,109 +11,126 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- # This is the singular of `AccessLevels`, any changes here should be made to `AccessLevels` as well name: 'AccessLevel' -# This is an unusual API, so we need to use a few fields to map the methods -# to the right URL. -# create_url is the Create URL -# base_url is the Get and Delete and Patch URL. It is empty on purpose. -# List won't work yet. It should share a URL with Create. -create_url: '{{parent}}/accessLevels' -base_url: '' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' description: | An AccessLevel is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied. -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. -autogen_async: true id_format: '{{name}}' -import_format: ['{{name}}'] +base_url: '' +self_link: '{{name}}' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{parent}}/accessLevels' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/access_level_never_send_parent.go.tmpl' + custom_import: 'templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_access_level_basic' - skip_test: true + - name: 'access_context_manager_access_level_basic' primary_resource_id: 'access-level' vars: access_level_name: 'chromeos_no_lock' -# Skipping the sweeper due to the non-standard base_url -skip_sweeper: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/access_level_never_send_parent.go.erb - custom_import: templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.erb + exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. # This must be done at the provider level. - - !ruby/object:Api::Type::String - name: parent - immutable: true - required: true + - name: 'parent' + type: String description: | The AccessPolicy this AccessLevel lives in. Format: accessPolicies/{policy_id} - ignore_read: true - - !ruby/object:Api::Type::String - name: name - immutable: true required: true + immutable: true + ignore_read: true + - name: 'name' + type: String description: | Resource name for the Access Level. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/accessLevels/{short_name} -properties: - - !ruby/object:Api::Type::String - name: title required: true + immutable: true +properties: + - name: 'title' + type: String description: | Human readable title. Must be unique within the Policy. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: | Description of the AccessLevel and its use. Does not affect behavior. - - !ruby/object:Api::Type::NestedObject - name: 'basic' + - name: 'basic' + type: NestedObject description: | A set of predefined conditions for the access level and a combining function. conflicts: - custom properties: - - !ruby/object:Api::Type::Enum - name: 'combiningFunction' + - name: 'combiningFunction' + type: Enum description: | How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. - default_value: :AND - values: - - :AND - - :OR - custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "AND" + enum_values: + - 'AND' + - 'OR' # All of the false defaults below here are omitted on purpose. # Let's keep this as simple as possible, since they will all be set by the API. - - !ruby/object:Api::Type::Array - name: 'conditions' - required: true - min_size: 1 + - name: 'conditions' + type: Array description: | A set of requirements for the AccessLevel to be granted. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'ipSubnetworks' + - name: 'ipSubnetworks' + type: Array description: | A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. @@ -125,18 +142,20 @@ properties: is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'requiredAccessLevels' + item_type: + type: String + - name: 'requiredAccessLevels' + type: Array description: | A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name} - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'members' + item_type: + type: String + - name: 'members' + type: Array description: | An allowed list of members (users, service accounts). Using groups is not supported yet. @@ -146,152 +165,158 @@ properties: from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}` - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'negate' + item_type: + type: String + - name: 'negate' + type: Boolean description: | Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false. - - !ruby/object:Api::Type::NestedObject - name: 'devicePolicy' + - name: 'devicePolicy' + type: NestedObject description: | Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. properties: - - !ruby/object:Api::Type::Boolean - name: 'requireScreenLock' - api_name: 'requireScreenlock' + - name: 'requireScreenLock' + type: Boolean description: | Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowedEncryptionStatuses' + api_name: requireScreenlock + - name: 'allowedEncryptionStatuses' + type: Array description: | A list of allowed encryptions statuses. An empty list allows all statuses. - item_type: !ruby/object:Api::Type::Enum - name: 'undefined' + item_type: + type: Enum description: | This field only has a name and description because of MM limitations. It should not appear in downstreams. - values: - - :ENCRYPTION_UNSPECIFIED - - :ENCRYPTION_UNSUPPORTED - - :UNENCRYPTED - - :ENCRYPTED - - !ruby/object:Api::Type::Array - name: 'allowedDeviceManagementLevels' + enum_values: + - 'ENCRYPTION_UNSPECIFIED' + - 'ENCRYPTION_UNSUPPORTED' + - 'UNENCRYPTED' + - 'ENCRYPTED' + - name: 'allowedDeviceManagementLevels' + type: Array description: | A list of allowed device management levels. An empty list allows all management levels. - item_type: !ruby/object:Api::Type::Enum - name: 'undefined' + item_type: + type: Enum description: | This field only has a name and description because of MM limitations. It should not appear in downstreams. - values: - - :MANAGEMENT_UNSPECIFIED - - :NONE - - :BASIC - - :COMPLETE - - !ruby/object:Api::Type::Array - name: 'osConstraints' + enum_values: + - 'MANAGEMENT_UNSPECIFIED' + - 'NONE' + - 'BASIC' + - 'COMPLETE' + - name: 'osConstraints' + type: Array description: | A list of allowed OS versions. An empty list allows all types and all versions. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'minimumVersion' + - name: 'minimumVersion' + type: String description: | The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1". - - !ruby/object:Api::Type::Boolean - name: 'requireVerifiedChromeOs' + - name: 'requireVerifiedChromeOs' + type: Boolean description: If you specify DESKTOP_CHROME_OS for osType, you can optionally include requireVerifiedChromeOs to require Chrome Verified Access. - - !ruby/object:Api::Type::Enum - name: 'osType' - required: true + - name: 'osType' + type: Enum description: | The operating system type of the device. - values: - - :OS_UNSPECIFIED - - :DESKTOP_MAC - - :DESKTOP_WINDOWS - - :DESKTOP_LINUX - - :DESKTOP_CHROME_OS - - :ANDROID - - :IOS - - !ruby/object:Api::Type::Boolean - name: 'requireAdminApproval' + required: true + enum_values: + - 'OS_UNSPECIFIED' + - 'DESKTOP_MAC' + - 'DESKTOP_WINDOWS' + - 'DESKTOP_LINUX' + - 'DESKTOP_CHROME_OS' + - 'ANDROID' + - 'IOS' + - name: 'requireAdminApproval' + type: Boolean description: | Whether the device needs to be approved by the customer admin. - - !ruby/object:Api::Type::Boolean - name: 'requireCorpOwned' + - name: 'requireCorpOwned' + type: Boolean description: | Whether the device needs to be corp owned. - - !ruby/object:Api::Type::Array - name: 'regions' + - name: 'regions' + type: Array description: | The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'vpcNetworkSources' + item_type: + type: String + - name: 'vpcNetworkSources' + type: Array description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'vpcSubnetwork' + - name: 'vpcSubnetwork' + type: NestedObject description: 'Sub networks within a VPC network.' properties: - - !ruby/object:Api::Type::String - name: 'network' - required: true + - name: 'network' + type: String description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' - - !ruby/object:Api::Type::Array - name: 'vpcIpSubnetworks' + required: true + - name: 'vpcIpSubnetworks' + type: Array description: 'CIDR block IP subnetwork specification. Must be IPv4.' - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'custom' + item_type: + type: String + min_size: 1 + - name: 'custom' + type: NestedObject description: | Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec. conflicts: - basic properties: - - !ruby/object:Api::Type::NestedObject - name: 'expr' - required: true + - name: 'expr' + type: NestedObject description: | Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. This page details the objects and attributes that are used to the build the CEL expressions for custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. + required: true properties: - - !ruby/object:Api::Type::String - name: 'expression' - required: true + - name: 'expression' + type: String description: Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: 'title' + required: true + - name: 'title' + type: String description: Title for the expression, i.e. a short string describing its purpose. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: Description of the expression - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: String indicating the location of the expression for error reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml b/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml index 13106afd628a..8fc07a0f06a8 100644 --- a/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml +++ b/mmv1/products/accesscontextmanager/AccessLevelCondition.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,20 +11,58 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AccessLevelCondition' +description: | + Allows configuring a single access level condition to be appended to an access level's conditions. + This resource is intended to be used in cases where it is not possible to compile a full list + of conditions to include in a `google_access_context_manager_access_level` resource, + to enable them to be added separately. + + ~> **Note:** If this resource is used alongside a `google_access_context_manager_access_level` resource, + the access level resource must have a `lifecycle` block with `ignore_changes = [basic[0].conditions]` so + they don't fight over which service accounts should be included. +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' +docs: + warning: | + If you are using User ADCs (Application Default Credentials) with this resource, + you must specify a `billing_project` and set `user_project_override` to true + in the provider configuration. Otherwise the ACM API will return a 403 error. + Your account must have the `serviceusage.services.use` permission on the + `billing_project` you defined. +id_format: '{{access_level}}' +base_url: '' +self_link: '{{access_level}}' # This is an unusual API, so we need to use a few fields to map the methods # to the right URL. # create_url is the Create URL # base_url is the Get and Delete and Patch URL. It is empty on purpose. # List won't work yet. It should share a URL with Create. create_url: '{{access_level}}' -base_url: '' -self_link: '{{access_level}}' -create_verb: :PATCH -delete_verb: :PATCH -immutable: true +create_verb: 'PATCH' update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{access_level}}' +import_format: + - '{{access_level}}' + # no unique way to specify +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistence' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 + actions: ['create'] identity: - ipSubnetworks - requiredAccessLevels @@ -32,63 +70,36 @@ identity: - negate - devicePolicy - regions -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true +nested_query: keys: - basic - conditions -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' -description: | - Allows configuring a single access level condition to be appended to an access level's conditions. - This resource is intended to be used in cases where it is not possible to compile a full list - of conditions to include in a `google_access_context_manager_access_level` resource, - to enable them to be added separately. - - ~> **Note:** If this resource is used alongside a `google_access_context_manager_access_level` resource, - the access level resource must have a `lifecycle` block with `ignore_changes = [basic[0].conditions]` so - they don't fight over which service accounts should be included. -docs: !ruby/object:Provider::Terraform::Docs - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -async: !ruby/object:Provider::Terraform::PollAsync - check_response_func_existence: transport_tpg.PollCheckForExistence - actions: ['create'] -autogen_async: true + is_list_of_ids: false + modify_by_patch: true +custom_code: exclude_tgc: true -exclude_import: true # no unique way to specify # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under AccessLevel -skip_sweeper: true -id_format: '{{access_level}}' -import_format: ['{{access_level}}'] -mutex: '{{access_level}}' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_access_level_condition_basic' - skip_test: true + - name: 'access_context_manager_access_level_condition_basic' primary_resource_id: 'access-level-condition' vars: access_level_name: 'chromeos_no_lock' account_id: 'my-account-id' + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'accessLevel' - resource: 'AccessLevel' - imports: 'name' + - name: 'accessLevel' + type: ResourceRef description: | The name of the Access Level to add this condition to. + url_param_only: true required: true immutable: true - url_param_only: true + resource: 'AccessLevel' + imports: 'name' properties: - - !ruby/object:Api::Type::Array - name: 'ipSubnetworks' + - name: 'ipSubnetworks' + type: Array description: | A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. @@ -100,18 +111,20 @@ properties: is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'requiredAccessLevels' + item_type: + type: String + - name: 'requiredAccessLevels' + type: Array description: | A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name} - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'members' + item_type: + type: String + - name: 'members' + type: Array description: | An allowed list of members (users, service accounts). Using groups is not supported yet. @@ -121,111 +134,116 @@ properties: from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}` - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'negate' + item_type: + type: String + - name: 'negate' + type: Boolean description: | Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false. - - !ruby/object:Api::Type::NestedObject - name: 'devicePolicy' + - name: 'devicePolicy' + type: NestedObject description: | Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. properties: - - !ruby/object:Api::Type::Boolean - name: 'requireScreenLock' - api_name: 'requireScreenlock' + - name: 'requireScreenLock' + type: Boolean description: | Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowedEncryptionStatuses' + api_name: requireScreenlock + - name: 'allowedEncryptionStatuses' + type: Array description: | A list of allowed encryptions statuses. An empty list allows all statuses. - item_type: !ruby/object:Api::Type::Enum - name: 'undefined' + item_type: + type: Enum description: | This field only has a name and description because of MM limitations. It should not appear in downstreams. - values: - - :ENCRYPTION_UNSPECIFIED - - :ENCRYPTION_UNSUPPORTED - - :UNENCRYPTED - - :ENCRYPTED - - !ruby/object:Api::Type::Array - name: 'allowedDeviceManagementLevels' + enum_values: + - 'ENCRYPTION_UNSPECIFIED' + - 'ENCRYPTION_UNSUPPORTED' + - 'UNENCRYPTED' + - 'ENCRYPTED' + - name: 'allowedDeviceManagementLevels' + type: Array description: | A list of allowed device management levels. An empty list allows all management levels. - item_type: !ruby/object:Api::Type::Enum - name: 'undefined' + item_type: + type: Enum description: | This field only has a name and description because of MM limitations. It should not appear in downstreams. - values: - - :MANAGEMENT_UNSPECIFIED - - :NONE - - :BASIC - - :COMPLETE - - !ruby/object:Api::Type::Array - name: 'osConstraints' + enum_values: + - 'MANAGEMENT_UNSPECIFIED' + - 'NONE' + - 'BASIC' + - 'COMPLETE' + - name: 'osConstraints' + type: Array description: | A list of allowed OS versions. An empty list allows all types and all versions. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'minimumVersion' + - name: 'minimumVersion' + type: String description: | The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1". - - !ruby/object:Api::Type::Enum - name: 'osType' - required: true + - name: 'osType' + type: Enum description: | The operating system type of the device. - values: - - :OS_UNSPECIFIED - - :DESKTOP_MAC - - :DESKTOP_WINDOWS - - :DESKTOP_LINUX - - :DESKTOP_CHROME_OS - - :ANDROID - - :IOS - - !ruby/object:Api::Type::Boolean - name: 'requireAdminApproval' + required: true + enum_values: + - 'OS_UNSPECIFIED' + - 'DESKTOP_MAC' + - 'DESKTOP_WINDOWS' + - 'DESKTOP_LINUX' + - 'DESKTOP_CHROME_OS' + - 'ANDROID' + - 'IOS' + - name: 'requireAdminApproval' + type: Boolean description: | Whether the device needs to be approved by the customer admin. - - !ruby/object:Api::Type::Boolean - name: 'requireCorpOwned' + - name: 'requireCorpOwned' + type: Boolean description: | Whether the device needs to be corp owned. - - !ruby/object:Api::Type::Array - name: 'regions' + - name: 'regions' + type: Array description: | The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'vpcNetworkSources' + item_type: + type: String + - name: 'vpcNetworkSources' + type: Array description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'vpcSubnetwork' + - name: 'vpcSubnetwork' + type: NestedObject description: 'Sub networks within a VPC network.' properties: - - !ruby/object:Api::Type::String - name: 'network' - required: true + - name: 'network' + type: String description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' - - !ruby/object:Api::Type::Array - name: 'vpcIpSubnetworks' + required: true + - name: 'vpcIpSubnetworks' + type: Array description: 'CIDR block IP subnetwork specification. Must be IPv4.' - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/accesscontextmanager/AccessLevels.yaml b/mmv1/products/accesscontextmanager/AccessLevels.yaml index 3dc73e403baf..6db368f12d28 100644 --- a/mmv1/products/accesscontextmanager/AccessLevels.yaml +++ b/mmv1/products/accesscontextmanager/AccessLevels.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,113 +11,131 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- # This is the plural of `AccessLevel`, any changes here should be made to `AccessLevel` as well name: 'AccessLevels' -base_url: '{{parent}}/accessLevels:replaceAll' -update_url: '{{parent}}/accessLevels:replaceAll' -self_link: '{{parent}}/accessLevels' -update_verb: :POST -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + Replace all existing Access Levels in an Access Policy with the Access Levels provided. This is done atomically. + This is a bulk edit of all Access Levels and may override existing Access Levels created by `google_access_context_manager_access_level`, + thus causing a permadiff if used alongside `google_access_context_manager_access_level` on the same parent. +references: guides: 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | This resource is authoritative over the access levels under an access policy. Due to a limitation in Terraform, it will overwrite all preexisting access levels during a create opration without displaying the old values on the left side of plan. To prevent this, we recommend importing the resource before applying it if overwriting preexisting rules, as the plan will correctly display the complete changes to your access policy if the resource is present in state. -description: | - Replace all existing Access Levels in an Access Policy with the Access Levels provided. This is done atomically. - This is a bulk edit of all Access Levels and may override existing Access Levels created by `google_access_context_manager_access_level`, - thus causing a permadiff if used alongside `google_access_context_manager_access_level` on the same parent. -autogen_async: true id_format: '{{parent}}/accessLevels' -import_format: ['{{parent}}/accessLevels'] +base_url: '{{parent}}/accessLevels:replaceAll' +self_link: '{{parent}}/accessLevels' +update_url: '{{parent}}/accessLevels:replaceAll' +update_verb: 'POST' +import_format: + - '{{parent}}/accessLevels' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/replace_all_access_levels_empty_list.go.tmpl' + custom_import: 'templates/terraform/custom_import/set_access_policy_parent_from_access_policy.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_access_levels_basic' - skip_test: true + - name: 'access_context_manager_access_levels_basic' primary_resource_id: 'access-levels' vars: access_level_name1: 'chromeos_no_lock' access_level_name2: 'mac_no_lock' -# Skipping the sweeper due to the non-standard base_url -skip_sweeper: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/set_access_policy_parent_from_access_policy.go.erb - custom_delete: templates/terraform/custom_delete/replace_all_access_levels_empty_list.go.erb + exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. # This must be done at the provider level. - - !ruby/object:Api::Type::String - name: parent - immutable: true - required: true - url_param_only: true + - name: 'parent' + type: String description: | The AccessPolicy this AccessLevel lives in. Format: accessPolicies/{policy_id} + url_param_only: true + required: true + immutable: true ignore_read: true properties: - - !ruby/object:Api::Type::Array - name: 'accessLevels' + - name: 'accessLevels' + type: Array description: | The desired Access Levels that should replace all existing Access Levels in the Access Policy. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name - immutable: true - required: true + - name: 'name' + type: String description: | Resource name for the Access Level. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/accessLevels/{short_name} - - !ruby/object:Api::Type::String - name: title required: true + immutable: true + - name: 'title' + type: String description: | Human readable title. Must be unique within the Policy. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: | Description of the AccessLevel and its use. Does not affect behavior. - - !ruby/object:Api::Type::NestedObject - name: 'basic' + - name: 'basic' + type: NestedObject description: | A set of predefined conditions for the access level and a combining function. # conflicts: # - custom properties: - - !ruby/object:Api::Type::Enum - name: 'combiningFunction' + - name: 'combiningFunction' + type: Enum description: | How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. - default_value: :AND - values: - - :AND - - :OR - custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "AND" + enum_values: + - 'AND' + - 'OR' # All of the false defaults below here are omitted on purpose. # Let's keep this as simple as possible, since they will all be set by the API. - - !ruby/object:Api::Type::Array - name: 'conditions' - required: true - min_size: 1 + - name: 'conditions' + type: Array description: | A set of requirements for the AccessLevel to be granted. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'ipSubnetworks' + - name: 'ipSubnetworks' + type: Array description: | A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. @@ -129,18 +147,20 @@ properties: is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'requiredAccessLevels' + item_type: + type: String + - name: 'requiredAccessLevels' + type: Array description: | A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name} - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'members' + item_type: + type: String + - name: 'members' + type: Array description: | An allowed list of members (users, service accounts). Using groups is not supported yet. @@ -150,146 +170,152 @@ properties: from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}` - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'negate' + item_type: + type: String + - name: 'negate' + type: Boolean description: | Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false. - - !ruby/object:Api::Type::NestedObject - name: 'devicePolicy' + - name: 'devicePolicy' + type: NestedObject description: | Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. properties: - - !ruby/object:Api::Type::Boolean - name: 'requireScreenLock' - api_name: 'requireScreenlock' + - name: 'requireScreenLock' + type: Boolean description: | Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowedEncryptionStatuses' + api_name: requireScreenlock + - name: 'allowedEncryptionStatuses' + type: Array description: | A list of allowed encryptions statuses. An empty list allows all statuses. - item_type: !ruby/object:Api::Type::Enum - name: 'undefined' + item_type: + type: Enum description: | This field only has a name and description because of MM limitations. It should not appear in downstreams. - values: - - :ENCRYPTION_UNSPECIFIED - - :ENCRYPTION_UNSUPPORTED - - :UNENCRYPTED - - :ENCRYPTED - - !ruby/object:Api::Type::Array - name: 'allowedDeviceManagementLevels' + enum_values: + - 'ENCRYPTION_UNSPECIFIED' + - 'ENCRYPTION_UNSUPPORTED' + - 'UNENCRYPTED' + - 'ENCRYPTED' + - name: 'allowedDeviceManagementLevels' + type: Array description: | A list of allowed device management levels. An empty list allows all management levels. - item_type: !ruby/object:Api::Type::Enum - name: 'undefined' + item_type: + type: Enum description: | This field only has a name and description because of MM limitations. It should not appear in downstreams. - values: - - :MANAGEMENT_UNSPECIFIED - - :NONE - - :BASIC - - :COMPLETE - - !ruby/object:Api::Type::Array - name: 'osConstraints' + enum_values: + - 'MANAGEMENT_UNSPECIFIED' + - 'NONE' + - 'BASIC' + - 'COMPLETE' + - name: 'osConstraints' + type: Array description: | A list of allowed OS versions. An empty list allows all types and all versions. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'minimumVersion' + - name: 'minimumVersion' + type: String description: | The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1". - - !ruby/object:Api::Type::Enum - name: 'osType' - required: true + - name: 'osType' + type: Enum description: | The operating system type of the device. - values: - - :OS_UNSPECIFIED - - :DESKTOP_MAC - - :DESKTOP_WINDOWS - - :DESKTOP_LINUX - - :DESKTOP_CHROME_OS - - :ANDROID - - :IOS - - !ruby/object:Api::Type::Boolean - name: 'requireAdminApproval' + required: true + enum_values: + - 'OS_UNSPECIFIED' + - 'DESKTOP_MAC' + - 'DESKTOP_WINDOWS' + - 'DESKTOP_LINUX' + - 'DESKTOP_CHROME_OS' + - 'ANDROID' + - 'IOS' + - name: 'requireAdminApproval' + type: Boolean description: | Whether the device needs to be approved by the customer admin. - - !ruby/object:Api::Type::Boolean - name: 'requireCorpOwned' + - name: 'requireCorpOwned' + type: Boolean description: | Whether the device needs to be corp owned. - - !ruby/object:Api::Type::Array - name: 'regions' + - name: 'regions' + type: Array description: | The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'vpcNetworkSources' + item_type: + type: String + - name: 'vpcNetworkSources' + type: Array description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'vpcSubnetwork' + - name: 'vpcSubnetwork' + type: NestedObject description: 'Sub networks within a VPC network.' properties: - - !ruby/object:Api::Type::String - name: 'network' - required: true + - name: 'network' + type: String description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' - - !ruby/object:Api::Type::Array - name: 'vpcIpSubnetworks' + required: true + - name: 'vpcIpSubnetworks' + type: Array description: 'CIDR block IP subnetwork specification. Must be IPv4.' - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'custom' + item_type: + type: String + min_size: 1 + - name: 'custom' + type: NestedObject description: | Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec. # conflicts: # - basic properties: - - !ruby/object:Api::Type::NestedObject - name: 'expr' - required: true + - name: 'expr' + type: NestedObject description: | Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. This page details the objects and attributes that are used to the build the CEL expressions for custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. + required: true properties: - - !ruby/object:Api::Type::String - name: 'expression' - required: true + - name: 'expression' + type: String description: Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: 'title' + required: true + - name: 'title' + type: String description: Title for the expression, i.e. a short string describing its purpose. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: Description of the expression - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: String indicating the location of the expression for error reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/AccessPolicy.yaml b/mmv1/products/accesscontextmanager/AccessPolicy.yaml index d034c12a39c7..d554c8d05ebc 100644 --- a/mmv1/products/accesscontextmanager/AccessPolicy.yaml +++ b/mmv1/products/accesscontextmanager/AccessPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,90 +11,109 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AccessPolicy' -base_url: accessPolicies -self_link: 'accessPolicies/{{name}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies' description: | AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies' +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. -autogen_async: true id_format: '{{name}}' -import_format: ['{{name}}'] -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'name' - allowed_iam_role: 'roles/accesscontextmanager.policyAdmin' +base_url: 'accessPolicies' +self_link: 'accessPolicies/{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST - import_format: ['accessPolicies/{{name}}', '{{name}}'] - iam_conditions_request_type: null + fetch_iam_policy_verb: 'POST' + allowed_iam_role: 'roles/accesscontextmanager.policyAdmin' + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'accessPolicies/{{name}}' + - '{{name}}' +custom_code: + post_create: 'templates/terraform/post_create/accesspolicy.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_access_policy_basic' - skip_test: true + - name: 'access_context_manager_access_policy_basic' primary_resource_id: 'access-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_access_policy_scoped' - skip_test: true - skip_import_test: true + exclude_test: true + - name: 'access_context_manager_access_policy_scoped' primary_resource_id: 'access-policy' test_env_vars: - org_id: :ORG_ID - project: :PROJECT_NAME -# Skipping the sweeper due to the non-standard base_url -skip_sweeper: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/accesspolicy.erb + org_id: 'ORG_ID' + project: 'PROJECT_NAME' + exclude_test: true + exclude_import_test: true parameters: - - !ruby/object:Api::Type::String - name: parent - immutable: true - required: true + - name: 'parent' + type: String description: | The parent of this AccessPolicy in the Cloud Resource Hierarchy. Format: 'organizations/{{organization_id}}' - - !ruby/object:Api::Type::String - name: title required: true + immutable: true + - name: 'title' + type: String description: | Human readable title. Does not affect behavior. - - !ruby/object:Api::Type::Array - name: scopes + required: true + - name: 'scopes' + type: Array description: | Folder or project on which this policy is applicable. Format: 'folders/{{folder_id}}' or 'projects/{{project_number}}' - item_type: Api::Type::String + item_type: + type: String max_size: 1 properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | Resource name of the AccessPolicy. Format: '{{policy_id}}' output: true - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::Time - name: 'createTime' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'createTime' + type: Time description: | Time the AccessPolicy was created in UTC. output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | Time the AccessPolicy was updated in UTC. output: true diff --git a/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml b/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml index f2fa487bad44..c9cf4c94c9d9 100644 --- a/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml +++ b/mmv1/products/accesscontextmanager/AuthorizedOrgsDesc.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,82 +11,99 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AuthorizedOrgsDesc' -base_url: '' -create_url: '{{parent}}/authorizedOrgsDescs' -self_link: '{{name}}' -update_verb: :PATCH -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'gcloud docs': 'https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs' description: | An authorized organizations description describes a list of organizations (1) that have been authorized to use certain asset (for example, device) data owned by different organizations at the enforcement points, or (2) with certain asset (for example, device) have been authorized to access the resources in another organization at the enforcement points. -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'gcloud docs': 'https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs' +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. -autogen_async: true id_format: '{{name}}' -import_format: ['{{name}}'] +base_url: '' +self_link: '{{name}}' +create_url: '{{parent}}/authorizedOrgsDescs' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/access_level_never_send_parent.go.tmpl' + post_create: 'templates/terraform/post_create/sleep_2_min.go.tmpl' + pre_update: 'templates/terraform/update_mask.go.tmpl' + custom_import: 'templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_authorized_orgs_desc_basic' + - name: 'access_context_manager_authorized_orgs_desc_basic' primary_resource_id: 'authorized-orgs-desc' - skip_test: true -# Skipping the sweeper due to the non-standard base_url -skip_sweeper: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/access_level_never_send_parent.go.erb - pre_update: templates/terraform/update_mask.erb - post_create: templates/terraform/post_create/sleep_2_min.go.erb - custom_import: templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.erb + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: parent - immutable: true - required: true + - name: 'parent' + type: String description: | Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`. - ignore_read: true - - !ruby/object:Api::Type::String - name: name - immutable: true required: true + immutable: true + ignore_read: true + - name: 'name' + type: String description: | Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`. - - !ruby/object:Api::Type::Array - name: orgs + required: true + immutable: true + - name: 'orgs' + type: Array description: | The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456` - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: assetType - immutable: true + item_type: + type: String + - name: 'assetType' + type: Enum description: | The type of entities that need to use the authorization relationship during evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and "ASSET_TYPE_CREDENTIAL_STRENGTH". - values: - - :ASSET_TYPE_DEVICE - - :ASSET_TYPE_CREDENTIAL_STRENGTH - - !ruby/object:Api::Type::Enum - name: authorizationDirection immutable: true + enum_values: + - 'ASSET_TYPE_DEVICE' + - 'ASSET_TYPE_CREDENTIAL_STRENGTH' + - name: 'authorizationDirection' + type: Enum description: | The direction of the authorization relationship between this organization and the organizations listed in the "orgs" field. The valid values for this @@ -105,24 +122,25 @@ parameters: direction, organizations B and C must specify "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their "AuthorizedOrgsDesc" resource. - values: - - :AUTHORIZATION_DIRECTION_TO - - :AUTHORIZATION_DIRECTION_FROM - - !ruby/object:Api::Type::Enum - name: authorizationType immutable: true + enum_values: + - 'AUTHORIZATION_DIRECTION_TO' + - 'AUTHORIZATION_DIRECTION_FROM' + - name: 'authorizationType' + type: Enum description: | A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST". - values: - - :AUTHORIZATION_TYPE_TRUST + immutable: true + enum_values: + - 'AUTHORIZATION_TYPE_TRUST' properties: - - !ruby/object:Api::Type::Time - name: 'createTime' + - name: 'createTime' + type: Time description: | Time the AuthorizedOrgsDesc was created in UTC. output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | Time the AuthorizedOrgsDesc was updated in UTC. output: true diff --git a/mmv1/products/accesscontextmanager/EgressPolicy.yaml b/mmv1/products/accesscontextmanager/EgressPolicy.yaml index 839177977c95..26f89b895f1a 100644 --- a/mmv1/products/accesscontextmanager/EgressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/EgressPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,48 +11,68 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EgressPolicy' -create_url: '{{egress_policy_name}}' +description: | + This resource has been deprecated, please refer to ServicePerimeterEgressPolicy. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +docs: +id_format: '{{egress_policy_name}}/{{resource}}' base_url: '' self_link: '{{egress_policy_name}}' -create_verb: :PATCH -delete_verb: :PATCH -immutable: true +create_url: '{{egress_policy_name}}' +create_verb: 'PATCH' update_mask: true +delete_verb: 'PATCH' +immutable: true +import_format: + - '{{egress_policy_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' identity: - resource -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: true +nested_query: keys: - status - resources -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' -description: | - This resource has been deprecated, please refer to ServicePerimeterEgressPolicy. -autogen_async: true + is_list_of_ids: true + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_egress_policy.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter/IngressPolicy -skip_sweeper: true -id_format: '{{egress_policy_name}}/{{resource}}' -import_format: ['{{egress_policy_name}}/{{resource}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_egress_policy.go.erb +exclude_sweeper: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'egressPolicyName' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'egressPolicyName' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. + url_param_only: true required: true immutable: true - url_param_only: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A GCP resource that is inside of the service perimeter. required: true diff --git a/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml b/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml index 8293f9f7f05b..0c07c39a9e92 100644 --- a/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml +++ b/mmv1/products/accesscontextmanager/GcpUserAccessBinding.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,63 +11,83 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'GcpUserAccessBinding' -base_url: 'organizations/{{organization_id}}/gcpUserAccessBindings' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true description: | Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/organizations.gcpUserAccessBindings' +docs: id_format: '{{name}}' -import_format: ['{{name}}'] +base_url: 'organizations/{{organization_id}}/gcpUserAccessBindings' +self_link: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_import: 'templates/terraform/custom_import/set_id_name_with_slashes.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_gcp_user_access_binding_basic' - # Has a handwritten test due to AccessPolicy-related tests needing to run synchronously - skip_test: true + - name: 'access_context_manager_gcp_user_access_binding_basic' primary_resource_id: 'gcp_user_access_binding' vars: group_id: 'my-identity-group' access_level_id: 'access_level_id_for_user_access_binding' access_level_name: 'chromeos_no_lock' test_env_vars: - org_id: :ORG_ID - org_domain: :ORG_DOMAIN - cust_id: :CUST_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/set_id_name_with_slashes.go.erb + org_id: 'ORG_ID' + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + # Has a handwritten test due to AccessPolicy-related tests needing to run synchronously + exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. # This must be done at the provider level. - - !ruby/object:Api::Type::String - name: organizationId - immutable: true - required: true - url_param_only: true + - name: 'organizationId' + type: String description: | Required. ID of the parent organization. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N" - - !ruby/object:Api::Type::String - name: 'groupKey' + output: true + - name: 'groupKey' + type: String + description: | + Required. Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the G Suite Directory API's Groups resource. If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht" required: true immutable: true + - name: 'accessLevels' + type: Array description: | - Required. Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the G Suite Directory API's Groups resource. If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht" - - !ruby/object:Api::Type::Array - name: 'accessLevels' - item_type: Api::Type::String + Required. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" required: true + item_type: + type: String min_size: 1 max_size: 1 - description: | - Required. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" diff --git a/mmv1/products/accesscontextmanager/IngressPolicy.yaml b/mmv1/products/accesscontextmanager/IngressPolicy.yaml index fcf4e786a815..63e6e947ec27 100644 --- a/mmv1/products/accesscontextmanager/IngressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/IngressPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,48 +11,68 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'IngressPolicy' -create_url: '{{ingress_policy_name}}' +description: | + This resource has been deprecated, please refer to ServicePerimeterIngressPolicy. +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +docs: +id_format: '{{ingress_policy_name}}/{{resource}}' base_url: '' self_link: '{{ingress_policy_name}}' -create_verb: :PATCH -delete_verb: :PATCH -immutable: true +create_url: '{{ingress_policy_name}}' +create_verb: 'PATCH' update_mask: true +delete_verb: 'PATCH' +immutable: true +import_format: + - '{{ingress_policy_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' identity: - resource -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: true +nested_query: keys: - status - resources -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' -description: | - This resource has been deprecated, please refer to ServicePerimeterIngressPolicy. -autogen_async: true + is_list_of_ids: true + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter/IngressPolicy -skip_sweeper: true -id_format: '{{ingress_policy_name}}/{{resource}}' -import_format: ['{{ingress_policy_name}}/{{resource}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb +exclude_sweeper: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'ingressPolicyName' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'ingressPolicyName' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. + url_param_only: true required: true immutable: true - url_param_only: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A GCP resource that is inside of the service perimeter. required: true diff --git a/mmv1/products/accesscontextmanager/ServicePerimeter.yaml b/mmv1/products/accesscontextmanager/ServicePerimeter.yaml index 42860f0c5cbd..afcbfcf660df 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeter.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeter.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,23 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. +--- # This is the singular of `ServicePerimeters`, any changes here should be made to `ServicePerimeters` as well ---- !ruby/object:Api::Resource name: 'ServicePerimeter' -# This is an unusual API, so we need to use a few fields to map the methods -# to the right URL. -# create_url is the Create URL -# base_url is the Get and Delete and Patch URL. It is empty on purpose. -# List won't work yet. It should share a URL with Create. -create_url: '{{parent}}/servicePerimeters' -base_url: '' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' description: | ServicePerimeter describes a set of GCP resources which can freely import and export data amongst themselves, but not export outside of the @@ -38,84 +24,113 @@ description: | GCP project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only GCP projects as members, a single GCP project may belong to multiple Service Perimeter Bridges. -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. -autogen_async: true -# Skipping the sweeper due to the non-standard base_url -skip_sweeper: true id_format: '{{name}}' -import_format: ['{{name}}'] +base_url: '' +self_link: '{{name}}' +# This is an unusual API, so we need to use a few fields to map the methods +# to the right URL. +# create_url is the Create URL +# base_url is the Get and Delete and Patch URL. It is empty on purpose. +# List won't work yet. It should share a URL with Create. +create_url: '{{parent}}/servicePerimeters' +update_verb: 'PATCH' +update_mask: true mutex: '{{name}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + encoder: 'templates/terraform/encoders/access_level_never_send_parent.go.tmpl' + custom_import: 'templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.tmpl' +# Skipping the sweeper due to the non-standard base_url +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_basic' - skip_test: true + - name: 'access_context_manager_service_perimeter_basic' primary_resource_id: 'service-perimeter' vars: access_level_name: 'chromeos_no_lock' service_perimeter_name: 'restrict_storage' - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_secure_data_exchange' - skip_test: true + exclude_test: true + - name: 'access_context_manager_service_perimeter_secure_data_exchange' primary_resource_id: 'secure-data-exchange' vars: access_level_name: 'secure_data_exchange' - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_dry-run' - skip_test: true + exclude_test: true + - name: 'access_context_manager_service_perimeter_dry-run' primary_resource_id: 'service-perimeter' vars: service_perimeter_name: 'restrict_bigquery_dryrun_storage' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/access_level_never_send_parent.go.erb - custom_import: templates/terraform/custom_import/set_access_policy_parent_from_self_link.go.erb + exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. # This must be done at the provider level. - - !ruby/object:Api::Type::String - name: parent - immutable: true - required: true + - name: 'parent' + type: String description: | The AccessPolicy this ServicePerimeter lives in. Format: accessPolicies/{policy_id} - ignore_read: true - - !ruby/object:Api::Type::String - name: name - immutable: true required: true + immutable: true + ignore_read: true + - name: 'name' + type: String description: | Resource name for the ServicePerimeter. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} -properties: - - !ruby/object:Api::Type::String - name: title required: true + immutable: true +properties: + - name: 'title' + type: String description: | Human readable title. Must be unique within the Policy. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: | Description of the ServicePerimeter and its use. Does not affect behavior. - - !ruby/object:Api::Type::Time - name: 'createTime' + - name: 'createTime' + type: Time description: | Time the AccessPolicy was created in UTC. output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | Time the AccessPolicy was updated in UTC. output: true - - !ruby/object:Api::Type::Enum - name: 'perimeterType' + - name: 'perimeterType' + type: Enum description: | Specifies the type of the Perimeter. There are two types: regular and bridge. Regular Service Perimeter contains resources, access levels, @@ -133,33 +148,34 @@ properties: topologies with many independent perimeters that need to share some data with a common perimeter, but should not be able to share data among themselves. - values: - - :PERIMETER_TYPE_REGULAR - - :PERIMETER_TYPE_BRIDGE - default_value: :PERIMETER_TYPE_REGULAR - custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'status' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "PERIMETER_TYPE_REGULAR" + enum_values: + - 'PERIMETER_TYPE_REGULAR' + - 'PERIMETER_TYPE_BRIDGE' + - name: 'status' + type: NestedObject description: | ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries. properties: - - !ruby/object:Api::Type::Array - name: 'resources' + - name: 'resources' + type: Array description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} - at_least_one_of: - - status.0.resources - - status.0.access_levels - - status.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'accessLevels' + at_least_one_of: + - 'status.0.resources' + - 'status.0.access_levels' + - 'status.0.restricted_services' + item_type: + type: String + - name: 'accessLevels' + type: Array description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -171,86 +187,92 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - at_least_one_of: - - status.0.resources - - status.0.access_levels - - status.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'restrictedServices' + at_least_one_of: + - 'status.0.resources' + - 'status.0.access_levels' + - 'status.0.restricted_services' + item_type: + type: String + - name: 'restrictedServices' + type: Array description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. - at_least_one_of: - - status.0.resources - - status.0.access_levels - - status.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccessibleServices' + at_least_one_of: + - 'status.0.resources' + - 'status.0.access_levels' + - 'status.0.restricted_services' + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableRestriction' + - name: 'enableRestriction' + type: Boolean description: | Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'. - - !ruby/object:Api::Type::Array - name: 'allowedServices' + - name: 'allowedServices' + type: Array description: | The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True. - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'ingressPolicies' + item_type: + type: String + - name: 'ingressPolicies' + type: Array description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'ingressFrom' + - name: 'ingressFrom' + type: NestedObject description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' - item_type: Api::Type::String - is_set: true + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. - - !ruby/object:Api::Type::Array - name: 'sources' + is_set: true + item_type: + type: String + - name: 'sources' + type: Array description: | Sources that this `IngressPolicy` authorizes access from. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -260,8 +282,8 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -272,16 +294,14 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. - - !ruby/object:Api::Type::NestedObject - name: 'ingressTo' + - name: 'ingressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -291,166 +311,179 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` the sources specified in corresponding `IngressFrom` are allowed to perform in this `ServicePerimeter`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::Array - name: 'egressPolicies' + - name: 'egressPolicies' + type: Array description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'egressFrom' + - name: 'egressFrom' + type: NestedObject description: | Defines conditions on the source of a request causing this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'sources' + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'sources' + type: Array description: 'Sources that this EgressPolicy authorizes access from.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - !ruby/object:Api::Type::Enum - name: 'sourceRestriction' + - name: 'sourceRestriction' + type: Enum description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - values: - - :SOURCE_RESTRICTION_UNSPECIFIED - - :SOURCE_RESTRICTION_ENABLED - - :SOURCE_RESTRICTION_DISABLED - - !ruby/object:Api::Type::Array - name: 'identities' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'egressTo' + item_type: + type: String + - name: 'egressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - is_set: true - item_type: Api::Type::String + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. - - !ruby/object:Api::Type::Array - name: 'externalResources' is_set: true - item_type: Api::Type::String + item_type: + type: String + - name: 'externalResources' + type: Array description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` that this egress rule applies to. A request matches if it contains an operation/service in this list. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::NestedObject - name: 'spec' + - name: 'spec' + type: NestedObject description: | Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the `useExplicitDryRunSpec` flag is set. properties: - - !ruby/object:Api::Type::Array - name: 'resources' + - name: 'resources' + type: Array description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} - at_least_one_of: - - spec.0.resources - - spec.0.access_levels - - spec.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'accessLevels' + at_least_one_of: + - 'spec.0.resources' + - 'spec.0.access_levels' + - 'spec.0.restricted_services' + item_type: + type: String + - name: 'accessLevels' + type: Array description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -462,86 +495,92 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - at_least_one_of: - - spec.0.resources - - spec.0.access_levels - - spec.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'restrictedServices' + at_least_one_of: + - 'spec.0.resources' + - 'spec.0.access_levels' + - 'spec.0.restricted_services' + item_type: + type: String + - name: 'restrictedServices' + type: Array description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. - at_least_one_of: - - spec.0.resources - - spec.0.access_levels - - spec.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccessibleServices' + at_least_one_of: + - 'spec.0.resources' + - 'spec.0.access_levels' + - 'spec.0.restricted_services' + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableRestriction' + - name: 'enableRestriction' + type: Boolean description: | Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'. - - !ruby/object:Api::Type::Array - name: 'allowedServices' + - name: 'allowedServices' + type: Array description: | The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True. - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'ingressPolicies' + item_type: + type: String + - name: 'ingressPolicies' + type: Array description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'ingressFrom' + - name: 'ingressFrom' + type: NestedObject description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' - item_type: Api::Type::String - is_set: true + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. - - !ruby/object:Api::Type::Array - name: 'sources' + is_set: true + item_type: + type: String + - name: 'sources' + type: Array description: | Sources that this `IngressPolicy` authorizes access from. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -551,8 +590,8 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -560,16 +599,14 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. - - !ruby/object:Api::Type::NestedObject - name: 'ingressTo' + - name: 'ingressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -579,146 +616,158 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` the sources specified in corresponding `IngressFrom` are allowed to perform in this `ServicePerimeter`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::Array - name: 'egressPolicies' + - name: 'egressPolicies' + type: Array description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'egressFrom' + - name: 'egressFrom' + type: NestedObject description: | Defines conditions on the source of a request causing this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'sources' + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'sources' + type: Array description: 'Sources that this EgressPolicy authorizes access from.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - !ruby/object:Api::Type::Enum - name: 'sourceRestriction' + - name: 'sourceRestriction' + type: Enum description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - values: - - :SOURCE_RESTRICTION_UNSPECIFIED - - :SOURCE_RESTRICTION_ENABLED - - :SOURCE_RESTRICTION_DISABLED - - !ruby/object:Api::Type::Array - name: 'identities' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::NestedObject - name: 'egressTo' + item_type: + type: String + - name: 'egressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. - - !ruby/object:Api::Type::Array - name: 'externalResources' - item_type: Api::Type::String is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` that this egress rule applies to. A request matches if it contains an operation/service in this list. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::Boolean - name: 'useExplicitDryRunSpec' + - name: 'useExplicitDryRunSpec' + type: Boolean description: | Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml index 064ad347710a..59eb01ac0cd2 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunEgressPolicy.yaml @@ -10,26 +10,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource + +--- name: 'ServicePerimeterDryRunEgressPolicy' -create_url: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_verb: :PATCH -delete_verb: :PATCH -update_mask: true -immutable: true -identity: - - egressFrom - - egressTo -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: false - keys: - - spec - - egressPolicies -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' description: | Manage a single EgressPolicy in the spec (dry-run) configuration for a service perimeter. EgressPolicies match requests based on egressFrom and egressTo stanzas. @@ -43,121 +26,164 @@ description: | ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_dry_run_egress_policy' - skip_test: true +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - egressFrom + - egressTo +nested_query: + keys: + - spec + - egressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + pre_create: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + pre_update: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter -skip_sweeper: true -exclude_import: true -id_format: '{{perimeter}}' -import_format: ['{{perimeter}}'] -mutex: '{{perimeter}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb - pre_update: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb - pre_create: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb - pre_delete: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_dry_run_egress_policy' + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'perimeter' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'perimeter' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. - required: true url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::NestedObject - name: 'egressFrom' + - name: 'egressFrom' + type: NestedObject description: | Defines conditions on the source of a request causing this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'sources' + item_type: + type: String + - name: 'sources' + type: Array description: 'Sources that this EgressPolicy authorizes access from.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - !ruby/object:Api::Type::Enum - name: 'sourceRestriction' + - name: 'sourceRestriction' + type: Enum description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - values: - - :SOURCE_RESTRICTION_ENABLED - - :SOURCE_RESTRICTION_DISABLED - - !ruby/object:Api::Type::NestedObject - name: 'egressTo' + enum_values: + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. - - !ruby/object:Api::Type::Array - name: 'externalResources' - item_type: Api::Type::String + item_type: + type: String + - name: 'externalResources' + type: Array description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. - - !ruby/object:Api::Type::Array - name: 'operations' + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` that this egress rule applies to. A request matches if it contains an operation/service in this list. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml index 05dc07b8bf74..fd51dd83af7f 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunIngressPolicy.yaml @@ -10,26 +10,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource + +--- name: 'ServicePerimeterDryRunIngressPolicy' -create_url: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_verb: :PATCH -delete_verb: :PATCH -update_mask: true -immutable: true -identity: - - ingressFrom - - ingressTo -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: false - keys: - - spec - - ingressPolicies -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' description: | Manage a single IngressPolicy in the spec (dry-run) configuration for a service perimeter. IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, @@ -44,64 +27,103 @@ description: | ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_dry_run_ingress_policy' - skip_test: true +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - ingressFrom + - ingressTo +nested_query: + keys: + - spec + - ingressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + pre_create: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + pre_update: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter -skip_sweeper: true -exclude_import: true -id_format: '{{perimeter}}' -import_format: ['{{perimeter}}'] -mutex: '{{perimeter}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb - pre_update: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb - pre_create: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb - pre_delete: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_dry_run_ingress_policy' + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'perimeter' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'perimeter' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. - required: true url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::NestedObject - name: 'ingressFrom' + - name: 'ingressFrom' + type: NestedObject description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' - item_type: Api::Type::String + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. - - !ruby/object:Api::Type::Array - name: 'sources' + item_type: + type: String + - name: 'sources' + type: Array description: | Sources that this `IngressPolicy` authorizes access from. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -111,8 +133,8 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -120,15 +142,14 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. - - !ruby/object:Api::Type::NestedObject - name: 'ingressTo' + - name: 'ingressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -138,36 +159,40 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. - - !ruby/object:Api::Type::Array - name: 'operations' + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` the sources specified in corresponding `IngressFrom` are allowed to perform in this `ServicePerimeter`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml index a430d3c037e9..3672777787a0 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterDryRunResource.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,27 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ServicePerimeterDryRunResource' -create_url: '{{perimeter_name}}' -base_url: '' -self_link: '{{perimeter_name}}' -create_verb: :PATCH -delete_verb: :PATCH -immutable: true -update_mask: true -identity: - - resource -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: true - keys: - - spec - - resources -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' description: | Allows configuring a single GCP resource that should be inside of the `spec` block of a dry run service perimeter. This resource is intended to be used in cases where it is not possible to compile a full list @@ -42,45 +23,81 @@ description: | ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, the service perimeter resource must have a `lifecycle` block with `ignore_changes = [spec[0].resources]` so they don't fight over which resources should be in the policy. -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +id_format: '{{perimeter_name}}/{{resource}}' +base_url: '' +self_link: '{{perimeter_name}}' +create_url: '{{perimeter_name}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter_name}}' +import_format: + - '{{perimeter_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - resource +nested_query: + keys: + - spec + - resources + is_list_of_ids: true + modify_by_patch: true +custom_code: + pre_create: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + pre_update: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_create/access_context_manager_dry_run_resource.go.tmpl' + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter -skip_sweeper: true -id_format: '{{perimeter_name}}/{{resource}}' -import_format: ['{{perimeter_name}}/{{resource}}'] -mutex: '{{perimeter_name}}' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_dry_run_resource_basic' - skip_test: true + - name: 'access_context_manager_service_perimeter_dry_run_resource_basic' primary_resource_id: 'service-perimeter-dry-run-resource' vars: service_perimeter_name: 'restrict_all' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.erb - pre_update: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb - pre_create: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb - pre_delete: templates/terraform/pre_create/access_context_manager_dry_run_resource.go.erb + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'perimeterName' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'perimeterName' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. + url_param_only: true required: true immutable: true - url_param_only: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A GCP resource that is inside of the service perimeter. Currently only projects are allowed. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml index 6e27a59a5bcf..7e8dd583e830 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterEgressPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,26 +10,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource + +--- name: 'ServicePerimeterEgressPolicy' -create_url: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_verb: :PATCH -delete_verb: :PATCH -update_mask: true -immutable: true -identity: - - egressFrom - - egressTo -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: false - keys: - - status - - egressPolicies -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' description: | Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter. EgressPolicies match requests based on egressFrom and egressTo stanzas. @@ -43,119 +26,162 @@ description: | ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_egress_policy' - skip_test: true +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - egressFrom + - egressTo +nested_query: + keys: + - status + - egressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter -skip_sweeper: true -exclude_import: true -id_format: '{{perimeter}}' -import_format: ['{{perimeter}}'] -mutex: '{{perimeter}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_egress_policy' + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'perimeter' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'perimeter' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. - required: true url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::NestedObject - name: 'egressFrom' + - name: 'egressFrom' + type: NestedObject description: | Defines conditions on the source of a request causing this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'sources' + item_type: + type: String + - name: 'sources' + type: Array description: 'Sources that this EgressPolicy authorizes access from.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - !ruby/object:Api::Type::Enum - name: 'sourceRestriction' + - name: 'sourceRestriction' + type: Enum description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - values: - - :SOURCE_RESTRICTION_UNSPECIFIED - - :SOURCE_RESTRICTION_ENABLED - - :SOURCE_RESTRICTION_DISABLED - - !ruby/object:Api::Type::NestedObject - name: 'egressTo' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. - - !ruby/object:Api::Type::Array - name: 'externalResources' - item_type: Api::Type::String + item_type: + type: String + - name: 'externalResources' + type: Array description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. - - !ruby/object:Api::Type::Array - name: 'operations' + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` that this egress rule applies to. A request matches if it contains an operation/service in this list. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml index 2d2918be5579..24034fc9024f 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterIngressPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,26 +10,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource + +--- name: 'ServicePerimeterIngressPolicy' -create_url: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_verb: :PATCH -delete_verb: :PATCH -update_mask: true -immutable: true -identity: - - ingressFrom - - ingressTo -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: false - keys: - - status - - ingressPolicies -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' description: | Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter. IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, @@ -44,61 +27,100 @@ description: | ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_ingress_policy' - skip_test: true +references: + guides: + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' +docs: +id_format: '{{perimeter}}' +base_url: '' +self_link: '{{perimeter}}' +create_url: '{{perimeter}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter}}' +import_format: + - '{{perimeter}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - ingressFrom + - ingressTo +nested_query: + keys: + - status + - ingressPolicies + is_list_of_ids: false + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter -skip_sweeper: true -exclude_import: true -id_format: '{{perimeter}}' -import_format: ['{{perimeter}}'] -mutex: '{{perimeter}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_ingress_policy.go.erb +exclude_sweeper: true +examples: + - name: 'access_context_manager_service_perimeter_ingress_policy' + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'perimeter' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'perimeter' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. - required: true url_param_only: true + required: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::NestedObject - name: 'ingressFrom' + - name: 'ingressFrom' + type: NestedObject description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' - item_type: Api::Type::String + enum_values: + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. - - !ruby/object:Api::Type::Array - name: 'sources' + item_type: + type: String + - name: 'sources' + type: Array description: | Sources that this `IngressPolicy` authorizes access from. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -108,8 +130,8 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -120,15 +142,14 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. - - !ruby/object:Api::Type::NestedObject - name: 'ingressTo' + - name: 'ingressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -138,36 +159,40 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. - - !ruby/object:Api::Type::Array - name: 'operations' + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` the sources specified in corresponding `IngressFrom` are allowed to perform in this `ServicePerimeter`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml b/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml index 298b2bad26d7..1716c9cdfa2e 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeterResource.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,27 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ServicePerimeterResource' -create_url: '{{perimeter_name}}' -base_url: '' -self_link: '{{perimeter_name}}' -create_verb: :PATCH -delete_verb: :PATCH -immutable: true -update_mask: true -identity: - - resource -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - is_list_of_ids: true - keys: - - status - - resources -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' description: | Allows configuring a single GCP resource that should be inside the `status` block of a service perimeter. This resource is intended to be used in cases where it is not possible to compile a full list @@ -42,42 +23,78 @@ description: | ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].resources]` so they don't fight over which resources should be in the policy. -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. +id_format: '{{perimeter_name}}/{{resource}}' +base_url: '' +self_link: '{{perimeter_name}}' +create_url: '{{perimeter_name}}' +create_verb: 'PATCH' +update_mask: true +delete_verb: 'PATCH' +immutable: true +mutex: '{{perimeter_name}}' +import_format: + - '{{perimeter_name}}/{{resource}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - resource +nested_query: + keys: + - status + - resources + is_list_of_ids: true + modify_by_patch: true +custom_code: + custom_import: 'templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.tmpl' exclude_tgc: true # Skipping the sweeper due to the non-standard base_url and because this is fine-grained under ServicePerimeter -skip_sweeper: true -id_format: '{{perimeter_name}}/{{resource}}' -import_format: ['{{perimeter_name}}/{{resource}}'] -mutex: '{{perimeter_name}}' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeter_resource_basic' - skip_test: true + - name: 'access_context_manager_service_perimeter_resource_basic' primary_resource_id: 'service-perimeter-resource' vars: service_perimeter_name: 'restrict_all' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/access_context_manager_service_perimeter_resource.go.erb + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'perimeterName' - resource: 'ServicePerimeter' - imports: 'name' + - name: 'perimeterName' + type: ResourceRef description: | The name of the Service Perimeter to add this resource to. + url_param_only: true required: true immutable: true - url_param_only: true + resource: 'ServicePerimeter' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A GCP resource that is inside of the service perimeter. Currently only projects are allowed. diff --git a/mmv1/products/accesscontextmanager/ServicePerimeters.yaml b/mmv1/products/accesscontextmanager/ServicePerimeters.yaml index 98896714991d..be783e2cb85e 100644 --- a/mmv1/products/accesscontextmanager/ServicePerimeters.yaml +++ b/mmv1/products/accesscontextmanager/ServicePerimeters.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,85 +11,105 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource # This is the plural of `ServicePerimeter`, any changes here should be made to `ServicePerimeter` as well +--- + # This is the plural of `ServicePerimeter`, any changes here should be made to `ServicePerimeter` as well name: 'ServicePerimeters' -base_url: '{{parent}}/servicePerimeters:replaceAll' -update_url: '{{parent}}/servicePerimeters:replaceAll' -self_link: '{{parent}}/servicePerimeters' -update_verb: :POST -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' description: | Replace all existing Service Perimeters in an Access Policy with the Service Perimeters provided. This is done atomically. This is a bulk edit of all Service Perimeters and may override existing Service Perimeters created by `google_access_context_manager_service_perimeter`, thus causing a permadiff if used alongside `google_access_context_manager_service_perimeter` on the same parent. +references: + guides: + 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' + api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' +docs: +id_format: '{{parent}}/servicePerimeters' +base_url: '{{parent}}/servicePerimeters:replaceAll' +self_link: '{{parent}}/servicePerimeters' +update_url: '{{parent}}/servicePerimeters:replaceAll' +update_verb: 'POST' +import_format: + - '{{parent}}/servicePerimeters' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/replace_all_service_perimeters_empty_list.go.tmpl' + custom_import: 'templates/terraform/custom_import/set_access_policy_parent_from_access_policy.go.tmpl' # Skipping the sweeper due to the non-standard base_url -skip_sweeper: true -id_format: '{{parent}}/servicePerimeters' -import_format: ['{{parent}}/servicePerimeters'] +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'access_context_manager_service_perimeters_basic' - skip_test: true + - name: 'access_context_manager_service_perimeters_basic' primary_resource_id: 'service-perimeter' vars: access_level_name: 'chromeos_no_lock' service_perimeter_name: 'restrict_storage' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/set_access_policy_parent_from_access_policy.go.erb - custom_delete: templates/terraform/custom_delete/replace_all_service_perimeters_empty_list.go.erb + exclude_test: true parameters: # Parent is a path parameter that _cannot_ be read or sent in the request at all. # This must be done at the provider level. - - !ruby/object:Api::Type::String - name: parent - immutable: true - required: true + - name: 'parent' + type: String description: | The AccessPolicy this ServicePerimeter lives in. Format: accessPolicies/{policy_id} + required: true + immutable: true ignore_read: true properties: - - !ruby/object:Api::Type::Array - name: 'servicePerimeters' + - name: 'servicePerimeters' + type: Array description: | The desired Service Perimeters that should replace all existing Service Perimeters in the Access Policy. - custom_flatten: 'templates/terraform/custom_flatten/accesscontextmanager_serviceperimeters_custom_flatten.go.erb' - item_type: !ruby/object:Api::Type::NestedObject + custom_flatten: 'templates/terraform/custom_flatten/accesscontextmanager_serviceperimeters_custom_flatten.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name - immutable: true - required: true + - name: 'name' + type: String description: | Resource name for the ServicePerimeter. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} - - !ruby/object:Api::Type::String - name: title required: true + immutable: true + - name: 'title' + type: String description: | Human readable title. Must be unique within the Policy. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: | Description of the ServicePerimeter and its use. Does not affect behavior. - - !ruby/object:Api::Type::Time - name: 'createTime' + - name: 'createTime' + type: Time description: | Time the AccessPolicy was created in UTC. output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | Time the AccessPolicy was updated in UTC. output: true - - !ruby/object:Api::Type::Enum - name: 'perimeterType' + - name: 'perimeterType' + type: Enum description: | Specifies the type of the Perimeter. There are two types: regular and bridge. Regular Service Perimeter contains resources, access levels, @@ -107,35 +127,36 @@ properties: topologies with many independent perimeters that need to share some data with a common perimeter, but should not be able to share data among themselves. - values: - - :PERIMETER_TYPE_REGULAR - - :PERIMETER_TYPE_BRIDGE - default_value: :PERIMETER_TYPE_REGULAR - custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'status' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "PERIMETER_TYPE_REGULAR" + enum_values: + - 'PERIMETER_TYPE_REGULAR' + - 'PERIMETER_TYPE_BRIDGE' + - name: 'status' + type: NestedObject description: | ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries. properties: - - !ruby/object:Api::Type::Array - name: 'resources' + - name: 'resources' + type: Array description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} + is_set: true # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # at_least_one_of: # - status.0.resources # - status.0.access_levels # - status.0.restricted_services - item_type: Api::Type::String - is_set: true - - !ruby/object:Api::Type::Array - name: 'accessLevels' + item_type: + type: String + - name: 'accessLevels' + type: Array description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -147,91 +168,97 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} + is_set: true # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # at_least_one_of: - # - status.0.resources - # - status.0.access_levels - # - status.0.restricted_services - item_type: Api::Type::String - is_set: true - - !ruby/object:Api::Type::Array - name: 'restrictedServices' + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + item_type: + type: String + - name: 'restrictedServices' + type: Array description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. + is_set: true # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # at_least_one_of: - # - status.0.resources - # - status.0.access_levels - # - status.0.restricted_services - item_type: Api::Type::String - is_set: true - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccessibleServices' + # - spec.0.resources + # - spec.0.access_levels + # - spec.0.restricted_services + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableRestriction' + - name: 'enableRestriction' + type: Boolean description: | Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'. - - !ruby/object:Api::Type::Array - name: 'allowedServices' + - name: 'allowedServices' + type: Array description: | The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True. - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'ingressPolicies' + item_type: + type: String + - name: 'ingressPolicies' + type: Array description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'ingressFrom' + - name: 'ingressFrom' + type: NestedObject description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' - is_set: true - item_type: Api::Type::String + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. - - !ruby/object:Api::Type::Array - name: 'sources' + is_set: true + item_type: + type: String + - name: 'sources' + type: Array description: | Sources that this `IngressPolicy` authorizes access from. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -241,8 +268,8 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -250,16 +277,14 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. - - !ruby/object:Api::Type::NestedObject - name: 'ingressTo' + - name: 'ingressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -269,154 +294,166 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` the sources specified in corresponding `IngressFrom` are allowed to perform in this `ServicePerimeter`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::Array - name: 'egressPolicies' + - name: 'egressPolicies' + type: Array description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'egressFrom' + - name: 'egressFrom' + type: NestedObject description: | Defines conditions on the source of a request causing this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'sources' + item_type: + type: String + - name: 'sources' + type: Array description: 'Sources that this EgressPolicy authorizes access from.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - !ruby/object:Api::Type::Enum - name: 'sourceRestriction' + - name: 'sourceRestriction' + type: Enum description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - values: - - :SOURCE_RESTRICTION_UNSPECIFIED - - :SOURCE_RESTRICTION_ENABLED - - :SOURCE_RESTRICTION_DISABLED - - !ruby/object:Api::Type::NestedObject - name: 'egressTo' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. - - !ruby/object:Api::Type::Array - name: 'externalResources' - item_type: Api::Type::String is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` that this egress rule applies to. A request matches if it contains an operation/service in this list. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::NestedObject - name: 'spec' + - name: 'spec' + type: NestedObject description: | Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the `useExplicitDryRunSpec` flag is set. properties: - - !ruby/object:Api::Type::Array - name: 'resources' + - name: 'resources' + type: Array description: | A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. @@ -428,10 +465,10 @@ properties: # - spec.0.access_levels # - spec.0.restricted_services is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'accessLevels' - is_set: true + item_type: + type: String + - name: 'accessLevels' + type: Array description: | A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. @@ -443,89 +480,84 @@ properties: be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - spec.0.resources - # - spec.0.access_levels - # - spec.0.restricted_services - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'restrictedServices' + is_set: true + item_type: + type: String + - name: 'restrictedServices' + type: Array description: | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - spec.0.resources - # - spec.0.access_levels - # - spec.0.restricted_services - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccessibleServices' + item_type: + type: String + - name: 'vpcAccessibleServices' + type: NestedObject description: | Specifies how APIs are allowed to communicate within the Service Perimeter. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableRestriction' + - name: 'enableRestriction' + type: Boolean description: | Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'. - - !ruby/object:Api::Type::Array - name: 'allowedServices' + - name: 'allowedServices' + type: Array description: | The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True. - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'ingressPolicies' + item_type: + type: String + - name: 'ingressPolicies' + type: Array description: | List of `IngressPolicies` to apply to the perimeter. A perimeter may have multiple `IngressPolicies`, each of which is evaluated separately. Access is granted if any `Ingress Policy` grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'ingressFrom' + - name: 'ingressFrom' + type: NestedObject description: | Defines the conditions on the source of a request causing this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' - is_set: true - item_type: Api::Type::String + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only. - - !ruby/object:Api::Type::Array - name: 'sources' + is_set: true + item_type: + type: String + - name: 'sources' + type: Array description: | Sources that this `IngressPolicy` authorizes access from. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: | An `AccessLevel` resource name that allow resources within the `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed @@ -535,8 +567,8 @@ properties: with request origins within the perimeter. Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` If * is specified, then all IngressSources will be allowed. - - !ruby/object:Api::Type::String - name: 'resource' + - name: 'resource' + type: String description: | A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. @@ -544,16 +576,14 @@ properties: The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported. - - !ruby/object:Api::Type::NestedObject - name: 'ingressTo' + - name: 'ingressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and request destination that cause this `IngressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, protected by this `ServicePerimeter` @@ -563,146 +593,158 @@ properties: then this `IngressTo` rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` the sources specified in corresponding `IngressFrom` are allowed to perform in this `ServicePerimeter`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single `MethodSelector` entry with `*` specified for the method field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for method should be a valid method name for the corresponding serviceName in `ApiOperation`. If `*` used as value for `method`, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::Array - name: 'egressPolicies' + - name: 'egressPolicies' + type: Array description: | List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'egressFrom' + - name: 'egressFrom' + type: NestedObject description: | Defines conditions on the source of a request causing this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Enum - name: 'identityType' + - name: 'identityType' + type: Enum description: | Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. - values: - - :IDENTITY_TYPE_UNSPECIFIED - - :ANY_IDENTITY - - :ANY_USER_ACCOUNT - - :ANY_SERVICE_ACCOUNT - - !ruby/object:Api::Type::Array - name: 'identities' + enum_values: + - 'IDENTITY_TYPE_UNSPECIFIED' + - 'ANY_IDENTITY' + - 'ANY_USER_ACCOUNT' + - 'ANY_SERVICE_ACCOUNT' + - name: 'identities' + type: Array description: | A list of identities that are allowed access through this `EgressPolicy`. Should be in the format of email address. The email address should represent individual user or service account only. - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::Array - name: 'sources' + item_type: + type: String + - name: 'sources' + type: Array description: 'Sources that this EgressPolicy authorizes access from.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'accessLevel' + - name: 'accessLevel' + type: String description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - !ruby/object:Api::Type::Enum - name: 'sourceRestriction' + - name: 'sourceRestriction' + type: Enum description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - values: - - :SOURCE_RESTRICTION_UNSPECIFIED - - :SOURCE_RESTRICTION_ENABLED - - :SOURCE_RESTRICTION_DISABLED - - !ruby/object:Api::Type::NestedObject - name: 'egressTo' + enum_values: + - 'SOURCE_RESTRICTION_UNSPECIFIED' + - 'SOURCE_RESTRICTION_ENABLED' + - 'SOURCE_RESTRICTION_DISABLED' + - name: 'egressTo' + type: NestedObject description: | Defines the conditions on the `ApiOperation` and destination resources that cause this `EgressPolicy` to apply. properties: - - !ruby/object:Api::Type::Array - name: 'resources' - item_type: Api::Type::String - is_set: true + - name: 'resources' + type: Array description: | A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, then this `EgressTo` rule will authorize access to all resources outside the perimeter. - - !ruby/object:Api::Type::Array - name: 'externalResources' - item_type: Api::Type::String is_set: true + item_type: + type: String + - name: 'externalResources' + type: Array description: | A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed. - - !ruby/object:Api::Type::Array - name: 'operations' + is_set: true + item_type: + type: String + - name: 'operations' + type: Array description: | A list of `ApiOperations` that this egress rule applies to. A request matches if it contains an operation/service in this list. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The name of the API whose methods or permissions the `IngressPolicy` or `EgressPolicy` want to allow. A single `ApiOperation` with serviceName field set to `*` will allow all methods AND permissions for all services. - - !ruby/object:Api::Type::Array - name: 'methodSelectors' + - name: 'methodSelectors' + type: Array description: | API methods or permissions to allow. Method or permission must belong to the service specified by `serviceName` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `serviceName`. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'method' + - name: 'method' + type: String description: | Value for `method` should be a valid method name for the corresponding `serviceName` in `ApiOperation`. If `*` used as value for method, then ALL methods and permissions are allowed. - - !ruby/object:Api::Type::String - name: 'permission' + - name: 'permission' + type: String description: | Value for permission should be a valid Cloud IAM permission for the corresponding `serviceName` in `ApiOperation`. - - !ruby/object:Api::Type::Boolean - name: 'useExplicitDryRunSpec' + - name: 'useExplicitDryRunSpec' + type: Boolean description: | Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those diff --git a/mmv1/products/accesscontextmanager/go_AccessLevel.yaml b/mmv1/products/accesscontextmanager/go_AccessLevel.yaml deleted file mode 100644 index 531f4f40e5ed..000000000000 --- a/mmv1/products/accesscontextmanager/go_AccessLevel.yaml +++ /dev/null @@ -1,312 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessLevel' -description: | - An AccessLevel is a label that can be applied to requests to GCP services, - along with a list of requirements necessary for the label to be applied. -references: - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{name}}' -base_url: '' -self_link: '{{name}}' -create_url: '{{parent}}/accessLevels' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - encoder: 'templates/terraform/encoders/go/access_level_never_send_parent.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_self_link.go.tmpl' -exclude_sweeper: true -examples: - - name: 'access_context_manager_access_level_basic' - primary_resource_id: 'access-level' - vars: - access_level_name: 'chromeos_no_lock' - skip_test: true -parameters: - - name: 'parent' - type: String - description: | - The AccessPolicy this AccessLevel lives in. - Format: accessPolicies/{policy_id} - required: true - immutable: true - ignore_read: true - - name: 'name' - type: String - description: | - Resource name for the Access Level. The short_name component must begin - with a letter and only include alphanumeric and '_'. - Format: accessPolicies/{policy_id}/accessLevels/{short_name} - required: true - immutable: true -properties: - - name: 'title' - type: String - description: | - Human readable title. Must be unique within the Policy. - required: true - - name: 'description' - type: String - description: | - Description of the AccessLevel and its use. Does not affect behavior. - - name: 'basic' - type: NestedObject - description: | - A set of predefined conditions for the access level and a combining function. - conflicts: - - custom - properties: - - name: 'combiningFunction' - type: Enum - description: | - How the conditions list should be combined to determine if a request - is granted this AccessLevel. If AND is used, each Condition in - conditions must be satisfied for the AccessLevel to be applied. If - OR is used, at least one Condition in conditions must be satisfied - for the AccessLevel to be applied. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "AND" - enum_values: - - 'AND' - - 'OR' - - name: 'conditions' - type: Array - description: | - A set of requirements for the AccessLevel to be granted. - required: true - item_type: - type: NestedObject - properties: - - name: 'ipSubnetworks' - type: Array - description: | - A list of CIDR block IP subnetwork specification. May be IPv4 - or IPv6. - Note that for a CIDR IP address block, the specified IP address - portion must be properly truncated (i.e. all the host bits must - be zero) or the input is considered malformed. For example, - "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, - for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" - is not. The originating IP of a request must be in one of the - listed subnets in order for this Condition to be true. - If empty, all IP addresses are allowed. - item_type: - type: String - - name: 'requiredAccessLevels' - type: Array - description: | - A list of other access levels defined in the same Policy, - referenced by resource name. Referencing an AccessLevel which - does not exist is an error. All access levels listed must be - granted for the Condition to be true. - Format: accessPolicies/{policy_id}/accessLevels/{short_name} - item_type: - type: String - - name: 'members' - type: Array - description: | - An allowed list of members (users, service accounts). - Using groups is not supported yet. - - The signed-in user originating the request must be a part of one - of the provided members. If not specified, a request may come - from any user (logged in/not logged in, not present in any - groups, etc.). - Formats: `user:{emailid}`, `serviceAccount:{emailid}` - item_type: - type: String - - name: 'negate' - type: Boolean - description: | - Whether to negate the Condition. If true, the Condition becomes - a NAND over its non-empty fields, each field must be false for - the Condition overall to be satisfied. Defaults to false. - - name: 'devicePolicy' - type: NestedObject - description: | - Device specific restrictions, all restrictions must hold for - the Condition to be true. If not specified, all devices are - allowed. - properties: - - name: 'requireScreenLock' - type: Boolean - description: | - Whether or not screenlock is required for the DevicePolicy - to be true. Defaults to false. - api_name: requireScreenlock - - name: 'allowedEncryptionStatuses' - type: Array - description: | - A list of allowed encryptions statuses. - An empty list allows all statuses. - item_type: - type: Enum - description: | - This field only has a name and description because of MM - limitations. It should not appear in downstreams. - enum_values: - - 'ENCRYPTION_UNSPECIFIED' - - 'ENCRYPTION_UNSUPPORTED' - - 'UNENCRYPTED' - - 'ENCRYPTED' - - name: 'allowedDeviceManagementLevels' - type: Array - description: | - A list of allowed device management levels. - An empty list allows all management levels. - item_type: - type: Enum - description: | - This field only has a name and description because of MM - limitations. It should not appear in downstreams. - enum_values: - - 'MANAGEMENT_UNSPECIFIED' - - 'NONE' - - 'BASIC' - - 'COMPLETE' - - name: 'osConstraints' - type: Array - description: | - A list of allowed OS versions. - An empty list allows all types and all versions. - item_type: - type: NestedObject - properties: - - name: 'minimumVersion' - type: String - description: | - The minimum allowed OS version. If not set, any version - of this OS satisfies the constraint. - Format: "major.minor.patch" such as "10.5.301", "9.2.1". - - name: 'requireVerifiedChromeOs' - type: Boolean - description: - If you specify DESKTOP_CHROME_OS for osType, you can - optionally include requireVerifiedChromeOs to require - Chrome Verified Access. - - name: 'osType' - type: Enum - description: | - The operating system type of the device. - required: true - enum_values: - - 'OS_UNSPECIFIED' - - 'DESKTOP_MAC' - - 'DESKTOP_WINDOWS' - - 'DESKTOP_LINUX' - - 'DESKTOP_CHROME_OS' - - 'ANDROID' - - 'IOS' - - name: 'requireAdminApproval' - type: Boolean - description: | - Whether the device needs to be approved by the customer admin. - - name: 'requireCorpOwned' - type: Boolean - description: | - Whether the device needs to be corp owned. - - name: 'regions' - type: Array - description: | - The request must originate from one of the provided - countries/regions. - Format: A valid ISO 3166-1 alpha-2 code. - item_type: - type: String - - name: 'vpcNetworkSources' - type: Array - description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' - item_type: - type: NestedObject - properties: - - name: 'vpcSubnetwork' - type: NestedObject - description: 'Sub networks within a VPC network.' - properties: - - name: 'network' - type: String - description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' - required: true - - name: 'vpcIpSubnetworks' - type: Array - description: 'CIDR block IP subnetwork specification. Must be IPv4.' - item_type: - type: String - min_size: 1 - - name: 'custom' - type: NestedObject - description: | - Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. - See CEL spec at: https://github.com/google/cel-spec. - conflicts: - - basic - properties: - - name: 'expr' - type: NestedObject - description: | - Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. - This page details the objects and attributes that are used to the build the CEL expressions for - custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. - required: true - properties: - - name: 'expression' - type: String - description: - Textual representation of an expression in Common Expression - Language syntax. - required: true - - name: 'title' - type: String - description: - Title for the expression, i.e. a short string describing its - purpose. - - name: 'description' - type: String - description: Description of the expression - - name: 'location' - type: String - description: - String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/go_AccessLevelCondition.yaml b/mmv1/products/accesscontextmanager/go_AccessLevelCondition.yaml deleted file mode 100644 index 79ee286dcfee..000000000000 --- a/mmv1/products/accesscontextmanager/go_AccessLevelCondition.yaml +++ /dev/null @@ -1,243 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessLevelCondition' -description: | - Allows configuring a single access level condition to be appended to an access level's conditions. - This resource is intended to be used in cases where it is not possible to compile a full list - of conditions to include in a `google_access_context_manager_access_level` resource, - to enable them to be added separately. - - ~> **Note:** If this resource is used alongside a `google_access_context_manager_access_level` resource, - the access level resource must have a `lifecycle` block with `ignore_changes = [basic[0].conditions]` so - they don't fight over which service accounts should be included. -references: - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{access_level}}' -base_url: '' -self_link: '{{access_level}}' -create_url: '{{access_level}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{access_level}}' -import_format: - - '{{access_level}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - type: 'PollAsync' - check_response_func_existence: 'transport_tpg.PollCheckForExistence' - check_response_func_absence: 'transport_tpg.PollCheckForAbsence' - suppress_error: false - target_occurrences: 1 - actions: ['create'] -identity: - - ipSubnetworks - - requiredAccessLevels - - members - - negate - - devicePolicy - - regions -nested_query: - keys: - - basic - - conditions - is_list_of_ids: false - modify_by_patch: true -custom_code: -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_access_level_condition_basic' - primary_resource_id: 'access-level-condition' - vars: - access_level_name: 'chromeos_no_lock' - account_id: 'my-account-id' - skip_test: true -parameters: - - name: 'accessLevel' - type: ResourceRef - description: | - The name of the Access Level to add this condition to. - url_param_only: true - required: true - immutable: true - resource: 'AccessLevel' - imports: 'name' -properties: - - name: 'ipSubnetworks' - type: Array - description: | - A list of CIDR block IP subnetwork specification. May be IPv4 - or IPv6. - Note that for a CIDR IP address block, the specified IP address - portion must be properly truncated (i.e. all the host bits must - be zero) or the input is considered malformed. For example, - "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, - for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" - is not. The originating IP of a request must be in one of the - listed subnets in order for this Condition to be true. - If empty, all IP addresses are allowed. - item_type: - type: String - - name: 'requiredAccessLevels' - type: Array - description: | - A list of other access levels defined in the same Policy, - referenced by resource name. Referencing an AccessLevel which - does not exist is an error. All access levels listed must be - granted for the Condition to be true. - Format: accessPolicies/{policy_id}/accessLevels/{short_name} - item_type: - type: String - - name: 'members' - type: Array - description: | - An allowed list of members (users, service accounts). - Using groups is not supported yet. - - The signed-in user originating the request must be a part of one - of the provided members. If not specified, a request may come - from any user (logged in/not logged in, not present in any - groups, etc.). - Formats: `user:{emailid}`, `serviceAccount:{emailid}` - item_type: - type: String - - name: 'negate' - type: Boolean - description: | - Whether to negate the Condition. If true, the Condition becomes - a NAND over its non-empty fields, each field must be false for - the Condition overall to be satisfied. Defaults to false. - - name: 'devicePolicy' - type: NestedObject - description: | - Device specific restrictions, all restrictions must hold for - the Condition to be true. If not specified, all devices are - allowed. - properties: - - name: 'requireScreenLock' - type: Boolean - description: | - Whether or not screenlock is required for the DevicePolicy - to be true. Defaults to false. - api_name: requireScreenlock - - name: 'allowedEncryptionStatuses' - type: Array - description: | - A list of allowed encryptions statuses. - An empty list allows all statuses. - item_type: - type: Enum - description: | - This field only has a name and description because of MM - limitations. It should not appear in downstreams. - enum_values: - - 'ENCRYPTION_UNSPECIFIED' - - 'ENCRYPTION_UNSUPPORTED' - - 'UNENCRYPTED' - - 'ENCRYPTED' - - name: 'allowedDeviceManagementLevels' - type: Array - description: | - A list of allowed device management levels. - An empty list allows all management levels. - item_type: - type: Enum - description: | - This field only has a name and description because of MM - limitations. It should not appear in downstreams. - enum_values: - - 'MANAGEMENT_UNSPECIFIED' - - 'NONE' - - 'BASIC' - - 'COMPLETE' - - name: 'osConstraints' - type: Array - description: | - A list of allowed OS versions. - An empty list allows all types and all versions. - item_type: - type: NestedObject - properties: - - name: 'minimumVersion' - type: String - description: | - The minimum allowed OS version. If not set, any version - of this OS satisfies the constraint. - Format: "major.minor.patch" such as "10.5.301", "9.2.1". - - name: 'osType' - type: Enum - description: | - The operating system type of the device. - required: true - enum_values: - - 'OS_UNSPECIFIED' - - 'DESKTOP_MAC' - - 'DESKTOP_WINDOWS' - - 'DESKTOP_LINUX' - - 'DESKTOP_CHROME_OS' - - 'ANDROID' - - 'IOS' - - name: 'requireAdminApproval' - type: Boolean - description: | - Whether the device needs to be approved by the customer admin. - - name: 'requireCorpOwned' - type: Boolean - description: | - Whether the device needs to be corp owned. - - name: 'regions' - type: Array - description: | - The request must originate from one of the provided - countries/regions. - Format: A valid ISO 3166-1 alpha-2 code. - item_type: - type: String - - name: 'vpcNetworkSources' - type: Array - description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' - item_type: - type: NestedObject - properties: - - name: 'vpcSubnetwork' - type: NestedObject - description: 'Sub networks within a VPC network.' - properties: - - name: 'network' - type: String - description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' - required: true - - name: 'vpcIpSubnetworks' - type: Array - description: 'CIDR block IP subnetwork specification. Must be IPv4.' - item_type: - type: String diff --git a/mmv1/products/accesscontextmanager/go_AccessLevels.yaml b/mmv1/products/accesscontextmanager/go_AccessLevels.yaml deleted file mode 100644 index 683edd93753e..000000000000 --- a/mmv1/products/accesscontextmanager/go_AccessLevels.yaml +++ /dev/null @@ -1,316 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessLevels' -description: | - Replace all existing Access Levels in an Access Policy with the Access Levels provided. This is done atomically. - This is a bulk edit of all Access Levels and may override existing Access Levels created by `google_access_context_manager_access_level`, - thus causing a permadiff if used alongside `google_access_context_manager_access_level` on the same parent. -references: - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels' -docs: - warning: | - This resource is authoritative over the access levels under an access policy. Due to a limitation in Terraform, - it will overwrite all preexisting access levels during a create opration without displaying the old values on - the left side of plan. To prevent this, we recommend importing the resource before applying it if overwriting - preexisting rules, as the plan will correctly display the complete changes to your access policy if the - resource is present in state. -id_format: '{{parent}}/accessLevels' -base_url: '{{parent}}/accessLevels:replaceAll' -self_link: '{{parent}}/accessLevels' -update_url: '{{parent}}/accessLevels:replaceAll' -update_verb: 'POST' -import_format: - - '{{parent}}/accessLevels' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_delete: 'templates/terraform/custom_delete/go/replace_all_access_levels_empty_list.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_access_policy.go.tmpl' -exclude_sweeper: true -examples: - - name: 'access_context_manager_access_levels_basic' - primary_resource_id: 'access-levels' - vars: - access_level_name1: 'chromeos_no_lock' - access_level_name2: 'mac_no_lock' - skip_test: true -parameters: - - name: 'parent' - type: String - description: | - The AccessPolicy this AccessLevel lives in. - Format: accessPolicies/{policy_id} - url_param_only: true - required: true - immutable: true - ignore_read: true -properties: - - name: 'accessLevels' - type: Array - description: | - The desired Access Levels that should replace all existing Access Levels in the Access Policy. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Resource name for the Access Level. The short_name component must begin - with a letter and only include alphanumeric and '_'. - Format: accessPolicies/{policy_id}/accessLevels/{short_name} - required: true - immutable: true - - name: 'title' - type: String - description: | - Human readable title. Must be unique within the Policy. - required: true - - name: 'description' - type: String - description: | - Description of the AccessLevel and its use. Does not affect behavior. - - name: 'basic' - type: NestedObject - description: | - A set of predefined conditions for the access level and a combining function. - # conflicts: - # - custom - properties: - - name: 'combiningFunction' - type: Enum - description: | - How the conditions list should be combined to determine if a request - is granted this AccessLevel. If AND is used, each Condition in - conditions must be satisfied for the AccessLevel to be applied. If - OR is used, at least one Condition in conditions must be satisfied - for the AccessLevel to be applied. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "AND" - enum_values: - - 'AND' - - 'OR' - - name: 'conditions' - type: Array - description: | - A set of requirements for the AccessLevel to be granted. - required: true - item_type: - type: NestedObject - properties: - - name: 'ipSubnetworks' - type: Array - description: | - A list of CIDR block IP subnetwork specification. May be IPv4 - or IPv6. - Note that for a CIDR IP address block, the specified IP address - portion must be properly truncated (i.e. all the host bits must - be zero) or the input is considered malformed. For example, - "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, - for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" - is not. The originating IP of a request must be in one of the - listed subnets in order for this Condition to be true. - If empty, all IP addresses are allowed. - item_type: - type: String - - name: 'requiredAccessLevels' - type: Array - description: | - A list of other access levels defined in the same Policy, - referenced by resource name. Referencing an AccessLevel which - does not exist is an error. All access levels listed must be - granted for the Condition to be true. - Format: accessPolicies/{policy_id}/accessLevels/{short_name} - item_type: - type: String - - name: 'members' - type: Array - description: | - An allowed list of members (users, service accounts). - Using groups is not supported yet. - - The signed-in user originating the request must be a part of one - of the provided members. If not specified, a request may come - from any user (logged in/not logged in, not present in any - groups, etc.). - Formats: `user:{emailid}`, `serviceAccount:{emailid}` - item_type: - type: String - - name: 'negate' - type: Boolean - description: | - Whether to negate the Condition. If true, the Condition becomes - a NAND over its non-empty fields, each field must be false for - the Condition overall to be satisfied. Defaults to false. - - name: 'devicePolicy' - type: NestedObject - description: | - Device specific restrictions, all restrictions must hold for - the Condition to be true. If not specified, all devices are - allowed. - properties: - - name: 'requireScreenLock' - type: Boolean - description: | - Whether or not screenlock is required for the DevicePolicy - to be true. Defaults to false. - api_name: requireScreenlock - - name: 'allowedEncryptionStatuses' - type: Array - description: | - A list of allowed encryptions statuses. - An empty list allows all statuses. - item_type: - type: Enum - description: | - This field only has a name and description because of MM - limitations. It should not appear in downstreams. - enum_values: - - 'ENCRYPTION_UNSPECIFIED' - - 'ENCRYPTION_UNSUPPORTED' - - 'UNENCRYPTED' - - 'ENCRYPTED' - - name: 'allowedDeviceManagementLevels' - type: Array - description: | - A list of allowed device management levels. - An empty list allows all management levels. - item_type: - type: Enum - description: | - This field only has a name and description because of MM - limitations. It should not appear in downstreams. - enum_values: - - 'MANAGEMENT_UNSPECIFIED' - - 'NONE' - - 'BASIC' - - 'COMPLETE' - - name: 'osConstraints' - type: Array - description: | - A list of allowed OS versions. - An empty list allows all types and all versions. - item_type: - type: NestedObject - properties: - - name: 'minimumVersion' - type: String - description: | - The minimum allowed OS version. If not set, any version - of this OS satisfies the constraint. - Format: "major.minor.patch" such as "10.5.301", "9.2.1". - - name: 'osType' - type: Enum - description: | - The operating system type of the device. - required: true - enum_values: - - 'OS_UNSPECIFIED' - - 'DESKTOP_MAC' - - 'DESKTOP_WINDOWS' - - 'DESKTOP_LINUX' - - 'DESKTOP_CHROME_OS' - - 'ANDROID' - - 'IOS' - - name: 'requireAdminApproval' - type: Boolean - description: | - Whether the device needs to be approved by the customer admin. - - name: 'requireCorpOwned' - type: Boolean - description: | - Whether the device needs to be corp owned. - - name: 'regions' - type: Array - description: | - The request must originate from one of the provided - countries/regions. - Format: A valid ISO 3166-1 alpha-2 code. - item_type: - type: String - - name: 'vpcNetworkSources' - type: Array - description: 'The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.' - item_type: - type: NestedObject - properties: - - name: 'vpcSubnetwork' - type: NestedObject - description: 'Sub networks within a VPC network.' - properties: - - name: 'network' - type: String - description: 'Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires `compute.network.get` permission to be granted to caller.' - required: true - - name: 'vpcIpSubnetworks' - type: Array - description: 'CIDR block IP subnetwork specification. Must be IPv4.' - item_type: - type: String - min_size: 1 - - name: 'custom' - type: NestedObject - description: | - Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. - See CEL spec at: https://github.com/google/cel-spec. - # conflicts: - # - basic - properties: - - name: 'expr' - type: NestedObject - description: | - Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. - This page details the objects and attributes that are used to the build the CEL expressions for - custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. - required: true - properties: - - name: 'expression' - type: String - description: - Textual representation of an expression in Common Expression - Language syntax. - required: true - - name: 'title' - type: String - description: - Title for the expression, i.e. a short string describing its - purpose. - - name: 'description' - type: String - description: Description of the expression - - name: 'location' - type: String - description: - String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file diff --git a/mmv1/products/accesscontextmanager/go_AccessPolicy.yaml b/mmv1/products/accesscontextmanager/go_AccessPolicy.yaml deleted file mode 100644 index 47686b06b3c6..000000000000 --- a/mmv1/products/accesscontextmanager/go_AccessPolicy.yaml +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessPolicy' -description: | - AccessPolicy is a container for AccessLevels (which define the necessary - attributes to use GCP services) and ServicePerimeters (which define - regions of services able to freely pass data within a perimeter). An - access policy is globally visible within an organization, and the - restrictions it specifies apply to all projects within an organization. -references: - guides: - 'Access Policy Quickstart': 'https://cloud.google.com/access-context-manager/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{name}}' -base_url: 'accessPolicies' -self_link: 'accessPolicies/{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - allowed_iam_role: 'roles/accesscontextmanager.policyAdmin' - parent_resource_attribute: 'name' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'accessPolicies/{{name}}' - - '{{name}}' -custom_code: - post_create: 'templates/terraform/post_create/go/accesspolicy.tmpl' -exclude_sweeper: true -examples: - - name: 'access_context_manager_access_policy_basic' - primary_resource_id: 'access-policy' - skip_test: true - - name: 'access_context_manager_access_policy_scoped' - primary_resource_id: 'access-policy' - test_env_vars: - org_id: 'ORG_ID' - project: 'PROJECT_NAME' - skip_test: true - skip_import_test: true -parameters: - - name: 'parent' - type: String - description: | - The parent of this AccessPolicy in the Cloud Resource Hierarchy. - Format: 'organizations/{{organization_id}}' - required: true - immutable: true - - name: 'title' - type: String - description: | - Human readable title. Does not affect behavior. - required: true - - name: 'scopes' - type: Array - description: | - Folder or project on which this policy is applicable. - Format: 'folders/{{folder_id}}' or 'projects/{{project_number}}' - item_type: - type: String - max_size: 1 -properties: - - name: 'name' - type: String - description: | - Resource name of the AccessPolicy. Format: '{{policy_id}}' - output: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'createTime' - type: Time - description: | - Time the AccessPolicy was created in UTC. - output: true - - name: 'updateTime' - type: Time - description: | - Time the AccessPolicy was updated in UTC. - output: true diff --git a/mmv1/products/accesscontextmanager/go_AuthorizedOrgsDesc.yaml b/mmv1/products/accesscontextmanager/go_AuthorizedOrgsDesc.yaml deleted file mode 100644 index defb9d25d961..000000000000 --- a/mmv1/products/accesscontextmanager/go_AuthorizedOrgsDesc.yaml +++ /dev/null @@ -1,146 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AuthorizedOrgsDesc' -description: | - An authorized organizations description describes a list of organizations - (1) that have been authorized to use certain asset (for example, device) data - owned by different organizations at the enforcement points, or (2) with certain - asset (for example, device) have been authorized to access the resources in - another organization at the enforcement points. -references: - guides: - 'gcloud docs': 'https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{name}}' -base_url: '' -self_link: '{{name}}' -create_url: '{{parent}}/authorizedOrgsDescs' -update_verb: 'PATCH' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - encoder: 'templates/terraform/encoders/go/access_level_never_send_parent.go.tmpl' - post_create: 'templates/terraform/post_create/go/sleep_2_min.go.tmpl' - pre_update: 'templates/terraform/update_mask.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_self_link.go.tmpl' -exclude_sweeper: true -examples: - - name: 'access_context_manager_authorized_orgs_desc_basic' - primary_resource_id: 'authorized-orgs-desc' - skip_test: true -parameters: - - name: 'parent' - type: String - description: | - Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`. - required: true - immutable: true - ignore_read: true - - name: 'name' - type: String - description: | - Resource name for the `AuthorizedOrgsDesc`. Format: - `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. - The `authorized_orgs_desc` component must begin with a letter, followed by - alphanumeric characters or `_`. - After you create an `AuthorizedOrgsDesc`, you cannot change its `name`. - required: true - immutable: true - - name: 'orgs' - type: Array - description: | - The list of organization ids in this AuthorizedOrgsDesc. - Format: `organizations/` - Example: `organizations/123456` - item_type: - type: String - - name: 'assetType' - type: Enum - description: | - The type of entities that need to use the authorization relationship during - evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and - "ASSET_TYPE_CREDENTIAL_STRENGTH". - immutable: true - enum_values: - - 'ASSET_TYPE_DEVICE' - - 'ASSET_TYPE_CREDENTIAL_STRENGTH' - - name: 'authorizationDirection' - type: Enum - description: | - The direction of the authorization relationship between this organization - and the organizations listed in the "orgs" field. The valid values for this - field include the following: - - AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic - in the organizations listed in the `orgs` field. - - AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs` - field to evaluate the traffic in this organization. - - For the authorization relationship to take effect, all of the organizations - must authorize and specify the appropriate relationship direction. For - example, if organization A authorized organization B and C to evaluate its - traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization - direction, organizations B and C must specify - "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their - "AuthorizedOrgsDesc" resource. - immutable: true - enum_values: - - 'AUTHORIZATION_DIRECTION_TO' - - 'AUTHORIZATION_DIRECTION_FROM' - - name: 'authorizationType' - type: Enum - description: | - A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST". - immutable: true - enum_values: - - 'AUTHORIZATION_TYPE_TRUST' -properties: - - name: 'createTime' - type: Time - description: | - Time the AuthorizedOrgsDesc was created in UTC. - output: true - - name: 'updateTime' - type: Time - description: | - Time the AuthorizedOrgsDesc was updated in UTC. - output: true diff --git a/mmv1/products/accesscontextmanager/go_EgressPolicy.yaml b/mmv1/products/accesscontextmanager/go_EgressPolicy.yaml deleted file mode 100644 index ad68fce5a52c..000000000000 --- a/mmv1/products/accesscontextmanager/go_EgressPolicy.yaml +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EgressPolicy' -description: | - This resource has been deprecated, please refer to ServicePerimeterEgressPolicy. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' -docs: -id_format: '{{egress_policy_name}}/{{resource}}' -base_url: '' -self_link: '{{egress_policy_name}}' -create_url: '{{egress_policy_name}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -import_format: - - '{{egress_policy_name}}/{{resource}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - resource -nested_query: - keys: - - status - - resources - is_list_of_ids: true - modify_by_patch: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_egress_policy.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -parameters: - - name: 'egressPolicyName' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - immutable: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'resource' - type: String - description: | - A GCP resource that is inside of the service perimeter. - required: true - immutable: true diff --git a/mmv1/products/accesscontextmanager/go_GcpUserAccessBinding.yaml b/mmv1/products/accesscontextmanager/go_GcpUserAccessBinding.yaml deleted file mode 100644 index e4280b48dcaa..000000000000 --- a/mmv1/products/accesscontextmanager/go_GcpUserAccessBinding.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'GcpUserAccessBinding' -description: | - Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/organizations.gcpUserAccessBindings' -docs: -id_format: '{{name}}' -base_url: 'organizations/{{organization_id}}/gcpUserAccessBindings' -self_link: '{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/set_id_name_with_slashes.go.tmpl' -exclude_tgc: true -examples: - - name: 'access_context_manager_gcp_user_access_binding_basic' - primary_resource_id: 'gcp_user_access_binding' - vars: - group_id: 'my-identity-group' - access_level_id: 'access_level_id_for_user_access_binding' - access_level_name: 'chromeos_no_lock' - test_env_vars: - org_id: 'ORG_ID' - org_domain: 'ORG_DOMAIN' - cust_id: 'CUST_ID' - skip_test: true -parameters: - - name: 'organizationId' - type: String - description: | - Required. ID of the parent organization. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N" - output: true - - name: 'groupKey' - type: String - description: | - Required. Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the G Suite Directory API's Groups resource. If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht" - required: true - immutable: true - - name: 'accessLevels' - type: Array - description: | - Required. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" - required: true - item_type: - type: String - min_size: 1 - max_size: 1 diff --git a/mmv1/products/accesscontextmanager/go_IngressPolicy.yaml b/mmv1/products/accesscontextmanager/go_IngressPolicy.yaml deleted file mode 100644 index 8825c458dc64..000000000000 --- a/mmv1/products/accesscontextmanager/go_IngressPolicy.yaml +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'IngressPolicy' -description: | - This resource has been deprecated, please refer to ServicePerimeterIngressPolicy. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' -docs: -id_format: '{{ingress_policy_name}}/{{resource}}' -base_url: '' -self_link: '{{ingress_policy_name}}' -create_url: '{{ingress_policy_name}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -import_format: - - '{{ingress_policy_name}}/{{resource}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - resource -nested_query: - keys: - - status - - resources - is_list_of_ids: true - modify_by_patch: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -parameters: - - name: 'ingressPolicyName' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - immutable: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'resource' - type: String - description: | - A GCP resource that is inside of the service perimeter. - required: true - immutable: true diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeter.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeter.yaml deleted file mode 100644 index 4110d48da6d4..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeter.yaml +++ /dev/null @@ -1,772 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeter' -description: | - ServicePerimeter describes a set of GCP resources which can freely import - and export data amongst themselves, but not export outside of the - ServicePerimeter. If a request with a source within this ServicePerimeter - has a target outside of the ServicePerimeter, the request will be blocked. - Otherwise the request is allowed. There are two types of Service Perimeter - - Regular and Bridge. Regular Service Perimeters cannot overlap, a single - GCP project can only belong to a single regular Service Perimeter. Service - Perimeter Bridges can contain only GCP projects as members, a single GCP - project may belong to multiple Service Perimeter Bridges. -references: - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{name}}' -base_url: '' -self_link: '{{name}}' -create_url: '{{parent}}/servicePerimeters' -update_verb: 'PATCH' -update_mask: true -mutex: '{{name}}' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - encoder: 'templates/terraform/encoders/go/access_level_never_send_parent.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_self_link.go.tmpl' -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_basic' - primary_resource_id: 'service-perimeter' - vars: - access_level_name: 'chromeos_no_lock' - service_perimeter_name: 'restrict_storage' - skip_test: true - - name: 'access_context_manager_service_perimeter_secure_data_exchange' - primary_resource_id: 'secure-data-exchange' - vars: - access_level_name: 'secure_data_exchange' - skip_test: true - - name: 'access_context_manager_service_perimeter_dry-run' - primary_resource_id: 'service-perimeter' - vars: - service_perimeter_name: 'restrict_bigquery_dryrun_storage' - skip_test: true -parameters: - - name: 'parent' - type: String - description: | - The AccessPolicy this ServicePerimeter lives in. - Format: accessPolicies/{policy_id} - required: true - immutable: true - ignore_read: true - - name: 'name' - type: String - description: | - Resource name for the ServicePerimeter. The short_name component must - begin with a letter and only include alphanumeric and '_'. - Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} - required: true - immutable: true -properties: - - name: 'title' - type: String - description: | - Human readable title. Must be unique within the Policy. - required: true - - name: 'description' - type: String - description: | - Description of the ServicePerimeter and its use. Does not affect - behavior. - - name: 'createTime' - type: Time - description: | - Time the AccessPolicy was created in UTC. - output: true - - name: 'updateTime' - type: Time - description: | - Time the AccessPolicy was updated in UTC. - output: true - - name: 'perimeterType' - type: Enum - description: | - Specifies the type of the Perimeter. There are two types: regular and - bridge. Regular Service Perimeter contains resources, access levels, - and restricted services. Every resource can be in at most - ONE regular Service Perimeter. - - In addition to being in a regular service perimeter, a resource can also - be in zero or more perimeter bridges. A perimeter bridge only contains - resources. Cross project operations are permitted if all effected - resources share some perimeter (whether bridge or regular). Perimeter - Bridge does not contain access levels or services: those are governed - entirely by the regular perimeter that resource is in. - - Perimeter Bridges are typically useful when building more complex - topologies with many independent perimeters that need to share some data - with a common perimeter, but should not be able to share data among - themselves. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "PERIMETER_TYPE_REGULAR" - enum_values: - - 'PERIMETER_TYPE_REGULAR' - - 'PERIMETER_TYPE_BRIDGE' - - name: 'status' - type: NestedObject - description: | - ServicePerimeter configuration. Specifies sets of resources, - restricted services and access levels that determine - perimeter content and boundaries. - properties: - - name: 'resources' - type: Array - description: | - A list of GCP resources that are inside of the service perimeter. - Currently only projects are allowed. - Format: projects/{project_number} - is_set: true - at_least_one_of: - - 'status.0.resources' - - 'status.0.access_levels' - - 'status.0.restricted_services' - item_type: - type: String - - name: 'accessLevels' - type: Array - description: | - A list of AccessLevel resource names that allow resources within - the ServicePerimeter to be accessed from the internet. - AccessLevels listed must be in the same policy as this - ServicePerimeter. Referencing a nonexistent AccessLevel is a - syntax error. If no AccessLevel names are listed, resources within - the perimeter can only be accessed via GCP calls with request - origins within the perimeter. For Service Perimeter Bridge, must - be empty. - - Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - is_set: true - at_least_one_of: - - 'status.0.resources' - - 'status.0.access_levels' - - 'status.0.restricted_services' - item_type: - type: String - - name: 'restrictedServices' - type: Array - description: | - GCP services that are subject to the Service Perimeter - restrictions. Must contain a list of services. For example, if - `storage.googleapis.com` is specified, access to the storage - buckets inside the perimeter must meet the perimeter's access - restrictions. - is_set: true - at_least_one_of: - - 'status.0.resources' - - 'status.0.access_levels' - - 'status.0.restricted_services' - item_type: - type: String - - name: 'vpcAccessibleServices' - type: NestedObject - description: | - Specifies how APIs are allowed to communicate within the Service - Perimeter. - properties: - - name: 'enableRestriction' - type: Boolean - description: | - Whether to restrict API calls within the Service Perimeter to the - list of APIs specified in 'allowedServices'. - - name: 'allowedServices' - type: Array - description: | - The list of APIs usable within the Service Perimeter. - Must be empty unless `enableRestriction` is True. - is_set: true - item_type: - type: String - - name: 'ingressPolicies' - type: Array - description: | - List of `IngressPolicies` to apply to the perimeter. A perimeter may - have multiple `IngressPolicies`, each of which is evaluated - separately. Access is granted if any `Ingress Policy` grants it. - Must be empty for a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'ingressFrom' - type: NestedObject - description: | - Defines the conditions on the source of a request causing this `IngressPolicy` - to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access from outside the - perimeter. If left unspecified, then members of `identities` field will be - allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this ingress policy. - Should be in the format of email address. The email address should represent - individual user or service account only. - is_set: true - item_type: - type: String - - name: 'sources' - type: Array - description: | - Sources that this `IngressPolicy` authorizes access from. - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: | - An `AccessLevel` resource name that allow resources within the - `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed - must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent - `AccessLevel` will cause an error. If no `AccessLevel` names are listed, - resources within the perimeter can only be accessed via Google Cloud calls - with request origins within the perimeter. - Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` - If * is specified, then all IngressSources will be allowed. - - name: 'resource' - type: String - description: | - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter data. - Currently only projects and VPCs are allowed. - Project format: `projects/{projectNumber}` - VPC network format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, the case - of allowing all Google Cloud resources only is not supported. - - name: 'ingressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and request destination that cause - this `IngressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, protected by this `ServicePerimeter` - that are allowed to be accessed by sources defined in the - corresponding `IngressFrom`. A request matches if it contains - a resource in this list. If `*` is specified for resources, - then this `IngressTo` rule will authorize access to all - resources inside the perimeter, provided that the request - also matches the `operations` field. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` the sources specified in corresponding `IngressFrom` - are allowed to perform in this `ServicePerimeter`. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong to - the service specified by serviceName field. A single `MethodSelector` entry - with `*` specified for the method field will allow all methods AND - permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for method should be a valid method name for the corresponding - serviceName in `ApiOperation`. If `*` used as value for `method`, then - ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'egressPolicies' - type: Array - description: | - List of EgressPolicies to apply to the perimeter. A perimeter may - have multiple EgressPolicies, each of which is evaluated separately. - Access is granted if any EgressPolicy grants it. Must be empty for - a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'egressFrom' - type: NestedObject - description: | - Defines conditions on the source of a request causing this `EgressPolicy` to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access to outside the - perimeter. If left unspecified, then members of `identities` field will - be allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'sources' - type: Array - description: 'Sources that this EgressPolicy authorizes access from.' - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - name: 'sourceRestriction' - type: Enum - description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - enum_values: - - 'SOURCE_RESTRICTION_UNSPECIFIED' - - 'SOURCE_RESTRICTION_ENABLED' - - 'SOURCE_RESTRICTION_DISABLED' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this `EgressPolicy`. - Should be in the format of email address. The email address should - represent individual user or service account only. - is_set: true - item_type: - type: String - - name: 'egressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and destination resources that - cause this `EgressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, that match this to stanza. A request matches - if it contains a resource in this list. If * is specified for resources, - then this `EgressTo` rule will authorize access to all resources outside - the perimeter. - is_set: true - item_type: - type: String - - name: 'externalResources' - type: Array - description: | - A list of external resources that are allowed to be accessed. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` that this egress rule applies to. A request matches - if it contains an operation/service in this list. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with serviceName - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong - to the service specified by `serviceName` field. A single MethodSelector - entry with `*` specified for the `method` field will allow all methods - AND permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for `method` should be a valid method name for the corresponding - `serviceName` in `ApiOperation`. If `*` used as value for method, - then ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'spec' - type: NestedObject - description: | - Proposed (or dry run) ServicePerimeter configuration. - This configuration allows to specify and test ServicePerimeter configuration - without enforcing actual access restrictions. Only allowed to be set when - the `useExplicitDryRunSpec` flag is set. - properties: - - name: 'resources' - type: Array - description: | - A list of GCP resources that are inside of the service perimeter. - Currently only projects are allowed. - Format: projects/{project_number} - is_set: true - at_least_one_of: - - 'spec.0.resources' - - 'spec.0.access_levels' - - 'spec.0.restricted_services' - item_type: - type: String - - name: 'accessLevels' - type: Array - description: | - A list of AccessLevel resource names that allow resources within - the ServicePerimeter to be accessed from the internet. - AccessLevels listed must be in the same policy as this - ServicePerimeter. Referencing a nonexistent AccessLevel is a - syntax error. If no AccessLevel names are listed, resources within - the perimeter can only be accessed via GCP calls with request - origins within the perimeter. For Service Perimeter Bridge, must - be empty. - - Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - is_set: true - at_least_one_of: - - 'spec.0.resources' - - 'spec.0.access_levels' - - 'spec.0.restricted_services' - item_type: - type: String - - name: 'restrictedServices' - type: Array - description: | - GCP services that are subject to the Service Perimeter - restrictions. Must contain a list of services. For example, if - `storage.googleapis.com` is specified, access to the storage - buckets inside the perimeter must meet the perimeter's access - restrictions. - is_set: true - at_least_one_of: - - 'spec.0.resources' - - 'spec.0.access_levels' - - 'spec.0.restricted_services' - item_type: - type: String - - name: 'vpcAccessibleServices' - type: NestedObject - description: | - Specifies how APIs are allowed to communicate within the Service - Perimeter. - properties: - - name: 'enableRestriction' - type: Boolean - description: | - Whether to restrict API calls within the Service Perimeter to the - list of APIs specified in 'allowedServices'. - - name: 'allowedServices' - type: Array - description: | - The list of APIs usable within the Service Perimeter. - Must be empty unless `enableRestriction` is True. - is_set: true - item_type: - type: String - - name: 'ingressPolicies' - type: Array - description: | - List of `IngressPolicies` to apply to the perimeter. A perimeter may - have multiple `IngressPolicies`, each of which is evaluated - separately. Access is granted if any `Ingress Policy` grants it. - Must be empty for a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'ingressFrom' - type: NestedObject - description: | - Defines the conditions on the source of a request causing this `IngressPolicy` - to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access from outside the - perimeter. If left unspecified, then members of `identities` field will be - allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this ingress policy. - Should be in the format of email address. The email address should represent - individual user or service account only. - is_set: true - item_type: - type: String - - name: 'sources' - type: Array - description: | - Sources that this `IngressPolicy` authorizes access from. - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: | - An `AccessLevel` resource name that allow resources within the - `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed - must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent - `AccessLevel` will cause an error. If no `AccessLevel` names are listed, - resources within the perimeter can only be accessed via Google Cloud calls - with request origins within the perimeter. - Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` - If * is specified, then all IngressSources will be allowed. - - name: 'resource' - type: String - description: | - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter data. - Currently only projects are allowed. Format `projects/{project_number}` - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, the case - of allowing all Google Cloud resources only is not supported. - - name: 'ingressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and request destination that cause - this `IngressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, protected by this `ServicePerimeter` - that are allowed to be accessed by sources defined in the - corresponding `IngressFrom`. A request matches if it contains - a resource in this list. If `*` is specified for resources, - then this `IngressTo` rule will authorize access to all - resources inside the perimeter, provided that the request - also matches the `operations` field. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` the sources specified in corresponding `IngressFrom` - are allowed to perform in this `ServicePerimeter`. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong to - the service specified by serviceName field. A single `MethodSelector` entry - with `*` specified for the method field will allow all methods AND - permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for method should be a valid method name for the corresponding - serviceName in `ApiOperation`. If `*` used as value for `method`, then - ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'egressPolicies' - type: Array - description: | - List of EgressPolicies to apply to the perimeter. A perimeter may - have multiple EgressPolicies, each of which is evaluated separately. - Access is granted if any EgressPolicy grants it. Must be empty for - a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'egressFrom' - type: NestedObject - description: | - Defines conditions on the source of a request causing this `EgressPolicy` to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access to outside the - perimeter. If left unspecified, then members of `identities` field will - be allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'sources' - type: Array - description: 'Sources that this EgressPolicy authorizes access from.' - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - name: 'sourceRestriction' - type: Enum - description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - enum_values: - - 'SOURCE_RESTRICTION_UNSPECIFIED' - - 'SOURCE_RESTRICTION_ENABLED' - - 'SOURCE_RESTRICTION_DISABLED' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this `EgressPolicy`. - Should be in the format of email address. The email address should - represent individual user or service account only. - is_set: true - item_type: - type: String - - name: 'egressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and destination resources that - cause this `EgressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, that match this to stanza. A request matches - if it contains a resource in this list. If * is specified for resources, - then this `EgressTo` rule will authorize access to all resources outside - the perimeter. - is_set: true - item_type: - type: String - - name: 'externalResources' - type: Array - description: | - A list of external resources that are allowed to be accessed. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` that this egress rule applies to. A request matches - if it contains an operation/service in this list. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with serviceName - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong - to the service specified by `serviceName` field. A single MethodSelector - entry with `*` specified for the `method` field will allow all methods - AND permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for `method` should be a valid method name for the corresponding - `serviceName` in `ApiOperation`. If `*` used as value for method, - then ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'useExplicitDryRunSpec' - type: Boolean - description: | - Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists - for all Service Perimeters, and that spec is identical to the status for those - Service Perimeters. When this flag is set, it inhibits the generation of the - implicit spec, thereby allowing the user to explicitly provide a - configuration ("spec") to use in a dry-run version of the Service Perimeter. - This allows the user to test changes to the enforced config ("status") without - actually enforcing them. This testing is done through analyzing the differences - between currently enforced and suggested restrictions. useExplicitDryRunSpec must - bet set to True if any of the fields in the spec are set to non-default values. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunEgressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunEgressPolicy.yaml deleted file mode 100644 index 884e8c645765..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunEgressPolicy.yaml +++ /dev/null @@ -1,189 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeterDryRunEgressPolicy' -description: | - Manage a single EgressPolicy in the spec (dry-run) configuration for a service perimeter. - EgressPolicies match requests based on egressFrom and egressTo stanzas. - For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched. - If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter - boundary. For example, an EgressPolicy can be used to allow VMs on networks - within the ServicePerimeter to access a defined set of projects outside the - perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket - or query against a BigQuery dataset). - - ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the - from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy - is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' -docs: -id_format: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_url: '{{perimeter}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{perimeter}}' -import_format: - - '{{perimeter}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - egressFrom - - egressTo -nested_query: - keys: - - spec - - egressPolicies - is_list_of_ids: false - modify_by_patch: true -custom_code: - pre_create: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - pre_update: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - pre_delete: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_dry_run_egress_policy' - skip_test: true -parameters: - - name: 'perimeter' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'egressFrom' - type: NestedObject - description: | - Defines conditions on the source of a request causing this `EgressPolicy` to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access to outside the - perimeter. If left unspecified, then members of `identities` field will - be allowed access. - enum_values: - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this `EgressPolicy`. - Should be in the format of email address. The email address should - represent individual user or service account only. - item_type: - type: String - - name: 'sources' - type: Array - description: 'Sources that this EgressPolicy authorizes access from.' - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - name: 'sourceRestriction' - type: Enum - description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - enum_values: - - 'SOURCE_RESTRICTION_ENABLED' - - 'SOURCE_RESTRICTION_DISABLED' - - name: 'egressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and destination resources that - cause this `EgressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, that match this to stanza. A request matches - if it contains a resource in this list. If * is specified for resources, - then this `EgressTo` rule will authorize access to all resources outside - the perimeter. - item_type: - type: String - - name: 'externalResources' - type: Array - description: | - A list of external resources that are allowed to be accessed. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` that this egress rule applies to. A request matches - if it contains an operation/service in this list. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with serviceName - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong - to the service specified by `serviceName` field. A single MethodSelector - entry with `*` specified for the `method` field will allow all methods - AND permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for `method` should be a valid method name for the corresponding - `serviceName` in `ApiOperation`. If `*` used as value for method, - then ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunIngressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunIngressPolicy.yaml deleted file mode 100644 index 2a6d124fd5c8..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunIngressPolicy.yaml +++ /dev/null @@ -1,198 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeterDryRunIngressPolicy' -description: | - Manage a single IngressPolicy in the spec (dry-run) configuration for a service perimeter. - IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, - both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request, - the request is allowed through the perimeter boundary from outside the perimeter. - For example, access from the internet can be allowed either based on an AccessLevel or, - for traffic hosted on Google Cloud, the project of the source network. - For access from private networks, using the project of the hosting network is required. - Individual ingress policies can be limited by restricting which services and/ - or actions they match using the ingressTo field. - - ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the - from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy - is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' -docs: -id_format: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_url: '{{perimeter}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{perimeter}}' -import_format: - - '{{perimeter}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - ingressFrom - - ingressTo -nested_query: - keys: - - spec - - ingressPolicies - is_list_of_ids: false - modify_by_patch: true -custom_code: - pre_create: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - pre_update: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - pre_delete: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_dry_run_ingress_policy' - skip_test: true -parameters: - - name: 'perimeter' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'ingressFrom' - type: NestedObject - description: | - Defines the conditions on the source of a request causing this `IngressPolicy` - to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access from outside the - perimeter. If left unspecified, then members of `identities` field will be - allowed access. - enum_values: - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this ingress policy. - Should be in the format of email address. The email address should represent - individual user or service account only. - item_type: - type: String - - name: 'sources' - type: Array - description: | - Sources that this `IngressPolicy` authorizes access from. - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: | - An `AccessLevel` resource name that allow resources within the - `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed - must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent - `AccessLevel` will cause an error. If no `AccessLevel` names are listed, - resources within the perimeter can only be accessed via Google Cloud calls - with request origins within the perimeter. - Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` - If * is specified, then all IngressSources will be allowed. - - name: 'resource' - type: String - description: | - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter data. - Currently only projects are allowed. Format `projects/{project_number}` - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, the case - of allowing all Google Cloud resources only is not supported. - - name: 'ingressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and request destination that cause - this `IngressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, protected by this `ServicePerimeter` - that are allowed to be accessed by sources defined in the - corresponding `IngressFrom`. A request matches if it contains - a resource in this list. If `*` is specified for resources, - then this `IngressTo` rule will authorize access to all - resources inside the perimeter, provided that the request - also matches the `operations` field. - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` the sources specified in corresponding `IngressFrom` - are allowed to perform in this `ServicePerimeter`. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong to - the service specified by serviceName field. A single `MethodSelector` entry - with `*` specified for the method field will allow all methods AND - permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for method should be a valid method name for the corresponding - serviceName in `ApiOperation`. If `*` used as value for `method`, then - ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunResource.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunResource.yaml deleted file mode 100644 index 431f0ee40978..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeterDryRunResource.yaml +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeterDryRunResource' -description: | - Allows configuring a single GCP resource that should be inside of the `spec` block of a dry run service perimeter. - This resource is intended to be used in cases where it is not possible to compile a full list - of projects to include in a `google_access_context_manager_service_perimeter` resource, - to enable them to be added separately. - If your perimeter is NOT in dry-run mode use `google_access_context_manager_service_perimeter_resource` instead. - - ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, - the service perimeter resource must have a `lifecycle` block with `ignore_changes = [spec[0].resources]` so - they don't fight over which resources should be in the policy. -references: - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{perimeter_name}}/{{resource}}' -base_url: '' -self_link: '{{perimeter_name}}' -create_url: '{{perimeter_name}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{perimeter_name}}' -import_format: - - '{{perimeter_name}}/{{resource}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - resource -nested_query: - keys: - - spec - - resources - is_list_of_ids: true - modify_by_patch: true -custom_code: - pre_create: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - pre_update: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - pre_delete: 'templates/terraform/pre_create/go/access_context_manager_dry_run_resource.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_resource.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_dry_run_resource_basic' - primary_resource_id: 'service-perimeter-dry-run-resource' - vars: - service_perimeter_name: 'restrict_all' - skip_test: true -parameters: - - name: 'perimeterName' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - immutable: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'resource' - type: String - description: | - A GCP resource that is inside of the service perimeter. - Currently only projects are allowed. - Format: projects/{project_number} - required: true - immutable: true diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterEgressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterEgressPolicy.yaml deleted file mode 100644 index 3471219c07e1..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeterEgressPolicy.yaml +++ /dev/null @@ -1,187 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeterEgressPolicy' -description: | - Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter. - EgressPolicies match requests based on egressFrom and egressTo stanzas. - For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched. - If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter - boundary. For example, an EgressPolicy can be used to allow VMs on networks - within the ServicePerimeter to access a defined set of projects outside the - perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket - or query against a BigQuery dataset). - - ~> **Note:** By default, updates to this resource will remove the EgressPolicy from the - from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy - is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy' -docs: -id_format: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_url: '{{perimeter}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{perimeter}}' -import_format: - - '{{perimeter}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - egressFrom - - egressTo -nested_query: - keys: - - status - - egressPolicies - is_list_of_ids: false - modify_by_patch: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_egress_policy' - skip_test: true -parameters: - - name: 'perimeter' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'egressFrom' - type: NestedObject - description: | - Defines conditions on the source of a request causing this `EgressPolicy` to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access to outside the - perimeter. If left unspecified, then members of `identities` field will - be allowed access. - enum_values: - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this `EgressPolicy`. - Should be in the format of email address. The email address should - represent individual user or service account only. - item_type: - type: String - - name: 'sources' - type: Array - description: 'Sources that this EgressPolicy authorizes access from.' - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - name: 'sourceRestriction' - type: Enum - description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - enum_values: - - 'SOURCE_RESTRICTION_UNSPECIFIED' - - 'SOURCE_RESTRICTION_ENABLED' - - 'SOURCE_RESTRICTION_DISABLED' - - name: 'egressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and destination resources that - cause this `EgressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, that match this to stanza. A request matches - if it contains a resource in this list. If * is specified for resources, - then this `EgressTo` rule will authorize access to all resources outside - the perimeter. - item_type: - type: String - - name: 'externalResources' - type: Array - description: | - A list of external resources that are allowed to be accessed. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` that this egress rule applies to. A request matches - if it contains an operation/service in this list. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with serviceName - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong - to the service specified by `serviceName` field. A single MethodSelector - entry with `*` specified for the `method` field will allow all methods - AND permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for `method` should be a valid method name for the corresponding - `serviceName` in `ApiOperation`. If `*` used as value for method, - then ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterIngressPolicy.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterIngressPolicy.yaml deleted file mode 100644 index a8bcf395a82e..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeterIngressPolicy.yaml +++ /dev/null @@ -1,198 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeterIngressPolicy' -description: | - Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter. - IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match, - both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request, - the request is allowed through the perimeter boundary from outside the perimeter. - For example, access from the internet can be allowed either based on an AccessLevel or, - for traffic hosted on Google Cloud, the project of the source network. - For access from private networks, using the project of the hosting network is required. - Individual ingress policies can be limited by restricting which services and/ - or actions they match using the ingressTo field. - - ~> **Note:** By default, updates to this resource will remove the IngressPolicy from the - from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy - is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. -references: - guides: - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy' -docs: -id_format: '{{perimeter}}' -base_url: '' -self_link: '{{perimeter}}' -create_url: '{{perimeter}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{perimeter}}' -import_format: - - '{{perimeter}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - ingressFrom - - ingressTo -nested_query: - keys: - - status - - ingressPolicies - is_list_of_ids: false - modify_by_patch: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_ingress_policy.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_ingress_policy' - skip_test: true -parameters: - - name: 'perimeter' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'ingressFrom' - type: NestedObject - description: | - Defines the conditions on the source of a request causing this `IngressPolicy` - to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access from outside the - perimeter. If left unspecified, then members of `identities` field will be - allowed access. - enum_values: - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this ingress policy. - Should be in the format of email address. The email address should represent - individual user or service account only. - item_type: - type: String - - name: 'sources' - type: Array - description: | - Sources that this `IngressPolicy` authorizes access from. - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: | - An `AccessLevel` resource name that allow resources within the - `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed - must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent - `AccessLevel` will cause an error. If no `AccessLevel` names are listed, - resources within the perimeter can only be accessed via Google Cloud calls - with request origins within the perimeter. - Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` - If * is specified, then all IngressSources will be allowed. - - name: 'resource' - type: String - description: | - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter data. - Currently only projects and VPCs are allowed. - Project format: `projects/{projectNumber}` - VPC network format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, the case - of allowing all Google Cloud resources only is not supported. - - name: 'ingressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and request destination that cause - this `IngressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, protected by this `ServicePerimeter` - that are allowed to be accessed by sources defined in the - corresponding `IngressFrom`. A request matches if it contains - a resource in this list. If `*` is specified for resources, - then this `IngressTo` rule will authorize access to all - resources inside the perimeter, provided that the request - also matches the `operations` field. - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` the sources specified in corresponding `IngressFrom` - are allowed to perform in this `ServicePerimeter`. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong to - the service specified by serviceName field. A single `MethodSelector` entry - with `*` specified for the method field will allow all methods AND - permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for method should be a valid method name for the corresponding - serviceName in `ApiOperation`. If `*` used as value for `method`, then - ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeterResource.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeterResource.yaml deleted file mode 100644 index 338771bd62d3..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeterResource.yaml +++ /dev/null @@ -1,103 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeterResource' -description: | - Allows configuring a single GCP resource that should be inside the `status` block of a service perimeter. - This resource is intended to be used in cases where it is not possible to compile a full list - of projects to include in a `google_access_context_manager_service_perimeter` resource, - to enable them to be added separately. - If your perimeter is in dry-run mode use `google_access_context_manager_service_perimeter_dry_run_resource` instead. - - ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, - the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].resources]` so - they don't fight over which resources should be in the policy. -references: - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the ACM API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: '{{perimeter_name}}/{{resource}}' -base_url: '' -self_link: '{{perimeter_name}}' -create_url: '{{perimeter_name}}' -create_verb: 'PATCH' -update_mask: true -delete_verb: 'PATCH' -immutable: true -mutex: '{{perimeter_name}}' -import_format: - - '{{perimeter_name}}/{{resource}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - resource -nested_query: - keys: - - status - - resources - is_list_of_ids: true - modify_by_patch: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/access_context_manager_service_perimeter_resource.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeter_resource_basic' - primary_resource_id: 'service-perimeter-resource' - vars: - service_perimeter_name: 'restrict_all' - skip_test: true -parameters: - - name: 'perimeterName' - type: ResourceRef - description: | - The name of the Service Perimeter to add this resource to. - url_param_only: true - required: true - immutable: true - resource: 'ServicePerimeter' - imports: 'name' -properties: - - name: 'resource' - type: String - description: | - A GCP resource that is inside of the service perimeter. - Currently only projects are allowed. - Format: projects/{project_number} - required: true - immutable: true diff --git a/mmv1/products/accesscontextmanager/go_ServicePerimeters.yaml b/mmv1/products/accesscontextmanager/go_ServicePerimeters.yaml deleted file mode 100644 index 7a73285fcb6d..000000000000 --- a/mmv1/products/accesscontextmanager/go_ServicePerimeters.yaml +++ /dev/null @@ -1,766 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServicePerimeters' -description: | - Replace all existing Service Perimeters in an Access Policy with the Service Perimeters provided. This is done atomically. - This is a bulk edit of all Service Perimeters and may override existing Service Perimeters created by `google_access_context_manager_service_perimeter`, - thus causing a permadiff if used alongside `google_access_context_manager_service_perimeter` on the same parent. -references: - guides: - 'Service Perimeter Quickstart': 'https://cloud.google.com/vpc-service-controls/docs/quickstart' - api: 'https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters' -docs: -id_format: '{{parent}}/servicePerimeters' -base_url: '{{parent}}/servicePerimeters:replaceAll' -self_link: '{{parent}}/servicePerimeters' -update_url: '{{parent}}/servicePerimeters:replaceAll' -update_verb: 'POST' -import_format: - - '{{parent}}/servicePerimeters' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_delete: 'templates/terraform/custom_delete/go/replace_all_service_perimeters_empty_list.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/set_access_policy_parent_from_access_policy.go.tmpl' -exclude_sweeper: true -examples: - - name: 'access_context_manager_service_perimeters_basic' - primary_resource_id: 'service-perimeter' - vars: - access_level_name: 'chromeos_no_lock' - service_perimeter_name: 'restrict_storage' - skip_test: true -parameters: - - name: 'parent' - type: String - description: | - The AccessPolicy this ServicePerimeter lives in. - Format: accessPolicies/{policy_id} - required: true - immutable: true - ignore_read: true -properties: - - name: 'servicePerimeters' - type: Array - description: | - The desired Service Perimeters that should replace all existing Service Perimeters in the Access Policy. - custom_flatten: 'templates/terraform/custom_flatten/go/accesscontextmanager_serviceperimeters_custom_flatten.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Resource name for the ServicePerimeter. The short_name component must - begin with a letter and only include alphanumeric and '_'. - Format: accessPolicies/{policy_id}/servicePerimeters/{short_name} - required: true - immutable: true - - name: 'title' - type: String - description: | - Human readable title. Must be unique within the Policy. - required: true - - name: 'description' - type: String - description: | - Description of the ServicePerimeter and its use. Does not affect - behavior. - - name: 'createTime' - type: Time - description: | - Time the AccessPolicy was created in UTC. - output: true - - name: 'updateTime' - type: Time - description: | - Time the AccessPolicy was updated in UTC. - output: true - - name: 'perimeterType' - type: Enum - description: | - Specifies the type of the Perimeter. There are two types: regular and - bridge. Regular Service Perimeter contains resources, access levels, - and restricted services. Every resource can be in at most - ONE regular Service Perimeter. - - In addition to being in a regular service perimeter, a resource can also - be in zero or more perimeter bridges. A perimeter bridge only contains - resources. Cross project operations are permitted if all effected - resources share some perimeter (whether bridge or regular). Perimeter - Bridge does not contain access levels or services: those are governed - entirely by the regular perimeter that resource is in. - - Perimeter Bridges are typically useful when building more complex - topologies with many independent perimeters that need to share some data - with a common perimeter, but should not be able to share data among - themselves. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "PERIMETER_TYPE_REGULAR" - enum_values: - - 'PERIMETER_TYPE_REGULAR' - - 'PERIMETER_TYPE_BRIDGE' - - name: 'status' - type: NestedObject - description: | - ServicePerimeter configuration. Specifies sets of resources, - restricted services and access levels that determine - perimeter content and boundaries. - properties: - - name: 'resources' - type: Array - description: | - A list of GCP resources that are inside of the service perimeter. - Currently only projects are allowed. - Format: projects/{project_number} - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - status.0.resources - # - status.0.access_levels - # - status.0.restricted_services - is_set: true - item_type: - type: String - - name: 'accessLevels' - type: Array - description: | - A list of AccessLevel resource names that allow resources within - the ServicePerimeter to be accessed from the internet. - AccessLevels listed must be in the same policy as this - ServicePerimeter. Referencing a nonexistent AccessLevel is a - syntax error. If no AccessLevel names are listed, resources within - the perimeter can only be accessed via GCP calls with request - origins within the perimeter. For Service Perimeter Bridge, must - be empty. - - Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - status.0.resources - # - status.0.access_levels - # - status.0.restricted_services - is_set: true - item_type: - type: String - - name: 'restrictedServices' - type: Array - description: | - GCP services that are subject to the Service Perimeter - restrictions. Must contain a list of services. For example, if - `storage.googleapis.com` is specified, access to the storage - buckets inside the perimeter must meet the perimeter's access - restrictions. - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - status.0.resources - # - status.0.access_levels - # - status.0.restricted_services - is_set: true - item_type: - type: String - - name: 'vpcAccessibleServices' - type: NestedObject - description: | - Specifies how APIs are allowed to communicate within the Service - Perimeter. - properties: - - name: 'enableRestriction' - type: Boolean - description: | - Whether to restrict API calls within the Service Perimeter to the - list of APIs specified in 'allowedServices'. - - name: 'allowedServices' - type: Array - description: | - The list of APIs usable within the Service Perimeter. - Must be empty unless `enableRestriction` is True. - is_set: true - item_type: - type: String - - name: 'ingressPolicies' - type: Array - description: | - List of `IngressPolicies` to apply to the perimeter. A perimeter may - have multiple `IngressPolicies`, each of which is evaluated - separately. Access is granted if any `Ingress Policy` grants it. - Must be empty for a perimeter bridge. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'ingressFrom' - type: NestedObject - description: | - Defines the conditions on the source of a request causing this `IngressPolicy` - to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access from outside the - perimeter. If left unspecified, then members of `identities` field will be - allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this ingress policy. - Should be in the format of email address. The email address should represent - individual user or service account only. - is_set: true - item_type: - type: String - - name: 'sources' - type: Array - description: | - Sources that this `IngressPolicy` authorizes access from. - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: | - An `AccessLevel` resource name that allow resources within the - `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed - must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent - `AccessLevel` will cause an error. If no `AccessLevel` names are listed, - resources within the perimeter can only be accessed via Google Cloud calls - with request origins within the perimeter. - Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` - If * is specified, then all IngressSources will be allowed. - - name: 'resource' - type: String - description: | - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter data. - Currently only projects are allowed. Format `projects/{project_number}` - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, the case - of allowing all Google Cloud resources only is not supported. - - name: 'ingressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and request destination that cause - this `IngressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, protected by this `ServicePerimeter` - that are allowed to be accessed by sources defined in the - corresponding `IngressFrom`. A request matches if it contains - a resource in this list. If `*` is specified for resources, - then this `IngressTo` rule will authorize access to all - resources inside the perimeter, provided that the request - also matches the `operations` field. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` the sources specified in corresponding `IngressFrom` - are allowed to perform in this `ServicePerimeter`. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong to - the service specified by serviceName field. A single `MethodSelector` entry - with `*` specified for the method field will allow all methods AND - permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for method should be a valid method name for the corresponding - serviceName in `ApiOperation`. If `*` used as value for `method`, then - ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'egressPolicies' - type: Array - description: | - List of EgressPolicies to apply to the perimeter. A perimeter may - have multiple EgressPolicies, each of which is evaluated separately. - Access is granted if any EgressPolicy grants it. Must be empty for - a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'egressFrom' - type: NestedObject - description: | - Defines conditions on the source of a request causing this `EgressPolicy` to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access to outside the - perimeter. If left unspecified, then members of `identities` field will - be allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this `EgressPolicy`. - Should be in the format of email address. The email address should - represent individual user or service account only. - is_set: true - item_type: - type: String - - name: 'sources' - type: Array - description: 'Sources that this EgressPolicy authorizes access from.' - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - name: 'sourceRestriction' - type: Enum - description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - enum_values: - - 'SOURCE_RESTRICTION_UNSPECIFIED' - - 'SOURCE_RESTRICTION_ENABLED' - - 'SOURCE_RESTRICTION_DISABLED' - - name: 'egressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and destination resources that - cause this `EgressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, that match this to stanza. A request matches - if it contains a resource in this list. If * is specified for resources, - then this `EgressTo` rule will authorize access to all resources outside - the perimeter. - is_set: true - item_type: - type: String - - name: 'externalResources' - type: Array - description: | - A list of external resources that are allowed to be accessed. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` that this egress rule applies to. A request matches - if it contains an operation/service in this list. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with serviceName - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong - to the service specified by `serviceName` field. A single MethodSelector - entry with `*` specified for the `method` field will allow all methods - AND permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for `method` should be a valid method name for the corresponding - `serviceName` in `ApiOperation`. If `*` used as value for method, - then ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'spec' - type: NestedObject - description: | - Proposed (or dry run) ServicePerimeter configuration. - This configuration allows to specify and test ServicePerimeter configuration - without enforcing actual access restrictions. Only allowed to be set when - the `useExplicitDryRunSpec` flag is set. - properties: - - name: 'resources' - type: Array - description: | - A list of GCP resources that are inside of the service perimeter. - Currently only projects are allowed. - Format: projects/{project_number} - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - spec.0.resources - # - spec.0.access_levels - # - spec.0.restricted_services - is_set: true - item_type: - type: String - - name: 'accessLevels' - type: Array - description: | - A list of AccessLevel resource names that allow resources within - the ServicePerimeter to be accessed from the internet. - AccessLevels listed must be in the same policy as this - ServicePerimeter. Referencing a nonexistent AccessLevel is a - syntax error. If no AccessLevel names are listed, resources within - the perimeter can only be accessed via GCP calls with request - origins within the perimeter. For Service Perimeter Bridge, must - be empty. - - Format: accessPolicies/{policy_id}/accessLevels/{access_level_name} - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - spec.0.resources - # - spec.0.access_levels - # - spec.0.restricted_services - is_set: true - item_type: - type: String - - name: 'restrictedServices' - type: Array - description: | - GCP services that are subject to the Service Perimeter - restrictions. Must contain a list of services. For example, if - `storage.googleapis.com` is specified, access to the storage - buckets inside the perimeter must meet the perimeter's access - restrictions. - # TODO: (mbang) won't work for arrays yet, uncomment here once they are supported. - # (github.com/hashicorp/terraform-plugin-sdk/issues/470) - # at_least_one_of: - # - spec.0.resources - # - spec.0.access_levels - # - spec.0.restricted_services - is_set: true - item_type: - type: String - - name: 'vpcAccessibleServices' - type: NestedObject - description: | - Specifies how APIs are allowed to communicate within the Service - Perimeter. - properties: - - name: 'enableRestriction' - type: Boolean - description: | - Whether to restrict API calls within the Service Perimeter to the - list of APIs specified in 'allowedServices'. - - name: 'allowedServices' - type: Array - description: | - The list of APIs usable within the Service Perimeter. - Must be empty unless `enableRestriction` is True. - is_set: true - item_type: - type: String - - name: 'ingressPolicies' - type: Array - description: | - List of `IngressPolicies` to apply to the perimeter. A perimeter may - have multiple `IngressPolicies`, each of which is evaluated - separately. Access is granted if any `Ingress Policy` grants it. - Must be empty for a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'ingressFrom' - type: NestedObject - description: | - Defines the conditions on the source of a request causing this `IngressPolicy` - to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access from outside the - perimeter. If left unspecified, then members of `identities` field will be - allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this ingress policy. - Should be in the format of email address. The email address should represent - individual user or service account only. - is_set: true - item_type: - type: String - - name: 'sources' - type: Array - description: | - Sources that this `IngressPolicy` authorizes access from. - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: | - An `AccessLevel` resource name that allow resources within the - `ServicePerimeters` to be accessed from the internet. `AccessLevels` listed - must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent - `AccessLevel` will cause an error. If no `AccessLevel` names are listed, - resources within the perimeter can only be accessed via Google Cloud calls - with request origins within the perimeter. - Example `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.` - If * is specified, then all IngressSources will be allowed. - - name: 'resource' - type: String - description: | - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter data. - Currently only projects are allowed. Format `projects/{project_number}` - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, the case - of allowing all Google Cloud resources only is not supported. - - name: 'ingressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and request destination that cause - this `IngressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, protected by this `ServicePerimeter` - that are allowed to be accessed by sources defined in the - corresponding `IngressFrom`. A request matches if it contains - a resource in this list. If `*` is specified for resources, - then this `IngressTo` rule will authorize access to all - resources inside the perimeter, provided that the request - also matches the `operations` field. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` the sources specified in corresponding `IngressFrom` - are allowed to perform in this `ServicePerimeter`. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with `serviceName` - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong to - the service specified by serviceName field. A single `MethodSelector` entry - with `*` specified for the method field will allow all methods AND - permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for method should be a valid method name for the corresponding - serviceName in `ApiOperation`. If `*` used as value for `method`, then - ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'egressPolicies' - type: Array - description: | - List of EgressPolicies to apply to the perimeter. A perimeter may - have multiple EgressPolicies, each of which is evaluated separately. - Access is granted if any EgressPolicy grants it. Must be empty for - a perimeter bridge. - item_type: - type: NestedObject - properties: - - name: 'egressFrom' - type: NestedObject - description: | - Defines conditions on the source of a request causing this `EgressPolicy` to apply. - properties: - - name: 'identityType' - type: Enum - description: | - Specifies the type of identities that are allowed access to outside the - perimeter. If left unspecified, then members of `identities` field will - be allowed access. - enum_values: - - 'IDENTITY_TYPE_UNSPECIFIED' - - 'ANY_IDENTITY' - - 'ANY_USER_ACCOUNT' - - 'ANY_SERVICE_ACCOUNT' - - name: 'identities' - type: Array - description: | - A list of identities that are allowed access through this `EgressPolicy`. - Should be in the format of email address. The email address should - represent individual user or service account only. - is_set: true - item_type: - type: String - - name: 'sources' - type: Array - description: 'Sources that this EgressPolicy authorizes access from.' - item_type: - type: NestedObject - properties: - - name: 'accessLevel' - type: String - description: 'An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.' - - name: 'sourceRestriction' - type: Enum - description: 'Whether to enforce traffic restrictions based on `sources` field. If the `sources` field is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.' - enum_values: - - 'SOURCE_RESTRICTION_UNSPECIFIED' - - 'SOURCE_RESTRICTION_ENABLED' - - 'SOURCE_RESTRICTION_DISABLED' - - name: 'egressTo' - type: NestedObject - description: | - Defines the conditions on the `ApiOperation` and destination resources that - cause this `EgressPolicy` to apply. - properties: - - name: 'resources' - type: Array - description: | - A list of resources, currently only projects in the form - `projects/`, that match this to stanza. A request matches - if it contains a resource in this list. If * is specified for resources, - then this `EgressTo` rule will authorize access to all resources outside - the perimeter. - is_set: true - item_type: - type: String - - name: 'externalResources' - type: Array - description: | - A list of external resources that are allowed to be accessed. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - is_set: true - item_type: - type: String - - name: 'operations' - type: Array - description: | - A list of `ApiOperations` that this egress rule applies to. A request matches - if it contains an operation/service in this list. - item_type: - type: NestedObject - properties: - - name: 'serviceName' - type: String - description: | - The name of the API whose methods or permissions the `IngressPolicy` or - `EgressPolicy` want to allow. A single `ApiOperation` with serviceName - field set to `*` will allow all methods AND permissions for all services. - - name: 'methodSelectors' - type: Array - description: | - API methods or permissions to allow. Method or permission must belong - to the service specified by `serviceName` field. A single MethodSelector - entry with `*` specified for the `method` field will allow all methods - AND permissions for the service specified in `serviceName`. - item_type: - type: NestedObject - properties: - - name: 'method' - type: String - description: | - Value for `method` should be a valid method name for the corresponding - `serviceName` in `ApiOperation`. If `*` used as value for method, - then ALL methods and permissions are allowed. - - name: 'permission' - type: String - description: | - Value for permission should be a valid Cloud IAM permission for the - corresponding `serviceName` in `ApiOperation`. - - name: 'useExplicitDryRunSpec' - type: Boolean - description: | - Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists - for all Service Perimeters, and that spec is identical to the status for those - Service Perimeters. When this flag is set, it inhibits the generation of the - implicit spec, thereby allowing the user to explicitly provide a - configuration ("spec") to use in a dry-run version of the Service Perimeter. - This allows the user to test changes to the enforced config ("status") without - actually enforcing them. This testing is done through analyzing the differences - between currently enforced and suggested restrictions. useExplicitDryRunSpec must - bet set to True if any of the fields in the spec are set to non-default values. diff --git a/mmv1/products/accesscontextmanager/go_product.yaml b/mmv1/products/accesscontextmanager/go_product.yaml deleted file mode 100644 index a6d7fbade4e6..000000000000 --- a/mmv1/products/accesscontextmanager/go_product.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessContextManager' -display_name: 'Access Context Manager (VPC Service Controls)' -versions: - - name: 'ga' - base_url: 'https://accesscontextmanager.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/accesscontextmanager/product.yaml b/mmv1/products/accesscontextmanager/product.yaml index e8715cb7ad77..0bd2aa6284d2 100644 --- a/mmv1/products/accesscontextmanager/product.yaml +++ b/mmv1/products/accesscontextmanager/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,29 +11,23 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: AccessContextManager -display_name: Access Context Manager (VPC Service Controls) +--- +name: 'AccessContextManager' +display_name: 'Access Context Manager (VPC Service Controls)' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://accesscontextmanager.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://accesscontextmanager.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/activedirectory/Domain.yaml b/mmv1/products/activedirectory/Domain.yaml index 7f8122c9db2c..5e38728ca381 100644 --- a/mmv1/products/activedirectory/Domain.yaml +++ b/mmv1/products/activedirectory/Domain.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,128 +11,132 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Domain' kind: 'activedirectory#domain' -base_url: projects/{{project}}/locations/global/domains -create_url: projects/{{project}}/locations/global/domains?domainName={{domain_name}} -delete_url: projects/{{project}}/locations/global/domains/{{domain_name}} # equivalent to {{name}}, but makes sweepers work -update_verb: :PATCH -update_mask: true -self_link: '{{name}}' description: Creates a Microsoft AD domain -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Managed Microsoft Active Directory Quickstart': 'https://cloud.google.com/managed-microsoft-ad/docs/quickstarts' api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/locations/global/domains' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/global/domains?domainName={{domain_name}}' +update_verb: 'PATCH' +update_mask: true + # equivalent to {{name}}, but makes sweepers work +delete_url: 'projects/{{project}}/locations/global/domains/{{domain_name}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' - wait_ms: - 1000 + path: 'name' + wait_ms: 1000 # It takes about 35-40 mins to get the resource created - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 60 update_minutes: 60 delete_minutes: 60 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: '{{name}}' -import_format: ['{{name}}'] -autogen_async: true -virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'deletion_protection' - default_value: true - description: | - Whether Terraform will be prevented from destroying the domain. Defaults to true. - When a`terraform destroy` or `terraform apply` would delete the domain, - the command will fail if this field is not set to false in Terraform state. - When the field is set to true or unset in Terraform state, a `terraform apply` - or `terraform destroy` that would delete the domain will fail. - When the field is set to false, deleting the domain is allowed. -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/self_link_as_name.erb - pre_delete: 'templates/terraform/pre_delete/active_directory_domain.go.erb' -error_abort_predicates: ['transport_tpg.Is429QuotaError'] +custom_code: + pre_delete: 'templates/terraform/pre_delete/active_directory_domain.go.tmpl' + custom_import: 'templates/terraform/custom_import/self_link_as_name.tmpl' +error_abort_predicates: + + - 'transport_tpg.Is429QuotaError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'active_directory_domain_basic' + - name: 'active_directory_domain_basic' primary_resource_id: 'ad-domain' vars: name: 'myorg' # the part of the domain before the first "." must be <15 chars, and # the random suffix is 10 chars. In order to make sure these get swept, # 'tfgen' is the only option here. - domain_name: - tfgen - # skip the test until Active Directory setup issue got resolved - skip_test: true + domain_name: 'tfgen' ignore_read_extra: - 'deletion_protection' + # skip the test until Active Directory setup issue got resolved + exclude_test: true +virtual_fields: + - name: 'deletion_protection' + description: | + Whether Terraform will be prevented from destroying the domain. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the domain, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the domain will fail. + When the field is set to false, deleting the domain is allowed. + type: Boolean + default_value: true parameters: - - !ruby/object:Api::Type::String - name: domainName - required: true - url_param_only: true - immutable: true + - name: 'domainName' + type: String description: | The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. - validation: !ruby/object:Provider::Terraform::Validation + url_param_only: true + required: true + immutable: true + validation: function: 'verify.ValidateADDomainName()' properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: 'The unique name of the domain using the format: `projects/{project}/locations/global/domains/{domainName}`.' - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: 'Resource labels that can contain user-provided metadata' - - !ruby/object:Api::Type::Array - name: 'authorizedNetworks' - item_type: Api::Type::String + - name: 'authorizedNetworks' + type: Array description: | The full names of the Google Compute Engine networks the domain instance is connected to. The domain is only available on networks listed in authorizedNetworks. If CIDR subnets overlap between networks, domain creation will fail. is_set: true - - !ruby/object:Api::Type::String - name: 'reservedIpRange' - required: true - immutable: true + item_type: + type: String + - name: 'reservedIpRange' + type: String description: | The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in authorizedNetworks - - !ruby/object:Api::Type::Array - name: 'locations' required: true - item_type: Api::Type::String + immutable: true + - name: 'locations' + type: Array description: | Locations where domain needs to be provisioned. [regions][compute/docs/regions-zones/] e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block. - - !ruby/object:Api::Type::String - name: 'admin' - default_value: 'setupadmin' - immutable: true + required: true + item_type: + type: String + - name: 'admin' + type: String description: | The name of delegated administrator account used to perform Active Directory operations. If not specified, setupadmin will be used. - - !ruby/object:Api::Type::String - name: 'fqdn' - output: true + immutable: true + default_value: "setupadmin" + - name: 'fqdn' + type: String description: | The fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory set up on an internal network. + output: true diff --git a/mmv1/products/activedirectory/DomainTrust.yaml b/mmv1/products/activedirectory/DomainTrust.yaml index 60dcfd8d5a7d..3c61ee6c44c7 100644 --- a/mmv1/products/activedirectory/DomainTrust.yaml +++ b/mmv1/products/activedirectory/DomainTrust.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,118 +11,117 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DomainTrust' kind: 'activedirectory#trust' -base_url: projects/{{project}}/locations/global/domains -create_url: projects/{{project}}/locations/global/domains/{{domain}}:attachTrust -update_verb: :POST -update_url: projects/{{project}}/locations/global/domains/{{domain}}:reconfigureTrust -delete_verb: - :POST - # Resource custom delete function needs to be modified any time when the resource schema is edited -delete_url: projects/{{project}}/locations/global/domains/{{domain}}:detachTrust -self_link: projects/{{project}}/locations/global/domains/{{domain}} description: Adds a trust between Active Directory domains -identity: - - targetDomainName -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: ['trusts'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' - base_url: '{{op_id}}' - wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result - path: 'response' - resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: 'error' - message: 'message' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Active Directory Trust': 'https://cloud.google.com/managed-microsoft-ad/docs/create-one-way-trust' api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains/attachTrust' +docs: id_format: 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' +base_url: 'projects/{{project}}/locations/global/domains' +self_link: 'projects/{{project}}/locations/global/domains/{{domain}}' +create_url: 'projects/{{project}}/locations/global/domains/{{domain}}:attachTrust' +update_url: 'projects/{{project}}/locations/global/domains/{{domain}}:reconfigureTrust' +update_verb: 'POST' + # Resource custom delete function needs to be modified any time when the resource schema is edited +delete_url: 'projects/{{project}}/locations/global/domains/{{domain}}:detachTrust' +delete_verb: 'POST' import_format: - [ - 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}', - ] + - 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - update_encoder: - templates/terraform/update_encoder/active_directory_domain_trust.go.erb +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - targetDomainName +nested_query: + keys: + - trusts + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/active_directory_domain_trust.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/active_directory_domain_trust.go.tmpl' + decoder: 'templates/terraform/decoders/unwrap_resource.go.tmpl' # Delete function needs to be modified any time when the resource schema is edited - custom_delete: templates/terraform/custom_delete/active_directory_domain_trust.go.erb - encoder: templates/terraform/encoders/active_directory_domain_trust.go.erb - decoder: templates/terraform/decoders/unwrap_resource.go.erb + custom_delete: 'templates/terraform/custom_delete/active_directory_domain_trust.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'active_directory_domain_trust_basic' - primary_resource_id: - 'ad-domain-trust' + - name: 'active_directory_domain_trust_basic' + primary_resource_id: 'ad-domain-trust' # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists and we need to validate that child resource has been deleted - skip_test: true + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: domain - required: true - url_param_only: true - immutable: true + - name: 'domain' + type: String description: | The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. -properties: - - !ruby/object:Api::Type::String - name: 'targetDomainName' + url_param_only: true required: true + immutable: true +properties: + - name: 'targetDomainName' + type: String description: 'The fully qualified target domain name which will be in trust with the current domain.' - - !ruby/object:Api::Type::Enum - name: 'trustType' required: true - immutable: true + - name: 'trustType' + type: Enum description: 'The type of trust represented by the trust resource.' - values: - - FOREST - - EXTERNAL - - !ruby/object:Api::Type::Enum - name: 'trustDirection' required: true immutable: true + enum_values: + - 'FOREST' + - 'EXTERNAL' + - name: 'trustDirection' + type: Enum description: 'The trust direction, which decides if the current domain is trusted, trusting, or both.' - values: - - INBOUND - - OUTBOUND - - BIDIRECTIONAL - - !ruby/object:Api::Type::Boolean - name: 'selectiveAuthentication' + required: true immutable: true + enum_values: + - 'INBOUND' + - 'OUTBOUND' + - 'BIDIRECTIONAL' + - name: 'selectiveAuthentication' + type: Boolean description: | Whether the trusted side has forest/domain wide access or selective access to an approved set of resources. - - !ruby/object:Api::Type::Array - name: 'targetDnsIpAddresses' - required: true - item_type: Api::Type::String + immutable: true + - name: 'targetDnsIpAddresses' + type: Array description: | The target DNS server IP addresses which can resolve the remote domain involved in the trust. is_set: true - - !ruby/object:Api::Type::String - name: 'trustHandshakeSecret' required: true - immutable: true + item_type: + type: String + - name: 'trustHandshakeSecret' + type: String description: | The trust secret used for the handshake with the target domain. This will not be stored. - sensitive: true + required: true + immutable: true ignore_read: true + sensitive: true diff --git a/mmv1/products/activedirectory/Peering.yaml b/mmv1/products/activedirectory/Peering.yaml index b760bb8ef788..10e7abe51aeb 100644 --- a/mmv1/products/activedirectory/Peering.yaml +++ b/mmv1/products/activedirectory/Peering.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,92 +11,99 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Peering' kind: 'activedirectory#peering' -base_url: 'projects/{{project}}/locations/global/peerings' -min_version: beta -create_url: projects/{{project}}/locations/global/peerings?peeringId={{peering_id}} -delete_url: projects/{{project}}/locations/global/peerings/{{peering_id}} -update_verb: :PATCH -update_mask: false -self_link: '{{name}}' description: Creates a Peering for Managed AD instance. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Active Directory Domain Peering': 'https://cloud.google.com/managed-microsoft-ad/docs/domain-peering' api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1beta1/projects.locations.global.peerings' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'projects/{{project}}/locations/global/domains/{{peering_id}}' +base_url: 'projects/{{project}}/locations/global/peerings' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/global/peerings?peeringId={{peering_id}}' +update_verb: 'PATCH' +update_mask: false +delete_url: 'projects/{{project}}/locations/global/peerings/{{peering_id}}' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: 'projects/{{project}}/locations/global/domains/{{peering_id}}' -exclude_import: true -autogen_async: true +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'active_directory_peering_basic' + - name: 'active_directory_peering_basic' primary_resource_id: 'ad-domain-peering' vars: domain_name: 'ad.test.hashicorptest.com' project_id: 'my-peered-project' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_import_test: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' # skip the test until Active Directory setup issue got resolved - skip_test: true + exclude_test: true + exclude_import_test: true parameters: - - !ruby/object:Api::Type::String - name: peeringId - required: true + - name: 'peeringId' + type: String + description: '' + min_version: 'beta' url_param_only: true + required: true immutable: true - description: '' properties: - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: | Unique name of the peering in this scope including projects and location using the form: projects/{projectId}/locations/global/peerings/{peeringId}. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels description: 'Resource labels that can contain user-provided metadata' - - !ruby/object:Api::Type::String - name: authorizedNetwork - required: true - immutable: true + min_version: 'beta' + - name: 'authorizedNetwork' + type: String description: | The full names of the Google Compute Engine networks to which the instance is connected. Caller needs to make sure that CIDR subnets do not overlap between networks, else peering creation will fail. - - !ruby/object:Api::Type::String - name: domainResource + min_version: 'beta' required: true immutable: true + - name: 'domainResource' + type: String description: | Full domain resource path for the Managed AD Domain involved in peering. The resource path should be in the form projects/{projectId}/locations/global/domains/{domainName} - - !ruby/object:Api::Type::String - name: status - url_param_only: true + min_version: 'beta' + required: true + immutable: true + - name: 'status' + type: String description: | The current state of this Peering. + min_version: 'beta' + url_param_only: true ignore_read: true - - !ruby/object:Api::Type::String - name: statusMessage + - name: 'statusMessage' + type: String description: | Additional information about the current status of this peering, if available. + min_version: 'beta' ignore_read: true diff --git a/mmv1/products/activedirectory/go_Domain.yaml b/mmv1/products/activedirectory/go_Domain.yaml deleted file mode 100644 index 4be2e557fc74..000000000000 --- a/mmv1/products/activedirectory/go_Domain.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Domain' -kind: 'activedirectory#domain' -description: Creates a Microsoft AD domain -references: - guides: - 'Managed Microsoft Active Directory Quickstart': 'https://cloud.google.com/managed-microsoft-ad/docs/quickstarts' - api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains' -docs: -id_format: '{{name}}' -base_url: 'projects/{{project}}/locations/global/domains' -self_link: '{{name}}' -create_url: 'projects/{{project}}/locations/global/domains?domainName={{domain_name}}' -update_verb: 'PATCH' -update_mask: true -delete_url: 'projects/{{project}}/locations/global/domains/{{domain_name}}' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - pre_delete: 'templates/terraform/pre_delete/go/active_directory_domain.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/self_link_as_name.tmpl' -error_abort_predicates: - - - 'transport_tpg.Is429QuotaError' -examples: - - name: 'active_directory_domain_basic' - primary_resource_id: 'ad-domain' - vars: - name: 'myorg' - domain_name: 'tfgen' - ignore_read_extra: - - 'deletion_protection' - skip_test: true -virtual_fields: - - name: 'deletion_protection' - description: | - Whether Terraform will be prevented from destroying the domain. Defaults to true. - When a`terraform destroy` or `terraform apply` would delete the domain, - the command will fail if this field is not set to false in Terraform state. - When the field is set to true or unset in Terraform state, a `terraform apply` - or `terraform destroy` that would delete the domain will fail. - When the field is set to false, deleting the domain is allowed. - type: Boolean - default_value: true -parameters: - - name: 'domainName' - type: String - description: | - The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions - of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. - url_param_only: true - required: true - immutable: true - validation: - function: 'verify.ValidateADDomainName()' -properties: - - name: 'name' - type: String - description: - 'The unique name of the domain using the format: - `projects/{project}/locations/global/domains/{domainName}`.' - output: true - - name: 'labels' - type: KeyValueLabels - description: 'Resource labels that can contain user-provided metadata' - - name: 'authorizedNetworks' - type: Array - description: | - The full names of the Google Compute Engine networks the domain instance is connected to. The domain is only available on networks listed in authorizedNetworks. - If CIDR subnets overlap between networks, domain creation will fail. - is_set: true - item_type: - type: String - - name: 'reservedIpRange' - type: String - description: | - The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. - Ranges must be unique and non-overlapping with existing subnets in authorizedNetworks - required: true - immutable: true - - name: 'locations' - type: Array - description: | - Locations where domain needs to be provisioned. [regions][compute/docs/regions-zones/] - e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block. - required: true - item_type: - type: String - - name: 'admin' - type: String - description: | - The name of delegated administrator account used to perform Active Directory operations. - If not specified, setupadmin will be used. - immutable: true - default_value: "setupadmin" - - name: 'fqdn' - type: String - description: | - The fully-qualified domain name of the exposed domain used by clients to connect to the service. - Similar to what would be chosen for an Active Directory set up on an internal network. - output: true diff --git a/mmv1/products/activedirectory/go_DomainTrust.yaml b/mmv1/products/activedirectory/go_DomainTrust.yaml deleted file mode 100644 index fc6ff2e0846e..000000000000 --- a/mmv1/products/activedirectory/go_DomainTrust.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DomainTrust' -kind: 'activedirectory#trust' -description: Adds a trust between Active Directory domains -references: - guides: - 'Active Directory Trust': 'https://cloud.google.com/managed-microsoft-ad/docs/create-one-way-trust' - api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains/attachTrust' -docs: -id_format: 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' -base_url: 'projects/{{project}}/locations/global/domains' -self_link: 'projects/{{project}}/locations/global/domains/{{domain}}' -create_url: 'projects/{{project}}/locations/global/domains/{{domain}}:attachTrust' -update_url: 'projects/{{project}}/locations/global/domains/{{domain}}:reconfigureTrust' -update_verb: 'POST' -delete_url: 'projects/{{project}}/locations/global/domains/{{domain}}:detachTrust' -delete_verb: 'POST' -import_format: - - 'projects/{{project}}/locations/global/domains/{{domain}}/{{target_domain_name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - targetDomainName -nested_query: - keys: - - trusts - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/active_directory_domain_trust.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/active_directory_domain_trust.go.tmpl' - decoder: 'templates/terraform/decoders/go/unwrap_resource.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/active_directory_domain_trust.go.tmpl' -examples: - - name: 'active_directory_domain_trust_basic' - primary_resource_id: 'ad-domain-trust' - skip_test: true -parameters: - - name: 'domain' - type: String - description: | - The fully qualified domain name. e.g. mydomain.myorganization.com, with the restrictions - of https://cloud.google.com/managed-microsoft-ad/reference/rest/v1/projects.locations.global.domains. - url_param_only: true - required: true - immutable: true -properties: - - name: 'targetDomainName' - type: String - description: - 'The fully qualified target domain name which will be in trust with the - current domain.' - required: true - - name: 'trustType' - type: Enum - description: 'The type of trust represented by the trust resource.' - required: true - immutable: true - enum_values: - - 'FOREST' - - 'EXTERNAL' - - name: 'trustDirection' - type: Enum - description: - 'The trust direction, which decides if the current domain is trusted, - trusting, or both.' - required: true - immutable: true - enum_values: - - 'INBOUND' - - 'OUTBOUND' - - 'BIDIRECTIONAL' - - name: 'selectiveAuthentication' - type: Boolean - description: | - Whether the trusted side has forest/domain wide access or selective access to an approved set of resources. - immutable: true - - name: 'targetDnsIpAddresses' - type: Array - description: | - The target DNS server IP addresses which can resolve the remote domain involved in the trust. - is_set: true - required: true - item_type: - type: String - - name: 'trustHandshakeSecret' - type: String - description: | - The trust secret used for the handshake with the target domain. This will not be stored. - required: true - immutable: true - ignore_read: true - sensitive: true diff --git a/mmv1/products/activedirectory/go_Peering.yaml b/mmv1/products/activedirectory/go_Peering.yaml deleted file mode 100644 index 7b5d44244b55..000000000000 --- a/mmv1/products/activedirectory/go_Peering.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Peering' -kind: 'activedirectory#peering' -description: Creates a Peering for Managed AD instance. -min_version: 'beta' -references: - guides: - 'Active Directory Domain Peering': 'https://cloud.google.com/managed-microsoft-ad/docs/domain-peering' - api: 'https://cloud.google.com/managed-microsoft-ad/reference/rest/v1beta1/projects.locations.global.peerings' -docs: -id_format: 'projects/{{project}}/locations/global/domains/{{peering_id}}' -base_url: 'projects/{{project}}/locations/global/peerings' -self_link: '{{name}}' -create_url: 'projects/{{project}}/locations/global/peerings?peeringId={{peering_id}}' -update_verb: 'PATCH' -update_mask: false -delete_url: 'projects/{{project}}/locations/global/peerings/{{peering_id}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'active_directory_peering_basic' - primary_resource_id: 'ad-domain-peering' - vars: - domain_name: 'ad.test.hashicorptest.com' - project_id: 'my-peered-project' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_test: true - skip_import_test: true -parameters: - - name: 'peeringId' - type: String - description: '' - min_version: 'beta' - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Unique name of the peering in this scope including projects and location using the form: projects/{projectId}/locations/global/peerings/{peeringId}. - min_version: 'beta' - output: true - - name: 'labels' - type: KeyValueLabels - description: 'Resource labels that can contain user-provided metadata' - min_version: 'beta' - - name: 'authorizedNetwork' - type: String - description: | - The full names of the Google Compute Engine networks to which the instance is connected. Caller needs to make sure that CIDR subnets do not overlap between networks, else peering creation will fail. - min_version: 'beta' - required: true - immutable: true - - name: 'domainResource' - type: String - description: | - Full domain resource path for the Managed AD Domain involved in peering. The resource path should be in the form projects/{projectId}/locations/global/domains/{domainName} - min_version: 'beta' - required: true - immutable: true - - name: 'status' - type: String - description: | - The current state of this Peering. - min_version: 'beta' - url_param_only: true - ignore_read: true - - name: 'statusMessage' - type: String - description: | - Additional information about the current status of this peering, if available. - - min_version: 'beta' - ignore_read: true diff --git a/mmv1/products/activedirectory/go_product.yaml b/mmv1/products/activedirectory/go_product.yaml deleted file mode 100644 index 7ed90e7f66b8..000000000000 --- a/mmv1/products/activedirectory/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ActiveDirectory' -display_name: 'Managed Microsoft Active Directory' -versions: - - name: 'ga' - base_url: 'https://managedidentities.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://managedidentities.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/activedirectory/product.yaml b/mmv1/products/activedirectory/product.yaml index 43f65b87b493..c450f900d989 100644 --- a/mmv1/products/activedirectory/product.yaml +++ b/mmv1/products/activedirectory/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: ActiveDirectory -display_name: Managed Microsoft Active Directory +--- +name: 'ActiveDirectory' +display_name: 'Managed Microsoft Active Directory' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://managedidentities.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://managedidentities.googleapis.com/v1beta1/ + - name: 'ga' + base_url: 'https://managedidentities.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://managedidentities.googleapis.com/v1beta1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/alloydb/Backup.yaml b/mmv1/products/alloydb/Backup.yaml index a81dbc2d1387..c82ae8008146 100644 --- a/mmv1/products/alloydb/Backup.yaml +++ b/mmv1/products/alloydb/Backup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,31 +11,37 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Backup' -self_link: 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/backups' -create_url: 'projects/{{project}}/locations/{{location}}/backups?backupId={{backup_id}}' -update_verb: :PATCH -update_mask: true description: 'An AlloyDB Backup.' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups/create' -timeouts: !ruby/object:Api::Timeouts +docs: +base_url: 'projects/{{project}}/locations/{{location}}/backups' +self_link: 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/backups?backupId={{backup_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' +timeouts: insert_minutes: 10 update_minutes: 10 delete_minutes: 10 -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - base_url: '{{op_id}}' -import_format: - ['projects/{{project}}/locations/{{location}}/backups/{{backup_id}}'] autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +custom_code: + encoder: 'templates/terraform/encoders/alloydb_backup.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_backup_basic' + - name: 'alloydb_backup_basic' primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -45,9 +51,8 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_backup_basic_test' + exclude_test: true + - name: 'alloydb_backup_basic_test' primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -55,13 +60,12 @@ examples: alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_backup_full' + exclude_docs: true + - name: 'alloydb_backup_full' primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -71,9 +75,8 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_backup_full_test' + exclude_test: true + - name: 'alloydb_backup_full_test' primary_resource_id: 'default' vars: alloydb_backup_id: 'alloydb-backup' @@ -81,164 +84,163 @@ examples: alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' + exclude_docs: true # https://github.com/hashicorp/terraform-provider-google/issues/16231 skip_vcr: true - skip_docs: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/alloydb_backup.erb parameters: - - !ruby/object:Api::Type::String - name: 'backupId' - required: true - immutable: true - url_param_only: true + - name: 'backupId' + type: String description: | The ID of the alloydb backup. - - !ruby/object:Api::Type::String - name: 'location' + url_param_only: true required: true immutable: true - url_param_only: true + - name: 'location' + type: String description: | The location where the alloydb backup should reside. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Output only. The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backupId} - - !ruby/object:Api::Type::String - name: 'displayName' + output: true + - name: 'displayName' + type: String description: | User-settable and human-readable display name for the Backup. - - !ruby/object:Api::Type::String - name: 'uid' - output: true + - name: 'uid' + type: String description: | Output only. The system-generated UID of the resource. The UID is assigned when the resource is created, and it is retained until it is deleted. - - !ruby/object:Api::Type::Time - name: 'createTime' output: true + - name: 'createTime' + type: Time description: | Output only. Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: | Output only. Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Time - name: 'deleteTime' output: true + - name: 'deleteTime' + type: Time description: | Output only. Delete time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: | User-defined labels for the alloydb backup. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::String - name: 'state' - output: true + - name: 'state' + type: String description: Output only. The current state of the backup. - - !ruby/object:Api::Type::Enum - name: 'type' - default_from_api: true + output: true + - name: 'type' + type: Enum description: 'The backup type, which suggests the trigger for the backup.' - values: - - :TYPE_UNSPECIFIED - - :ON_DEMAND - - :AUTOMATED - - :CONTINUOUS - - !ruby/object:Api::Type::String - name: 'description' + default_from_api: true + enum_values: + - 'TYPE_UNSPECIFIED' + - 'ON_DEMAND' + - 'AUTOMATED' + - 'CONTINUOUS' + - name: 'description' + type: String description: 'User-provided description of the backup.' - - !ruby/object:Api::Type::String - name: 'clusterUid' - output: true + - name: 'clusterUid' + type: String description: 'Output only. The system-generated UID of the cluster which was used to create this resource.' - - !ruby/object:Api::Type::String - name: 'clusterName' - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + output: true + - name: 'clusterName' + type: String description: 'The full resource name of the backup source cluster (e.g., projects/{project}/locations/{location}/clusters/{clusterId}).' - - !ruby/object:Api::Type::Boolean - name: 'reconciling' - output: true + required: true + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'reconciling' + type: Boolean description: | Output only. Reconciling (https://google.aip.dev/128#reconciliation), if true, indicates that the service is actively updating the resource. This can happen due to user-triggered updates or system actions like failover or maintenance. - - !ruby/object:Api::Type::NestedObject - name: 'encryptionConfig' + output: true + - name: 'encryptionConfig' + type: NestedObject description: | EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' - immutable: true + - name: 'kmsKeyName' + type: String description: | The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - - !ruby/object:Api::Type::NestedObject - name: 'encryptionInfo' - output: true + immutable: true + - name: 'encryptionInfo' + type: NestedObject description: | EncryptionInfo describes the encryption information of a cluster or a backup. + output: true properties: - - !ruby/object:Api::Type::Enum - name: 'encryptionType' - output: true + - name: 'encryptionType' + type: Enum description: 'Output only. Type of encryption.' - values: - - :TYPE_UNSPECIFIED - - :GOOGLE_DEFAULT_ENCRYPTION - - :CUSTOMER_MANAGED_ENCRYPTION - - !ruby/object:Api::Type::Array - name: kmsKeyVersions - item_type: Api::Type::String output: true + enum_values: + - 'TYPE_UNSPECIFIED' + - 'GOOGLE_DEFAULT_ENCRYPTION' + - 'CUSTOMER_MANAGED_ENCRYPTION' + - name: 'kmsKeyVersions' + type: Array description: | Output only. Cloud KMS key versions that are being used to protect the database or the backup. - - !ruby/object:Api::Type::String - name: 'etag' - output: true + output: true + item_type: + type: String + - name: 'etag' + type: String description: 'For Resource freshness validation (https://google.aip.dev/154)' - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + output: true + - name: 'annotations' + type: KeyValueAnnotations description: | Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::String - name: 'sizeBytes' - output: true + - name: 'sizeBytes' + type: String description: 'Output only. The size of the backup in bytes.' - - !ruby/object:Api::Type::String - name: 'expiryTime' output: true + - name: 'expiryTime' + type: String description: | Output only. The time at which after the backup is eligible to be garbage collected. It is the duration specified by the backup's retention policy, added to the backup's createTime. - - !ruby/object:Api::Type::NestedObject - name: 'expiryQuantity' output: true + - name: 'expiryQuantity' + type: NestedObject description: | Output only. The QuantityBasedExpiry of the backup, specified by the backup's retention policy. Once the expiry quantity is over retention, the backup is eligible to be garbage collected. + output: true properties: - - !ruby/object:Api::Type::Integer - name: 'retentionCount' - output: true + - name: 'retentionCount' + type: Integer description: | Output only. The backup's position among its backups with the same source cluster and type, by descending chronological order create time (i.e. newest first). - - !ruby/object:Api::Type::Integer - name: 'totalRetentionCount' output: true + - name: 'totalRetentionCount' + type: Integer description: | Output only. The length of the quantity-based queue, specified by the backup's retention policy. + output: true diff --git a/mmv1/products/alloydb/Cluster.yaml b/mmv1/products/alloydb/Cluster.yaml index 2ad74019ae55..ad5967241524 100644 --- a/mmv1/products/alloydb/Cluster.yaml +++ b/mmv1/products/alloydb/Cluster.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +11,14 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Cluster' -docs: !ruby/object:Provider::Terraform::Docs +description: 'A managed alloydb cluster.' +references: + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters/create' +docs: note: | Users can promote a secondary cluster to a primary cluster with the help of `cluster_type`. To promote, users have to set the `cluster_type` property as `PRIMARY` and remove the `secondary_config` field from cluster configuration. @@ -25,59 +30,53 @@ docs: !ruby/object:Provider::Terraform::Docs 1. Refresh the state of the AlloyDB resources by running `terraform apply -refresh-only --auto-approve` . 2. Manually update the terraform configuration file(s) to match the actual state of the resources by modifying the `cluster_type` and `secondary_config` fields. 3. Verify the sync of terraform state by running `terraform plan` and ensure that the infrastructure matches the configuration and no changes are required. -self_link: 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' base_url: 'projects/{{project}}/locations/{{location}}/clusters' +self_link: 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' create_url: 'projects/{{project}}/locations/{{location}}/clusters?clusterId={{cluster_id}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -description: 'A managed alloydb cluster.' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters/create' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' + - '{{cluster_id}}' +timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 30 update_minutes: 30 delete_minutes: 30 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -import_format: - [ - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}', - '{{cluster_id}}', - ] +custom_code: + pre_create: 'templates/terraform/pre_create/alloydb_cluster.go.tmpl' + pre_update: 'templates/terraform/pre_update/alloydb_cluster.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/alloydb_cluster.go.tmpl' # Skipping the sweeper because we need to force-delete clusters. -skip_sweeper: true -autogen_async: true +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_cluster_basic' + - name: 'alloydb_cluster_basic' primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_cluster_full' + - name: 'alloydb_cluster_full' primary_resource_id: 'full' vars: alloydb_cluster_name: 'alloydb-cluster-full' - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_cluster_restore' + - name: 'alloydb_cluster_restore' primary_resource_id: 'source' - skip_test: true vars: alloydb_cluster_name: 'alloydb-source-cluster' alloydb_backup_restored_cluster_name: 'alloydb-backup-restored' @@ -86,20 +85,19 @@ examples: alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedTestNetwork(t, "alloydb-instance-basic")' + 'network_name': 'acctest.BootstrapSharedTestNetwork(t, "alloydb-instance-basic")' ignore_read_extra: - 'reconciling' - 'update_time' - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_secondary_cluster_basic' + exclude_test: true + - name: 'alloydb_secondary_cluster_basic' primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' alloydb_primary_instance_name: 'alloydb-primary-instance' alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_secondary_cluster_basic_test' + exclude_test: true + - name: 'alloydb_secondary_cluster_basic_test' primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' @@ -107,483 +105,482 @@ examples: alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - skip_docs: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/alloydb_cluster.go.erb - pre_update: templates/terraform/pre_update/alloydb_cluster.go.erb - pre_delete: templates/terraform/pre_delete/alloydb_cluster.go.erb + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + exclude_docs: true virtual_fields: - - !ruby/object:Api::Type::String - name: 'deletion_policy' + - name: 'deletion_policy' description: | Policy to determine if the cluster should be deleted forcefully. Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. Possible values: DEFAULT, FORCE - default_value: DEFAULT + type: String + default_value: "DEFAULT" parameters: - - !ruby/object:Api::Type::String - name: 'clusterId' - required: true - immutable: true - url_param_only: true + - name: 'clusterId' + type: String description: | The ID of the alloydb cluster. - - !ruby/object:Api::Type::String - name: 'location' + url_param_only: true required: true immutable: true - url_param_only: true + - name: 'location' + type: String description: | The location where the alloydb cluster should reside. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The name of the cluster resource. - - !ruby/object:Api::Type::String - name: 'uid' output: true + - name: 'uid' + type: String description: | The system-generated UID of the resource. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: 'User-defined labels for the alloydb cluster.' - - !ruby/object:Api::Type::NestedObject - name: 'encryptionConfig' + - name: 'encryptionConfig' + type: NestedObject description: | EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'encryptionInfo' + - name: 'encryptionInfo' + type: NestedObject description: | EncryptionInfo describes the encryption information of a cluster or a backup. output: true properties: - - !ruby/object:Api::Type::Enum - name: 'encryptionType' + - name: 'encryptionType' + type: Enum description: 'Output only. Type of encryption.' - values: - - :TYPE_UNSPECIFIED - - :GOOGLE_DEFAULT_ENCRYPTION - - :CUSTOMER_MANAGED_ENCRYPTION output: true - - !ruby/object:Api::Type::Array - name: kmsKeyVersions - item_type: Api::Type::String + enum_values: + - 'TYPE_UNSPECIFIED' + - 'GOOGLE_DEFAULT_ENCRYPTION' + - 'CUSTOMER_MANAGED_ENCRYPTION' + - name: 'kmsKeyVersions' + type: Array description: | Output only. Cloud KMS key versions that are being used to protect the database or the backup. output: true - - !ruby/object:Api::Type::NestedObject - name: 'continuousBackupInfo' + item_type: + type: String + - name: 'continuousBackupInfo' + type: NestedObject description: | ContinuousBackupInfo describes the continuous backup properties of a cluster. output: true properties: - - !ruby/object:Api::Type::String - name: enabledTime + - name: 'enabledTime' + type: String description: | When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled. output: true - - !ruby/object:Api::Type::Array - name: schedule - item_type: Api::Type::String + - name: 'schedule' + type: Array description: | Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request. output: true - - !ruby/object:Api::Type::String - name: earliestRestorableTime + item_type: + type: String + - name: 'earliestRestorableTime' + type: String description: | The earliest restorable time that can be restored to. Output only field. output: true - - !ruby/object:Api::Type::NestedObject - name: 'encryptionInfo' + - name: 'encryptionInfo' + type: NestedObject description: | Output only. The encryption information for the WALs and backups required for ContinuousBackup. output: true properties: - - !ruby/object:Api::Type::String - name: 'encryptionType' + - name: 'encryptionType' + type: String description: 'Output only. Type of encryption.' output: true - - !ruby/object:Api::Type::Array - name: kmsKeyVersions - item_type: Api::Type::String + - name: 'kmsKeyVersions' + type: Array description: | Output only. Cloud KMS key versions that are being used to protect the database or the backup. output: true - - !ruby/object:Api::Type::NestedObject - name: 'networkConfig' + item_type: + type: String + - name: 'networkConfig' + type: NestedObject description: | Metadata related to network configuration. default_from_api: true properties: - - !ruby/object:Api::Type::String - name: network - exactly_one_of: - - network_config.0.network - - psc_config.0.psc_enabled + - name: 'network' + type: String description: | The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: "projects/{projectNumber}/global/networks/{network_id}". + exactly_one_of: + - 'network_config.0.network' + - 'psc_config.0.psc_enabled' diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - !ruby/object:Api::Type::String - name: allocatedIpRange + - name: 'allocatedIpRange' + type: String description: | The name of the allocated IP range for the private IP AlloyDB cluster. For example: "google-managed-services-default". If set, the instance IPs for this cluster will be created in the allocated range. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User-settable and human-readable display name for the Cluster. - - !ruby/object:Api::Type::String - name: 'etag' + - name: 'etag' + type: String description: 'For Resource freshness validation (https://google.aip.dev/154)' - - !ruby/object:Api::Type::Boolean - name: 'reconciling' - output: true + - name: 'reconciling' + type: Boolean description: | Output only. Reconciling (https://google.aip.dev/128#reconciliation). Set to true if the current state of Cluster does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. - - !ruby/object:Api::Type::String - name: 'state' output: true + - name: 'state' + type: String description: 'Output only. The current serving state of the cluster.' - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + output: true + - name: 'annotations' + type: KeyValueAnnotations description: | Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::String - name: 'databaseVersion' - default_from_api: true + - name: 'databaseVersion' + type: String description: | The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. - - !ruby/object:Api::Type::NestedObject - name: 'pscConfig' + default_from_api: true + - name: 'pscConfig' + type: NestedObject description: 'Configuration for Private Service Connect (PSC) for the cluster.' properties: - - !ruby/object:Api::Type::Boolean - name: 'pscEnabled' + - name: 'pscEnabled' + type: Boolean description: 'Create an instance that allows connections from Private Service Connect endpoints to the instance.' - - !ruby/object:Api::Type::NestedObject - name: 'initialUser' + - name: 'initialUser' + type: NestedObject description: | Initial user to setup during cluster creation. - custom_flatten: 'templates/terraform/custom_flatten/alloydb_cluster_input_user_flatten.go.erb' ignore_read: true + custom_flatten: 'templates/terraform/custom_flatten/alloydb_cluster_input_user_flatten.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'user' + - name: 'user' + type: String description: | The database username. - - !ruby/object:Api::Type::String - name: 'password' + - name: 'password' + type: String description: | The initial password for the user. required: true sensitive: true - - !ruby/object:Api::Type::NestedObject - name: 'restoreBackupSource' - ignore_read: true + - name: 'restoreBackupSource' + type: NestedObject + description: | + The source when restoring from a backup. Conflicts with 'restore_continuous_backup_source', both can't be set together. immutable: true + ignore_read: true conflicts: - restore_continuous_backup_source - description: | - The source when restoring from a backup. Conflicts with 'restore_continuous_backup_source', both can't be set together. properties: - - !ruby/object:Api::Type::String - name: 'backupName' - required: true - immutable: true + - name: 'backupName' + type: String description: | The name of the backup that this cluster is restored from. - - !ruby/object:Api::Type::NestedObject - name: 'restoreContinuousBackupSource' - ignore_read: true + required: true + immutable: true + - name: 'restoreContinuousBackupSource' + type: NestedObject + description: | + The source when restoring via point in time recovery (PITR). Conflicts with 'restore_backup_source', both can't be set together. immutable: true + ignore_read: true conflicts: - restore_backup_source - description: | - The source when restoring via point in time recovery (PITR). Conflicts with 'restore_backup_source', both can't be set together. properties: - - !ruby/object:Api::Type::String - name: 'cluster' - required: true - immutable: true + - name: 'cluster' + type: String description: | The name of the source cluster that this cluster is restored from. - - !ruby/object:Api::Type::String - name: 'pointInTime' required: true immutable: true + - name: 'pointInTime' + type: String description: | The point in time that this cluster is restored to, in RFC 3339 format. - - !ruby/object:Api::Type::NestedObject - name: 'continuousBackupConfig' - default_from_api: true + required: true + immutable: true + - name: 'continuousBackupConfig' + type: NestedObject description: | The continuous backup config for this cluster. If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. + default_from_api: true properties: - - !ruby/object:Api::Type::Boolean - name: enabled - send_empty_value: true - default_value: true + - name: 'enabled' + type: Boolean description: | Whether continuous backup recovery is enabled. If not set, defaults to true. - - !ruby/object:Api::Type::Integer - name: recoveryWindowDays - default_from_api: true + send_empty_value: true + default_value: true + - name: 'recoveryWindowDays' + type: Integer description: | The numbers of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days. - - !ruby/object:Api::Type::NestedObject - name: 'encryptionConfig' + default_from_api: true + - name: 'encryptionConfig' + type: NestedObject description: | EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - - !ruby/object:Api::Type::NestedObject - name: 'automatedBackupPolicy' + - name: 'automatedBackupPolicy' + type: NestedObject description: | The automated backup policy for this cluster. AutomatedBackupPolicy is disabled by default. default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'backupWindow' - default_from_api: true + - name: 'backupWindow' + type: String description: | The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it will default to 1 hour. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - !ruby/object:Api::Type::String - name: 'location' default_from_api: true + - name: 'location' + type: String description: | The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + default_from_api: true + - name: 'labels' + type: KeyValuePairs description: 'Labels to apply to backups created using this configuration.' - - !ruby/object:Api::Type::NestedObject - name: 'encryptionConfig' + - name: 'encryptionConfig' + type: NestedObject description: | EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - - !ruby/object:Api::Type::NestedObject - name: 'weeklySchedule' + - name: 'weeklySchedule' + type: NestedObject description: 'Weekly schedule for the Backup.' default_from_api: true properties: - - !ruby/object:Api::Type::Array - name: 'daysOfWeek' - min_size: 1 + - name: 'daysOfWeek' + type: Array description: 'The days of the week to perform a backup. At least one day of the week must be provided.' - item_type: !ruby/object:Api::Type::Enum - name: 'daysOfWeek' - required: true + item_type: + type: Enum description: 'The days of the week to perform a backup. At least one day of the week must be provided.' - values: - - :MONDAY - - :TUESDAY - - :WEDNESDAY - - :THURSDAY - - :FRIDAY - - :SATURDAY - - :SUNDAY - - !ruby/object:Api::Type::Array - name: 'startTimes' - required: true - custom_flatten: 'templates/terraform/custom_flatten/alloydb_cluster_input_automated_backup_policy_start_times_flatten.go.erb' + enum_values: + - 'MONDAY' + - 'TUESDAY' + - 'WEDNESDAY' + - 'THURSDAY' + - 'FRIDAY' + - 'SATURDAY' + - 'SUNDAY' + min_size: 1 + - name: 'startTimes' + type: Array description: | The times during the day to start a backup. At least one start time must be provided. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). - item_type: !ruby/object:Api::Type::NestedObject + required: true + custom_flatten: 'templates/terraform/custom_flatten/alloydb_cluster_input_automated_backup_policy_start_times_flatten.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: hours + - name: 'hours' + type: Integer description: | Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value "24:00:00" for scenarios like business closing time. - - !ruby/object:Api::Type::Integer - name: minutes + - name: 'minutes' + type: Integer description: | Minutes of hour of day. Currently, only the value 0 is supported. - - !ruby/object:Api::Type::Integer - name: seconds + - name: 'seconds' + type: Integer description: | Seconds of minutes of the time. Currently, only the value 0 is supported. - - !ruby/object:Api::Type::Integer - name: nanos + - name: 'nanos' + type: Integer description: | Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. - - !ruby/object:Api::Type::NestedObject - name: 'timeBasedRetention' + - name: 'timeBasedRetention' + type: NestedObject description: | Time-based Backup retention policy. Conflicts with 'quantity_based_retention', both can't be set together. conflicts: - automated_backup_policy.0.quantity_based_retention properties: - - !ruby/object:Api::Type::String - name: 'retentionPeriod' + - name: 'retentionPeriod' + type: String description: | The retention period. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - !ruby/object:Api::Type::NestedObject - name: 'quantityBasedRetention' - conflicts: - - automated_backup_policy.0.time_based_retention + - name: 'quantityBasedRetention' + type: NestedObject description: | Quantity-based Backup retention policy to retain recent backups. Conflicts with 'time_based_retention', both can't be set together. + conflicts: + - automated_backup_policy.0.time_based_retention properties: - - !ruby/object:Api::Type::Integer - name: 'count' + - name: 'count' + type: Integer description: | The number of backups to retain. - - !ruby/object:Api::Type::Boolean - name: 'enabled' - default_from_api: true + - name: 'enabled' + type: Boolean description: | Whether automated backups are enabled. - - !ruby/object:Api::Type::NestedObject - name: 'backupSource' - output: true + default_from_api: true + - name: 'backupSource' + type: NestedObject description: 'Cluster created from backup.' + output: true properties: - - !ruby/object:Api::Type::String - name: 'backupName' + - name: 'backupName' + type: String description: 'The name of the backup resource.' - - !ruby/object:Api::Type::NestedObject - name: 'migrationSource' - output: true + - name: 'migrationSource' + type: NestedObject description: 'Cluster created via DMS migration.' + output: true properties: - - !ruby/object:Api::Type::String - name: 'hostPort' + - name: 'hostPort' + type: String description: 'The host and port of the on-premises instance in host:port format' - - !ruby/object:Api::Type::String - name: 'referenceId' + - name: 'referenceId' + type: String description: 'Place holder for the external source identifier(e.g DMS job name) that created the cluster.' - - !ruby/object:Api::Type::String - name: 'sourceType' + - name: 'sourceType' + type: String description: 'Type of migration source.' - - !ruby/object:Api::Type::Enum - name: clusterType - values: - - :PRIMARY - - :SECONDARY - default_value: :PRIMARY + - name: 'clusterType' + type: Enum description: | The type of cluster. If not set, defaults to PRIMARY. - - !ruby/object:Api::Type::NestedObject - name: "secondaryConfig" + default_value: "PRIMARY" + enum_values: + - 'PRIMARY' + - 'SECONDARY' + - name: 'secondaryConfig' + type: NestedObject description: | Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. properties: - - !ruby/object:Api::Type::String - name: "primaryClusterName" - required: true + - name: 'primaryClusterName' + type: String description: | Name of the primary cluster must be in the format 'projects/{project}/locations/{location}/clusters/{cluster_id}' - - !ruby/object:Api::Type::NestedObject - name: 'maintenanceUpdatePolicy' + required: true + - name: 'maintenanceUpdatePolicy' + type: NestedObject description: | MaintenanceUpdatePolicy defines the policy for system updates. properties: - - !ruby/object:Api::Type::Array - name: 'maintenanceWindows' + - name: 'maintenanceWindows' + type: Array description: | Preferred windows to perform maintenance. Currently limited to 1. - item_type: !ruby/object:Api::Type::NestedObject - name: 'maintenanceWindow' + item_type: description: | specifies a preferred day and time for maintenance. + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'day' - required: true + - name: 'day' + type: Enum description: | Preferred day of the week for maintenance, e.g. MONDAY, TUESDAY, etc. - values: - - :MONDAY - - :TUESDAY - - :WEDNESDAY - - :THURSDAY - - :FRIDAY - - :SATURDAY - - :SUNDAY - - !ruby/object:Api::Type::NestedObject - name: 'startTime' required: true + enum_values: + - 'MONDAY' + - 'TUESDAY' + - 'WEDNESDAY' + - 'THURSDAY' + - 'FRIDAY' + - 'SATURDAY' + - 'SUNDAY' + - name: 'startTime' + type: NestedObject description: | Preferred time to start the maintenance operation on the specified day. Maintenance will start within 1 hour of this time. + required: true properties: - - !ruby/object:Api::Type::Integer - name: hours - required: true + - name: 'hours' + type: Integer description: | Hours of day in 24 hour format. Should be from 0 to 23. - - !ruby/object:Api::Type::Integer - name: minutes + required: true + - name: 'minutes' + type: Integer description: | Minutes of hour of day. Currently, only the value 0 is supported. - - !ruby/object:Api::Type::Integer - name: seconds + - name: 'seconds' + type: Integer description: | Seconds of minutes of the time. Currently, only the value 0 is supported. - - !ruby/object:Api::Type::Integer - name: nanos + - name: 'nanos' + type: Integer description: | Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. - - !ruby/object:Api::Type::Enum - name: 'subscriptionType' - values: - - :TRIAL - - :STANDARD - default_from_api: true + - name: 'subscriptionType' + type: Enum description: | The subscrition type of cluster. - - !ruby/object:Api::Type::NestedObject - name: 'trialMetadata' + default_from_api: true + enum_values: + - 'TRIAL' + - 'STANDARD' + - name: 'trialMetadata' + type: NestedObject description: | Contains information and all metadata related to TRIAL clusters. output: true properties: - - !ruby/object:Api::Type::String - name: startTime + - name: 'startTime' + type: String description: | Start time of the trial cluster. - - !ruby/object:Api::Type::String - name: endTime + - name: 'endTime' + type: String description: | End time of the trial cluster. - - !ruby/object:Api::Type::String - name: upgradeTime + - name: 'upgradeTime' + type: String description: | Upgrade time of the trial cluster to standard cluster. - - !ruby/object:Api::Type::String - name: graceEndTime + - name: 'graceEndTime' + type: String description: | Grace end time of the trial cluster. diff --git a/mmv1/products/alloydb/Instance.yaml b/mmv1/products/alloydb/Instance.yaml index 00e0216d61f2..3cad8a5b6865 100644 --- a/mmv1/products/alloydb/Instance.yaml +++ b/mmv1/products/alloydb/Instance.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,54 +11,55 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Instance' -docs: !ruby/object:Provider::Terraform::Docs +description: 'A managed alloydb cluster instance.' +references: + guides: + 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' + api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create' +docs: warning: | Deleting an instance with instanceType = SECONDARY does not delete the secondary instance, and abandons it instead. Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. -self_link: '{{cluster}}/instances/{{instance_id}}' base_url: '{{cluster}}/instances?instanceId={{instance_id}}' -update_verb: :PATCH +self_link: '{{cluster}}/instances/{{instance_id}}' +update_verb: 'PATCH' update_mask: true -description: 'A managed alloydb cluster instance.' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/instances/{{instance_id}}' +timeouts: + insert_minutes: 120 + update_minutes: 120 + delete_minutes: 120 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 120 update_minutes: 120 delete_minutes: 120 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' include_project: true -import_format: ['projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/instances/{{instance_id}}'] +custom_code: + pre_create: 'templates/terraform/pre_create/alloydb_instance.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/alloydb_instance.go.tmpl' + custom_import: 'templates/terraform/custom_import/alloydb_instance.go.tmpl' # Skipping the sweeper because instances will be deleted during cluster sweeps -skip_sweeper: true -autogen_async: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/alloydb_instance.go.erb - pre_create: templates/terraform/pre_create/alloydb_instance.go.erb - pre_delete: templates/terraform/pre_delete/alloydb_instance.go.erb +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_instance_basic' + - name: 'alloydb_instance_basic' primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -67,9 +68,8 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_secondary_instance_basic' + exclude_test: true + - name: 'alloydb_secondary_instance_basic' primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' @@ -80,22 +80,20 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_instance_basic_test' + exclude_test: true + - name: 'alloydb_instance_basic_test' primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' alloydb_instance_name: 'alloydb-instance' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_secondary_instance_basic_test' + exclude_docs: true + - name: 'alloydb_secondary_instance_basic_test' primary_resource_id: 'secondary' vars: alloydb_primary_cluster_name: 'alloydb-primary-cluster' @@ -104,13 +102,12 @@ examples: alloydb_secondary_instance_name: 'alloydb-secondary-instance' network_name: 'alloydb-secondary-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'reconciling' - 'update_time' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_instance_psc_test' + exclude_docs: true + - name: 'alloydb_instance_psc_test' primary_resource_id: 'default' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -119,84 +116,84 @@ examples: ignore_read_extra: - 'reconciling' - 'update_time' - skip_docs: true + exclude_docs: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'cluster' + - name: 'cluster' + type: ResourceRef description: | Identifies the alloydb cluster. Must be in the format 'projects/{project}/locations/{location}/clusters/{cluster_id}' + url_param_only: true required: true immutable: true resource: 'Cluster' imports: 'name' + - name: 'instanceId' + type: String + description: | + The ID of the alloydb instance. url_param_only: true - - !ruby/object:Api::Type::String - name: 'instanceId' required: true immutable: true - url_param_only: true - description: | - The ID of the alloydb instance. properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The name of the instance resource. - - !ruby/object:Api::Type::Time - name: 'createTime' + output: true + - name: 'createTime' + type: Time description: | Time the Instance was created in UTC. output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | Time the Instance was updated in UTC. output: true - - !ruby/object:Api::Type::String - name: 'uid' - output: true + - name: 'uid' + type: String description: | The system-generated UID of the resource. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: 'User-defined labels for the alloydb instance.' - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + - name: 'annotations' + type: KeyValueAnnotations description: 'Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels.' - - !ruby/object:Api::Type::String - name: 'state' - output: true + - name: 'state' + type: String description: | The current state of the alloydb instance. - - !ruby/object:Api::Type::String - name: 'displayName' + output: true + - name: 'displayName' + type: String description: | User-settable and human-readable display name for the Instance. ignore_read: true - - !ruby/object:Api::Type::String - name: 'gceZone' + - name: 'gceZone' + type: String description: | The Compute Engine zone that the instance should serve from, per https://cloud.google.com/compute/docs/regions-zones This can ONLY be specified for ZONAL instances. If present for a REGIONAL instance, an error will be thrown. If this is absent for a ZONAL instance, instance is created in a random zone with available capacity. - - !ruby/object:Api::Type::Boolean - name: 'reconciling' - output: true + - name: 'reconciling' + type: Boolean description: | Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. - - !ruby/object:Api::Type::KeyValuePairs - name: 'databaseFlags' - default_from_api: true + output: true + - name: 'databaseFlags' + type: KeyValuePairs description: 'Database flags. Set at instance level. * They are copied from primary instance on read instance creation. * Read instances can set new or override existing flags that are relevant for reads, e.g. for enabling columnar cache on a read instance. Flags set on read instance may or may not be present on primary.' - - !ruby/object:Api::Type::Enum - name: 'availabilityType' + default_from_api: true + - name: 'availabilityType' + type: Enum description: | 'Availability type of an Instance. Defaults to REGIONAL for both primary and read instances. Note that primary and read instances can have different availability types. @@ -204,15 +201,13 @@ properties: Zone is automatically chosen from the list of zones in the region specified. Read pool of size 1 can only have zonal availability. Read pools with node count of 2 or more can have regional availability (nodes are present in 2 or more zones in a region).' - values: - - :AVAILABILITY_TYPE_UNSPECIFIED - - :ZONAL - - :REGIONAL default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'instanceType' - required: true - immutable: true + enum_values: + - 'AVAILABILITY_TYPE_UNSPECIFIED' + - 'ZONAL' + - 'REGIONAL' + - name: 'instanceType' + type: Enum description: | The type of the instance. If the instance type is READ_POOL, provide the associated PRIMARY/SECONDARY instance in the `depends_on` meta-data attribute. @@ -221,171 +216,176 @@ properties: If the instance type is SECONDARY, the terraform delete instance operation does not delete the secondary instance but abandons it instead. Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. - values: - - :PRIMARY - - :READ_POOL - - :SECONDARY - - !ruby/object:Api::Type::String - name: 'ipAddress' - output: true + required: true + immutable: true + enum_values: + - 'PRIMARY' + - 'READ_POOL' + - 'SECONDARY' + - name: 'ipAddress' + type: String description: | The IP address for the Instance. This is the connection endpoint for an end-user application. - - !ruby/object:Api::Type::NestedObject - name: 'queryInsightsConfig' - default_from_api: true + output: true + - name: 'queryInsightsConfig' + type: NestedObject description: 'Configuration for query insights.' + default_from_api: true properties: - - !ruby/object:Api::Type::Integer - name: 'queryStringLength' + - name: 'queryStringLength' + type: Integer description: 'Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid.' - - !ruby/object:Api::Type::Boolean - name: 'recordApplicationTags' + - name: 'recordApplicationTags' + type: Boolean description: 'Record application tags for an instance. This flag is turned "on" by default.' - - !ruby/object:Api::Type::Boolean - name: 'recordClientAddress' + - name: 'recordClientAddress' + type: Boolean description: 'Record client address for an instance. Client address is PII information. This flag is turned "on" by default.' - - !ruby/object:Api::Type::Integer - name: 'queryPlansPerMinute' + - name: 'queryPlansPerMinute' + type: Integer description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid.' - - !ruby/object:Api::Type::NestedObject - name: 'observabilityConfig' + - name: 'observabilityConfig' + type: NestedObject description: 'Configuration for enhanced query insights.' + min_version: 'beta' default_from_api: true - min_version: beta properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: 'Observability feature status for an instance.' - - !ruby/object:Api::Type::Boolean - name: 'preserveComments' + - name: 'preserveComments' + type: Boolean description: 'Preserve comments in the query string.' - - !ruby/object:Api::Type::Boolean - name: 'trackWaitEvents' + - name: 'trackWaitEvents' + type: Boolean description: 'Record wait events during query execution for an instance.' - - !ruby/object:Api::Type::Boolean - name: 'trackWaitEventTypes' + - name: 'trackWaitEventTypes' + type: Boolean description: 'Record wait event types during query execution for an instance.' - - !ruby/object:Api::Type::Integer - name: 'maxQueryStringLength' + - name: 'maxQueryStringLength' + type: Integer description: 'Query string length. The default value is 10240. Any integer between 1024 and 100000 is considered valid.' - - !ruby/object:Api::Type::Boolean - name: 'recordApplicationTags' + - name: 'recordApplicationTags' + type: Boolean description: 'Record application tags for an instance. This flag is turned "on" by default.' - - !ruby/object:Api::Type::Integer - name: 'queryPlansPerMinute' + - name: 'queryPlansPerMinute' + type: Integer description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 200 is considered valid.' - - !ruby/object:Api::Type::Boolean - name: 'trackActiveQueries' + - name: 'trackActiveQueries' + type: Boolean description: 'Track actively running queries. If not set, default value is "off".' - - !ruby/object:Api::Type::NestedObject - name: 'readPoolConfig' + - name: 'readPoolConfig' + type: NestedObject description: 'Read pool specific config. If the instance type is READ_POOL, this configuration must be provided.' properties: - - !ruby/object:Api::Type::Integer - name: 'nodeCount' + - name: 'nodeCount' + type: Integer description: 'Read capacity, i.e. number of nodes in a read pool instance.' - - !ruby/object:Api::Type::NestedObject - name: 'machineConfig' + - name: 'machineConfig' + type: NestedObject description: 'Configurations for the machines that host the underlying database engine.' default_from_api: true properties: - - !ruby/object:Api::Type::Integer - name: 'cpuCount' + - name: 'cpuCount' + type: Integer description: "The number of CPU's in the VM instance." default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'clientConnectionConfig' - default_from_api: true + - name: 'clientConnectionConfig' + type: NestedObject description: | Client connection specific configurations. + default_from_api: true properties: - - !ruby/object:Api::Type::Boolean - name: requireConnectors + - name: 'requireConnectors' + type: Boolean description: | Configuration to enforce connectors only (ex: AuthProxy) connections to the database. - - !ruby/object:Api::Type::NestedObject - name: 'sslConfig' - default_from_api: true + - name: 'sslConfig' + type: NestedObject description: | SSL config option for this instance. + default_from_api: true properties: - - !ruby/object:Api::Type::Enum - name: 'sslMode' - default_from_api: true + - name: 'sslMode' + type: Enum description: 'SSL mode. Specifies client-server SSL/TLS connection behavior.' - values: - - :ENCRYPTED_ONLY - - :ALLOW_UNENCRYPTED_AND_ENCRYPTED - - !ruby/object:Api::Type::NestedObject - name: 'pscInstanceConfig' - default_from_api: true + default_from_api: true + enum_values: + - 'ENCRYPTED_ONLY' + - 'ALLOW_UNENCRYPTED_AND_ENCRYPTED' + - name: 'pscInstanceConfig' + type: NestedObject description: | Configuration for Private Service Connect (PSC) for the instance. + default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'serviceAttachmentLink' - output: true + - name: 'serviceAttachmentLink' + type: String description: | The service attachment created when Private Service Connect (PSC) is enabled for the instance. The name of the resource will be in the format of `projects//regions//serviceAttachments/` - - !ruby/object:Api::Type::Array - name: allowedConsumerProjects - item_type: Api::Type::String + output: true + - name: 'allowedConsumerProjects' + type: Array description: | List of consumer projects that are allowed to create PSC endpoints to service-attachments to this instance. These should be specified as project numbers only. - item_validation: !ruby/object:Provider::Terraform::Validation + item_type: + type: String + item_validation: regex: '^\d+$' - - !ruby/object:Api::Type::String - name: 'pscDnsName' - output: true + - name: 'pscDnsName' + type: String description: | The DNS name of the instance for PSC connectivity. Name convention: ...alloydb-psc.goog - - !ruby/object:Api::Type::NestedObject - name: 'networkConfig' + output: true + - name: 'networkConfig' + type: NestedObject description: | Instance level network configuration. properties: - - !ruby/object:Api::Type::Array - name: 'authorizedExternalNetworks' + - name: 'authorizedExternalNetworks' + type: Array description: | A list of external networks authorized to access this instance. This field is only allowed to be set when `enable_public_ip` is set to true. required_with: - - networkConfig.0.enablePublicIp - item_type: !ruby/object:Api::Type::NestedObject + - 'networkConfig.0.enablePublicIp' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'cidrRange' + - name: 'cidrRange' + type: String description: 'CIDR range for one authorized network of the instance.' - - !ruby/object:Api::Type::Boolean - name: enablePublicIp + - name: 'enablePublicIp' + type: Boolean description: | Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized external networks set on the same instance. - - !ruby/object:Api::Type::Boolean - name: enableOutboundPublicIp + - name: 'enableOutboundPublicIp' + type: Boolean description: | Enabling outbound public ip for the instance. - - !ruby/object:Api::Type::String - name: 'publicIpAddress' - output: true + - name: 'publicIpAddress' + type: String description: | The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the connection endpoint for an end-user application. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'outboundPublicIpAddresses' output: true + - name: 'outboundPublicIpAddresses' + type: Array description: | The outbound public IP addresses for the instance. This is available ONLY when networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used for outbound connections. + output: true + item_type: + type: String diff --git a/mmv1/products/alloydb/User.yaml b/mmv1/products/alloydb/User.yaml index 895f7557d924..2278fc07622f 100644 --- a/mmv1/products/alloydb/User.yaml +++ b/mmv1/products/alloydb/User.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,27 +11,32 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'User' -self_link: '{{cluster}}/users/{{user_id}}' -base_url: '{{cluster}}/users' -create_url: '{{cluster}}/users?userId={{user_id}}' -update_url: '{{cluster}}/users?userId={{user_id}}' -update_verb: :POST description: 'A database user in an AlloyDB cluster.' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users/create' -import_format: ['projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/users/{{user_id}}'] -# Skipping the sweeper because instances will be deleted during cluster sweeps -skip_sweeper: true +docs: +base_url: '{{cluster}}/users' +self_link: '{{cluster}}/users/{{user_id}}' +create_url: '{{cluster}}/users?userId={{user_id}}' +update_url: '{{cluster}}/users?userId={{user_id}}' +update_verb: 'POST' +import_format: + - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/users/{{user_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/alloydb_user.go.erb +custom_code: + custom_import: 'templates/terraform/custom_import/alloydb_user.go.tmpl' +# Skipping the sweeper because instances will be deleted during cluster sweeps +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_user_builtin' + - name: 'alloydb_user_builtin' primary_resource_id: 'user1' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -42,9 +47,8 @@ examples: network_name: 'alloydb-network' ignore_read_extra: - 'password' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_user_builtin_test' + exclude_test: true + - name: 'alloydb_user_builtin_test' primary_resource_id: 'user1' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -54,12 +58,11 @@ examples: alloydb_user_pass: 'user_secret' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' ignore_read_extra: - 'password' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_user_iam' + exclude_docs: true + - name: 'alloydb_user_iam' primary_resource_id: 'user2' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -67,9 +70,8 @@ examples: alloydb_cluster_pass: 'cluster_secret' alloydb_user_name: 'user2@foo.com' network_name: 'alloydb-network' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'alloydb_user_iam_test' + exclude_test: true + - name: 'alloydb_user_iam_test' primary_resource_id: 'user2' vars: alloydb_cluster_name: 'alloydb-cluster' @@ -78,48 +80,49 @@ examples: alloydb_user_name: 'user2@foo.com' network_name: 'alloydb-network' test_vars_overrides: - network_name: 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - skip_docs: true + 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' + exclude_docs: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'cluster' + - name: 'cluster' + type: ResourceRef description: | Identifies the alloydb cluster. Must be in the format 'projects/{project}/locations/{location}/clusters/{cluster_id}' + url_param_only: true required: true immutable: true resource: 'Cluster' imports: 'name' - url_param_only: true - - !ruby/object:Api::Type::String - name: 'userId' - required: true - immutable: true - url_param_only: true + - name: 'userId' + type: String description: | The database role name of the user. - - !ruby/object:Api::Type::Enum - name: 'userType' + url_param_only: true required: true immutable: true + - name: 'userType' + type: Enum description: | The type of this user. - values: - - :ALLOYDB_BUILT_IN - - :ALLOYDB_IAM_USER + required: true + immutable: true + enum_values: + - 'ALLOYDB_BUILT_IN' + - 'ALLOYDB_IAM_USER' properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Name of the resource in the form of projects/{project}/locations/{location}/clusters/{cluster}/users/{user}. - - !ruby/object:Api::Type::String - name: 'password' - ignore_read: true + output: true + - name: 'password' + type: String description: | Password for this database user. - - !ruby/object:Api::Type::Array - name: 'databaseRoles' - item_type: Api::Type::String + ignore_read: true + - name: 'databaseRoles' + type: Array description: | List of database roles this database user has. + item_type: + type: String diff --git a/mmv1/products/alloydb/go_Backup.yaml b/mmv1/products/alloydb/go_Backup.yaml deleted file mode 100644 index 6685eade1fbc..000000000000 --- a/mmv1/products/alloydb/go_Backup.yaml +++ /dev/null @@ -1,246 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Backup' -description: 'An AlloyDB Backup.' -references: - guides: - 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups/create' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/backups' -self_link: 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/backups?backupId={{backup_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/backups/{{backup_id}}' -timeouts: - insert_minutes: 10 - update_minutes: 10 - delete_minutes: 10 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - result: - resource_inside_response: false -custom_code: - encoder: 'templates/terraform/encoders/go/alloydb_backup.tmpl' -examples: - - name: 'alloydb_backup_basic' - primary_resource_id: 'default' - vars: - alloydb_backup_id: 'alloydb-backup' - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_test: true - - name: 'alloydb_backup_basic_test' - primary_resource_id: 'default' - vars: - alloydb_backup_id: 'alloydb-backup' - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_docs: true - - name: 'alloydb_backup_full' - primary_resource_id: 'default' - vars: - alloydb_backup_id: 'alloydb-backup' - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_test: true - - name: 'alloydb_backup_full_test' - primary_resource_id: 'default' - vars: - alloydb_backup_id: 'alloydb-backup' - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_docs: true - skip_vcr: true -parameters: - - name: 'backupId' - type: String - description: | - The ID of the alloydb backup. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The location where the alloydb backup should reside. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Output only. The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backupId} - output: true - - name: 'displayName' - type: String - description: | - User-settable and human-readable display name for the Backup. - - name: 'uid' - type: String - description: | - Output only. The system-generated UID of the resource. The UID is assigned when the resource is created, and it is retained until it is deleted. - output: true - - name: 'createTime' - type: Time - description: | - Output only. Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: Time - description: | - Output only. Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'deleteTime' - type: Time - description: | - Output only. Delete time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'labels' - type: KeyValueLabels - description: | - User-defined labels for the alloydb backup. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - name: 'state' - type: String - description: Output only. The current state of the backup. - output: true - - name: 'type' - type: Enum - description: 'The backup type, which suggests the trigger for the backup.' - default_from_api: true - enum_values: - - 'TYPE_UNSPECIFIED' - - 'ON_DEMAND' - - 'AUTOMATED' - - 'CONTINUOUS' - - name: 'description' - type: String - description: 'User-provided description of the backup.' - - name: 'clusterUid' - type: String - description: 'Output only. The system-generated UID of the cluster which was used to create this resource.' - output: true - - name: 'clusterName' - type: String - description: - 'The full resource name of the backup source cluster (e.g., - projects/{project}/locations/{location}/clusters/{clusterId}).' - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'reconciling' - type: Boolean - description: | - Output only. Reconciling (https://google.aip.dev/128#reconciliation), if true, indicates that the service is actively updating the resource. - This can happen due to user-triggered updates or system actions like failover or maintenance. - output: true - - name: 'encryptionConfig' - type: NestedObject - description: | - EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). - properties: - - name: 'kmsKeyName' - type: String - description: | - The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - immutable: true - - name: 'encryptionInfo' - type: NestedObject - description: | - EncryptionInfo describes the encryption information of a cluster or a backup. - output: true - properties: - - name: 'encryptionType' - type: Enum - description: 'Output only. Type of encryption.' - output: true - enum_values: - - 'TYPE_UNSPECIFIED' - - 'GOOGLE_DEFAULT_ENCRYPTION' - - 'CUSTOMER_MANAGED_ENCRYPTION' - - name: 'kmsKeyVersions' - type: Array - description: | - Output only. Cloud KMS key versions that are being used to protect the database or the backup. - output: true - item_type: - type: String - - name: 'etag' - type: String - description: 'For Resource freshness validation (https://google.aip.dev/154)' - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: | - Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 - An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - name: 'sizeBytes' - type: String - description: 'Output only. The size of the backup in bytes.' - output: true - - name: 'expiryTime' - type: String - description: | - Output only. The time at which after the backup is eligible to be garbage collected. - It is the duration specified by the backup's retention policy, added to the backup's createTime. - output: true - - name: 'expiryQuantity' - type: NestedObject - description: | - Output only. The QuantityBasedExpiry of the backup, specified by the backup's retention policy. - Once the expiry quantity is over retention, the backup is eligible to be garbage collected. - output: true - properties: - - name: 'retentionCount' - type: Integer - description: | - Output only. The backup's position among its backups with the same source cluster and type, by descending chronological order create time (i.e. newest first). - output: true - - name: 'totalRetentionCount' - type: Integer - description: | - Output only. The length of the quantity-based queue, specified by the backup's retention policy. - output: true diff --git a/mmv1/products/alloydb/go_Cluster.yaml b/mmv1/products/alloydb/go_Cluster.yaml deleted file mode 100644 index 13fa8ac0fc26..000000000000 --- a/mmv1/products/alloydb/go_Cluster.yaml +++ /dev/null @@ -1,586 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Cluster' -description: 'A managed alloydb cluster.' -references: - guides: - 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters/create' -docs: - note: | - Users can promote a secondary cluster to a primary cluster with the help of `cluster_type`. - To promote, users have to set the `cluster_type` property as `PRIMARY` and remove the `secondary_config` field from cluster configuration. - [See Example](https://github.com/hashicorp/terraform-provider-google/pull/16413). - - Switchover is supported in terraform by refreshing the state of the terraform configurations. - The switchover operation still needs to be called outside of terraform. - After the switchover operation is completed successfully: - 1. Refresh the state of the AlloyDB resources by running `terraform apply -refresh-only --auto-approve` . - 2. Manually update the terraform configuration file(s) to match the actual state of the resources by modifying the `cluster_type` and `secondary_config` fields. - 3. Verify the sync of terraform state by running `terraform plan` and ensure that the infrastructure matches the configuration and no changes are required. -base_url: 'projects/{{project}}/locations/{{location}}/clusters' -self_link: 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/clusters?clusterId={{cluster_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster_id}}' - - '{{cluster_id}}' -timeouts: - insert_minutes: 30 - update_minutes: 30 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 30 - update_minutes: 30 - delete_minutes: 30 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: - pre_create: 'templates/terraform/pre_create/go/alloydb_cluster.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/alloydb_cluster.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/alloydb_cluster.go.tmpl' -exclude_sweeper: true -examples: - - name: 'alloydb_cluster_basic' - primary_resource_id: 'default' - vars: - alloydb_cluster_name: 'alloydb-cluster' - - name: 'alloydb_cluster_full' - primary_resource_id: 'full' - vars: - alloydb_cluster_name: 'alloydb-cluster-full' - - name: 'alloydb_cluster_restore' - primary_resource_id: 'source' - vars: - alloydb_cluster_name: 'alloydb-source-cluster' - alloydb_backup_restored_cluster_name: 'alloydb-backup-restored' - alloydb_pitr_restored_cluster_name: 'alloydb-pitr-restored' - alloydb_backup_id: 'alloydb-backup' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedTestNetwork(t, "alloydb-instance-basic")' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_test: true - - name: 'alloydb_secondary_cluster_basic' - primary_resource_id: 'secondary' - vars: - alloydb_primary_cluster_name: 'alloydb-primary-cluster' - alloydb_primary_instance_name: 'alloydb-primary-instance' - alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' - skip_test: true - - name: 'alloydb_secondary_cluster_basic_test' - primary_resource_id: 'secondary' - vars: - alloydb_primary_cluster_name: 'alloydb-primary-cluster' - alloydb_primary_instance_name: 'alloydb-primary-instance' - alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - skip_docs: true -virtual_fields: - - name: 'deletion_policy' - description: | - Policy to determine if the cluster should be deleted forcefully. - Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. - Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. - Possible values: DEFAULT, FORCE - type: String - default_value: "DEFAULT" -parameters: - - name: 'clusterId' - type: String - description: | - The ID of the alloydb cluster. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The location where the alloydb cluster should reside. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The name of the cluster resource. - output: true - - name: 'uid' - type: String - description: | - The system-generated UID of the resource. - output: true - - name: 'labels' - type: KeyValueLabels - description: 'User-defined labels for the alloydb cluster.' - - name: 'encryptionConfig' - type: NestedObject - description: | - EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). - properties: - - name: 'kmsKeyName' - type: String - description: | - The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - immutable: true - - name: 'encryptionInfo' - type: NestedObject - description: | - EncryptionInfo describes the encryption information of a cluster or a backup. - output: true - properties: - - name: 'encryptionType' - type: Enum - description: 'Output only. Type of encryption.' - output: true - enum_values: - - 'TYPE_UNSPECIFIED' - - 'GOOGLE_DEFAULT_ENCRYPTION' - - 'CUSTOMER_MANAGED_ENCRYPTION' - - name: 'kmsKeyVersions' - type: Array - description: | - Output only. Cloud KMS key versions that are being used to protect the database or the backup. - output: true - item_type: - type: String - - name: 'continuousBackupInfo' - type: NestedObject - description: | - ContinuousBackupInfo describes the continuous backup properties of a cluster. - output: true - properties: - - name: 'enabledTime' - type: String - description: | - When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled. - output: true - - name: 'schedule' - type: Array - description: | - Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request. - output: true - item_type: - type: String - - name: 'earliestRestorableTime' - type: String - description: | - The earliest restorable time that can be restored to. Output only field. - output: true - - name: 'encryptionInfo' - type: NestedObject - description: | - Output only. The encryption information for the WALs and backups required for ContinuousBackup. - output: true - properties: - - name: 'encryptionType' - type: String - description: 'Output only. Type of encryption.' - output: true - - name: 'kmsKeyVersions' - type: Array - description: | - Output only. Cloud KMS key versions that are being used to protect the database or the backup. - output: true - item_type: - type: String - - name: 'networkConfig' - type: NestedObject - description: | - Metadata related to network configuration. - default_from_api: true - properties: - - name: 'network' - type: String - description: | - The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. - It is specified in the form: "projects/{projectNumber}/global/networks/{network_id}". - exactly_one_of: - - 'network_config.0.network' - - 'psc_config.0.psc_enabled' - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'allocatedIpRange' - type: String - description: | - The name of the allocated IP range for the private IP AlloyDB cluster. For example: "google-managed-services-default". - If set, the instance IPs for this cluster will be created in the allocated range. - - name: 'displayName' - type: String - description: | - User-settable and human-readable display name for the Cluster. - - name: 'etag' - type: String - description: 'For Resource freshness validation (https://google.aip.dev/154)' - - name: 'reconciling' - type: Boolean - description: | - Output only. Reconciling (https://google.aip.dev/128#reconciliation). - Set to true if the current state of Cluster does not match the user's intended state, and the service is actively updating the resource to reconcile them. - This can happen due to user-triggered updates or system actions like failover or maintenance. - output: true - - name: 'state' - type: String - description: 'Output only. The current serving state of the cluster.' - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: | - Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. https://google.aip.dev/128 - An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - name: 'databaseVersion' - type: String - description: | - The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. - default_from_api: true - - name: 'pscConfig' - type: NestedObject - description: 'Configuration for Private Service Connect (PSC) for the cluster.' - properties: - - name: 'pscEnabled' - type: Boolean - description: 'Create an instance that allows connections from Private Service Connect endpoints to the instance.' - - name: 'initialUser' - type: NestedObject - description: | - Initial user to setup during cluster creation. - ignore_read: true - custom_flatten: 'templates/terraform/custom_flatten/go/alloydb_cluster_input_user_flatten.go.tmpl' - properties: - - name: 'user' - type: String - description: | - The database username. - - name: 'password' - type: String - description: | - The initial password for the user. - required: true - sensitive: true - - name: 'restoreBackupSource' - type: NestedObject - description: | - The source when restoring from a backup. Conflicts with 'restore_continuous_backup_source', both can't be set together. - immutable: true - ignore_read: true - conflicts: - - restore_continuous_backup_source - properties: - - name: 'backupName' - type: String - description: | - The name of the backup that this cluster is restored from. - required: true - immutable: true - - name: 'restoreContinuousBackupSource' - type: NestedObject - description: | - The source when restoring via point in time recovery (PITR). Conflicts with 'restore_backup_source', both can't be set together. - immutable: true - ignore_read: true - conflicts: - - restore_backup_source - properties: - - name: 'cluster' - type: String - description: | - The name of the source cluster that this cluster is restored from. - required: true - immutable: true - - name: 'pointInTime' - type: String - description: | - The point in time that this cluster is restored to, in RFC 3339 format. - required: true - immutable: true - - name: 'continuousBackupConfig' - type: NestedObject - description: | - The continuous backup config for this cluster. - - If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. - default_from_api: true - properties: - - name: 'enabled' - type: Boolean - description: | - Whether continuous backup recovery is enabled. If not set, defaults to true. - send_empty_value: true - default_value: true - - name: 'recoveryWindowDays' - type: Integer - description: | - The numbers of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. - - If not set, defaults to 14 days. - default_from_api: true - - name: 'encryptionConfig' - type: NestedObject - description: | - EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). - properties: - - name: 'kmsKeyName' - type: String - description: | - The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - - name: 'automatedBackupPolicy' - type: NestedObject - description: | - The automated backup policy for this cluster. AutomatedBackupPolicy is disabled by default. - default_from_api: true - properties: - - name: 'backupWindow' - type: String - description: | - The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. - - The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it will default to 1 hour. - - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - default_from_api: true - - name: 'location' - type: String - description: | - The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. - default_from_api: true - - name: 'labels' - type: KeyValuePairs - description: - 'Labels to apply to backups created using this configuration.' - - name: 'encryptionConfig' - type: NestedObject - description: | - EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key). - properties: - - name: 'kmsKeyName' - type: String - description: | - The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]. - - name: 'weeklySchedule' - type: NestedObject - description: 'Weekly schedule for the Backup.' - default_from_api: true - properties: - - name: 'daysOfWeek' - type: Array - description: 'The days of the week to perform a backup. At least one day of the week must be provided.' - item_type: - type: Enum - description: 'The days of the week to perform a backup. At least one day of the week must be provided.' - enum_values: - - 'MONDAY' - - 'TUESDAY' - - 'WEDNESDAY' - - 'THURSDAY' - - 'FRIDAY' - - 'SATURDAY' - - 'SUNDAY' - min_size: 1 - - name: 'startTimes' - type: Array - description: | - The times during the day to start a backup. At least one start time must be provided. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/alloydb_cluster_input_automated_backup_policy_start_times_flatten.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'hours' - type: Integer - description: | - Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value "24:00:00" for scenarios like business closing time. - - name: 'minutes' - type: Integer - description: | - Minutes of hour of day. Currently, only the value 0 is supported. - - name: 'seconds' - type: Integer - description: | - Seconds of minutes of the time. Currently, only the value 0 is supported. - - name: 'nanos' - type: Integer - description: | - Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. - - name: 'timeBasedRetention' - type: NestedObject - description: | - Time-based Backup retention policy. Conflicts with 'quantity_based_retention', both can't be set together. - conflicts: - - automated_backup_policy.0.quantity_based_retention - properties: - - name: 'retentionPeriod' - type: String - description: | - The retention period. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - name: 'quantityBasedRetention' - type: NestedObject - description: | - Quantity-based Backup retention policy to retain recent backups. Conflicts with 'time_based_retention', both can't be set together. - conflicts: - - automated_backup_policy.0.time_based_retention - properties: - - name: 'count' - type: Integer - description: | - The number of backups to retain. - - name: 'enabled' - type: Boolean - description: | - Whether automated backups are enabled. - default_from_api: true - - name: 'backupSource' - type: NestedObject - description: 'Cluster created from backup.' - output: true - properties: - - name: 'backupName' - type: String - description: 'The name of the backup resource.' - - name: 'migrationSource' - type: NestedObject - description: 'Cluster created via DMS migration.' - output: true - properties: - - name: 'hostPort' - type: String - description: - 'The host and port of the on-premises instance in host:port format' - - name: 'referenceId' - type: String - description: - 'Place holder for the external source identifier(e.g DMS job name) - that created the cluster.' - - name: 'sourceType' - type: String - description: 'Type of migration source.' - - name: 'clusterType' - type: Enum - description: | - The type of cluster. If not set, defaults to PRIMARY. - default_value: "PRIMARY" - enum_values: - - 'PRIMARY' - - 'SECONDARY' - - name: 'secondaryConfig' - type: NestedObject - description: | - Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. - properties: - - name: 'primaryClusterName' - type: String - description: | - Name of the primary cluster must be in the format - 'projects/{project}/locations/{location}/clusters/{cluster_id}' - required: true - - name: 'maintenanceUpdatePolicy' - type: NestedObject - description: | - MaintenanceUpdatePolicy defines the policy for system updates. - properties: - - name: 'maintenanceWindows' - type: Array - description: | - Preferred windows to perform maintenance. Currently limited to 1. - item_type: - description: | - specifies a preferred day and time for maintenance. - type: NestedObject - properties: - - name: 'day' - type: Enum - description: | - Preferred day of the week for maintenance, e.g. MONDAY, TUESDAY, etc. - required: true - enum_values: - - 'MONDAY' - - 'TUESDAY' - - 'WEDNESDAY' - - 'THURSDAY' - - 'FRIDAY' - - 'SATURDAY' - - 'SUNDAY' - - name: 'startTime' - type: NestedObject - description: | - Preferred time to start the maintenance operation on the specified day. Maintenance will start within 1 hour of this time. - required: true - properties: - - name: 'hours' - type: Integer - description: | - Hours of day in 24 hour format. Should be from 0 to 23. - required: true - - name: 'minutes' - type: Integer - description: | - Minutes of hour of day. Currently, only the value 0 is supported. - - name: 'seconds' - type: Integer - description: | - Seconds of minutes of the time. Currently, only the value 0 is supported. - - name: 'nanos' - type: Integer - description: | - Fractions of seconds in nanoseconds. Currently, only the value 0 is supported. - - name: 'subscriptionType' - type: Enum - description: | - The subscrition type of cluster. - default_from_api: true - enum_values: - - 'TRIAL' - - 'STANDARD' - - name: 'trialMetadata' - type: NestedObject - description: | - Contains information and all metadata related to TRIAL clusters. - output: true - properties: - - name: 'startTime' - type: String - description: | - Start time of the trial cluster. - - name: 'endTime' - type: String - description: | - End time of the trial cluster. - - name: 'upgradeTime' - type: String - description: | - Upgrade time of the trial cluster to standard cluster. - - name: 'graceEndTime' - type: String - description: | - Grace end time of the trial cluster. diff --git a/mmv1/products/alloydb/go_Instance.yaml b/mmv1/products/alloydb/go_Instance.yaml deleted file mode 100644 index e5ab0d8b8ad5..000000000000 --- a/mmv1/products/alloydb/go_Instance.yaml +++ /dev/null @@ -1,378 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Instance' -description: 'A managed alloydb cluster instance.' -references: - guides: - 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create' -docs: - warning: | - Deleting an instance with instanceType = SECONDARY does not delete the secondary instance, and abandons it instead. - Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. - Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. -base_url: '{{cluster}}/instances?instanceId={{instance_id}}' -self_link: '{{cluster}}/instances/{{instance_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/instances/{{instance_id}}' -timeouts: - insert_minutes: 120 - update_minutes: 120 - delete_minutes: 120 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 120 - update_minutes: 120 - delete_minutes: 120 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' - include_project: true -custom_code: - pre_create: 'templates/terraform/pre_create/go/alloydb_instance.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/alloydb_instance.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/alloydb_instance.go.tmpl' -exclude_sweeper: true -examples: - - name: 'alloydb_instance_basic' - primary_resource_id: 'default' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_test: true - - name: 'alloydb_secondary_instance_basic' - primary_resource_id: 'secondary' - vars: - alloydb_primary_cluster_name: 'alloydb-primary-cluster' - alloydb_primary_instance_name: 'alloydb-primary-instance' - alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' - alloydb_secondary_instance_name: 'alloydb-secondary-instance' - network_name: 'alloydb-secondary-network' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_test: true - - name: 'alloydb_instance_basic_test' - primary_resource_id: 'default' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_docs: true - - name: 'alloydb_secondary_instance_basic_test' - primary_resource_id: 'secondary' - vars: - alloydb_primary_cluster_name: 'alloydb-primary-cluster' - alloydb_primary_instance_name: 'alloydb-primary-instance' - alloydb_secondary_cluster_name: 'alloydb-secondary-cluster' - alloydb_secondary_instance_name: 'alloydb-secondary-instance' - network_name: 'alloydb-secondary-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_docs: true - - name: 'alloydb_instance_psc_test' - primary_resource_id: 'default' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - network_name: 'alloydb-network' - ignore_read_extra: - - 'reconciling' - - 'update_time' - skip_docs: true -parameters: - - name: 'cluster' - type: ResourceRef - description: | - Identifies the alloydb cluster. Must be in the format - 'projects/{project}/locations/{location}/clusters/{cluster_id}' - url_param_only: true - required: true - immutable: true - resource: 'Cluster' - imports: 'name' - - name: 'instanceId' - type: String - description: | - The ID of the alloydb instance. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The name of the instance resource. - output: true - - name: 'createTime' - type: Time - description: | - Time the Instance was created in UTC. - output: true - - name: 'updateTime' - type: Time - description: | - Time the Instance was updated in UTC. - output: true - - name: 'uid' - type: String - description: | - The system-generated UID of the resource. - output: true - - name: 'labels' - type: KeyValueLabels - description: 'User-defined labels for the alloydb instance.' - - name: 'annotations' - type: KeyValueAnnotations - description: - 'Annotations to allow client tools to store small amount of arbitrary - data. This is distinct from labels.' - - name: 'state' - type: String - description: | - The current state of the alloydb instance. - output: true - - name: 'displayName' - type: String - description: | - User-settable and human-readable display name for the Instance. - ignore_read: true - - name: 'gceZone' - type: String - description: | - The Compute Engine zone that the instance should serve from, per https://cloud.google.com/compute/docs/regions-zones This can ONLY be specified for ZONAL instances. If present for a REGIONAL instance, an error will be thrown. If this is absent for a ZONAL instance, instance is created in a random zone with available capacity. - - name: 'reconciling' - type: Boolean - description: | - Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. - output: true - - name: 'databaseFlags' - type: KeyValuePairs - description: - 'Database flags. Set at instance level. * They are copied from primary - instance on read instance creation. * Read instances can set new or - override existing flags that are relevant for reads, e.g. for enabling - columnar cache on a read instance. Flags set on read instance may or may - not be present on primary.' - default_from_api: true - - name: 'availabilityType' - type: Enum - description: | - 'Availability type of an Instance. Defaults to REGIONAL for both primary and read instances. - Note that primary and read instances can have different availability types. - Only READ_POOL instance supports ZONAL type. Users can't specify the zone for READ_POOL instance. - Zone is automatically chosen from the list of zones in the region specified. - Read pool of size 1 can only have zonal availability. Read pools with node count of 2 or more - can have regional availability (nodes are present in 2 or more zones in a region).' - default_from_api: true - enum_values: - - 'AVAILABILITY_TYPE_UNSPECIFIED' - - 'ZONAL' - - 'REGIONAL' - - name: 'instanceType' - type: Enum - description: | - The type of the instance. - If the instance type is READ_POOL, provide the associated PRIMARY/SECONDARY instance in the `depends_on` meta-data attribute. - If the instance type is SECONDARY, point to the cluster_type of the associated secondary cluster instead of mentioning SECONDARY. - Example: {instance_type = google_alloydb_cluster..cluster_type} instead of {instance_type = SECONDARY} - If the instance type is SECONDARY, the terraform delete instance operation does not delete the secondary instance but abandons it instead. - Use deletion_policy = "FORCE" in the associated secondary cluster and delete the cluster forcefully to delete the secondary cluster as well its associated secondary instance. - Users can undo the delete secondary instance action by importing the deleted secondary instance by calling terraform import. - required: true - immutable: true - enum_values: - - 'PRIMARY' - - 'READ_POOL' - - 'SECONDARY' - - name: 'ipAddress' - type: String - description: | - The IP address for the Instance. This is the connection endpoint for an end-user application. - output: true - - name: 'queryInsightsConfig' - type: NestedObject - description: 'Configuration for query insights.' - default_from_api: true - properties: - - name: 'queryStringLength' - type: Integer - description: 'Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid.' - - name: 'recordApplicationTags' - type: Boolean - description: 'Record application tags for an instance. This flag is turned "on" by default.' - - name: 'recordClientAddress' - type: Boolean - description: 'Record client address for an instance. Client address is PII information. This flag is turned "on" by default.' - - name: 'queryPlansPerMinute' - type: Integer - description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid.' - - name: 'observabilityConfig' - type: NestedObject - description: 'Configuration for enhanced query insights.' - min_version: 'beta' - default_from_api: true - properties: - - name: 'enabled' - type: Boolean - description: 'Observability feature status for an instance.' - - name: 'preserveComments' - type: Boolean - description: 'Preserve comments in the query string.' - - name: 'trackWaitEvents' - type: Boolean - description: 'Record wait events during query execution for an instance.' - - name: 'trackWaitEventTypes' - type: Boolean - description: 'Record wait event types during query execution for an instance.' - - name: 'maxQueryStringLength' - type: Integer - description: 'Query string length. The default value is 10240. Any integer between 1024 and 100000 is considered valid.' - - name: 'recordApplicationTags' - type: Boolean - description: 'Record application tags for an instance. This flag is turned "on" by default.' - - name: 'queryPlansPerMinute' - type: Integer - description: 'Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 200 is considered valid.' - - name: 'trackActiveQueries' - type: Boolean - description: 'Track actively running queries. If not set, default value is "off".' - - name: 'readPoolConfig' - type: NestedObject - description: 'Read pool specific config. If the instance type is READ_POOL, this configuration must be provided.' - properties: - - name: 'nodeCount' - type: Integer - description: - 'Read capacity, i.e. number of nodes in a read pool instance.' - - name: 'machineConfig' - type: NestedObject - description: - 'Configurations for the machines that host the underlying database engine.' - default_from_api: true - properties: - - name: 'cpuCount' - type: Integer - description: "The number of CPU's in the VM instance." - - default_from_api: true - - name: 'clientConnectionConfig' - type: NestedObject - description: | - Client connection specific configurations. - default_from_api: true - properties: - - name: 'requireConnectors' - type: Boolean - description: | - Configuration to enforce connectors only (ex: AuthProxy) connections to the database. - - name: 'sslConfig' - type: NestedObject - description: | - SSL config option for this instance. - default_from_api: true - properties: - - name: 'sslMode' - type: Enum - description: 'SSL mode. Specifies client-server SSL/TLS connection behavior.' - default_from_api: true - enum_values: - - 'ENCRYPTED_ONLY' - - 'ALLOW_UNENCRYPTED_AND_ENCRYPTED' - - name: 'pscInstanceConfig' - type: NestedObject - description: | - Configuration for Private Service Connect (PSC) for the instance. - default_from_api: true - properties: - - name: 'serviceAttachmentLink' - type: String - description: | - The service attachment created when Private Service Connect (PSC) is enabled for the instance. - The name of the resource will be in the format of - `projects//regions//serviceAttachments/` - output: true - - name: 'allowedConsumerProjects' - type: Array - description: | - List of consumer projects that are allowed to create PSC endpoints to service-attachments to this instance. - These should be specified as project numbers only. - item_type: - type: String - item_validation: - regex: '^\d+$' - - name: 'pscDnsName' - type: String - description: | - The DNS name of the instance for PSC connectivity. - Name convention: ...alloydb-psc.goog - output: true - - name: 'networkConfig' - type: NestedObject - description: | - Instance level network configuration. - properties: - - name: 'authorizedExternalNetworks' - type: Array - description: | - A list of external networks authorized to access this instance. This - field is only allowed to be set when `enable_public_ip` is set to - true. - required_with: - - 'networkConfig.0.enablePublicIp' - item_type: - type: NestedObject - properties: - - name: 'cidrRange' - type: String - description: 'CIDR range for one authorized network of the instance.' - - name: 'enablePublicIp' - type: Boolean - description: | - Enabling public ip for the instance. If a user wishes to disable this, - please also clear the list of the authorized external networks set on - the same instance. - - name: 'publicIpAddress' - type: String - description: | - The public IP addresses for the Instance. This is available ONLY when - networkConfig.enablePublicIp is set to true. This is the connection - endpoint for an end-user application. - output: true diff --git a/mmv1/products/alloydb/go_User.yaml b/mmv1/products/alloydb/go_User.yaml deleted file mode 100644 index 2b719d16de66..000000000000 --- a/mmv1/products/alloydb/go_User.yaml +++ /dev/null @@ -1,128 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'User' -description: 'A database user in an AlloyDB cluster.' -references: - guides: - 'AlloyDB': 'https://cloud.google.com/alloydb/docs/' - api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users/create' -docs: -base_url: '{{cluster}}/users' -self_link: '{{cluster}}/users/{{user_id}}' -create_url: '{{cluster}}/users?userId={{user_id}}' -update_url: '{{cluster}}/users?userId={{user_id}}' -update_verb: 'POST' -import_format: - - 'projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/users/{{user_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/alloydb_user.go.tmpl' -exclude_sweeper: true -examples: - - name: 'alloydb_user_builtin' - primary_resource_id: 'user1' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_cluster_pass: 'cluster_secret' - alloydb_instance_name: 'alloydb-instance' - alloydb_user_name: 'user1' - alloydb_user_pass: 'user_secret' - network_name: 'alloydb-network' - ignore_read_extra: - - 'password' - skip_test: true - - name: 'alloydb_user_builtin_test' - primary_resource_id: 'user1' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_cluster_pass: 'cluster_secret' - alloydb_instance_name: 'alloydb-instance' - alloydb_user_name: 'user1' - alloydb_user_pass: 'user_secret' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - ignore_read_extra: - - 'password' - skip_docs: true - - name: 'alloydb_user_iam' - primary_resource_id: 'user2' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - alloydb_cluster_pass: 'cluster_secret' - alloydb_user_name: 'user2@foo.com' - network_name: 'alloydb-network' - skip_test: true - - name: 'alloydb_user_iam_test' - primary_resource_id: 'user2' - vars: - alloydb_cluster_name: 'alloydb-cluster' - alloydb_instance_name: 'alloydb-instance' - alloydb_cluster_pass: 'cluster_secret' - alloydb_user_name: 'user2@foo.com' - network_name: 'alloydb-network' - test_vars_overrides: - 'network_name': 'acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydbinstance-network-config-1")' - skip_docs: true -parameters: - - name: 'cluster' - type: ResourceRef - description: | - Identifies the alloydb cluster. Must be in the format - 'projects/{project}/locations/{location}/clusters/{cluster_id}' - url_param_only: true - required: true - immutable: true - resource: 'Cluster' - imports: 'name' - - name: 'userId' - type: String - description: | - The database role name of the user. - url_param_only: true - required: true - immutable: true - - name: 'userType' - type: Enum - description: | - The type of this user. - required: true - immutable: true - enum_values: - - 'ALLOYDB_BUILT_IN' - - 'ALLOYDB_IAM_USER' -properties: - - name: 'name' - type: String - description: | - Name of the resource in the form of projects/{project}/locations/{location}/clusters/{cluster}/users/{user}. - output: true - - name: 'password' - type: String - description: | - Password for this database user. - ignore_read: true - - name: 'databaseRoles' - type: Array - description: | - List of database roles this database user has. - item_type: - type: String diff --git a/mmv1/products/alloydb/go_product.yaml b/mmv1/products/alloydb/go_product.yaml deleted file mode 100644 index 082d410a4bca..000000000000 --- a/mmv1/products/alloydb/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Alloydb' -display_name: 'AlloyDB' -versions: - - name: 'beta' - base_url: 'https://alloydb.googleapis.com/v1beta/' - - name: 'ga' - base_url: 'https://alloydb.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/alloydb/product.yaml b/mmv1/products/alloydb/product.yaml index b9f45eba5d98..dce761bcb4e1 100644 --- a/mmv1/products/alloydb/product.yaml +++ b/mmv1/products/alloydb/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Alloydb -display_name: AlloyDB +--- +name: 'Alloydb' +display_name: 'AlloyDB' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://alloydb.googleapis.com/v1beta/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://alloydb.googleapis.com/v1/ + - name: 'beta' + base_url: 'https://alloydb.googleapis.com/v1beta/' + - name: 'ga' + base_url: 'https://alloydb.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-identity + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/apigateway/Api.yaml b/mmv1/products/apigateway/Api.yaml index 93ae56e5e75b..883e796621fb 100644 --- a/mmv1/products/apigateway/Api.yaml +++ b/mmv1/products/apigateway/Api.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,83 +11,103 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Api' -min_version: beta -create_url: projects/{{project}}/locations/global/apis?apiId={{api_id}} -self_link: projects/{{project}}/locations/global/apis/{{api_id}} -base_url: projects/{{project}}/locations/global/apis -update_verb: :PATCH -update_mask: true -identity: - - apiId description: | A consumable API that can be used by multiple Gateways. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' +docs: +base_url: 'projects/{{project}}/locations/global/apis' +self_link: 'projects/{{project}}/locations/global/apis/{{api_id}}' +create_url: 'projects/{{project}}/locations/global/apis?apiId={{api_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - allowed_iam_role: 'roles/apigateway.viewer' +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - apiId +iam_policy: method_name_separator: ':' + allowed_iam_role: 'roles/apigateway.viewer' parent_resource_attribute: 'api' - base_url: projects/{{project}}/locations/global/apis/{{api}} + base_url: 'projects/{{project}}/locations/global/apis/{{api}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/global/apis/{{api}}', - '{{project}}/{{api}}', - '{{api}}', - ] + - 'projects/{{project}}/locations/global/apis/{{api}}' + - '{{project}}/{{api}}' + - '{{api}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'apigateway_api_basic' + - name: 'apigateway_api_basic' primary_resource_id: 'api' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - min_version: beta - name: 'apigateway_api_full' + - name: 'apigateway_api_full' primary_resource_id: 'api' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: apiId + - name: 'apiId' + type: String description: | Identifier to assign to the API. Must be unique within scope of the parent resource(project) + min_version: 'beta' + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The resource name of the API. Format `projects/{{project}}/locations/global/apis/{{apiId}}` + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | A user-visible name for the API. + min_version: 'beta' default_from_api: true - - !ruby/object:Api::Type::String - name: 'managedService' - immutable: true + - name: 'managedService' + type: String description: | Immutable. The name of a Google Managed Service ( https://cloud.google.com/service-infrastructure/docs/glossary#managed). If not specified, a new Service will automatically be created in the same project as this API. + min_version: 'beta' + immutable: true default_from_api: true - - !ruby/object:Api::Type::Time - name: 'createTime' + - name: 'createTime' + type: Time description: Creation timestamp in RFC3339 text format. + min_version: 'beta' output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Resource labels to represent user-provided metadata. + min_version: 'beta' diff --git a/mmv1/products/apigateway/ApiConfig.yaml b/mmv1/products/apigateway/ApiConfig.yaml index da35b85703d9..5ec9f9dbf972 100644 --- a/mmv1/products/apigateway/ApiConfig.yaml +++ b/mmv1/products/apigateway/ApiConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,242 +11,278 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ApiConfig' -min_version: beta -create_url: projects/{{project}}/locations/global/apis/{{api}}/configs?apiConfigId={{api_config_id}} -self_link: projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config_id}} -base_url: projects/{{project}}/locations/global/apis/{{api}}/configs -read_query_params: '?view=FULL' -update_verb: :PATCH -update_mask: true description: | An API Configuration is an association of an API Controller Config and a Gateway Config -identity: - - apiConfigId -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/creating-api-config' api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis.configs' -docs: !ruby/object:Provider::Terraform::Docs +docs: optional_properties: | * `api_config_id_prefix` - (Optional) Creates a unique name beginning with the specified prefix. If this and api_config_id are unspecified, a random value is chosen for the name. +base_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs' +self_link: 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config_id}}' +create_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs?apiConfigId={{api_config_id}}' +update_verb: 'PATCH' +update_mask: true + +read_query_params: '?view=FULL' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true - allowed_iam_role: 'roles/apigateway.viewer' - parent_resource_attribute: api_config - base_url: projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}} - example_config_body: 'templates/terraform/iam/example_config_body/api_gateway_api_config.tf.erb' +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - apiConfigId +iam_policy: + exclude_import_test: true method_name_separator: ':' + allowed_iam_role: 'roles/apigateway.viewer' + parent_resource_attribute: 'api_config' + base_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}' + example_config_body: 'templates/terraform/iam/example_config_body/api_gateway_api_config.tf.tmpl' import_format: - [ - 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}', - '{{project}}/{{api}}/{{api_config}}', - '{{api}}/{{api_config}}', - '{{api_config}}', - ] + - 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}' + - '{{project}}/{{api}}/{{api_config}}' + - '{{api}}/{{api_config}}' + - '{{api_config}}' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/api_config.tmpl' + encoder: 'templates/terraform/encoders/api_config.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'apigateway_api_config_basic' + - name: 'apigateway_api_config_basic' primary_resource_id: 'api_cfg' - primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", - context["random_suffix"]), fmt.Sprintf("tf-test-my-config%s", - context["random_suffix"])' # Need to pass 2 ids into a Sprintf - parent resource id also needed to identify primary resource + # Need to pass 2 ids into a Sprintf - parent resource id also needed to identify primary resource + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"]), fmt.Sprintf("tf-test-my-config%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' config_id: 'my-config' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - min_version: beta - name: 'apigateway_api_config_full' + - name: 'apigateway_api_config_full' primary_resource_id: 'api_cfg' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' config_id: 'my-config' - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'apigateway_api_config_grpc' + exclude_docs: true + - name: 'apigateway_api_config_grpc' primary_resource_id: 'api_cfg' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' config_id: 'my-config' ignore_read_extra: - 'grpc_services.0.file_descriptor_set' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - min_version: beta - name: 'apigateway_api_config_grpc_full' + - name: 'apigateway_api_config_grpc_full' primary_resource_id: 'api_cfg' + min_version: 'beta' vars: api_id: 'my-api' config_id: 'my-config' -custom_code: !ruby/object:Provider::Terraform::CustomCode - extra_schema_entry: templates/terraform/extra_schema_entry/api_config.erb - encoder: 'templates/terraform/encoders/api_config.go.erb' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: api + - name: 'api' + type: String description: | The API to attach the config to. + min_version: 'beta' + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: apiConfigId + - name: 'apiConfigId' + type: String description: | Identifier to assign to the API Config. Must be unique within scope of the parent resource(api). - immutable: true + min_version: 'beta' url_param_only: true + immutable: true default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: The resource name of the API Config. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | A user-visible name for the API. + min_version: 'beta' default_from_api: true - - !ruby/object:Api::Type::String - name: 'serviceConfigId' - output: true + - name: 'serviceConfigId' + type: String description: | The ID of the associated Service Config (https://cloud.google.com/service-infrastructure/docs/glossary#config). - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels description: | Resource labels to represent user-provided metadata. - - !ruby/object:Api::Type::NestedObject - name: 'gatewayConfig' - immutable: true + min_version: 'beta' + - name: 'gatewayConfig' + type: NestedObject description: | Immutable. Gateway specific configuration. If not specified, backend authentication will be set to use OIDC authentication using the default compute service account + min_version: 'beta' + immutable: true ignore_read: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'backendConfig' - required: true + - name: 'backendConfig' + type: NestedObject description: | Backend settings that are applied to all backends of the Gateway. + min_version: 'beta' + required: true properties: - - !ruby/object:Api::Type::String - name: 'googleServiceAccount' - immutable: true - required: true + - name: 'googleServiceAccount' + type: String description: | Google Cloud IAM service account used to sign OIDC tokens for backends that have authentication configured (https://cloud.google.com/service-infrastructure/docs/service-management/reference/rest/v1/services.configs#backend). - - !ruby/object:Api::Type::Array - name: 'openapiDocuments' + min_version: 'beta' + required: true + immutable: true + - name: 'openapiDocuments' + type: Array description: | OpenAPI specification documents. If specified, grpcServices and managedServiceConfigs must not be included. + min_version: 'beta' exactly_one_of: - - openapi_documents - - grpc_services - item_type: !ruby/object:Api::Type::NestedObject + - 'openapi_documents' + - 'grpc_services' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'document' - required: true + - name: 'document' + type: NestedObject description: The OpenAPI Specification document file. + min_version: 'beta' + required: true properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true - immutable: true + - name: 'path' + type: String description: | The file path (full or relative path). This is typically the path of the file when it is uploaded. - - !ruby/object:Api::Type::String - name: 'contents' + min_version: 'beta' required: true immutable: true + - name: 'contents' + type: String description: | Base64 encoded content of the file. - validation: !ruby/object:Provider::Terraform::Validation + min_version: 'beta' + required: true + immutable: true + validation: function: 'verify.ValidateBase64String' - - !ruby/object:Api::Type::Array - name: 'grpcServices' + - name: 'grpcServices' + type: Array description: | gRPC service definition files. If specified, openapiDocuments must not be included. + min_version: 'beta' + ignore_read: true exactly_one_of: - - openapi_documents - - grpc_services + - 'openapi_documents' + - 'grpc_services' required_with: - - managed_service_configs - ignore_read: true - item_type: !ruby/object:Api::Type::NestedObject + - 'managed_service_configs' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'fileDescriptorSet' - required: true - immutable: true + - name: 'fileDescriptorSet' + type: NestedObject description: | Input only. File descriptor set, generated by protoc. To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. $ protoc --include_imports --include_source_info test.proto -o out.pb + min_version: 'beta' + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true - immutable: true + - name: 'path' + type: String description: | The file path (full or relative path). This is typically the path of the file when it is uploaded. - - !ruby/object:Api::Type::String - name: 'contents' + min_version: 'beta' required: true immutable: true + - name: 'contents' + type: String description: | Base64 encoded content of the file. - validation: !ruby/object:Provider::Terraform::Validation + min_version: 'beta' + required: true + immutable: true + validation: function: 'verify.ValidateBase64String' - - !ruby/object:Api::Type::Array - name: 'source' + - name: 'source' + type: Array description: | Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate fileDescriptorSet. - item_type: !ruby/object:Api::Type::NestedObject + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true - immutable: true + - name: 'path' + type: String description: | The file path (full or relative path). This is typically the path of the file when it is uploaded. - - !ruby/object:Api::Type::String - name: 'contents' + min_version: 'beta' required: true immutable: true + - name: 'contents' + type: String description: | Base64 encoded content of the file. - validation: !ruby/object:Provider::Terraform::Validation + min_version: 'beta' + required: true + immutable: true + validation: function: 'verify.ValidateBase64String' - - !ruby/object:Api::Type::Array - name: 'managedServiceConfigs' + - name: 'managedServiceConfigs' + type: Array description: | Optional. Service Configuration files. At least one must be included when using gRPC service definitions. See https://cloud.google.com/endpoints/docs/grpc/grpc-service-config#service_configuration_overview for the expected file contents. If multiple files are specified, the files are merged with the following rules: * All singular scalar fields are merged using "last one wins" semantics in the order of the files uploaded. * Repeated fields are concatenated. * Singular embedded messages are merged using these rules for nested fields. + min_version: 'beta' required_with: - - grpc_services - item_type: !ruby/object:Api::Type::NestedObject + - 'grpc_services' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true - immutable: true + - name: 'path' + type: String description: | The file path (full or relative path). This is typically the path of the file when it is uploaded. - - !ruby/object:Api::Type::String - name: 'contents' + min_version: 'beta' required: true immutable: true + - name: 'contents' + type: String description: | Base64 encoded content of the file. + min_version: 'beta' + required: true + immutable: true diff --git a/mmv1/products/apigateway/Gateway.yaml b/mmv1/products/apigateway/Gateway.yaml index c36ef42cc339..29320f100073 100644 --- a/mmv1/products/apigateway/Gateway.yaml +++ b/mmv1/products/apigateway/Gateway.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,99 +11,120 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Gateway' -min_version: beta -create_url: projects/{{project}}/locations/{{region}}/gateways?gatewayId={{gateway_id}} -self_link: projects/{{project}}/locations/{{region}}/gateways/{{gateway_id}} -base_url: projects/{{project}}/locations/{{region}}/gateways -update_verb: :PATCH -update_mask: true -identity: - - gatewayId description: | A consumable API that can be used by multiple Gateways. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/gateways' +self_link: 'projects/{{project}}/locations/{{region}}/gateways/{{gateway_id}}' +create_url: 'projects/{{project}}/locations/{{region}}/gateways?gatewayId={{gateway_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true - allowed_iam_role: 'roles/apigateway.viewer' +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +identity: + - gatewayId +iam_policy: + exclude_import_test: true method_name_separator: ':' + allowed_iam_role: 'roles/apigateway.viewer' parent_resource_attribute: 'gateway' - base_url: projects/{{project}}/locations/{{region}}/gateways/{{gateway}} + base_url: 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}', - '{{project}}/{{region}}/{{gateway}}', - '{{region}}/{{gateway}}', - '{{gateway}}', - ] + - 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}' + - '{{project}}/{{region}}/{{gateway}}' + - '{{region}}/{{gateway}}' + - '{{gateway}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'apigateway_gateway_basic' + - name: 'apigateway_gateway_basic' primary_resource_id: 'api_gw' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' config_id: 'my-config' gateway_id: 'my-gateway' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - min_version: beta - name: 'apigateway_gateway_full' + - name: 'apigateway_gateway_full' primary_resource_id: 'api_gw' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' + min_version: 'beta' vars: api_id: 'my-api' config_id: 'my-config' gateway_id: 'my-gateway' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: | The region of the gateway for the API. - immutable: true + min_version: 'beta' url_param_only: true + immutable: true default_from_api: true - - !ruby/object:Api::Type::String - name: gatewayId + - name: 'gatewayId' + type: String description: | Identifier to assign to the Gateway. Must be unique within scope of the parent resource(project). + min_version: 'beta' + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Resource name of the Gateway. Format: projects/{project}/locations/{region}/gateways/{gateway} + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | A user-visible name for the API. + min_version: 'beta' default_from_api: true - - !ruby/object:Api::Type::String - name: 'apiConfig' - required: true + - name: 'apiConfig' + type: String description: | Resource name of the API Config for this Gateway. Format: projects/{project}/locations/global/apis/{api}/configs/{apiConfig}. When changing api configs please ensure the new config is a new resource and the [lifecycle](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle) rule `create_before_destroy` is set. - diff_suppress_func: tpgresource.CompareResourceNames - - !ruby/object:Api::Type::String - name: 'defaultHostname' - output: true + min_version: 'beta' + required: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + - name: 'defaultHostname' + type: String description: The default API Gateway host name of the form {gatewayId}-{hash}.{region_code}.gateway.dev. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + min_version: 'beta' + output: true + - name: 'labels' + type: KeyValueLabels description: | Resource labels to represent user-provided metadata. + min_version: 'beta' diff --git a/mmv1/products/apigateway/go_Api.yaml b/mmv1/products/apigateway/go_Api.yaml deleted file mode 100644 index 1222360c0879..000000000000 --- a/mmv1/products/apigateway/go_Api.yaml +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Api' -description: | - A consumable API that can be used by multiple Gateways. -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' - api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' -docs: -base_url: 'projects/{{project}}/locations/global/apis' -self_link: 'projects/{{project}}/locations/global/apis/{{api_id}}' -create_url: 'projects/{{project}}/locations/global/apis?apiId={{api_id}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - apiId -iam_policy: - method_name_separator: ':' - allowed_iam_role: 'roles/apigateway.viewer' - parent_resource_attribute: 'api' - base_url: 'projects/{{project}}/locations/global/apis/{{api}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/global/apis/{{api}}' - - '{{project}}/{{api}}' - - '{{api}}' -custom_code: -examples: - - name: 'apigateway_api_basic' - primary_resource_id: 'api' - primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - - name: 'apigateway_api_full' - primary_resource_id: 'api' - primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - skip_docs: true -parameters: - - name: 'apiId' - type: String - description: | - Identifier to assign to the API. Must be unique within scope of the parent resource(project) - min_version: 'beta' - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the API. Format `projects/{{project}}/locations/global/apis/{{apiId}}` - min_version: 'beta' - output: true - - name: 'displayName' - type: String - description: | - A user-visible name for the API. - min_version: 'beta' - default_from_api: true - - name: 'managedService' - type: String - description: | - Immutable. The name of a Google Managed Service ( https://cloud.google.com/service-infrastructure/docs/glossary#managed). - If not specified, a new Service will automatically be created in the same project as this API. - min_version: 'beta' - immutable: true - default_from_api: true - - name: 'createTime' - type: Time - description: Creation timestamp in RFC3339 text format. - min_version: 'beta' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Resource labels to represent user-provided metadata. - min_version: 'beta' diff --git a/mmv1/products/apigateway/go_ApiConfig.yaml b/mmv1/products/apigateway/go_ApiConfig.yaml deleted file mode 100644 index 9feafb296052..000000000000 --- a/mmv1/products/apigateway/go_ApiConfig.yaml +++ /dev/null @@ -1,288 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ApiConfig' -description: | - An API Configuration is an association of an API Controller Config and a Gateway Config -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/creating-api-config' - api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis.configs' -docs: - optional_properties: | - * `api_config_id_prefix` - (Optional) Creates a unique name beginning with the - specified prefix. If this and api_config_id are unspecified, a random value is chosen for the name. -base_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs' -self_link: 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config_id}}' -create_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs?apiConfigId={{api_config_id}}' -update_verb: 'PATCH' -update_mask: true - -read_query_params: '?view=FULL' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - apiConfigId -iam_policy: - skip_import_test: true - method_name_separator: ':' - allowed_iam_role: 'roles/apigateway.viewer' - parent_resource_attribute: 'api_config' - base_url: 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}' - example_config_body: 'templates/terraform/iam/example_config_body/go/api_gateway_api_config.tf.tmpl' - import_format: - - 'projects/{{project}}/locations/global/apis/{{api}}/configs/{{api_config}}' - - '{{project}}/{{api}}/{{api_config}}' - - '{{api}}/{{api_config}}' - - '{{api_config}}' -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/api_config.tmpl' - encoder: 'templates/terraform/encoders/go/api_config.go.tmpl' -examples: - - name: 'apigateway_api_config_basic' - primary_resource_id: 'api_cfg' - primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"]), fmt.Sprintf("tf-test-my-config%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - config_id: 'my-config' - - name: 'apigateway_api_config_full' - primary_resource_id: 'api_cfg' - primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - config_id: 'my-config' - skip_docs: true - - name: 'apigateway_api_config_grpc' - primary_resource_id: 'api_cfg' - primary_resource_name: 'fmt.Sprintf("tf-test-my-api%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - config_id: 'my-config' - ignore_read_extra: - - 'grpc_services.0.file_descriptor_set' - - name: 'apigateway_api_config_grpc_full' - primary_resource_id: 'api_cfg' - min_version: 'beta' - vars: - api_id: 'my-api' - config_id: 'my-config' - skip_docs: true -parameters: - - name: 'api' - type: String - description: | - The API to attach the config to. - min_version: 'beta' - url_param_only: true - required: true - immutable: true - - name: 'apiConfigId' - type: String - description: | - Identifier to assign to the API Config. Must be unique within scope of the parent resource(api). - min_version: 'beta' - url_param_only: true - immutable: true - default_from_api: true -properties: - - name: 'name' - type: String - description: The resource name of the API Config. - min_version: 'beta' - output: true - - name: 'displayName' - type: String - description: | - A user-visible name for the API. - min_version: 'beta' - default_from_api: true - - name: 'serviceConfigId' - type: String - description: | - The ID of the associated Service Config (https://cloud.google.com/service-infrastructure/docs/glossary#config). - min_version: 'beta' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Resource labels to represent user-provided metadata. - min_version: 'beta' - - name: 'gatewayConfig' - type: NestedObject - description: | - Immutable. Gateway specific configuration. - If not specified, backend authentication will be set to use OIDC authentication using the default compute service account - min_version: 'beta' - immutable: true - ignore_read: true - properties: - - name: 'backendConfig' - type: NestedObject - description: | - Backend settings that are applied to all backends of the Gateway. - min_version: 'beta' - required: true - properties: - - name: 'googleServiceAccount' - type: String - description: | - Google Cloud IAM service account used to sign OIDC tokens for backends that have authentication configured - (https://cloud.google.com/service-infrastructure/docs/service-management/reference/rest/v1/services.configs#backend). - min_version: 'beta' - required: true - immutable: true - - name: 'openapiDocuments' - type: Array - description: | - OpenAPI specification documents. If specified, grpcServices and managedServiceConfigs must not be included. - min_version: 'beta' - exactly_one_of: - - 'openapi_documents' - - 'grpc_services' - item_type: - type: NestedObject - properties: - - name: 'document' - type: NestedObject - description: The OpenAPI Specification document file. - min_version: 'beta' - required: true - properties: - - name: 'path' - type: String - description: | - The file path (full or relative path). This is typically the path of the file when it is uploaded. - min_version: 'beta' - required: true - immutable: true - - name: 'contents' - type: String - description: | - Base64 encoded content of the file. - min_version: 'beta' - required: true - immutable: true - validation: - function: 'verify.ValidateBase64String' - - name: 'grpcServices' - type: Array - description: | - gRPC service definition files. If specified, openapiDocuments must not be included. - min_version: 'beta' - ignore_read: true - exactly_one_of: - - 'openapi_documents' - - 'grpc_services' - required_with: - - 'managed_service_configs' - item_type: - type: NestedObject - properties: - - name: 'fileDescriptorSet' - type: NestedObject - description: | - Input only. File descriptor set, generated by protoc. - To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. - - $ protoc --include_imports --include_source_info test.proto -o out.pb - min_version: 'beta' - required: true - immutable: true - properties: - - name: 'path' - type: String - description: | - The file path (full or relative path). This is typically the path of the file when it is uploaded. - min_version: 'beta' - required: true - immutable: true - - name: 'contents' - type: String - description: | - Base64 encoded content of the file. - min_version: 'beta' - required: true - immutable: true - validation: - function: 'verify.ValidateBase64String' - - name: 'source' - type: Array - description: | - Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate fileDescriptorSet. - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'path' - type: String - description: | - The file path (full or relative path). This is typically the path of the file when it is uploaded. - min_version: 'beta' - required: true - immutable: true - - name: 'contents' - type: String - description: | - Base64 encoded content of the file. - min_version: 'beta' - required: true - immutable: true - validation: - function: 'verify.ValidateBase64String' - - name: 'managedServiceConfigs' - type: Array - description: | - Optional. Service Configuration files. At least one must be included when using gRPC service definitions. See https://cloud.google.com/endpoints/docs/grpc/grpc-service-config#service_configuration_overview for the expected file contents. - If multiple files are specified, the files are merged with the following rules: * All singular scalar fields are merged using "last one wins" semantics in the order of the files uploaded. * Repeated fields are concatenated. * Singular embedded messages are merged using these rules for nested fields. - min_version: 'beta' - required_with: - - 'grpc_services' - item_type: - type: NestedObject - properties: - - name: 'path' - type: String - description: | - The file path (full or relative path). This is typically the path of the file when it is uploaded. - min_version: 'beta' - required: true - immutable: true - - name: 'contents' - type: String - description: | - Base64 encoded content of the file. - min_version: 'beta' - required: true - immutable: true diff --git a/mmv1/products/apigateway/go_Gateway.yaml b/mmv1/products/apigateway/go_Gateway.yaml deleted file mode 100644 index db8dccc8072c..000000000000 --- a/mmv1/products/apigateway/go_Gateway.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Gateway' -description: | - A consumable API that can be used by multiple Gateways. -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/api-gateway/docs/quickstart' - api: 'https://cloud.google.com/api-gateway/docs/reference/rest/v1beta/projects.locations.apis' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/gateways' -self_link: 'projects/{{project}}/locations/{{region}}/gateways/{{gateway_id}}' -create_url: 'projects/{{project}}/locations/{{region}}/gateways?gatewayId={{gateway_id}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -identity: - - gatewayId -iam_policy: - skip_import_test: true - method_name_separator: ':' - allowed_iam_role: 'roles/apigateway.viewer' - parent_resource_attribute: 'gateway' - base_url: 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{region}}/gateways/{{gateway}}' - - '{{project}}/{{region}}/{{gateway}}' - - '{{region}}/{{gateway}}' - - '{{gateway}}' -custom_code: -examples: - - name: 'apigateway_gateway_basic' - primary_resource_id: 'api_gw' - primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - config_id: 'my-config' - gateway_id: 'my-gateway' - - name: 'apigateway_gateway_full' - primary_resource_id: 'api_gw' - primary_resource_name: 'fmt.Sprintf("tf-test-my-gateway%s", context["random_suffix"])' - min_version: 'beta' - vars: - api_id: 'my-api' - config_id: 'my-config' - gateway_id: 'my-gateway' - skip_docs: true -parameters: - - name: 'region' - type: String - description: | - The region of the gateway for the API. - min_version: 'beta' - url_param_only: true - immutable: true - default_from_api: true - - name: 'gatewayId' - type: String - description: | - Identifier to assign to the Gateway. Must be unique within scope of the parent resource(project). - min_version: 'beta' - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Resource name of the Gateway. Format: projects/{project}/locations/{region}/gateways/{gateway} - min_version: 'beta' - output: true - - name: 'displayName' - type: String - description: | - A user-visible name for the API. - min_version: 'beta' - default_from_api: true - - name: 'apiConfig' - type: String - description: | - Resource name of the API Config for this Gateway. Format: projects/{project}/locations/global/apis/{api}/configs/{apiConfig}. - When changing api configs please ensure the new config is a new resource and the - [lifecycle](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle) rule `create_before_destroy` is set. - min_version: 'beta' - required: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - - name: 'defaultHostname' - type: String - description: - The default API Gateway host name of the form - {gatewayId}-{hash}.{region_code}.gateway.dev. - min_version: 'beta' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Resource labels to represent user-provided metadata. - min_version: 'beta' diff --git a/mmv1/products/apigateway/go_product.yaml b/mmv1/products/apigateway/go_product.yaml deleted file mode 100644 index 4e2b99e2e925..000000000000 --- a/mmv1/products/apigateway/go_product.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ApiGateway' -display_name: 'API Gateway' -versions: - - name: 'beta' - base_url: 'https://apigateway.googleapis.com/v1beta/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/apigateway/product.yaml b/mmv1/products/apigateway/product.yaml index e29f3d971c92..c656d1cad15e 100644 --- a/mmv1/products/apigateway/product.yaml +++ b/mmv1/products/apigateway/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,29 +11,23 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: ApiGateway -display_name: API Gateway +--- +name: 'ApiGateway' +display_name: 'API Gateway' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://apigateway.googleapis.com/v1beta/ + - name: 'beta' + base_url: 'https://apigateway.googleapis.com/v1beta/' scopes: - - https://www.googleapis.com/auth/cloud-platform -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/apigee/AddonsConfig.yaml b/mmv1/products/apigee/AddonsConfig.yaml index 43ec68760905..1955f61e4a54 100644 --- a/mmv1/products/apigee/AddonsConfig.yaml +++ b/mmv1/products/apigee/AddonsConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,122 +11,119 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AddonsConfig' -self_link: 'organizations/{{org}}' +description: | + Configures the add-ons for the Apigee organization. The existing add-on configuration will be fully replaced. +references: + guides: + 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#setaddons' +docs: base_url: 'organizations' +self_link: 'organizations/{{org}}' create_url: 'organizations/{{org}}:setAddons' update_url: 'organizations/{{org}}:setAddons' -update_verb: :POST +update_verb: 'POST' delete_url: 'organizations/{{org}}:setAddons' -delete_verb: :POST -async: !ruby/object:Api::OpAsync +delete_verb: 'POST' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: actions: ['create', 'update', 'delete'] - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: false - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -description: | - Configures the add-ons for the Apigee organization. The existing add-on configuration will be fully replaced. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#setaddons' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_addons.go.erb - test_check_destroy: templates/terraform/custom_check_destroy/apigee_addons_override.go.erb +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_addons.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/apigee_addons_override.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_addons_basic' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_addons_full' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_addons_test' + - name: 'apigee_addons_basic' + exclude_test: true + - name: 'apigee_addons_full' + exclude_test: true + - name: 'apigee_addons_test' primary_resource_id: 'apigee_org_addons' - skip_docs: true test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'org' - required: true + - name: 'org' + type: String description: | Name of the Apigee organization. url_param_only: true + required: true immutable: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'addonsConfig' + - name: 'addonsConfig' + type: NestedObject description: Addon configurations of the Apigee organization. properties: - - !ruby/object:Api::Type::NestedObject - name: 'advancedApiOpsConfig' + - name: 'advancedApiOpsConfig' + type: NestedObject description: Configuration for the Monetization add-on. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: Flag that specifies whether the Advanced API Ops add-on is enabled. - - !ruby/object:Api::Type::NestedObject - name: 'integrationConfig' + - name: 'integrationConfig' + type: NestedObject description: Configuration for the Monetization add-on. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: Flag that specifies whether the Advanced API Ops add-on is enabled. - - !ruby/object:Api::Type::NestedObject - name: 'monetizationConfig' + - name: 'monetizationConfig' + type: NestedObject description: Configuration for the Monetization add-on. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: Flag that specifies whether the Advanced API Ops add-on is enabled. - - !ruby/object:Api::Type::NestedObject - name: 'apiSecurityConfig' + - name: 'apiSecurityConfig' + type: NestedObject description: Configuration for the Monetization add-on. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: Flag that specifies whether the Advanced API Ops add-on is enabled. - - !ruby/object:Api::Type::String - name: 'expiresAt' + - name: 'expiresAt' + type: String description: Flag that specifies whether the Advanced API Ops add-on is enabled. output: true - - !ruby/object:Api::Type::NestedObject - name: 'connectorsPlatformConfig' + - name: 'connectorsPlatformConfig' + type: NestedObject description: Configuration for the Monetization add-on. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: Flag that specifies whether the Advanced API Ops add-on is enabled. - - !ruby/object:Api::Type::String - name: 'expiresAt' + - name: 'expiresAt' + type: String description: Flag that specifies whether the Advanced API Ops add-on is enabled. diff --git a/mmv1/products/apigee/EndpointAttachment.yaml b/mmv1/products/apigee/EndpointAttachment.yaml index 04a8757e1f45..1efb05ec209d 100644 --- a/mmv1/products/apigee/EndpointAttachment.yaml +++ b/mmv1/products/apigee/EndpointAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,106 +11,97 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EndpointAttachment' +description: | + Apigee Endpoint Attachment. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create' +docs: base_url: 'endpointAttachments' -create_url: '{{org_id}}/endpointAttachments?endpointAttachmentId={{endpoint_attachment_id}}' self_link: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +create_url: '{{org_id}}/endpointAttachments?endpointAttachmentId={{endpoint_attachment_id}}' +delete_url: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' +immutable: true +import_format: + - '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' + - '{{org_id}}/{{endpoint_attachment_id}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -immutable: true -description: | - Apigee Endpoint Attachment. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create' - -autogen_async: true -import_format: - [ - '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}', - '{{org_id}}/{{endpoint_attachment_id}}', - ] -delete_url: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' -skip_sweeper: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_endpoint_attachment.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_endpoint_attachment_basic' - skip_test: - true + - name: 'apigee_endpoint_attachment_basic' + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_endpoint_attachment_basic_test' + - name: 'apigee_endpoint_attachment_basic_test' primary_resource_id: 'apigee_endpoint_attachment' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_endpoint_attachment.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'orgId' + - name: 'orgId' + type: String description: | The Apigee Organization associated with the Apigee instance, in the format `organizations/{{org_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'endpointAttachmentId' + - name: 'endpointAttachmentId' + type: String description: | ID of the endpoint attachment. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the Endpoint Attachment in the following format: organizations/{organization}/endpointAttachments/{endpointAttachment}. output: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | Location of the endpoint attachment. required: true - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | Host that can be used in either HTTP Target Endpoint directly, or as the host in Target Server. output: true - - !ruby/object:Api::Type::String - name: 'serviceAttachment' + - name: 'serviceAttachment' + type: String description: | Format: projects/*/regions/*/serviceAttachments/* required: true - - !ruby/object:Api::Type::String - name: 'connectionState' + - name: 'connectionState' + type: String description: | State of the endpoint attachment connection to the service attachment. output: true diff --git a/mmv1/products/apigee/EnvKeystore.yaml b/mmv1/products/apigee/EnvKeystore.yaml index ae5676cd9fbd..5af92f2ee88a 100644 --- a/mmv1/products/apigee/EnvKeystore.yaml +++ b/mmv1/products/apigee/EnvKeystore.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,57 +11,60 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EnvKeystore' -base_url: '{{env_id}}/keystores' -create_url: '{{env_id}}/keystores' -delete_url: '{{env_id}}/keystores/{{name}}' -self_link: '{{env_id}}/keystores/{{name}}' -immutable: true description: | An `Environment KeyStore` in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores/create' +docs: +base_url: '{{env_id}}/keystores' +self_link: '{{env_id}}/keystores/{{name}}' +create_url: '{{env_id}}/keystores' +delete_url: '{{env_id}}/keystores/{{name}}' +immutable: true +import_format: + - '{{env_id}}/keystores/{{name}}' + - '{{env_id}}/{{name}}' + # Resource creation race +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 autogen_async: true -import_format: ['{{env_id}}/keystores/{{name}}', '{{env_id}}/{{name}}'] -skip_sweeper: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_environment_keystore.go.tmpl' +exclude_sweeper: true examples: # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keystore_test' + - name: 'apigee_environment_keystore_test' primary_resource_id: 'apigee_environment_keystore' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true - # Resource creation race -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 1 - delete_minutes: 1 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment_keystore.go.erb + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'envId' + - name: 'envId' + type: String description: | The Apigee environment group associated with the Apigee environment, in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the newly created keystore. immutable: true properties: - - !ruby/object:Api::Type::Array - name: 'aliases' - item_type: Api::Type::String + - name: 'aliases' + type: Array description: | Aliases in this keystore. output: true + item_type: + type: String diff --git a/mmv1/products/apigee/EnvReferences.yaml b/mmv1/products/apigee/EnvReferences.yaml index 2e1c4abe7f76..27150d075542 100644 --- a/mmv1/products/apigee/EnvReferences.yaml +++ b/mmv1/products/apigee/EnvReferences.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,69 +11,71 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EnvReferences' -base_url: '{{env_id}}/references' -create_url: '{{env_id}}/references/' -delete_url: '{{env_id}}/references/{{name}}' -self_link: '{{env_id}}/references/{{name}}' -immutable: true description: | An `Environment Reference` in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.references/create' +docs: +base_url: '{{env_id}}/references' +self_link: '{{env_id}}/references/{{name}}' +create_url: '{{env_id}}/references/' +delete_url: '{{env_id}}/references/{{name}}' +immutable: true +import_format: + - '{{env_id}}/references/{{name}}' + - '{{env_id}}/{{name}}' + # Resource creation race +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 autogen_async: true -import_format: ['{{env_id}}/references/{{name}}', '{{env_id}}/{{name}}'] -skip_sweeper: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_environment_reference.go.tmpl' +exclude_sweeper: true examples: # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_reference_test' + - name: 'apigee_environment_reference_test' primary_resource_id: 'apigee_environment_reference' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true - # Resource creation race -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 1 - delete_minutes: 1 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment_reference.go.erb + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'envId' + - name: 'envId' + type: String description: | The Apigee environment group associated with the Apigee environment, in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Required. The resource id of this reference. Values must match the regular expression [\w\s-.]+. - immutable: true required: true - - !ruby/object:Api::Type::String - name: 'description' + immutable: true + - name: 'description' + type: String description: | Optional. A human-readable description of this reference. immutable: true - - !ruby/object:Api::Type::String - name: 'resourceType' + - name: 'resourceType' + type: String description: | The type of resource referred to by this reference. Valid values are 'KeyStore' or 'TrustStore'. - immutable: true required: true - - !ruby/object:Api::Type::String - name: 'refers' + immutable: true + - name: 'refers' + type: String description: | Required. The id of the resource to which this reference refers. Must be the id of a resource that exists in the parent environment and is of the given resourceType. - immutable: true required: true + immutable: true diff --git a/mmv1/products/apigee/Envgroup.yaml b/mmv1/products/apigee/Envgroup.yaml index c166cb07fab0..e10d9362f2ec 100644 --- a/mmv1/products/apigee/Envgroup.yaml +++ b/mmv1/products/apigee/Envgroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,82 +11,78 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Envgroup' +description: | + An `Environment group` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups/create' +docs: base_url: 'envgroups' -create_url: '{{org_id}}/envgroups' self_link: '{{org_id}}/envgroups/{{name}}' -update_verb: :PATCH +create_url: '{{org_id}}/envgroups' +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - '{{org_id}}/envgroups/{{name}}' + - '{{org_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -description: | - An `Environment group` in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups/create' - -autogen_async: true -import_format: ['{{org_id}}/envgroups/{{name}}', '{{org_id}}/{{name}}'] +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_environment_group.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_group_basic' + - name: 'apigee_environment_group_basic' vars: envgroup_name: 'my-envgroup' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_group_basic_test' + - name: 'apigee_environment_group_basic_test' primary_resource_id: 'apigee_environment_group' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment_group.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'orgId' + - name: 'orgId' + type: String description: | The Apigee Organization associated with the Apigee environment group, in the format `organizations/{{org_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The resource ID of the environment group. required: true immutable: true - - !ruby/object:Api::Type::Array - name: 'hostnames' + - name: 'hostnames' + type: Array description: | Hostnames of the environment group. required: false - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/apigee/EnvgroupAttachment.yaml b/mmv1/products/apigee/EnvgroupAttachment.yaml index 60f3e75a2e40..1771abe12de2 100644 --- a/mmv1/products/apigee/EnvgroupAttachment.yaml +++ b/mmv1/products/apigee/EnvgroupAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,83 +11,77 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EnvgroupAttachment' +description: | + An `Environment Group attachment` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups.attachments/create' +docs: base_url: '{{envgroup_id}}/attachments' +self_link: '{{envgroup_id}}/attachments/{{name}}' create_url: '{{envgroup_id}}/attachments' delete_url: '{{envgroup_id}}/attachments/{{name}}' -self_link: '{{envgroup_id}}/attachments/{{name}}' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +immutable: true +import_format: + - '{{envgroup_id}}/attachments/{{name}}' + - '{{envgroup_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -immutable: true -description: | - An `Environment Group attachment` in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups.attachments/create' - -autogen_async: true -import_format: - ['{{envgroup_id}}/attachments/{{name}}', '{{envgroup_id}}/{{name}}'] -skip_sweeper: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_environment_group_attachment.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_group_attachment_basic' - skip_test: - true + - name: 'apigee_environment_group_attachment_basic' # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. vars: project_id: 'my-project' envgroup_name: 'my-envgroup' environment_name: 'my-environment' - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_group_attachment_basic_test' + exclude_test: true + - name: 'apigee_environment_group_attachment_basic_test' primary_resource_id: 'apigee_environment_group_attachment' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment_group_attachment.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'envgroupId' + - name: 'envgroupId' + type: String description: | The Apigee environment group associated with the Apigee environment, in the format `organizations/{{org_name}}/envgroups/{{envgroup_name}}`. - required: true url_param_only: true + required: true properties: - - !ruby/object:Api::Type::String - name: 'environment' + - name: 'environment' + type: String description: | The resource ID of the environment. required: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the newly created attachment (output parameter). output: true diff --git a/mmv1/products/apigee/Environment.yaml b/mmv1/products/apigee/Environment.yaml index d71ac491200e..03433c147ff0 100644 --- a/mmv1/products/apigee/Environment.yaml +++ b/mmv1/products/apigee/Environment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,129 +11,118 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Environment' +description: | + An `Environment` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments/create' +docs: base_url: 'environments' -create_url: '{{org_id}}/environments' self_link: '{{org_id}}/environments/{{name}}' +create_url: '{{org_id}}/environments' update_url: '{{org_id}}/environments/{{name}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - '{{org_id}}/environments/{{name}}' + - '{{org_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -description: | - An `Environment` in Apigee. -iam_policy: !ruby/object:Api::Resource::IamPolicy +iam_policy: method_name_separator: ':' parent_resource_attribute: 'env_id' - import_format: ['{{%org_id}}/environments/{{name}}', '{{name}}'] base_url: '{{org_id}}/environments/{{name}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' self_link: '{{org_id}}/environments/{{name}}' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments/create' - -autogen_async: true -import_format: ['{{org_id}}/environments/{{name}}', '{{org_id}}/{{name}}'] + import_format: + - '{{%org_id}}/environments/{{name}}' + - '{{name}}' +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_environment.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_basic' + - name: 'apigee_environment_basic' vars: environment_name: 'my-environment' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_basic_test' + - name: 'apigee_environment_basic_test' primary_resource_id: 'apigee_environment' - primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_basic_deployment_apiproxy_type_test' + - name: 'apigee_environment_basic_deployment_apiproxy_type_test' primary_resource_id: 'apigee_environment' - primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_patch_update_test' + - name: 'apigee_environment_patch_update_test' primary_resource_id: 'apigee_environment' - primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - min_version: beta + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'orgId' + - name: 'orgId' + type: String description: | The Apigee Organization associated with the Apigee environment, in the format `organizations/{{org_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The resource ID of the environment. required: true immutable: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | Display name of the environment. required: false immutable: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of the environment. required: false immutable: true - - !ruby/object:Api::Type::Enum - name: 'deploymentType' + - name: 'deploymentType' + type: Enum description: | Optional. Deployment type supported by the environment. The deployment type can be set when creating the environment and cannot be changed. When you enable archive @@ -142,62 +131,62 @@ properties: Managing the deployment of API proxy or shared flow revisions; Creating, updating, or deleting resource files; Creating, updating, or deleting target servers. - values: + immutable: true + default_from_api: true + enum_values: - 'DEPLOYMENT_TYPE_UNSPECIFIED' - 'PROXY' - 'ARCHIVE' - immutable: true - default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'apiProxyType' + - name: 'apiProxyType' + type: Enum description: | Optional. API Proxy type supported by the environment. The type can be set when creating the Environment and cannot be changed. - values: + immutable: true + default_from_api: true + enum_values: - 'API_PROXY_TYPE_UNSPECIFIED' - 'PROGRAMMABLE' - 'CONFIGURABLE' - immutable: true - default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'nodeConfig' + - name: 'nodeConfig' + type: NestedObject description: | NodeConfig for setting the min/max number of nodes associated with the environment. default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'minNodeCount' + - name: 'minNodeCount' + type: String description: | The minimum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended minimum number of nodes for that gateway. - - !ruby/object:Api::Type::String - name: 'maxNodeCount' + - name: 'maxNodeCount' + type: String description: | The maximum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended maximum number of nodes for that gateway. - - !ruby/object:Api::Type::String - name: 'currentAggregateNodeCount' + - name: 'currentAggregateNodeCount' + type: String description: | The current total number of gateway nodes that each environment currently has across all instances. output: true - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: | Types that can be selected for an Environment. Each of the types are limited by capability and capacity. Refer to Apigee's public documentation to understand about each of these types in details. An Apigee org can support heterogeneous Environments. default_from_api: true - values: + enum_values: - 'ENVIRONMENT_TYPE_UNSPECIFIED' - 'BASE' - 'INTERMEDIATE' - 'COMPREHENSIVE' - - !ruby/object:Api::Type::String - name: 'forwardProxyUri' + - name: 'forwardProxyUri' + type: String description: | Optional. URI of the forward proxy to be applied to the runtime instances in this environment. Must be in the format of {scheme}://{hostname}:{port}. Note that the scheme must be one of "http" or "https", and the port must be supplied. required: false diff --git a/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml b/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml index 9f6e10c8dff8..6c09624ea467 100644 --- a/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml +++ b/mmv1/products/apigee/EnvironmentKeyvaluemaps.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,65 +11,65 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EnvironmentKeyvaluemaps' description: | Collection of key/value string pairs. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keyvaluemaps/create' - +docs: base_url: '{{env_id}}/keyvaluemaps' +self_link: '{{env_id}}/keyvaluemaps/{{name}}/entries' create_url: '{{env_id}}/keyvaluemaps' delete_url: '{{env_id}}/keyvaluemaps/{{name}}' -self_link: '{{env_id}}/keyvaluemaps/{{name}}/entries' -import_format: ['{{env_id}}/keyvaluemaps/{{name}}', '{{env_id}}/{{name}}'] -skip_sweeper: true +immutable: true +import_format: + - '{{env_id}}/keyvaluemaps/{{name}}' + - '{{env_id}}/{{name}}' +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 +autogen_async: true +custom_code: + decoder: 'templates/terraform/decoders/apigee_environment_keyvaluemaps.go.tmpl' + custom_create: 'templates/terraform/custom_create/apigee_environment_keyvaluemaps.go.tmpl' + custom_import: 'templates/terraform/custom_import/apigee_environment_keyvaluemaps.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keyvaluemaps_basic' + - name: 'apigee_environment_keyvaluemaps_basic' primary_resource_id: 'apigee_environment_keyvaluemaps' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keyvaluemaps_test' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true + - name: 'apigee_environment_keyvaluemaps_test' primary_resource_id: 'apigee_environment_keyvaluemaps' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keyvaluemaps_beta_test' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + - name: 'apigee_environment_keyvaluemaps_beta_test' primary_resource_id: 'apigee_environment_keyvaluemaps' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - min_version: beta -immutable: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 1 - delete_minutes: 1 -autogen_async: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment_keyvaluemaps.go.erb - custom_create: 'templates/terraform/custom_create/apigee_environment_keyvaluemaps.go' - decoder: templates/terraform/decoders/apigee_environment_keyvaluemaps.go.erb + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'envId' + - name: 'envId' + type: String description: | The Apigee environment group associated with the Apigee environment, in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Required. ID of the key value map. required: true diff --git a/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml b/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml index 60a42db49fba..10ebb0d21f46 100644 --- a/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml +++ b/mmv1/products/apigee/EnvironmentKeyvaluemapsEntries.yaml @@ -1,80 +1,79 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the 'License'); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an 'AS IS' BASIS, +# distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EnvironmentKeyvaluemapsEntries' description: | Creates key value entries in a key value map scoped to an environment. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.keyvaluemaps.entries/create' - +docs: base_url: '{{env_keyvaluemap_id}}/entries' +self_link: '{{env_keyvaluemap_id}}/entries/{{name}}' create_url: '{{env_keyvaluemap_id}}/entries' delete_url: '{{env_keyvaluemap_id}}/entries/{{name}}' -self_link: '{{env_keyvaluemap_id}}/entries/{{name}}' +immutable: true import_format: - ['{{env_keyvaluemap_id}}/entries/{{name}}', '{{env_keyvaluemap_id}}/{{name}}'] -skip_sweeper: true + - '{{env_keyvaluemap_id}}/entries/{{name}}' + - '{{env_keyvaluemap_id}}/{{name}}' +timeouts: + insert_minutes: 1 + update_minutes: 20 + delete_minutes: 1 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_environment_keyvaluemaps_entries.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keyvaluemaps_entries_basic' + - name: 'apigee_environment_keyvaluemaps_entries_basic' primary_resource_id: 'apigee_environment_keyvaluemaps_entries' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keyvaluemaps_entries_test' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true + - name: 'apigee_environment_keyvaluemaps_entries_test' primary_resource_id: 'apigee_environment_keyvaluemaps_entries' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_environment_keyvaluemaps_entries_beta_test' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true + - name: 'apigee_environment_keyvaluemaps_entries_beta_test' primary_resource_id: 'apigee_environment_keyvaluemaps_entries' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - min_version: beta -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 1 - delete_minutes: 1 -immutable: true -autogen_async: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment_keyvaluemaps_entries.go.erb + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'env_keyvaluemap_id' + - name: 'env_keyvaluemap_id' + type: String description: | The Apigee environment keyvalumaps Id associated with the Apigee environment, in the format `organizations/{{org_name}}/environments/{{env_name}}/keyvaluemaps/{{keyvaluemap_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Required. Resource URI that can be used to identify the scope of the key value map entries. required: true immutable: true - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | Required. Data or payload that is being retrieved and associated with the unique key. required: true diff --git a/mmv1/products/apigee/Instance.yaml b/mmv1/products/apigee/Instance.yaml index f2ec7b7cd9c2..7af8975f474f 100644 --- a/mmv1/products/apigee/Instance.yaml +++ b/mmv1/products/apigee/Instance.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,165 +11,146 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Instance' +description: | + An `Instance` is the runtime dataplane in Apigee. +references: + guides: + 'Creating a runtime instance': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' +docs: base_url: 'instances' -create_url: '{{org_id}}/instances' self_link: '{{org_id}}/instances/{{name}}' -create_verb: :POST -update_verb: :PATCH +create_url: '{{org_id}}/instances' +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +immutable: false +mutex: '{{org_id}}/apigeeInstances' +import_format: + - '{{org_id}}/instances/{{name}}' + - '{{org_id}}/{{name}}' +timeouts: + insert_minutes: 60 + update_minutes: 20 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -immutable: false -description: | - An `Instance` is the runtime dataplane in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating a runtime instance': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' +custom_code: + constants: 'templates/terraform/constants/apigee_instance.go.tmpl' + custom_import: 'templates/terraform/custom_import/apigee_instance.go.tmpl' +error_retry_predicates: -autogen_async: true -import_format: ['{{org_id}}/instances/{{name}}', '{{org_id}}/{{name}}'] -mutex: '{{org_id}}/apigeeInstances' -error_retry_predicates: ['transport_tpg.IsApigeeRetryableError'] + - 'transport_tpg.IsApigeeRetryableError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_basic' + - name: 'apigee_instance_basic' vars: instance_name: 'my-instance-name' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_basic_test' + - name: 'apigee_instance_basic_test' primary_resource_id: 'apigee_instance' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_cidr_range' + - name: 'apigee_instance_cidr_range' vars: instance_name: 'my-instance-name' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_cidr_range_test' + - name: 'apigee_instance_cidr_range_test' primary_resource_id: 'apigee_instance' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_ip_range' + - name: 'apigee_instance_ip_range' vars: instance_name: 'my-instance-name' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_ip_range_test' + - name: 'apigee_instance_ip_range_test' primary_resource_id: 'apigee_instance' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_full' + - name: 'apigee_instance_full' vars: instance_name: 'my-instance-name' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_full_test' + - name: 'apigee_instance_full_test' primary_resource_id: 'apigee_instance' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - min_version: - beta + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_service_attachment_basic_test' + - name: 'apigee_instance_service_attachment_basic_test' primary_resource_id: 'apigee_instance' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 60 - update_minutes: 20 - delete_minutes: 60 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_instance.go.erb - constants: templates/terraform/constants/apigee_instance.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'orgId' + - name: 'orgId' + type: String description: | The Apigee Organization associated with the Apigee instance, in the format `organizations/{{org_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Resource ID of the instance. required: true immutable: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | Required. Compute Engine location where the instance resides. required: true immutable: true - - !ruby/object:Api::Type::String - name: 'peeringCidrRange' + - name: 'peeringCidrRange' + type: String description: | The size of the CIDR block range that will be reserved by the instance. For valid values, see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. - default_from_api: true immutable: true - - !ruby/object:Api::Type::String - name: 'ipRange' + default_from_api: true + - name: 'ipRange' + type: String description: | IP range represents the customer-provided CIDR block of length 22 that will be used for the Apigee instance creation. This optional range, if provided, should be freely @@ -180,34 +161,34 @@ properties: Input format: "a.b.c.d/22" immutable: true ignore_read: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of the instance. immutable: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | Display name of the instance. immutable: true - - !ruby/object:Api::Type::String - name: 'diskEncryptionKeyName' + - name: 'diskEncryptionKeyName' + type: String description: | Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` immutable: true - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service. output: true - - !ruby/object:Api::Type::String - name: 'port' + - name: 'port' + type: String description: | Output only. Port number of the exposed Apigee endpoint. output: true - - !ruby/object:Api::Type::Array - name: 'consumerAcceptList' + - name: 'consumerAcceptList' + type: Array description: | Optional. Customer accept list represents the list of projects (id/number) on customer side that can privately connect to the service attachment. It is an optional field @@ -216,9 +197,10 @@ properties: required: false default_from_api: true diff_suppress_func: 'projectListDiffSuppress' - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'serviceAttachment' + item_type: + type: String + - name: 'serviceAttachment' + type: String description: | Output only. Resource name of the service attachment created for the instance in the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately diff --git a/mmv1/products/apigee/InstanceAttachment.yaml b/mmv1/products/apigee/InstanceAttachment.yaml index f098d6ed2778..b6fde339e98a 100644 --- a/mmv1/products/apigee/InstanceAttachment.yaml +++ b/mmv1/products/apigee/InstanceAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,84 +11,79 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'InstanceAttachment' +description: | + An `Instance attachment` in Apigee. +references: + guides: + 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.attachments/create' +docs: base_url: '{{instance_id}}/attachments' +self_link: '{{instance_id}}/attachments/{{name}}' create_url: '{{instance_id}}/attachments' delete_url: '{{instance_id}}/attachments/{{name}}' -self_link: '{{instance_id}}/attachments/{{name}}' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +immutable: true +mutex: 'apigeeInstanceAttachments' +import_format: + - '{{instance_id}}/attachments/{{name}}' + - '{{instance_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -immutable: true -description: | - An `Instance attachment` in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.attachments/create' +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_instance_attachment.go.tmpl' # Skipping the sweeper due to the non-standard instance_id -skip_sweeper: true -autogen_async: true -import_format: - ['{{instance_id}}/attachments/{{name}}', '{{instance_id}}/{{name}}'] -mutex: 'apigeeInstanceAttachments' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_attachment_basic' + - name: 'apigee_instance_attachment_basic' vars: project_id: 'my-project' instance_name: 'my-instance-name' environment_name: 'my-environment-name' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_instance_attachment_basic_test' + - name: 'apigee_instance_attachment_basic_test' primary_resource_id: 'apigee_instance_attachment' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_instance_attachment.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'instanceId' + - name: 'instanceId' + type: String description: | The Apigee instance associated with the Apigee environment, in the format `organizations/{{org_name}}/instances/{{instance_name}}`. - required: true url_param_only: true + required: true properties: - - !ruby/object:Api::Type::String - name: 'environment' + - name: 'environment' + type: String description: | The resource ID of the environment. required: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the newly created attachment (output parameter). output: true diff --git a/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml b/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml index 972e2374de11..5e90f0ff30ea 100644 --- a/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml +++ b/mmv1/products/apigee/KeystoresAliasesSelfSignedCert.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,210 +11,211 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'KeystoresAliasesSelfSignedCert' -base_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -create_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases?alias={{alias}}&format=selfsignedcert' -self_link: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -delete_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -immutable: true description: | An Environment Keystore Alias for Self Signed Certificate Format in Apigee -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores.aliases/create' -autogen_async: true +docs: +base_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +self_link: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +create_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases?alias={{alias}}&format=selfsignedcert' +delete_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +immutable: true import_format: - [ - 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}', - ] -skip_sweeper: true + - 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' +# Resource creation race +timeouts: + insert_minutes: 30 + update_minutes: 20 + delete_minutes: 30 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_env_keystore_alias_self_signed_cert.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - name: 'apigee_env_keystore_alias_self_signed_cert' + - name: 'apigee_env_keystore_alias_self_signed_cert' primary_resource_id: 'apigee_environment_keystore_ss_alias' - # Resource uses multipart boundary which by default is random - skip_vcr: true vars: project_id: 'my-project' environment_name: 'env-name' keystore_name: 'env-keystore' keystores_alias: 'alias' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT -# Resource creation race -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_env_keystore_alias_self_signed_cert.go.erb + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + # Resource uses multipart boundary which by default is random + skip_vcr: true parameters: - - !ruby/object:Api::Type::String - name: 'orgId' + - name: 'orgId' + type: String description: | The Apigee Organization name associated with the Apigee environment + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'environment' + - name: 'environment' + type: String description: | The Apigee environment name + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'keystore' + - name: 'keystore' + type: String description: | The Apigee keystore name associated in an Apigee environment - required: true - immutable: true url_param_only: true - - !ruby/object:Api::Type::String - name: 'alias' - immutable: true required: true + immutable: true + - name: 'alias' + type: String description: | Alias for the key/certificate pair. Values must match the regular expression [\w\s-.]{1,255}. This must be provided for all formats except selfsignedcert; self-signed certs may specify the alias in either this parameter or the JSON body. - - !ruby/object:Api::Type::NestedObject - name: 'subjectAlternativeDnsNames' + required: true immutable: true + - name: 'subjectAlternativeDnsNames' + type: NestedObject description: | List of alternative host names. Maximum length is 255 characters for each value. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'subjectAlternativeName' + - name: 'subjectAlternativeName' + type: String description: Subject Alternative Name - - !ruby/object:Api::Type::String - name: 'keySize' + - name: 'keySize' + type: String description: | Key size. Default and maximum value is 2048 bits. ignore_read: true - - !ruby/object:Api::Type::String - name: 'sigAlg' - immutable: true - required: true - ignore_read: true + - name: 'sigAlg' + type: String description: | Signature algorithm to generate private key. Valid values are SHA512withRSA, SHA384withRSA, and SHA256withRSA - - !ruby/object:Api::Type::NestedObject - name: subject - immutable: true required: true + immutable: true + ignore_read: true + - name: 'subject' + type: NestedObject description: Subject details. + required: true + immutable: true ignore_read: true properties: - - !ruby/object:Api::Type::String - name: 'countryCode' + - name: 'countryCode' + type: String description: Two-letter country code. Example, IN for India, US for United States of America. ignore_read: true - - !ruby/object:Api::Type::String - name: 'state' + - name: 'state' + type: String description: State or district name. Maximum length is 128 characters. ignore_read: true - - !ruby/object:Api::Type::String - name: 'locality' + - name: 'locality' + type: String description: City or town name. Maximum length is 128 characters. ignore_read: true - - !ruby/object:Api::Type::String - name: 'org' + - name: 'org' + type: String description: Organization name. Maximum length is 64 characters. ignore_read: true - - !ruby/object:Api::Type::String - name: 'orgUnit' + - name: 'orgUnit' + type: String description: Organization team name. Maximum length is 64 characters. ignore_read: true - - !ruby/object:Api::Type::String - name: 'commonName' - ignore_read: true + - name: 'commonName' + type: String description: | Common name of the organization. Maximum length is 64 characters. - - !ruby/object:Api::Type::String - name: 'email' + ignore_read: true + - name: 'email' + type: String description: Email address. Max 255 characters. ignore_read: true - - !ruby/object:Api::Type::Integer - name: certValidityInDays - immutable: true - ignore_read: true + - name: 'certValidityInDays' + type: Integer description: | Validity duration of certificate, in days. Accepts positive non-zero value. Defaults to 365. + immutable: true + ignore_read: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'certsInfo' + - name: 'certsInfo' + type: NestedObject description: Chain of certificates under this alias. output: true properties: - - !ruby/object:Api::Type::Array - name: 'certInfo' + - name: 'certInfo' + type: Array description: List of all properties in the object. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'version' + - name: 'version' + type: Integer description: X.509 version. output: true - - !ruby/object:Api::Type::String - name: 'subject' + - name: 'subject' + type: String description: X.509 subject. output: true - - !ruby/object:Api::Type::String - name: 'issuer' + - name: 'issuer' + type: String description: X.509 issuer. output: true - - !ruby/object:Api::Type::String - name: 'expiryDate' + - name: 'expiryDate' + type: String description: X.509 notAfter validity period in milliseconds since epoch. output: true - - !ruby/object:Api::Type::String - name: 'validFrom' + - name: 'validFrom' + type: String description: X.509 notBefore validity period in milliseconds since epoch. output: true - - !ruby/object:Api::Type::String - name: 'isValid' + - name: 'isValid' + type: String description: | Flag that specifies whether the certificate is valid. Flag is set to Yes if the certificate is valid, No if expired, or Not yet if not yet valid. output: true - - !ruby/object:Api::Type::Array - name: 'subjectAlternativeNames' + - name: 'subjectAlternativeNames' + type: Array description: X.509 subject alternative names (SANs) extension. output: true - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'sigAlgName' - output: true + item_type: + type: String + - name: 'sigAlgName' + type: String description: X.509 signatureAlgorithm. - - !ruby/object:Api::Type::String - name: 'publicKey' output: true + - name: 'publicKey' + type: String description: Public key component of the X.509 subject public key info. - - !ruby/object:Api::Type::String - name: 'basicConstraints' output: true + - name: 'basicConstraints' + type: String description: X.509 basic constraints extension. - - !ruby/object:Api::Type::String - name: 'serialNumber' output: true + - name: 'serialNumber' + type: String description: X.509 serial number. - - !ruby/object:Api::Type::Enum - name: 'type' - output: true + output: true + - name: 'type' + type: Enum description: | Optional.Type of Alias - values: + output: true + enum_values: - 'ALIAS_TYPE_UNSPECIFIED' - 'CERT' - 'KEY_CERT' diff --git a/mmv1/products/apigee/NatAddress.yaml b/mmv1/products/apigee/NatAddress.yaml index eb5285ac7ba6..258265fc64d3 100644 --- a/mmv1/products/apigee/NatAddress.yaml +++ b/mmv1/products/apigee/NatAddress.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,87 +11,98 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NatAddress' +description: | + Apigee NAT (network address translation) address. A NAT address is a static external IP address used for Internet egress traffic. This is not avaible for Apigee hybrid. +references: + guides: + 'Provisioning NAT IPs': 'https://cloud.google.com/apigee/docs/api-platform/security/nat-provisioning' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses' +docs: base_url: '{{instance_id}}/natAddresses' +self_link: '{{instance_id}}/natAddresses/{{name}}' create_url: '{{instance_id}}/natAddresses' delete_url: '{{instance_id}}/natAddresses/{{name}}' -self_link: '{{instance_id}}/natAddresses/{{name}}' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +immutable: false +import_format: + - '{{instance_id}}/natAddresses/{{name}}' + - '{{instance_id}}/{{name}}' +timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -immutable: true -description: | - Apigee NAT (network address translation) address. A NAT address is a static external IP address used for Internet egress traffic. This is not avaible for Apigee hybrid. - Apigee NAT addresses are not automatically activated because they might require explicit allow entries on the target systems first. See https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses/activate -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Provisioning NAT IPs': 'https://cloud.google.com/apigee/docs/api-platform/security/nat-provisioning' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses' - -autogen_async: true -import_format: - ['{{instance_id}}/natAddresses/{{name}}', '{{instance_id}}/{{name}}'] -skip_sweeper: true +custom_code: + constants: 'templates/terraform/constants/apigee_nat_address.go.tmpl' + encoder: 'templates/terraform/encoders/apigee_nat_address.go.tmpl' + decoder: 'templates/terraform/decoders/apigee_nat_address.go.tmpl' + post_create: 'templates/terraform/post_create/apigee_nat_address.go.tmpl' + custom_update: 'templates/terraform/custom_update/apigee_nat_address.go.tmpl' + custom_import: 'templates/terraform/custom_import/apigee_nat_address.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_nat_address_basic' + - name: 'apigee_nat_address_basic' vars: nat_address_name: 'my-nat-address' - skip_test: - true + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_nat_address_basic_test' + - name: 'apigee_nat_address_basic_test' primary_resource_id: 'apigee_nat_address' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: - true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - delete_minutes: 30 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_nat_address.go.erb + - name: 'apigee_nat_address_with_activate' + vars: + nat_address_name: 'my-nat-address' + nat_address_activate: 'true' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'instanceId' + - name: 'instanceId' + type: String description: | The Apigee instance associated with the Apigee environment, in the format `organizations/{{org_name}}/instances/{{instance_name}}`. - required: true url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Resource ID of the NAT address. required: true - - !ruby/object:Api::Type::String - name: 'ipAddress' + immutable: true + - name: 'activate' + type: Boolean + description: | + Flag that specifies whether the reserved NAT address should be activate. + required: false + default_value: false + - name: 'ipAddress' + type: String description: | The allocated NAT IP address. output: true - - !ruby/object:Api::Type::String - name: 'state' + - name: 'state' + type: String description: | State of the NAT IP address. output: true diff --git a/mmv1/products/apigee/Organization.yaml b/mmv1/products/apigee/Organization.yaml index 0ece34f931fa..05e38966e049 100644 --- a/mmv1/products/apigee/Organization.yaml +++ b/mmv1/products/apigee/Organization.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,272 +11,252 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Organization' +description: | + An `Organization` is the top-level container in Apigee. +references: + guides: + 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' + api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations' +docs: base_url: 'organizations' +self_link: 'organizations/{{name}}' create_url: 'organizations?parent=projects/{{project_id}}' delete_url: 'organizations/{{name}}?retention={{retention}}' -self_link: 'organizations/{{name}}' -async: !ruby/object:Api::OpAsync +timeouts: + insert_minutes: 45 + update_minutes: 45 + delete_minutes: 45 +autogen_async: true +async: actions: ['create', 'update'] - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 45 update_minutes: 45 delete_minutes: 45 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -description: | - An `Organization` is the top-level container in Apigee. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations' - -autogen_async: true +custom_code: + encoder: 'templates/terraform/encoders/apigee_organization.go.tmpl' + custom_import: 'templates/terraform/custom_import/apigee_organization.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_basic' - skip_test: - true + - name: 'apigee_organization_cloud_basic' + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_basic_test' + - name: 'apigee_organization_cloud_basic_test' primary_resource_id: 'org' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' ignore_read_extra: - - properties - skip_docs: - true + - 'properties' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_basic_disable_vpc_peering' - skip_test: - true + - name: 'apigee_organization_cloud_basic_disable_vpc_peering' + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_basic_disable_vpc_peering_test' + - name: 'apigee_organization_cloud_basic_disable_vpc_peering_test' primary_resource_id: 'org' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' ignore_read_extra: - - properties - skip_docs: - true + - 'properties' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_full' - skip_test: - true + - name: 'apigee_organization_cloud_full' + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. While all Apigee # resources in this test are in the GA API, we depend on a service # identity resource which is only available in the beta provider. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_full_test' + - name: 'apigee_organization_cloud_full_test' primary_resource_id: 'org' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' ignore_read_extra: - - properties - skip_docs: true - min_version: - beta + - 'properties' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_full_disable_vpc_peering' - skip_test: - true + - name: 'apigee_organization_cloud_full_disable_vpc_peering' + exclude_test: true # This is a more verbose version of the above that creates all # the resources needed for the acceptance test. While all Apigee # resources in this test are in the GA API, we depend on a service # identity resource which is only available in the beta provider. - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_cloud_full_disable_vpc_peering_test' + - name: 'apigee_organization_cloud_full_disable_vpc_peering_test' primary_resource_id: 'org' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' ignore_read_extra: - - properties - skip_docs: true - min_version: - beta + - 'properties' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_retention_test' + - name: 'apigee_organization_retention_test' primary_resource_id: 'org' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - min_version: - beta + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_organization_drz_test' + - name: 'apigee_organization_drz_test' primary_resource_id: 'org' + min_version: 'beta' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true - min_version: - beta + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_organization.go.erb - encoder: templates/terraform/encoders/apigee_organization.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | The project ID associated with the Apigee organization. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Enum - name: 'retention' + - name: 'retention' + type: Enum description: | Optional. This setting is applicable only for organizations that are soft-deleted (i.e., BillingType is not EVALUATION). It controls how long Organization data will be retained after the initial delete operation completes. During this period, the Organization may be restored to its last known state. After this period, the Organization will no longer be able to be restored. - values: + url_param_only: true + required: false + default_value: "DELETION_RETENTION_UNSPECIFIED" + enum_values: - 'DELETION_RETENTION_UNSPECIFIED' - 'MINIMUM' - default_value: :DELETION_RETENTION_UNSPECIFIED - required: false - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Output only. Name of the Apigee organization. output: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | The display name of the Apigee organization. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of the Apigee organization. - - !ruby/object:Api::Type::String - name: 'analyticsRegion' + - name: 'analyticsRegion' + type: String description: | Primary GCP region for analytics data storage. For valid values, see [Create an Apigee organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). immutable: true - - !ruby/object:Api::Type::String - name: 'apiConsumerDataLocation' + - name: 'apiConsumerDataLocation' + type: String description: | This field is needed only for customers using non-default data residency regions. Apigee stores some control plane data only in single region. This field determines which single region Apigee should use. immutable: true - - !ruby/object:Api::Type::String - name: 'apiConsumerDataEncryptionKeyName' + - name: 'apiConsumerDataEncryptionKeyName' + type: String description: | Cloud KMS key name used for encrypting API consumer data. immutable: true - - !ruby/object:Api::Type::String - name: 'controlPlaneEncryptionKeyName' + - name: 'controlPlaneEncryptionKeyName' + type: String description: | Cloud KMS key name used for encrypting control plane data that is stored in a multi region. Only used for the data residency region "US" or "EU". immutable: true - - !ruby/object:Api::Type::String - name: 'authorizedNetwork' + - name: 'authorizedNetwork' + type: String description: | Compute Engine network used for Service Networking to be peered with Apigee runtime instances. See [Getting started with the Service Networking API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). Valid only when `RuntimeType` is set to CLOUD. The value can be updated only when there are no runtime instances. For example: "default". - - !ruby/object:Api::Type::Boolean - name: 'disableVpcPeering' + - name: 'disableVpcPeering' + type: Boolean description: | Flag that specifies whether the VPC Peering through Private Google Access should be disabled between the consumer network and Apigee. Required if an `authorizedNetwork` on the consumer project is not provided, in which case the flag should be set to `true`. Valid only when `RuntimeType` is set to CLOUD. The value must be set before the creation of any Apigee runtime instance and can be updated only when there are no runtime instances. - - !ruby/object:Api::Type::Enum - name: 'runtimeType' + - name: 'runtimeType' + type: Enum description: | Runtime type of the Apigee organization based on the Apigee subscription purchased. - values: + immutable: true + default_value: "CLOUD" + enum_values: - 'CLOUD' - 'HYBRID' - default_value: :CLOUD - immutable: true - - !ruby/object:Api::Type::String - name: 'subscriptionType' + - name: 'subscriptionType' + type: String description: | Output only. Subscription type of the Apigee organization. Valid values include trial (free, limited, and for evaluation purposes only) or paid (full subscription has been purchased). output: true - - !ruby/object:Api::Type::String - name: 'billingType' + - name: 'billingType' + type: String description: | Billing type of the Apigee organization. See [Apigee pricing](https://cloud.google.com/apigee/pricing). immutable: true default_from_api: true - - !ruby/object:Api::Type::String - name: 'caCertificate' + - name: 'caCertificate' + type: String description: | Output only. Base64-encoded public certificate for the root CA of the Apigee organization. Valid only when `RuntimeType` is CLOUD. A base64-encoded string. output: true - - !ruby/object:Api::Type::String - name: 'runtimeDatabaseEncryptionKeyName' + - name: 'runtimeDatabaseEncryptionKeyName' + type: String description: | Cloud KMS key name used for encrypting the data that is stored and replicated across runtime instances. Update is not allowed after the organization is created. If not specified, a Google-Managed encryption key will be used. Valid only when `RuntimeType` is CLOUD. For example: `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`. immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'properties' + - name: 'properties' + type: NestedObject description: Properties defined in the Apigee organization profile. default_from_api: true properties: - - !ruby/object:Api::Type::Array - name: 'property' + - name: 'property' + type: Array description: List of all properties in the object. - custom_flatten: 'templates/terraform/custom_flatten/apigee_organization_property.go.erb' - item_type: !ruby/object:Api::Type::NestedObject + custom_flatten: 'templates/terraform/custom_flatten/apigee_organization_property.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: Name of the property. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: Value of the property. - - !ruby/object:Api::Type::String - name: 'apigeeProjectId' + - name: 'apigeeProjectId' + type: String description: | Output only. Project ID of the Apigee Tenant Project. output: true diff --git a/mmv1/products/apigee/SyncAuthorization.yaml b/mmv1/products/apigee/SyncAuthorization.yaml index 09f13739088c..2d0d86f1597b 100644 --- a/mmv1/products/apigee/SyncAuthorization.yaml +++ b/mmv1/products/apigee/SyncAuthorization.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,47 +11,50 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'SyncAuthorization' -self_link: 'organizations/{{name}}:getSyncAuthorization' -base_url: '' -create_url: 'organizations/{{name}}:setSyncAuthorization' -update_url: 'organizations/{{name}}:setSyncAuthorization' -read_verb: :POST -update_verb: :POST description: | Authorize the Synchronizer to download environment data from the control plane. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Enable Synchronizer access': 'https://cloud.google.com/apigee/docs/hybrid/v1.8/synchronizer-access#enable-synchronizer-access' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#getsyncauthorization' - +docs: id_format: 'organizations/{{name}}/syncAuthorization' -import_format: ['organizations/{{name}}/syncAuthorization'] -skip_delete: true +base_url: '' +self_link: 'organizations/{{name}}:getSyncAuthorization' +create_url: 'organizations/{{name}}:setSyncAuthorization' +update_url: 'organizations/{{name}}:setSyncAuthorization' +update_verb: 'POST' +read_verb: 'POST' +exclude_delete: true +import_format: + - 'organizations/{{name}}/syncAuthorization' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_sync_authorization_basic_test' + - name: 'apigee_sync_authorization_basic_test' primary_resource_id: 'apigee_sync_authorization' vars: account_id: 'my-account' project_id: 'my-project' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Name of the Apigee organization. url_param_only: true + required: true immutable: true properties: - - !ruby/object:Api::Type::Array - name: 'identities' - required: true - send_empty_value: true + - name: 'identities' + type: Array description: | Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`. @@ -60,9 +63,13 @@ properties: You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one. The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts). - item_type: Api::Type::String - - !ruby/object:Api::Type::Fingerprint - name: 'etag' + required: true + send_empty_value: true + item_type: + type: String + - name: 'etag' + type: Fingerprint description: | Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other. Used internally during updates. + output: true diff --git a/mmv1/products/apigee/TargetServer.yaml b/mmv1/products/apigee/TargetServer.yaml index 15386e902cf2..acd3a29927a6 100644 --- a/mmv1/products/apigee/TargetServer.yaml +++ b/mmv1/products/apigee/TargetServer.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,144 +11,146 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetServer' -base_url: '{{env_id}}/targetservers' -create_url: '{{env_id}}/targetservers' -delete_url: '{{env_id}}/targetservers/{{name}}' -self_link: '{{env_id}}/targetservers/{{name}}' -update_url: '{{env_id}}/targetservers/{{name}}' description: | TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Load balancing across backend servers': 'https://cloud.google.com/apigee/docs/api-platform/deploy/load-balancing-across-backend-servers' api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.targetservers/create' -import_format: ['{{env_id}}/targetservers/{{name}}', '{{env_id}}/{{name}}'] -skip_sweeper: true +docs: +base_url: '{{env_id}}/targetservers' +self_link: '{{env_id}}/targetservers/{{name}}' +create_url: '{{env_id}}/targetservers' +update_url: '{{env_id}}/targetservers/{{name}}' +delete_url: '{{env_id}}/targetservers/{{name}}' +import_format: + - '{{env_id}}/targetservers/{{name}}' + - '{{env_id}}/{{name}}' +timeouts: + insert_minutes: 1 + update_minutes: 1 + delete_minutes: 1 +autogen_async: true +custom_code: + custom_import: 'templates/terraform/custom_import/apigee_target_server.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_target_server_test_basic' + - name: 'apigee_target_server_test_basic' primary_resource_id: 'apigee_target_server' vars: project_id: 'my-project' environment_name: 'my-environment-name' target_server: 'my-target-server' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'apigee_target_server_test' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true + - name: 'apigee_target_server_test' primary_resource_id: 'apigee_target_server' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 1 - update_minutes: 1 - delete_minutes: 1 - -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_target_server.go.erb -autogen_async: true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'envId' + - name: 'envId' + type: String description: | The Apigee environment group associated with the Apigee environment, in the format `organizations/{{org_name}}/environments/{{env_name}}`. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The resource id of this reference. Values must match the regular expression [\w\s-.]+. - immutable: true required: true - - !ruby/object:Api::Type::String - name: 'description' + immutable: true + - name: 'description' + type: String description: | A human-readable description of this TargetServer. - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | The host name this target connects to. Value must be a valid hostname as described by RFC-1123. required: true - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | The port number this target connects to on the given host. Value must be between 1 and 65535, inclusive. required: true - - !ruby/object:Api::Type::Boolean - name: 'isEnabled' + - name: 'isEnabled' + type: Boolean description: | Enabling/disabling a TargetServer is useful when TargetServers are used in load balancing configurations, and one or more TargetServers need to taken out of rotation periodically. Defaults to true. default_value: true - - !ruby/object:Api::Type::NestedObject - name: 'sSLInfo' + - name: 'sSLInfo' + type: NestedObject description: Specifies TLS configuration info for this TargetServer. The JSON name is sSLInfo for legacy/backwards compatibility reasons -- Edge originally supported SSL, and the name is still used for TLS configuration. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: | Enables TLS. If false, neither one-way nor two-way TLS will be enabled. required: true - - !ruby/object:Api::Type::Boolean - name: 'clientAuthEnabled' + - name: 'clientAuthEnabled' + type: Boolean description: | Enables two-way TLS. - - !ruby/object:Api::Type::String - name: 'keyStore' + - name: 'keyStore' + type: String description: | Required if clientAuthEnabled is true. The resource ID of the keystore. - - !ruby/object:Api::Type::String - name: 'keyAlias' + - name: 'keyAlias' + type: String description: | Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert. - - !ruby/object:Api::Type::String - name: 'trustStore' + - name: 'trustStore' + type: String description: | The resource ID of the truststore. - - !ruby/object:Api::Type::Boolean - name: 'ignoreValidationErrors' + - name: 'ignoreValidationErrors' + type: Boolean description: | If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails. - - !ruby/object:Api::Type::Array - name: 'protocols' - item_type: Api::Type::String + - name: 'protocols' + type: Array description: | The TLS versioins to be used. - - !ruby/object:Api::Type::Array - name: 'ciphers' - item_type: Api::Type::String + item_type: + type: String + - name: 'ciphers' + type: Array description: | The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3. - - !ruby/object:Api::Type::NestedObject - name: 'commonName' + item_type: + type: String + - name: 'commonName' + type: NestedObject description: The TLS Common Name of the certificate. properties: - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The TLS Common Name string of the certificate. - - !ruby/object:Api::Type::Boolean - name: 'wildcardMatch' + - name: 'wildcardMatch' + type: Boolean description: | Indicates whether the cert should be matched against as a wildcard cert. - - !ruby/object:Api::Type::Enum - name: 'protocol' - immutable: true - default_from_api: true + - name: 'protocol' + type: Enum description: | Immutable. The protocol used by this TargetServer. - values: - - :HTTP - - :HTTP2 - - :GRPC_TARGET - - :GRPC - - :EXTERNAL_CALLOUT + immutable: true + default_from_api: true + enum_values: + - 'HTTP' + - 'HTTP2' + - 'GRPC_TARGET' + - 'GRPC' + - 'EXTERNAL_CALLOUT' diff --git a/mmv1/products/apigee/go_AddonsConfig.yaml b/mmv1/products/apigee/go_AddonsConfig.yaml deleted file mode 100644 index 295fb7026857..000000000000 --- a/mmv1/products/apigee/go_AddonsConfig.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AddonsConfig' -description: | - Configures the add-ons for the Apigee organization. The existing add-on configuration will be fully replaced. -references: - guides: - 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#setaddons' -docs: -base_url: 'organizations' -self_link: 'organizations/{{org}}' -create_url: 'organizations/{{org}}:setAddons' -update_url: 'organizations/{{org}}:setAddons' -update_verb: 'POST' -delete_url: 'organizations/{{org}}:setAddons' -delete_verb: 'POST' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'update', 'delete'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_addons.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/apigee_addons_override.go.tmpl' -examples: - - name: 'apigee_addons_basic' - skip_test: true - - name: 'apigee_addons_full' - skip_test: true - - name: 'apigee_addons_test' - primary_resource_id: 'apigee_org_addons' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true -parameters: - - name: 'org' - type: String - description: | - Name of the Apigee organization. - url_param_only: true - required: true - immutable: true -properties: - - name: 'addonsConfig' - type: NestedObject - description: Addon configurations of the Apigee organization. - properties: - - name: 'advancedApiOpsConfig' - type: NestedObject - description: Configuration for the Monetization add-on. - properties: - - name: 'enabled' - type: Boolean - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - - name: 'integrationConfig' - type: NestedObject - description: Configuration for the Monetization add-on. - properties: - - name: 'enabled' - type: Boolean - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - - name: 'monetizationConfig' - type: NestedObject - description: Configuration for the Monetization add-on. - properties: - - name: 'enabled' - type: Boolean - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - - name: 'apiSecurityConfig' - type: NestedObject - description: Configuration for the Monetization add-on. - properties: - - name: 'enabled' - type: Boolean - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - - name: 'expiresAt' - type: String - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - output: true - - name: 'connectorsPlatformConfig' - type: NestedObject - description: Configuration for the Monetization add-on. - properties: - - name: 'enabled' - type: Boolean - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - - name: 'expiresAt' - type: String - description: - Flag that specifies whether the Advanced API Ops add-on is - enabled. - output: true diff --git a/mmv1/products/apigee/go_EndpointAttachment.yaml b/mmv1/products/apigee/go_EndpointAttachment.yaml deleted file mode 100644 index e3f8a2114b5b..000000000000 --- a/mmv1/products/apigee/go_EndpointAttachment.yaml +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EndpointAttachment' -description: | - Apigee Endpoint Attachment. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create' -docs: -base_url: 'endpointAttachments' -self_link: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' -create_url: '{{org_id}}/endpointAttachments?endpointAttachmentId={{endpoint_attachment_id}}' -delete_url: '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' -immutable: true -import_format: - - '{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}' - - '{{org_id}}/{{endpoint_attachment_id}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_endpoint_attachment.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_endpoint_attachment_basic' - skip_test: true - - name: 'apigee_endpoint_attachment_basic_test' - primary_resource_id: 'apigee_endpoint_attachment' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'orgId' - type: String - description: | - The Apigee Organization associated with the Apigee instance, - in the format `organizations/{{org_name}}`. - url_param_only: true - required: true - immutable: true - - name: 'endpointAttachmentId' - type: String - description: | - ID of the endpoint attachment. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Name of the Endpoint Attachment in the following format: - organizations/{organization}/endpointAttachments/{endpointAttachment}. - output: true - - name: 'location' - type: String - description: | - Location of the endpoint attachment. - required: true - - name: 'host' - type: String - description: | - Host that can be used in either HTTP Target Endpoint directly, or as the host in Target Server. - output: true - - name: 'serviceAttachment' - type: String - description: | - Format: projects/*/regions/*/serviceAttachments/* - required: true - - name: 'connectionState' - type: String - description: | - State of the endpoint attachment connection to the service attachment. - output: true diff --git a/mmv1/products/apigee/go_EnvKeystore.yaml b/mmv1/products/apigee/go_EnvKeystore.yaml deleted file mode 100644 index 21663e90436d..000000000000 --- a/mmv1/products/apigee/go_EnvKeystore.yaml +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EnvKeystore' -description: | - An `Environment KeyStore` in Apigee. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores/create' -docs: -base_url: '{{env_id}}/keystores' -self_link: '{{env_id}}/keystores/{{name}}' -create_url: '{{env_id}}/keystores' -delete_url: '{{env_id}}/keystores/{{name}}' -immutable: true -import_format: - - '{{env_id}}/keystores/{{name}}' - - '{{env_id}}/{{name}}' -timeouts: - insert_minutes: 1 - update_minutes: 20 - delete_minutes: 1 -autogen_async: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_environment_keystore.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_environment_keystore_test' - primary_resource_id: 'apigee_environment_keystore' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true -parameters: - - name: 'envId' - type: String - description: | - The Apigee environment group associated with the Apigee environment, - in the format `organizations/{{org_name}}/environments/{{env_name}}`. - url_param_only: true - required: true - immutable: true - - name: 'name' - type: String - description: | - The name of the newly created keystore. - immutable: true -properties: - - name: 'aliases' - type: Array - description: | - Aliases in this keystore. - output: true - item_type: - type: String diff --git a/mmv1/products/apigee/go_EnvReferences.yaml b/mmv1/products/apigee/go_EnvReferences.yaml deleted file mode 100644 index 8fb1015eba65..000000000000 --- a/mmv1/products/apigee/go_EnvReferences.yaml +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EnvReferences' -description: | - An `Environment Reference` in Apigee. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.references/create' -docs: -base_url: '{{env_id}}/references' -self_link: '{{env_id}}/references/{{name}}' -create_url: '{{env_id}}/references/' -delete_url: '{{env_id}}/references/{{name}}' -immutable: true -import_format: - - '{{env_id}}/references/{{name}}' - - '{{env_id}}/{{name}}' -timeouts: - insert_minutes: 1 - update_minutes: 20 - delete_minutes: 1 -autogen_async: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_environment_reference.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_environment_reference_test' - primary_resource_id: 'apigee_environment_reference' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true -parameters: - - name: 'envId' - type: String - description: | - The Apigee environment group associated with the Apigee environment, - in the format `organizations/{{org_name}}/environments/{{env_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Required. The resource id of this reference. Values must match the regular expression [\w\s-.]+. - required: true - immutable: true - - name: 'description' - type: String - description: | - Optional. A human-readable description of this reference. - immutable: true - - name: 'resourceType' - type: String - description: | - The type of resource referred to by this reference. Valid values are 'KeyStore' or 'TrustStore'. - required: true - immutable: true - - name: 'refers' - type: String - description: | - Required. The id of the resource to which this reference refers. Must be the id of a resource that exists in the parent environment and is of the given resourceType. - required: true - immutable: true diff --git a/mmv1/products/apigee/go_Envgroup.yaml b/mmv1/products/apigee/go_Envgroup.yaml deleted file mode 100644 index fc52152fe58f..000000000000 --- a/mmv1/products/apigee/go_Envgroup.yaml +++ /dev/null @@ -1,86 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Envgroup' -description: | - An `Environment group` in Apigee. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups/create' -docs: -base_url: 'envgroups' -self_link: '{{org_id}}/envgroups/{{name}}' -create_url: '{{org_id}}/envgroups' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{org_id}}/envgroups/{{name}}' - - '{{org_id}}/{{name}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_environment_group.go.tmpl' -examples: - - name: 'apigee_environment_group_basic' - vars: - envgroup_name: 'my-envgroup' - skip_test: true - - name: 'apigee_environment_group_basic_test' - primary_resource_id: 'apigee_environment_group' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'orgId' - type: String - description: | - The Apigee Organization associated with the Apigee environment group, - in the format `organizations/{{org_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource ID of the environment group. - required: true - immutable: true - - name: 'hostnames' - type: Array - description: | - Hostnames of the environment group. - required: false - item_type: - type: String diff --git a/mmv1/products/apigee/go_EnvgroupAttachment.yaml b/mmv1/products/apigee/go_EnvgroupAttachment.yaml deleted file mode 100644 index 34af9bf85ab7..000000000000 --- a/mmv1/products/apigee/go_EnvgroupAttachment.yaml +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EnvgroupAttachment' -description: | - An `Environment Group attachment` in Apigee. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.envgroups.attachments/create' -docs: -base_url: '{{envgroup_id}}/attachments' -self_link: '{{envgroup_id}}/attachments/{{name}}' -create_url: '{{envgroup_id}}/attachments' -delete_url: '{{envgroup_id}}/attachments/{{name}}' -immutable: true -import_format: - - '{{envgroup_id}}/attachments/{{name}}' - - '{{envgroup_id}}/{{name}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_environment_group_attachment.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_environment_group_attachment_basic' - vars: - project_id: 'my-project' - envgroup_name: 'my-envgroup' - environment_name: 'my-environment' - skip_test: true - - name: 'apigee_environment_group_attachment_basic_test' - primary_resource_id: 'apigee_environment_group_attachment' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'envgroupId' - type: String - description: | - The Apigee environment group associated with the Apigee environment, - in the format `organizations/{{org_name}}/envgroups/{{envgroup_name}}`. - url_param_only: true - required: true -properties: - - name: 'environment' - type: String - description: | - The resource ID of the environment. - required: true - - name: 'name' - type: String - description: | - The name of the newly created attachment (output parameter). - output: true diff --git a/mmv1/products/apigee/go_Environment.yaml b/mmv1/products/apigee/go_Environment.yaml deleted file mode 100644 index 3ab557f5a5b8..000000000000 --- a/mmv1/products/apigee/go_Environment.yaml +++ /dev/null @@ -1,188 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Environment' -description: | - An `Environment` in Apigee. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments/create' -docs: -base_url: 'environments' -self_link: '{{org_id}}/environments/{{name}}' -create_url: '{{org_id}}/environments' -update_url: '{{org_id}}/environments/{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{org_id}}/environments/{{name}}' - - '{{org_id}}/{{name}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'env_id' - base_url: '{{org_id}}/environments/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - self_link: '{{org_id}}/environments/{{name}}' - import_format: - - '{{%org_id}}/environments/{{name}}' - - '{{name}}' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_environment.go.tmpl' -examples: - - name: 'apigee_environment_basic' - vars: - environment_name: 'my-environment' - skip_test: true - - name: 'apigee_environment_basic_test' - primary_resource_id: 'apigee_environment' - primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_environment_basic_deployment_apiproxy_type_test' - primary_resource_id: 'apigee_environment' - primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_environment_patch_update_test' - primary_resource_id: 'apigee_environment' - primary_resource_name: 'fmt.Sprintf("organizations/tf-test%s", context["random_suffix"]), fmt.Sprintf("tf-test%s", context["random_suffix"])' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'orgId' - type: String - description: | - The Apigee Organization associated with the Apigee environment, - in the format `organizations/{{org_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource ID of the environment. - required: true - immutable: true - - name: 'displayName' - type: String - description: | - Display name of the environment. - required: false - immutable: true - - name: 'description' - type: String - description: | - Description of the environment. - required: false - immutable: true - - name: 'deploymentType' - type: Enum - description: | - Optional. Deployment type supported by the environment. The deployment type can be - set when creating the environment and cannot be changed. When you enable archive - deployment, you will be prevented from performing a subset of actions within the - environment, including: - Managing the deployment of API proxy or shared flow revisions; - Creating, updating, or deleting resource files; - Creating, updating, or deleting target servers. - immutable: true - default_from_api: true - enum_values: - - 'DEPLOYMENT_TYPE_UNSPECIFIED' - - 'PROXY' - - 'ARCHIVE' - - name: 'apiProxyType' - type: Enum - description: | - Optional. API Proxy type supported by the environment. The type can be set when creating - the Environment and cannot be changed. - immutable: true - default_from_api: true - enum_values: - - 'API_PROXY_TYPE_UNSPECIFIED' - - 'PROGRAMMABLE' - - 'CONFIGURABLE' - - name: 'nodeConfig' - type: NestedObject - description: | - NodeConfig for setting the min/max number of nodes associated with the environment. - default_from_api: true - properties: - - name: 'minNodeCount' - type: String - description: | - The minimum total number of gateway nodes that the is reserved for all instances that - has the specified environment. If not specified, the default is determined by the - recommended minimum number of nodes for that gateway. - - name: 'maxNodeCount' - type: String - description: | - The maximum total number of gateway nodes that the is reserved for all instances that - has the specified environment. If not specified, the default is determined by the - recommended maximum number of nodes for that gateway. - - name: 'currentAggregateNodeCount' - type: String - description: | - The current total number of gateway nodes that each environment currently has across - all instances. - output: true - - name: 'type' - type: Enum - description: | - Types that can be selected for an Environment. Each of the types are - limited by capability and capacity. Refer to Apigee's public documentation - to understand about each of these types in details. - An Apigee org can support heterogeneous Environments. - default_from_api: true - enum_values: - - 'ENVIRONMENT_TYPE_UNSPECIFIED' - - 'BASE' - - 'INTERMEDIATE' - - 'COMPREHENSIVE' - - name: 'forwardProxyUri' - type: String - description: | - Optional. URI of the forward proxy to be applied to the runtime instances in this environment. Must be in the format of {scheme}://{hostname}:{port}. Note that the scheme must be one of "http" or "https", and the port must be supplied. - required: false diff --git a/mmv1/products/apigee/go_EnvironmentKeyvaluemaps.yaml b/mmv1/products/apigee/go_EnvironmentKeyvaluemaps.yaml deleted file mode 100644 index 4003710008fc..000000000000 --- a/mmv1/products/apigee/go_EnvironmentKeyvaluemaps.yaml +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EnvironmentKeyvaluemaps' -description: | - Collection of key/value string pairs. -references: - guides: - 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keyvaluemaps/create' -docs: -base_url: '{{env_id}}/keyvaluemaps' -self_link: '{{env_id}}/keyvaluemaps/{{name}}/entries' -create_url: '{{env_id}}/keyvaluemaps' -delete_url: '{{env_id}}/keyvaluemaps/{{name}}' -immutable: true -import_format: - - '{{env_id}}/keyvaluemaps/{{name}}' - - '{{env_id}}/{{name}}' -timeouts: - insert_minutes: 1 - update_minutes: 20 - delete_minutes: 1 -autogen_async: true -custom_code: - decoder: 'templates/terraform/decoders/go/apigee_environment_keyvaluemaps.go.tmpl' - custom_create: 'templates/terraform/custom_create/go/apigee_environment_keyvaluemaps.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/apigee_environment_keyvaluemaps.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_environment_keyvaluemaps_basic' - primary_resource_id: 'apigee_environment_keyvaluemaps' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_test: true - - name: 'apigee_environment_keyvaluemaps_test' - primary_resource_id: 'apigee_environment_keyvaluemaps' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - - name: 'apigee_environment_keyvaluemaps_beta_test' - primary_resource_id: 'apigee_environment_keyvaluemaps' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true -parameters: - - name: 'envId' - type: String - description: | - The Apigee environment group associated with the Apigee environment, - in the format `organizations/{{org_name}}/environments/{{env_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Required. ID of the key value map. - required: true - immutable: true diff --git a/mmv1/products/apigee/go_EnvironmentKeyvaluemapsEntries.yaml b/mmv1/products/apigee/go_EnvironmentKeyvaluemapsEntries.yaml deleted file mode 100644 index 593bdae57a4c..000000000000 --- a/mmv1/products/apigee/go_EnvironmentKeyvaluemapsEntries.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EnvironmentKeyvaluemapsEntries' -description: | - Creates key value entries in a key value map scoped to an environment. -references: - guides: - 'Using key value maps': 'https://cloud.google.com/apigee/docs/api-platform/cache/key-value-maps' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.keyvaluemaps.entries/create' -docs: -base_url: '{{env_keyvaluemap_id}}/entries' -self_link: '{{env_keyvaluemap_id}}/entries/{{name}}' -create_url: '{{env_keyvaluemap_id}}/entries' -delete_url: '{{env_keyvaluemap_id}}/entries/{{name}}' -immutable: true -import_format: - - '{{env_keyvaluemap_id}}/entries/{{name}}' - - '{{env_keyvaluemap_id}}/{{name}}' -timeouts: - insert_minutes: 1 - update_minutes: 20 - delete_minutes: 1 -autogen_async: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_environment_keyvaluemaps_entries.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_environment_keyvaluemaps_entries_basic' - primary_resource_id: 'apigee_environment_keyvaluemaps_entries' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_test: true - - name: 'apigee_environment_keyvaluemaps_entries_test' - primary_resource_id: 'apigee_environment_keyvaluemaps_entries' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - - name: 'apigee_environment_keyvaluemaps_entries_beta_test' - primary_resource_id: 'apigee_environment_keyvaluemaps_entries' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true -parameters: - - name: 'env_keyvaluemap_id' - type: String - description: | - The Apigee environment keyvalumaps Id associated with the Apigee environment, - in the format `organizations/{{org_name}}/environments/{{env_name}}/keyvaluemaps/{{keyvaluemap_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Required. Resource URI that can be used to identify the scope of the key value map entries. - required: true - immutable: true - - name: 'value' - type: String - description: | - Required. Data or payload that is being retrieved and associated with the unique key. - required: true - immutable: true diff --git a/mmv1/products/apigee/go_Instance.yaml b/mmv1/products/apigee/go_Instance.yaml deleted file mode 100644 index 9f8927bebc19..000000000000 --- a/mmv1/products/apigee/go_Instance.yaml +++ /dev/null @@ -1,188 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Instance' -description: | - An `Instance` is the runtime dataplane in Apigee. -references: - guides: - 'Creating a runtime instance': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' -docs: -base_url: 'instances' -self_link: '{{org_id}}/instances/{{name}}' -create_url: '{{org_id}}/instances' -immutable: true -mutex: '{{org_id}}/apigeeInstances' -import_format: - - '{{org_id}}/instances/{{name}}' - - '{{org_id}}/{{name}}' -timeouts: - insert_minutes: 60 - update_minutes: 20 - delete_minutes: 60 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/apigee_instance.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/apigee_instance.go.tmpl' -error_retry_predicates: - - - 'transport_tpg.IsApigeeRetryableError' -examples: - - name: 'apigee_instance_basic' - vars: - instance_name: 'my-instance-name' - skip_test: true - - name: 'apigee_instance_basic_test' - primary_resource_id: 'apigee_instance' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_instance_cidr_range' - vars: - instance_name: 'my-instance-name' - skip_test: true - - name: 'apigee_instance_cidr_range_test' - primary_resource_id: 'apigee_instance' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_instance_ip_range' - vars: - instance_name: 'my-instance-name' - skip_test: true - - name: 'apigee_instance_ip_range_test' - primary_resource_id: 'apigee_instance' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_instance_full' - vars: - instance_name: 'my-instance-name' - skip_test: true - - name: 'apigee_instance_full_test' - primary_resource_id: 'apigee_instance' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_instance_service_attachment_basic_test' - primary_resource_id: 'apigee_instance' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'orgId' - type: String - description: | - The Apigee Organization associated with the Apigee instance, - in the format `organizations/{{org_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Resource ID of the instance. - required: true - - name: 'location' - type: String - description: | - Required. Compute Engine location where the instance resides. - required: true - - name: 'peeringCidrRange' - type: String - description: | - The size of the CIDR block range that will be reserved by the instance. For valid values, - see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. - default_from_api: true - - name: 'ipRange' - type: String - description: | - IP range represents the customer-provided CIDR block of length 22 that will be used for - the Apigee instance creation. This optional range, if provided, should be freely - available as part of larger named range the customer has allocated to the Service - Networking peering. If this is not provided, Apigee will automatically request for any - available /22 CIDR block from Service Networking. The customer should use this CIDR block - for configuring their firewall needs to allow traffic from Apigee. - Input format: "a.b.c.d/22" - ignore_read: true - - name: 'description' - type: String - description: | - Description of the instance. - - name: 'displayName' - type: String - description: | - Display name of the instance. - - name: 'diskEncryptionKeyName' - type: String - description: | - Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. - Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` - immutable: true - - name: 'host' - type: String - description: | - Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service. - output: true - - name: 'port' - type: String - description: | - Output only. Port number of the exposed Apigee endpoint. - output: true - - name: 'consumerAcceptList' - type: Array - description: | - Optional. Customer accept list represents the list of projects (id/number) on customer - side that can privately connect to the service attachment. It is an optional field - which the customers can provide during the instance creation. By default, the customer - project associated with the Apigee organization will be included to the list. - required: false - default_from_api: true - diff_suppress_func: 'projectListDiffSuppress' - item_type: - type: String - - name: 'serviceAttachment' - type: String - description: | - Output only. Resource name of the service attachment created for the instance in - the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately - forward traffic to this service attachment using the PSC endpoints. - output: true diff --git a/mmv1/products/apigee/go_InstanceAttachment.yaml b/mmv1/products/apigee/go_InstanceAttachment.yaml deleted file mode 100644 index f04c52e5c602..000000000000 --- a/mmv1/products/apigee/go_InstanceAttachment.yaml +++ /dev/null @@ -1,86 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InstanceAttachment' -description: | - An `Instance attachment` in Apigee. -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.attachments/create' -docs: -base_url: '{{instance_id}}/attachments' -self_link: '{{instance_id}}/attachments/{{name}}' -create_url: '{{instance_id}}/attachments' -delete_url: '{{instance_id}}/attachments/{{name}}' -immutable: true -mutex: 'apigeeInstanceAttachments' -import_format: - - '{{instance_id}}/attachments/{{name}}' - - '{{instance_id}}/{{name}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_instance_attachment.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_instance_attachment_basic' - vars: - project_id: 'my-project' - instance_name: 'my-instance-name' - environment_name: 'my-environment-name' - skip_test: true - - name: 'apigee_instance_attachment_basic_test' - primary_resource_id: 'apigee_instance_attachment' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'instanceId' - type: String - description: | - The Apigee instance associated with the Apigee environment, - in the format `organizations/{{org_name}}/instances/{{instance_name}}`. - url_param_only: true - required: true -properties: - - name: 'environment' - type: String - description: | - The resource ID of the environment. - required: true - - name: 'name' - type: String - description: | - The name of the newly created attachment (output parameter). - output: true diff --git a/mmv1/products/apigee/go_KeystoresAliasesSelfSignedCert.yaml b/mmv1/products/apigee/go_KeystoresAliasesSelfSignedCert.yaml deleted file mode 100644 index f65b3467f924..000000000000 --- a/mmv1/products/apigee/go_KeystoresAliasesSelfSignedCert.yaml +++ /dev/null @@ -1,218 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'KeystoresAliasesSelfSignedCert' -description: | - An Environment Keystore Alias for Self Signed Certificate Format in Apigee -references: - guides: - 'Creating an environment': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.keystores.aliases/create' -docs: -base_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -self_link: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -create_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases?alias={{alias}}&format=selfsignedcert' -delete_url: 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -immutable: true -import_format: - - 'organizations/{{org_id}}/environments/{{environment}}/keystores/{{keystore}}/aliases/{{alias}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_env_keystore_alias_self_signed_cert.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_env_keystore_alias_self_signed_cert' - primary_resource_id: 'apigee_environment_keystore_ss_alias' - vars: - project_id: 'my-project' - environment_name: 'env-name' - keystore_name: 'env-keystore' - keystores_alias: 'alias' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_vcr: true -parameters: - - name: 'orgId' - type: String - description: | - The Apigee Organization name associated with the Apigee environment - url_param_only: true - required: true - immutable: true - - name: 'environment' - type: String - description: | - The Apigee environment name - url_param_only: true - required: true - immutable: true - - name: 'keystore' - type: String - description: | - The Apigee keystore name associated in an Apigee environment - url_param_only: true - required: true - immutable: true - - name: 'alias' - type: String - description: | - Alias for the key/certificate pair. Values must match the regular expression [\w\s-.]{1,255}. - This must be provided for all formats except selfsignedcert; self-signed certs may specify the alias in either - this parameter or the JSON body. - required: true - immutable: true - - name: 'subjectAlternativeDnsNames' - type: NestedObject - description: | - List of alternative host names. Maximum length is 255 characters for each value. - immutable: true - properties: - - name: 'subjectAlternativeName' - type: String - description: Subject Alternative Name - - name: 'keySize' - type: String - description: | - Key size. Default and maximum value is 2048 bits. - ignore_read: true - - name: 'sigAlg' - type: String - description: | - Signature algorithm to generate private key. Valid values are SHA512withRSA, SHA384withRSA, and SHA256withRSA - required: true - immutable: true - ignore_read: true - - name: 'subject' - type: NestedObject - description: Subject details. - required: true - immutable: true - ignore_read: true - properties: - - name: 'countryCode' - type: String - description: - Two-letter country code. Example, IN for India, US for United States - of America. - ignore_read: true - - name: 'state' - type: String - description: State or district name. Maximum length is 128 characters. - ignore_read: true - - name: 'locality' - type: String - description: City or town name. Maximum length is 128 characters. - ignore_read: true - - name: 'org' - type: String - description: Organization name. Maximum length is 64 characters. - ignore_read: true - - name: 'orgUnit' - type: String - description: Organization team name. Maximum length is 64 characters. - ignore_read: true - - name: 'commonName' - type: String - description: | - Common name of the organization. Maximum length is 64 characters. - ignore_read: true - - name: 'email' - type: String - description: Email address. Max 255 characters. - ignore_read: true - - name: 'certValidityInDays' - type: Integer - description: | - Validity duration of certificate, in days. Accepts positive non-zero value. Defaults to 365. - immutable: true - ignore_read: true -properties: - - name: 'certsInfo' - type: NestedObject - description: Chain of certificates under this alias. - output: true - properties: - - name: 'certInfo' - type: Array - description: List of all properties in the object. - output: true - item_type: - type: NestedObject - properties: - - name: 'version' - type: Integer - description: X.509 version. - output: true - - name: 'subject' - type: String - description: X.509 subject. - output: true - - name: 'issuer' - type: String - description: X.509 issuer. - output: true - - name: 'expiryDate' - type: String - description: - X.509 notAfter validity period in milliseconds since epoch. - output: true - - name: 'validFrom' - type: String - description: - X.509 notBefore validity period in milliseconds since epoch. - output: true - - name: 'isValid' - type: String - description: | - Flag that specifies whether the certificate is valid. - Flag is set to Yes if the certificate is valid, No if expired, or Not yet if not yet valid. - output: true - - name: 'subjectAlternativeNames' - type: Array - description: X.509 subject alternative names (SANs) extension. - output: true - item_type: - type: String - - name: 'sigAlgName' - type: String - description: X.509 signatureAlgorithm. - output: true - - name: 'publicKey' - type: String - description: - Public key component of the X.509 subject public key info. - output: true - - name: 'basicConstraints' - type: String - description: X.509 basic constraints extension. - output: true - - name: 'serialNumber' - type: String - description: X.509 serial number. - output: true - - name: 'type' - type: Enum - description: | - Optional.Type of Alias - output: true - enum_values: - - 'ALIAS_TYPE_UNSPECIFIED' - - 'CERT' - - 'KEY_CERT' diff --git a/mmv1/products/apigee/go_NatAddress.yaml b/mmv1/products/apigee/go_NatAddress.yaml deleted file mode 100644 index ed8489bd7342..000000000000 --- a/mmv1/products/apigee/go_NatAddress.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NatAddress' -description: | - Apigee NAT (network address translation) address. A NAT address is a static external IP address used for Internet egress traffic. This is not avaible for Apigee hybrid. - Apigee NAT addresses are not automatically activated because they might require explicit allow entries on the target systems first. See https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses/activate -references: - guides: - 'Provisioning NAT IPs': 'https://cloud.google.com/apigee/docs/api-platform/security/nat-provisioning' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances.natAddresses' -docs: -base_url: '{{instance_id}}/natAddresses' -self_link: '{{instance_id}}/natAddresses/{{name}}' -create_url: '{{instance_id}}/natAddresses' -delete_url: '{{instance_id}}/natAddresses/{{name}}' -immutable: true -import_format: - - '{{instance_id}}/natAddresses/{{name}}' - - '{{instance_id}}/{{name}}' -timeouts: - insert_minutes: 30 - update_minutes: 20 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_nat_address.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_nat_address_basic' - vars: - nat_address_name: 'my-nat-address' - skip_test: true - - name: 'apigee_nat_address_basic_test' - primary_resource_id: 'apigee_nat_address' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'instanceId' - type: String - description: | - The Apigee instance associated with the Apigee environment, - in the format `organizations/{{org_name}}/instances/{{instance_name}}`. - url_param_only: true - required: true -properties: - - name: 'name' - type: String - description: | - Resource ID of the NAT address. - required: true - - name: 'ipAddress' - type: String - description: | - The allocated NAT IP address. - output: true - - name: 'state' - type: String - description: | - State of the NAT IP address. - output: true diff --git a/mmv1/products/apigee/go_Organization.yaml b/mmv1/products/apigee/go_Organization.yaml deleted file mode 100644 index 69042edd4c8f..000000000000 --- a/mmv1/products/apigee/go_Organization.yaml +++ /dev/null @@ -1,245 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Organization' -description: | - An `Organization` is the top-level container in Apigee. -references: - guides: - 'Creating an API organization': 'https://cloud.google.com/apigee/docs/api-platform/get-started/create-org' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations' -docs: -base_url: 'organizations' -self_link: 'organizations/{{name}}' -create_url: 'organizations?parent=projects/{{project_id}}' -delete_url: 'organizations/{{name}}?retention={{retention}}' -timeouts: - insert_minutes: 45 - update_minutes: 45 - delete_minutes: 45 -autogen_async: true -async: - actions: ['create', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 45 - update_minutes: 45 - delete_minutes: 45 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - encoder: 'templates/terraform/encoders/go/apigee_organization.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/apigee_organization.go.tmpl' -examples: - - name: 'apigee_organization_cloud_basic' - skip_test: true - - name: 'apigee_organization_cloud_basic_test' - primary_resource_id: 'org' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - ignore_read_extra: - - 'properties' - skip_docs: true - skip_vcr: true - - name: 'apigee_organization_cloud_basic_disable_vpc_peering' - skip_test: true - - name: 'apigee_organization_cloud_basic_disable_vpc_peering_test' - primary_resource_id: 'org' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - ignore_read_extra: - - 'properties' - skip_docs: true - skip_vcr: true - - name: 'apigee_organization_cloud_full' - skip_test: true - - name: 'apigee_organization_cloud_full_test' - primary_resource_id: 'org' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - ignore_read_extra: - - 'properties' - skip_docs: true - skip_vcr: true - - name: 'apigee_organization_cloud_full_disable_vpc_peering' - skip_test: true - - name: 'apigee_organization_cloud_full_disable_vpc_peering_test' - primary_resource_id: 'org' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - ignore_read_extra: - - 'properties' - skip_docs: true - skip_vcr: true - - name: 'apigee_organization_retention_test' - primary_resource_id: 'org' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true - - name: 'apigee_organization_drz_test' - primary_resource_id: 'org' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'projectId' - type: String - description: | - The project ID associated with the Apigee organization. - url_param_only: true - required: true - immutable: true - - name: 'retention' - type: Enum - description: | - Optional. This setting is applicable only for organizations that are soft-deleted (i.e., BillingType - is not EVALUATION). It controls how long Organization data will be retained after the initial delete - operation completes. During this period, the Organization may be restored to its last known state. - After this period, the Organization will no longer be able to be restored. - url_param_only: true - required: false - default_value: "DELETION_RETENTION_UNSPECIFIED" - enum_values: - - 'DELETION_RETENTION_UNSPECIFIED' - - 'MINIMUM' -properties: - - name: 'name' - type: String - description: | - Output only. Name of the Apigee organization. - output: true - - name: 'displayName' - type: String - description: | - The display name of the Apigee organization. - - name: 'description' - type: String - description: | - Description of the Apigee organization. - - name: 'analyticsRegion' - type: String - description: | - Primary GCP region for analytics data storage. For valid values, see [Create an Apigee organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). - immutable: true - - name: 'apiConsumerDataLocation' - type: String - description: | - This field is needed only for customers using non-default data residency regions. - Apigee stores some control plane data only in single region. - This field determines which single region Apigee should use. - immutable: true - - name: 'apiConsumerDataEncryptionKeyName' - type: String - description: | - Cloud KMS key name used for encrypting API consumer data. - immutable: true - - name: 'controlPlaneEncryptionKeyName' - type: String - description: | - Cloud KMS key name used for encrypting control plane data that is stored in a multi region. - Only used for the data residency region "US" or "EU". - immutable: true - - name: 'authorizedNetwork' - type: String - description: | - Compute Engine network used for Service Networking to be peered with Apigee runtime instances. - See [Getting started with the Service Networking API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). - Valid only when `RuntimeType` is set to CLOUD. The value can be updated only when there are no runtime instances. For example: "default". - - name: 'disableVpcPeering' - type: Boolean - description: | - Flag that specifies whether the VPC Peering through Private Google Access should be - disabled between the consumer network and Apigee. Required if an `authorizedNetwork` - on the consumer project is not provided, in which case the flag should be set to `true`. - Valid only when `RuntimeType` is set to CLOUD. The value must be set before the creation - of any Apigee runtime instance and can be updated only when there are no runtime instances. - - name: 'runtimeType' - type: Enum - description: | - Runtime type of the Apigee organization based on the Apigee subscription purchased. - immutable: true - default_value: "CLOUD" - enum_values: - - 'CLOUD' - - 'HYBRID' - - name: 'subscriptionType' - type: String - description: | - Output only. Subscription type of the Apigee organization. - Valid values include trial (free, limited, and for evaluation purposes only) or paid (full subscription has been purchased). - output: true - - name: 'billingType' - type: String - description: | - Billing type of the Apigee organization. See [Apigee pricing](https://cloud.google.com/apigee/pricing). - immutable: true - default_from_api: true - - name: 'caCertificate' - type: String - description: | - Output only. Base64-encoded public certificate for the root CA of the Apigee organization. - Valid only when `RuntimeType` is CLOUD. A base64-encoded string. - output: true - - name: 'runtimeDatabaseEncryptionKeyName' - type: String - description: | - Cloud KMS key name used for encrypting the data that is stored and replicated across runtime instances. - Update is not allowed after the organization is created. - If not specified, a Google-Managed encryption key will be used. - Valid only when `RuntimeType` is CLOUD. For example: `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`. - immutable: true - - name: 'properties' - type: NestedObject - description: Properties defined in the Apigee organization profile. - default_from_api: true - properties: - - name: 'property' - type: Array - description: List of all properties in the object. - custom_flatten: 'templates/terraform/custom_flatten/go/apigee_organization_property.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: Name of the property. - - name: 'value' - type: String - description: Value of the property. - - name: 'apigeeProjectId' - type: String - description: | - Output only. Project ID of the Apigee Tenant Project. - output: true diff --git a/mmv1/products/apigee/go_SyncAuthorization.yaml b/mmv1/products/apigee/go_SyncAuthorization.yaml deleted file mode 100644 index 8a834d743928..000000000000 --- a/mmv1/products/apigee/go_SyncAuthorization.yaml +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'SyncAuthorization' -description: | - Authorize the Synchronizer to download environment data from the control plane. -references: - guides: - 'Enable Synchronizer access': 'https://cloud.google.com/apigee/docs/hybrid/v1.8/synchronizer-access#enable-synchronizer-access' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#getsyncauthorization' -docs: -id_format: 'organizations/{{name}}/syncAuthorization' -base_url: '' -self_link: 'organizations/{{name}}:getSyncAuthorization' -create_url: 'organizations/{{name}}:setSyncAuthorization' -update_url: 'organizations/{{name}}:setSyncAuthorization' -update_verb: 'POST' -read_verb: 'POST' -exclude_delete: true -import_format: - - 'organizations/{{name}}/syncAuthorization' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'apigee_sync_authorization_basic_test' - primary_resource_id: 'apigee_sync_authorization' - vars: - account_id: 'my-account' - project_id: 'my-project' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' -parameters: - - name: 'name' - type: String - description: | - Name of the Apigee organization. - url_param_only: true - required: true - immutable: true -properties: - - name: 'identities' - type: Array - description: | - Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`. - - The `service-account-name` is formatted like an email address. For example: my-synchronizer-manager-serviceAccount@my_project_id.iam.gserviceaccount.com - - You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one. - - The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts). - required: true - send_empty_value: true - item_type: - type: String - - name: 'etag' - type: Fingerprint - description: | - Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other. - Used internally during updates. - output: true diff --git a/mmv1/products/apigee/go_TargetServer.yaml b/mmv1/products/apigee/go_TargetServer.yaml deleted file mode 100644 index e723ce5d3eaf..000000000000 --- a/mmv1/products/apigee/go_TargetServer.yaml +++ /dev/null @@ -1,157 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetServer' -description: | - TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services. -references: - guides: - 'Load balancing across backend servers': 'https://cloud.google.com/apigee/docs/api-platform/deploy/load-balancing-across-backend-servers' - api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.targetservers/create' -docs: -base_url: '{{env_id}}/targetservers' -self_link: '{{env_id}}/targetservers/{{name}}' -create_url: '{{env_id}}/targetservers' -update_url: '{{env_id}}/targetservers/{{name}}' -delete_url: '{{env_id}}/targetservers/{{name}}' -import_format: - - '{{env_id}}/targetservers/{{name}}' - - '{{env_id}}/{{name}}' -timeouts: - insert_minutes: 1 - update_minutes: 1 - delete_minutes: 1 -autogen_async: true -custom_code: - custom_import: 'templates/terraform/custom_import/go/apigee_target_server.go.tmpl' -exclude_sweeper: true -examples: - - name: 'apigee_target_server_test_basic' - primary_resource_id: 'apigee_target_server' - vars: - project_id: 'my-project' - environment_name: 'my-environment-name' - target_server: 'my-target-server' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_test: true - - name: 'apigee_target_server_test' - primary_resource_id: 'apigee_target_server' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true -parameters: - - name: 'envId' - type: String - description: | - The Apigee environment group associated with the Apigee environment, - in the format `organizations/{{org_name}}/environments/{{env_name}}`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource id of this reference. Values must match the regular expression [\w\s-.]+. - required: true - immutable: true - - name: 'description' - type: String - description: | - A human-readable description of this TargetServer. - - name: 'host' - type: String - description: | - The host name this target connects to. Value must be a valid hostname as described by RFC-1123. - required: true - - name: 'port' - type: Integer - description: | - The port number this target connects to on the given host. Value must be between 1 and 65535, inclusive. - required: true - - name: 'isEnabled' - type: Boolean - description: | - Enabling/disabling a TargetServer is useful when TargetServers are used in load balancing configurations, and one or more TargetServers need to taken out of rotation periodically. Defaults to true. - default_value: true - - name: 'sSLInfo' - type: NestedObject - description: Specifies TLS configuration info for this TargetServer. The JSON name is sSLInfo for legacy/backwards compatibility reasons -- Edge originally supported SSL, and the name is still used for TLS configuration. - properties: - - name: 'enabled' - type: Boolean - description: | - Enables TLS. If false, neither one-way nor two-way TLS will be enabled. - required: true - - name: 'clientAuthEnabled' - type: Boolean - description: | - Enables two-way TLS. - - name: 'keyStore' - type: String - description: | - Required if clientAuthEnabled is true. The resource ID of the keystore. - - name: 'keyAlias' - type: String - description: | - Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert. - - name: 'trustStore' - type: String - description: | - The resource ID of the truststore. - - name: 'ignoreValidationErrors' - type: Boolean - description: | - If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails. - - name: 'protocols' - type: Array - description: | - The TLS versioins to be used. - item_type: - type: String - - name: 'ciphers' - type: Array - description: | - The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3. - item_type: - type: String - - name: 'commonName' - type: NestedObject - description: The TLS Common Name of the certificate. - properties: - - name: 'value' - type: String - description: | - The TLS Common Name string of the certificate. - - name: 'wildcardMatch' - type: Boolean - description: | - Indicates whether the cert should be matched against as a wildcard cert. - - - name: 'protocol' - type: Enum - description: | - Immutable. The protocol used by this TargetServer. - immutable: true - default_from_api: true - enum_values: - - 'HTTP' - - 'HTTP2' - - 'GRPC_TARGET' - - 'GRPC' - - 'EXTERNAL_CALLOUT' diff --git a/mmv1/products/apigee/go_product.yaml b/mmv1/products/apigee/go_product.yaml deleted file mode 100644 index 944e02301a90..000000000000 --- a/mmv1/products/apigee/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Apigee' -display_name: 'Apigee' -versions: - - name: 'ga' - base_url: 'https://apigee.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/apigee/product.yaml b/mmv1/products/apigee/product.yaml index 53957a71de09..41fc8a73ddb1 100644 --- a/mmv1/products/apigee/product.yaml +++ b/mmv1/products/apigee/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Apigee -display_name: Apigee +--- +name: 'Apigee' +display_name: 'Apigee' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://apigee.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://apigee.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml b/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml index 47c9478f6fc3..3659a5d231a9 100644 --- a/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml +++ b/mmv1/products/appengine/ApplicationUrlDispatchRules.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,71 +11,77 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ApplicationUrlDispatchRules' description: | Rules to match an HTTP request and dispatch that request to a service. +references: + guides: + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps#UrlDispatchRule' +docs: +id_format: '{{project}}' base_url: 'apps/{{project}}' create_url: 'apps/{{project}}?updateMask=dispatch_rules' -create_verb: :PATCH -delete_url: 'apps/{{project}}?updateMask=dispatch_rules' -delete_verb: :PATCH +create_verb: 'PATCH' update_url: 'apps/{{project}}?updateMask=dispatch_rules' -update_verb: :PATCH -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps#UrlDispatchRule' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +update_verb: 'PATCH' +delete_url: 'apps/{{project}}?updateMask=dispatch_rules' +delete_verb: 'PATCH' +mutex: 'apps/{{project}}' +import_format: + - '{{project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}' -import_format: ['{{project}}'] -mutex: 'apps/{{project}}' -error_retry_predicates: ['transport_tpg.IsAppEngineRetryableError'] -skip_sweeper: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - test_check_destroy: templates/terraform/custom_check_destroy/appengine.go.erb +custom_code: + test_check_destroy: 'templates/terraform/custom_check_destroy/appengine.go.tmpl' +exclude_sweeper: true +error_retry_predicates: + + - 'transport_tpg.IsAppEngineRetryableError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_application_url_dispatch_rules_basic' + - name: 'app_engine_application_url_dispatch_rules_basic' primary_resource_id: 'web_service' vars: bucket_name: 'appengine-test-bucket' +parameters: properties: - - !ruby/object:Api::Type::Array - name: 'dispatchRules' - required: true + - name: 'dispatchRules' + type: Array description: | Rules to match an HTTP request and dispatch that request to a service. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'domain' - default_value: '*' + - name: 'domain' + type: String description: | Domain name to match against. The wildcard "*" is supported if specified before a period: "*.". Defaults to matching all domains: "*". - - !ruby/object:Api::Type::String - name: 'path' + default_value: "*" + - name: 'path' + type: String description: | Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. The sum of the lengths of the domain and path may not exceed 100 characters. required: true - - !ruby/object:Api::Type::String - name: 'service' + - name: 'service' + type: String description: | Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. The sum of the lengths of the domain and path may not exceed 100 characters. diff --git a/mmv1/products/appengine/DomainMapping.yaml b/mmv1/products/appengine/DomainMapping.yaml index 472b7d12d546..4a097876a831 100644 --- a/mmv1/products/appengine/DomainMapping.yaml +++ b/mmv1/products/appengine/DomainMapping.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,73 +11,74 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DomainMapping' description: | A domain serving an App Engine application. -base_url: 'apps/{{project}}/domainMappings' -self_link: 'apps/{{project}}/domainMappings/{{domain_name}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains' api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.domainMappings' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'apps/{{project}}/domainMappings/{{domain_name}}' +base_url: 'apps/{{project}}/domainMappings' +self_link: 'apps/{{project}}/domainMappings/{{domain_name}}' +update_verb: 'PATCH' +update_mask: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/domainMappings/{{domain_name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: 'apps/{{project}}/domainMappings/{{domain_name}}' -import_format: ['apps/{{project}}/domainMappings/{{domain_name}}'] -mutex: 'apps/{{project}}' +custom_code: + decoder: 'templates/terraform/decoders/app_engine_domain_mapping.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_domain_mapping_basic' + - name: 'app_engine_domain_mapping_basic' primary_resource_id: 'domain_mapping' ignore_read_extra: - 'ssl_settings.0.ssl_management_type' -custom_code: !ruby/object:Provider::Terraform::CustomCode - decoder: templates/terraform/decoders/app_engine_domain_mapping.go.erb parameters: - - !ruby/object:Api::Type::Enum - name: 'overrideStrategy' + - name: 'overrideStrategy' + type: Enum description: | Whether the domain creation should override any existing mappings for this domain. By default, overrides are rejected. url_param_only: true - values: - - :STRICT - - :OVERRIDE - default_value: :STRICT ignore_read: true - - !ruby/object:Api::Type::String - name: 'domainName' - api_name: 'id' + default_value: "STRICT" + enum_values: + - 'STRICT' + - 'OVERRIDE' + - name: 'domainName' + type: String description: | Relative name of the domain serving the application. Example: example.com. - immutable: true + api_name: id required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Full path to the DomainMapping resource in the API. Example: apps/myapp/domainMapping/example.com. output: true - - !ruby/object:Api::Type::NestedObject - name: 'sslSettings' + - name: 'sslSettings' + type: NestedObject description: | SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. default_from_api: true @@ -85,8 +86,8 @@ properties: - 'ssl_settings.certificate_id' - 'ssl_settings.ssl_management_type' properties: - - !ruby/object:Api::Type::String - name: 'certificateId' + - name: 'certificateId' + type: String description: | ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support. @@ -95,48 +96,49 @@ properties: authorized to administer the `AuthorizedCertificate` resource to manually map it to a DomainMapping resource. Example: 12345. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'sslManagementType' - required: true + - name: 'sslManagementType' + type: Enum description: | SSL management type for this domain. If `AUTOMATIC`, a managed certificate is automatically provisioned. If `MANUAL`, `certificateId` must be manually specified in order to configure SSL for this domain. - values: - - :AUTOMATIC - - :MANUAL - - !ruby/object:Api::Type::Enum - name: 'pendingManagedCertificateId' - output: true + required: true + enum_values: + - 'AUTOMATIC' + - 'MANUAL' + - name: 'pendingManagedCertificateId' + type: Enum description: | ID of the managed `AuthorizedCertificate` resource currently being provisioned, if applicable. Until the new managed certificate has been successfully provisioned, the previous SSL state will be preserved. Once the provisioning process completes, the `certificateId` field will reflect the new managed certificate and this field will be left empty. To remove SSL support while there is still a pending managed certificate, clear the `certificateId` field with an update request. - values: - - :AUTOMATIC - - :MANUAL - - !ruby/object:Api::Type::Array - name: 'resourceRecords' + output: true + enum_values: + - 'AUTOMATIC' + - 'MANUAL' + - name: 'resourceRecords' + type: Array description: | The resource records required to configure this domain mapping. These records must be added to the domain's DNS configuration in order to serve the application via this domain mapping. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'. - - !ruby/object:Api::Type::String - name: 'rrdata' + - name: 'rrdata' + type: String description: | Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: | Resource record type. Example: `AAAA`. - values: - - :A - - :AAAA - - :CNAME + enum_values: + - 'A' + - 'AAAA' + - 'CNAME' diff --git a/mmv1/products/appengine/FirewallRule.yaml b/mmv1/products/appengine/FirewallRule.yaml index a83d1a2dd91b..dae0616b3127 100644 --- a/mmv1/products/appengine/FirewallRule.yaml +++ b/mmv1/products/appengine/FirewallRule.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,38 +11,48 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'FirewallRule' description: | A single firewall rule that is evaluated against incoming traffic and provides an action to take on matched requests. -base_url: 'apps/{{project}}/firewall/ingressRules' -self_link: 'apps/{{project}}/firewall/ingressRules/{{priority}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/creating-firewalls#creating_firewall_rules' api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.firewall.ingressRules' -collection_url_key: 'ingressRules' -import_format: ['apps/{{project}}/firewall/ingressRules/{{priority}}'] +docs: +base_url: 'apps/{{project}}/firewall/ingressRules' +self_link: 'apps/{{project}}/firewall/ingressRules/{{priority}}' +update_verb: 'PATCH' +update_mask: true mutex: 'apps/{{project}}' -async: !ruby/object:Provider::Terraform::PollAsync - check_response_func_existence: transport_tpg.PollCheckForExistence +import_format: + - 'apps/{{project}}/firewall/ingressRules/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistence' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 actions: ['create'] -skip_sweeper: true +collection_url_key: 'ingressRules' +custom_code: +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_firewall_rule_basic' + - name: 'app_engine_firewall_rule_basic' primary_resource_id: 'rule' vars: project_id: 'ae-project' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' parameters: - - !ruby/object:Api::Type::Integer - name: 'priority' + - name: 'priority' + type: Integer description: | A positive integer that defines the order of rule evaluation. Rules with the lowest priority are evaluated first. @@ -51,22 +61,22 @@ parameters: IPv6 traffic when no previous rule matches. Only the action of this rule can be modified by the user. properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional string description of this rule. required: false - - !ruby/object:Api::Type::String - name: 'sourceRange' + - name: 'sourceRange' + type: String description: | IP address or range, defined using CIDR notation, of requests that this rule applies to. required: true - - !ruby/object:Api::Type::Enum - name: 'action' + - name: 'action' + type: Enum description: | The action to take if this rule matches. required: true - values: - - UNSPECIFIED_ACTION - - ALLOW - - DENY + enum_values: + - 'UNSPECIFIED_ACTION' + - 'ALLOW' + - 'DENY' diff --git a/mmv1/products/appengine/FlexibleAppVersion.yaml b/mmv1/products/appengine/FlexibleAppVersion.yaml index 8e6c5b86d433..610cdd074733 100644 --- a/mmv1/products/appengine/FlexibleAppVersion.yaml +++ b/mmv1/products/appengine/FlexibleAppVersion.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'FlexibleAppVersion' description: | Flexible App Version resource to create a new version of flexible GAE Application. Based on Google Compute Engine, @@ -21,146 +21,149 @@ description: | ~> **Note:** The App Engine flexible environment service account uses the member ID `service-[YOUR_PROJECT_NUMBER]@gae-api-prod.google.com.iam.gserviceaccount.com` It should have the App Engine Flexible Environment Service Agent role, which will be applied when the `appengineflex.googleapis.com` service is enabled. -collection_url_key: 'versions' -base_url: 'apps/{{project}}/services/{{service}}/versions' -delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -update_url: 'apps/{{project}}/services/{{service}}/versions' -update_verb: :POST -update_mask: false -self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/flexible' api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +base_url: 'apps/{{project}}/services/{{service}}/versions' +self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' +update_url: 'apps/{{project}}/services/{{service}}/versions' +update_verb: 'POST' +update_mask: false +delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'appengine#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -import_format: ['apps/{{project}}/services/{{service}}/versions/{{version_id}}'] -id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -mutex: 'apps/{{project}}' -error_retry_predicates: ['transport_tpg.IsAppEngineRetryableError'] -virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'noop_on_destroy' - default_value: false - description: | - If set to `true`, the application version will not be deleted. - - !ruby/object:Api::Type::Boolean - name: 'delete_service_on_destroy' - default_value: false - description: | - If set to `true`, the service will be deleted if it is the last version. -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/appversion_delete.go.erb - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb - encoder: templates/terraform/encoders/flex_app_version.go.erb +collection_url_key: 'versions' +custom_code: + encoder: 'templates/terraform/encoders/flex_app_version.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/appversion_delete.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsAppEngineRetryableError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_flexible_app_version' + - name: 'app_engine_flexible_app_version' primary_resource_id: 'myapp_v1' - # https://github.com/hashicorp/terraform-provider-google/issues/19040 - skip_test: true - ignore_read_extra: - - 'noop_on_destroy' - - 'deployment.0.zip' vars: bucket_name: 'appengine-static-content' project: 'appeng-flex' account_id: 'my-account' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + ignore_read_extra: + - 'noop_on_destroy' + - 'deployment.0.zip' + # https://github.com/hashicorp/terraform-provider-google/issues/19040 + exclude_test: true +virtual_fields: + - name: 'noop_on_destroy' + description: | + If set to `true`, the application version will not be deleted. + type: Boolean + default_value: false + - name: 'delete_service_on_destroy' + description: | + If set to `true`, the service will be deleted if it is the last version. + type: Boolean + default_value: false parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'service' - required: true + - name: 'service' + type: ResourceRef + description: | + AppEngine service resource. Can contain numbers, letters, and hyphens. url_param_only: true + required: true resource: 'Service' imports: 'name' - description: | - AppEngine service resource. Can contain numbers, letters, and hyphens. properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Full path to the Version resource in the API. Example, "v1". - - !ruby/object:Api::Type::String - name: 'version_id' - immutable: true - api_name: 'id' + output: true + - name: 'version_id' + type: String description: | Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. Reserved names,"default", "latest", and any name with the prefix "ah-". - - !ruby/object:Api::Type::Array - name: 'inboundServices' + api_name: id + immutable: true + - name: 'inboundServices' + type: Array description: | A list of the types of messages that this application is able to receive. is_set: true - item_type: !ruby/object:Api::Type::Enum - name: 'inboundService' + item_type: + type: Enum description: | One type of message that this application is able to receive. - values: - - :INBOUND_SERVICE_MAIL - - :INBOUND_SERVICE_MAIL_BOUNCE - - :INBOUND_SERVICE_XMPP_ERROR - - :INBOUND_SERVICE_XMPP_MESSAGE - - :INBOUND_SERVICE_XMPP_SUBSCRIBE - - :INBOUND_SERVICE_XMPP_PRESENCE - - :INBOUND_SERVICE_CHANNEL_PRESENCE - - :INBOUND_SERVICE_WARMUP - - !ruby/object:Api::Type::String - name: 'instanceClass' + enum_values: + - 'INBOUND_SERVICE_MAIL' + - 'INBOUND_SERVICE_MAIL_BOUNCE' + - 'INBOUND_SERVICE_XMPP_ERROR' + - 'INBOUND_SERVICE_XMPP_MESSAGE' + - 'INBOUND_SERVICE_XMPP_SUBSCRIBE' + - 'INBOUND_SERVICE_XMPP_PRESENCE' + - 'INBOUND_SERVICE_CHANNEL_PRESENCE' + - 'INBOUND_SERVICE_WARMUP' + - name: 'instanceClass' + type: String description: | Instance class that is used to run this version. Valid values are AutomaticScaling: F1, F2, F4, F4_1G ManualScaling: B1, B2, B4, B8, B4_1G Defaults to F1 for AutomaticScaling and B1 for ManualScaling. - - !ruby/object:Api::Type::NestedObject - name: 'network' + - name: 'network' + type: NestedObject description: Extra network settings properties: - - !ruby/object:Api::Type::Array - name: 'forwardedPorts' + - name: 'forwardedPorts' + type: Array description: | List of ports, or port pairs, to forward from the virtual machine to the application container. - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: 'instanceIpMode' + item_type: + type: String + - name: 'instanceIpMode' + type: Enum description: | Prevent instances from receiving an ephemeral external IP address. - min_version: beta - values: - - :EXTERNAL - - :INTERNAL - - !ruby/object:Api::Type::String - name: 'instanceTag' + min_version: 'beta' + enum_values: + - 'EXTERNAL' + - 'INTERNAL' + - name: 'instanceTag' + type: String description: | Tag to apply to the instance during creation. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. required: true - - !ruby/object:Api::Type::String - name: 'subnetwork' - api_name: 'subnetworkName' + - name: 'subnetwork' + type: String description: | Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path. @@ -168,452 +171,457 @@ properties: If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetworkName) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetworkName must be specified and the IP address is created from the IPCidrRange of the subnetwork. If specified, the subnetwork must exist in the same region as the App Engine flexible environment application. - - !ruby/object:Api::Type::Boolean - name: 'sessionAffinity' + api_name: subnetworkName + - name: 'sessionAffinity' + type: Boolean description: | Enable session affinity. - - !ruby/object:Api::Type::NestedObject - name: 'resources' + - name: 'resources' + type: NestedObject description: Machine resources for a version. properties: - - !ruby/object:Api::Type::Integer - name: 'cpu' + - name: 'cpu' + type: Integer description: | Number of CPU cores needed. at_least_one_of: - - resources.0.cpu - - resources.0.disk_gb - - resources.0.memory_gb - - resources.0.volumes - - !ruby/object:Api::Type::Integer - name: 'diskGb' + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + - name: 'diskGb' + type: Integer description: | Disk size (GB) needed. at_least_one_of: - - resources.0.cpu - - resources.0.disk_gb - - resources.0.memory_gb - - resources.0.volumes - - !ruby/object:Api::Type::Double - name: 'memoryGb' + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + - name: 'memoryGb' + type: Double description: | Memory (GB) needed. at_least_one_of: - - resources.0.cpu - - resources.0.disk_gb - - resources.0.memory_gb - - resources.0.volumes - - !ruby/object:Api::Type::Array - name: 'volumes' + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + - name: 'volumes' + type: Array description: | List of ports, or port pairs, to forward from the virtual machine to the application container. at_least_one_of: - - resources.0.cpu - - resources.0.disk_gb - - resources.0.memory_gb - - resources.0.volumes - item_type: !ruby/object:Api::Type::NestedObject + - 'resources.0.cpu' + - 'resources.0.disk_gb' + - 'resources.0.memory_gb' + - 'resources.0.volumes' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Unique name for the volume. required: true - - !ruby/object:Api::Type::String - name: 'volumeType' + - name: 'volumeType' + type: String description: | Underlying volume type, e.g. 'tmpfs'. required: true - - !ruby/object:Api::Type::Integer - name: 'sizeGb' + - name: 'sizeGb' + type: Integer description: | Volume size in gigabytes. required: true - - !ruby/object:Api::Type::String - name: 'runtime' + - name: 'runtime' + type: String description: | Desired runtime. Example python27. required: true - - !ruby/object:Api::Type::String - name: 'runtimeChannel' + - name: 'runtimeChannel' + type: String description: | The channel of the runtime to use. Only available for some runtimes. - - !ruby/object:Api::Type::NestedObject - name: 'flexibleRuntimeSettings' + - name: 'flexibleRuntimeSettings' + type: NestedObject description: Runtime settings for App Engine flexible environment. properties: - - !ruby/object:Api::Type::String - name: 'operatingSystem' + - name: 'operatingSystem' + type: String description: | Operating System of the application runtime. - - !ruby/object:Api::Type::String - name: 'runtimeVersion' + - name: 'runtimeVersion' + type: String description: | The runtime version of an App Engine flexible application. - - !ruby/object:Api::Type::KeyValuePairs - name: 'betaSettings' + - name: 'betaSettings' + type: KeyValuePairs description: | Metadata settings that are supplied to this version to enable beta runtime features. ignore_read: true - - !ruby/object:Api::Type::Enum - name: 'servingStatus' + - name: 'servingStatus' + type: Enum description: | Current serving status of this version. Only the versions with a SERVING status create instances and can be billed. - default_value: :SERVING - values: - - :SERVING - - :STOPPED - - !ruby/object:Api::Type::String - name: 'runtimeApiVersion' + default_value: "SERVING" + enum_values: + - 'SERVING' + - 'STOPPED' + - name: 'runtimeApiVersion' + type: String description: | The version of the API in the given runtime environment. Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'handlers' + - name: 'handlers' + type: Array description: | An ordered list of URL-matching patterns that should be applied to incoming requests. The first matching URL handles the request and other request handlers are not attempted. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'urlRegex' + - name: 'urlRegex' + type: String description: | URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. - - !ruby/object:Api::Type::Enum - name: 'securityLevel' - required: false + - name: 'securityLevel' + type: Enum description: | Security (HTTPS) enforcement for this URL. - values: - - :SECURE_DEFAULT - - :SECURE_NEVER - - :SECURE_OPTIONAL - - :SECURE_ALWAYS - - !ruby/object:Api::Type::Enum - name: 'login' + required: false + enum_values: + - 'SECURE_DEFAULT' + - 'SECURE_NEVER' + - 'SECURE_OPTIONAL' + - 'SECURE_ALWAYS' + - name: 'login' + type: Enum description: | Methods to restrict access to a URL based on login status. required: false - values: - - :LOGIN_OPTIONAL - - :LOGIN_ADMIN - - :LOGIN_REQUIRED - - !ruby/object:Api::Type::Enum - name: 'authFailAction' + enum_values: + - 'LOGIN_OPTIONAL' + - 'LOGIN_ADMIN' + - 'LOGIN_REQUIRED' + - name: 'authFailAction' + type: Enum description: | Actions to take when the user is not logged in. required: false - values: - - :AUTH_FAIL_ACTION_REDIRECT - - :AUTH_FAIL_ACTION_UNAUTHORIZED - - !ruby/object:Api::Type::Enum - name: 'redirectHttpResponseCode' + enum_values: + - 'AUTH_FAIL_ACTION_REDIRECT' + - 'AUTH_FAIL_ACTION_UNAUTHORIZED' + - name: 'redirectHttpResponseCode' + type: Enum description: | 30x code to use when performing redirects for the secure field. required: false - values: - - :REDIRECT_HTTP_RESPONSE_CODE_301 - - :REDIRECT_HTTP_RESPONSE_CODE_302 - - :REDIRECT_HTTP_RESPONSE_CODE_303 - - :REDIRECT_HTTP_RESPONSE_CODE_307 - - !ruby/object:Api::Type::NestedObject - name: 'script' + enum_values: + - 'REDIRECT_HTTP_RESPONSE_CODE_301' + - 'REDIRECT_HTTP_RESPONSE_CODE_302' + - 'REDIRECT_HTTP_RESPONSE_CODE_303' + - 'REDIRECT_HTTP_RESPONSE_CODE_307' + - name: 'script' + type: NestedObject # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". properties: - - !ruby/object:Api::Type::String - name: 'scriptPath' - required: true + - name: 'scriptPath' + type: String description: | Path to the script from the application root directory. - - !ruby/object:Api::Type::NestedObject - name: 'staticFiles' + required: true + - name: 'staticFiles' + type: NestedObject # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them. properties: - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: | Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern. - - !ruby/object:Api::Type::String - name: 'uploadPathRegex' + - name: 'uploadPathRegex' + type: String description: | Regular expression that matches the file paths for all files that should be referenced by this handler. - - !ruby/object:Api::Type::KeyValuePairs - name: 'httpHeaders' + - name: 'httpHeaders' + type: KeyValuePairs description: | HTTP headers to use for all responses from these URLs. An object containing a list of "key:value" value pairs.". - - !ruby/object:Api::Type::String - name: 'mimeType' + - name: 'mimeType' + type: String description: | MIME type used to serve all files served by this handler. Defaults to file-specific MIME types, which are derived from each file's filename extension. - - !ruby/object:Api::Type::String - name: 'expiration' + - name: 'expiration' + type: String description: | Time a static file served by this handler should be cached by web proxies and browsers. A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". Default is '0s' - default_value: '0s' - - !ruby/object:Api::Type::Boolean - name: 'requireMatchingFile' + default_value: "0s" + - name: 'requireMatchingFile' + type: Boolean description: | Whether this handler should match the request if the file referenced by the handler does not exist. - - !ruby/object:Api::Type::Boolean - name: 'applicationReadable' + - name: 'applicationReadable' + type: Boolean description: | Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas. - - !ruby/object:Api::Type::String - name: 'runtimeMainExecutablePath' + - name: 'runtimeMainExecutablePath' + type: String description: | The path or name of the app's main executable. - - !ruby/object:Api::Type::String - name: 'serviceAccount' + - name: 'serviceAccount' + type: String description: | The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as default if this field is neither provided in app.yaml file nor through CLI flag. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'apiConfig' + - name: 'apiConfig' + type: NestedObject description: | Serving configuration for Google Cloud Endpoints. properties: - - !ruby/object:Api::Type::Enum - name: 'authFailAction' + - name: 'authFailAction' + type: Enum description: | Action to take when users access resources that require authentication. - default_value: :AUTH_FAIL_ACTION_REDIRECT - values: - - :AUTH_FAIL_ACTION_REDIRECT - - :AUTH_FAIL_ACTION_UNAUTHORIZED - - !ruby/object:Api::Type::Enum - name: 'login' + default_value: "AUTH_FAIL_ACTION_REDIRECT" + enum_values: + - 'AUTH_FAIL_ACTION_REDIRECT' + - 'AUTH_FAIL_ACTION_UNAUTHORIZED' + - name: 'login' + type: Enum description: | Level of login required to access this resource. - default_value: :LOGIN_OPTIONAL - values: - - :LOGIN_OPTIONAL - - :LOGIN_ADMIN - - :LOGIN_REQUIRED - - !ruby/object:Api::Type::String - name: 'script' - required: true + default_value: "LOGIN_OPTIONAL" + enum_values: + - 'LOGIN_OPTIONAL' + - 'LOGIN_ADMIN' + - 'LOGIN_REQUIRED' + - name: 'script' + type: String description: | Path to the script from the application root directory. - - !ruby/object:Api::Type::Enum - name: 'securityLevel' + required: true + - name: 'securityLevel' + type: Enum description: | Security (HTTPS) enforcement for this URL. - values: - - :SECURE_DEFAULT - - :SECURE_NEVER - - :SECURE_OPTIONAL - - :SECURE_ALWAYS - - !ruby/object:Api::Type::String - name: 'url' + enum_values: + - 'SECURE_DEFAULT' + - 'SECURE_NEVER' + - 'SECURE_OPTIONAL' + - 'SECURE_ALWAYS' + - name: 'url' + type: String description: | URL to serve the endpoint at. - - !ruby/object:Api::Type::KeyValuePairs - name: 'envVariables' + - name: 'envVariables' + type: KeyValuePairs description: |- Environment variables available to the application. As these are not returned in the API request, Terraform will not detect any changes made outside of the Terraform config. ignore_read: true - - !ruby/object:Api::Type::String - name: 'defaultExpiration' + - name: 'defaultExpiration' + type: String description: | Duration that static files should be cached by web proxies and browsers. Only applicable if the corresponding StaticFilesHandler does not specify its own expiration time. - - !ruby/object:Api::Type::NestedObject - name: 'readinessCheck' + - name: 'readinessCheck' + type: NestedObject description: | Configures readiness health checking for instances. Unhealthy instances are not put into the backend traffic rotation. required: true properties: - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: | The request path. required: true - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" - - !ruby/object:Api::Type::Double - name: 'failureThreshold' + - name: 'failureThreshold' + type: Double description: | Number of consecutive failed checks required before removing traffic. Default: 2. default_value: 2.0 - - !ruby/object:Api::Type::Double - name: 'successThreshold' + - name: 'successThreshold' + type: Double description: | Number of consecutive successful checks required before receiving traffic. Default: 2. default_value: 2.0 - - !ruby/object:Api::Type::String - name: 'checkInterval' + - name: 'checkInterval' + type: String description: | Interval between health checks. Default: "5s". - default_value: '5s' - - !ruby/object:Api::Type::String - name: 'timeout' + default_value: "5s" + - name: 'timeout' + type: String description: | Time before the check is considered failed. Default: "4s" - default_value: '4s' - - !ruby/object:Api::Type::String - name: 'appStartTimeout' + default_value: "4s" + - name: 'appStartTimeout' + type: String description: | A maximum time limit on application initialization, measured from moment the application successfully replies to a healthcheck until it is ready to serve traffic. Default: "300s" - default_value: '300s' - - !ruby/object:Api::Type::NestedObject - name: 'livenessCheck' + default_value: "300s" + - name: 'livenessCheck' + type: NestedObject description: | Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. required: true properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true + - name: 'path' + type: String description: | The request path. - - !ruby/object:Api::Type::String - name: 'host' + required: true + - name: 'host' + type: String description: | Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" - - !ruby/object:Api::Type::Double - name: 'failureThreshold' + - name: 'failureThreshold' + type: Double description: | Number of consecutive failed checks required before considering the VM unhealthy. Default: 4. default_value: 4.0 - - !ruby/object:Api::Type::Double - name: 'successThreshold' + - name: 'successThreshold' + type: Double description: | Number of consecutive successful checks required before considering the VM healthy. Default: 2. default_value: 2.0 - - !ruby/object:Api::Type::String - name: 'checkInterval' + - name: 'checkInterval' + type: String description: | Interval between health checks. - default_value: '30s' - - !ruby/object:Api::Type::String - name: 'timeout' + default_value: "30s" + - name: 'timeout' + type: String description: | Time before the check is considered failed. Default: "4s" - default_value: '4s' - - !ruby/object:Api::Type::String - name: 'initialDelay' + default_value: "4s" + - name: 'initialDelay' + type: String description: | The initial delay before starting to execute the checks. Default: "300s" - default_value: '300s' - - !ruby/object:Api::Type::String - name: 'nobuildFilesRegex' + default_value: "300s" + - name: 'nobuildFilesRegex' + type: String description: | Files that match this pattern will not be built into this version. Only applicable for Go runtimes. - - !ruby/object:Api::Type::NestedObject - name: 'deployment' + - name: 'deployment' + type: NestedObject description: | Code and application artifacts that make up this version. ignore_read: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'zip' + - name: 'zip' + type: NestedObject description: 'Zip File' at_least_one_of: - - deployment.0.zip - - deployment.0.files - - deployment.0.container + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' properties: - - !ruby/object:Api::Type::String - name: 'sourceUrl' + - name: 'sourceUrl' + type: String description: 'Source URL' required: true - - !ruby/object:Api::Type::Integer - name: 'filesCount' + - name: 'filesCount' + type: Integer description: 'files count' - - !ruby/object:Api::Type::Map - name: 'files' + - name: 'files' + type: Map description: | Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call. at_least_one_of: - - deployment.0.zip - - deployment.0.files - - deployment.0.container + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' key_name: 'name' key_description: | name of file - value_type: !ruby/object:Api::Type::NestedObject + value_type: + name: files + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'sha1Sum' + - name: 'sha1Sum' + type: String description: | SHA1 checksum of the file - - !ruby/object:Api::Type::String - name: 'sourceUrl' - required: true + - name: 'sourceUrl' + type: String description: | Source URL - - !ruby/object:Api::Type::NestedObject - name: 'container' + required: true + - name: 'container' + type: NestedObject description: 'The Docker image for the container that runs the version.' - at_least_one_of: - - deployment.0.zip - - deployment.0.files - - deployment.0.container default_from_api: true + at_least_one_of: + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' properties: - - !ruby/object:Api::Type::String - name: 'image' + - name: 'image' + type: String description: | URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. Examples: "gcr.io/my-project/image:tag" or "gcr.io/my-project/image@digest" required: true - - !ruby/object:Api::Type::NestedObject - name: 'cloudBuildOptions' + - name: 'cloudBuildOptions' + type: NestedObject description: Options for the build operations performed as a part of the version deployment. Only applicable when creating a version using source code directly. at_least_one_of: - - deployment.0.zip - - deployment.0.files - - deployment.0.container + - 'deployment.0.zip' + - 'deployment.0.files' + - 'deployment.0.container' properties: - - !ruby/object:Api::Type::String - name: 'appYamlPath' + - name: 'appYamlPath' + type: String description: | Path to the yaml file used in deployment, used to determine runtime configuration details. required: true - - !ruby/object:Api::Type::String - name: 'cloudBuildTimeout' + - name: 'cloudBuildTimeout' + type: String description: | The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - !ruby/object:Api::Type::NestedObject - name: 'endpointsApiService' + - name: 'endpointsApiService' + type: NestedObject description: | Code and application artifacts that make up this version. properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Endpoints service name which is the name of the "service" resource in the Service Management API. For example "myapi.endpoints.myproject.cloud.goog" - - !ruby/object:Api::Type::String - name: 'configId' + required: true + - name: 'configId' + type: String description: | Endpoints service configuration ID as specified by the Service Management API. For example "2016-09-19r1". @@ -623,218 +631,218 @@ properties: Endpoints also has a rollout strategy called "MANAGED". When using this, Endpoints fetches the latest configuration and does not need the configuration ID. In this case, configId must be omitted. - - !ruby/object:Api::Type::Enum - name: 'rolloutStrategy' + - name: 'rolloutStrategy' + type: Enum description: | Endpoints rollout strategy. If FIXED, configId must be specified. If MANAGED, configId must be omitted. - default_value: :FIXED - values: - - :FIXED - - :MANAGED - - !ruby/object:Api::Type::Boolean - name: 'disableTraceSampling' + default_value: "FIXED" + enum_values: + - 'FIXED' + - 'MANAGED' + - name: 'disableTraceSampling' + type: Boolean description: Enable or disable trace sampling. By default, this is set to false for enabled. default_value: false - - !ruby/object:Api::Type::NestedObject - name: 'entrypoint' + - name: 'entrypoint' + type: NestedObject description: | The entrypoint for the application. ignore_read: true properties: - - !ruby/object:Api::Type::String - name: 'shell' - required: true + - name: 'shell' + type: String description: | The format should be a shell command that can be fed to bash -c. - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccessConnector' + required: true + - name: 'vpcAccessConnector' + type: NestedObject description: | Enables VPC connectivity for standard apps. properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. - - !ruby/object:Api::Type::NestedObject - name: 'automaticScaling' + required: true + - name: 'automaticScaling' + type: NestedObject description: | Automatic scaling is based on request rate, response latencies, and other application metrics. exactly_one_of: - - automatic_scaling - - manual_scaling + - 'automatic_scaling' + - 'manual_scaling' properties: - - !ruby/object:Api::Type::String - name: 'coolDownPeriod' + - name: 'coolDownPeriod' + type: String description: | The time period that the Autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. Default: 120s - default_value: '120s' - - !ruby/object:Api::Type::NestedObject - name: 'cpuUtilization' - required: true + default_value: "120s" + - name: 'cpuUtilization' + type: NestedObject description: | Target scaling by CPU usage. + required: true properties: - - !ruby/object:Api::Type::String - name: 'aggregationWindowLength' + - name: 'aggregationWindowLength' + type: String description: | Period of time over which CPU utilization is calculated. - - !ruby/object:Api::Type::Double - name: 'targetUtilization' - required: true + - name: 'targetUtilization' + type: Double description: | Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1. - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentRequests' + required: true + - name: 'maxConcurrentRequests' + type: Integer description: | Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. Defaults to a runtime-specific value. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxIdleInstances' + - name: 'maxIdleInstances' + type: Integer description: | Maximum number of idle instances that should be maintained for this version. - - !ruby/object:Api::Type::Integer - name: 'maxTotalInstances' + - name: 'maxTotalInstances' + type: Integer description: | Maximum number of instances that should be started to handle requests for this version. Default: 20 default_value: 20 - - !ruby/object:Api::Type::String - name: 'maxPendingLatency' + - name: 'maxPendingLatency' + type: String description: | Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. - - !ruby/object:Api::Type::Integer - name: 'minIdleInstances' + - name: 'minIdleInstances' + type: Integer description: | Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. - - !ruby/object:Api::Type::Integer - name: 'minTotalInstances' + - name: 'minTotalInstances' + type: Integer description: | Minimum number of running instances that should be maintained for this version. Default: 2 default_value: 2 - - !ruby/object:Api::Type::String - name: 'minPendingLatency' + - name: 'minPendingLatency' + type: String description: | Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. - - !ruby/object:Api::Type::NestedObject - name: 'requestUtilization' + - name: 'requestUtilization' + type: NestedObject description: | Target scaling by request utilization. properties: - - !ruby/object:Api::Type::String - name: 'targetRequestCountPerSecond' + - name: 'targetRequestCountPerSecond' + type: String description: | Target requests per second. at_least_one_of: - - automatic_scaling.0.request_utilization.0.target_request_count_per_second - - automatic_scaling.0.request_utilization.0.target_concurrent_requests - - !ruby/object:Api::Type::Double - name: 'targetConcurrentRequests' + - 'automatic_scaling.0.request_utilization.0.target_request_count_per_second' + - 'automatic_scaling.0.request_utilization.0.target_concurrent_requests' + - name: 'targetConcurrentRequests' + type: Double description: | Target number of concurrent requests. at_least_one_of: - - automatic_scaling.0.request_utilization.0.target_request_count_per_second - - automatic_scaling.0.request_utilization.0.target_concurrent_requests - - !ruby/object:Api::Type::NestedObject - name: 'diskUtilization' + - 'automatic_scaling.0.request_utilization.0.target_request_count_per_second' + - 'automatic_scaling.0.request_utilization.0.target_concurrent_requests' + - name: 'diskUtilization' + type: NestedObject description: | Target scaling by disk usage. properties: - - !ruby/object:Api::Type::Integer - name: 'targetWriteBytesPerSecond' + - name: 'targetWriteBytesPerSecond' + type: Integer description: | Target bytes written per second. at_least_one_of: - - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second - - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second - - !ruby/object:Api::Type::Integer - name: 'targetWriteOpsPerSecond' + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'targetWriteOpsPerSecond' + type: Integer description: | Target ops written per second. at_least_one_of: - - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second - - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second - - !ruby/object:Api::Type::Integer - name: 'targetReadBytesPerSecond' + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'targetReadBytesPerSecond' + type: Integer description: | Target bytes read per second. at_least_one_of: - - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second - - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second - - !ruby/object:Api::Type::Integer - name: 'targetReadOpsPerSecond' + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'targetReadOpsPerSecond' + type: Integer description: | Target ops read per seconds. at_least_one_of: - - automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_write_ops_per_second - - automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second - - automatic_scaling.0.disk_utilization.0.target_read_ops_per_second - - !ruby/object:Api::Type::NestedObject - name: 'networkUtilization' + - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' + - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' + - name: 'networkUtilization' + type: NestedObject description: | Target scaling by network usage. properties: - - !ruby/object:Api::Type::Integer - name: 'targetSentBytesPerSecond' + - name: 'targetSentBytesPerSecond' + type: Integer description: | Target bytes sent per second. at_least_one_of: - - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second - - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_received_packets_per_second - - !ruby/object:Api::Type::Integer - name: 'targetSentPacketsPerSecond' + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'targetSentPacketsPerSecond' + type: Integer description: | Target packets sent per second. at_least_one_of: - - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second - - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_received_packets_per_second - - !ruby/object:Api::Type::Integer - name: 'targetReceivedBytesPerSecond' + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'targetReceivedBytesPerSecond' + type: Integer description: | Target bytes received per second. at_least_one_of: - - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second - - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_received_packets_per_second - - !ruby/object:Api::Type::Integer - name: 'targetReceivedPacketsPerSecond' + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'targetReceivedPacketsPerSecond' + type: Integer description: | Target packets received per second. at_least_one_of: - - automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_sent_packets_per_second - - automatic_scaling.0.network_utilization.0.target_received_bytes_per_second - - automatic_scaling.0.network_utilization.0.target_received_packets_per_second - - !ruby/object:Api::Type::NestedObject - name: 'manualScaling' + - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' + - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' + - name: 'manualScaling' + type: NestedObject description: | A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. exactly_one_of: - - automatic_scaling - - manual_scaling + - 'automatic_scaling' + - 'manual_scaling' properties: - - !ruby/object:Api::Type::Integer - name: 'instances' - required: true + - name: 'instances' + type: Integer description: | Number of instances to assign to the service at the start. **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. + required: true diff --git a/mmv1/products/appengine/Service.yaml b/mmv1/products/appengine/Service.yaml index c3b79ab1a366..b3c5ea0dc9f3 100644 --- a/mmv1/products/appengine/Service.yaml +++ b/mmv1/products/appengine/Service.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,29 +11,36 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Service' description: | A Service resource is a logical component of an application that can share state and communicate in a secure fashion with other services. For example, an application that handles customer requests might include separate services to handle tasks such as backend data analysis or API requests from mobile devices. Each service has a collection of versions that define a specific set of code used to implement the functionality of that service. -base_url: 'apps/{{project}}/services' -self_link: 'apps/{{project}}/services/{{id}}' -references: !ruby/object:Api::Resource::ReferenceLinks +# Used as a resource reference +exclude: true +references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/admin-api/deploying-overview' api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' -# Used as a resource reference -exclude: true +docs: +base_url: 'apps/{{project}}/services' +self_link: 'apps/{{project}}/services/{{id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Full path to the Service resource in the API. Example apps/myapp/services/default. This field is used in responses only. Any value specified here in a request is ignored. - - !ruby/object:Api::Type::String - name: 'id' output: true + - name: 'id' + type: String description: | Relative name of the service within the application. Example default. + output: true diff --git a/mmv1/products/appengine/ServiceNetworkSettings.yaml b/mmv1/products/appengine/ServiceNetworkSettings.yaml index 74c3f45c4545..47ae15061a52 100644 --- a/mmv1/products/appengine/ServiceNetworkSettings.yaml +++ b/mmv1/products/appengine/ServiceNetworkSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,69 +11,72 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ServiceNetworkSettings' description: | A NetworkSettings resource is a container for ingress settings for a version or service. +references: + guides: + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +docs: +id_format: 'apps/{{project}}/services/{{service}}' base_url: 'apps/{{project}}/services' self_link: 'apps/{{project}}/services/{{service}}' create_url: 'apps/{{project}}/services/{{service}}?updateMask=networkSettings' -create_verb: :PATCH +create_verb: 'PATCH' update_url: 'apps/{{project}}/services/{{service}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +exclude_delete: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'appengine#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: 'apps/{{project}}/services/{{service}}' -import_format: ['apps/{{project}}/services/{{service}}'] -mutex: 'apps/{{project}}' -skip_delete: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +custom_code: + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_service_network_settings' + - name: 'app_engine_service_network_settings' primary_resource_id: 'internalapp' vars: bucket_name: 'appengine-static-content' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'service' - api_name: 'id' - required: true + - name: 'service' + type: String description: | The name of the service these settings apply to. - - !ruby/object:Api::Type::NestedObject - name: 'networkSettings' + api_name: id + required: true + - name: 'networkSettings' + type: NestedObject description: | Ingress settings for this service. Will apply to all versions. required: true properties: - - !ruby/object:Api::Type::Enum - name: 'ingressTrafficAllowed' + - name: 'ingressTrafficAllowed' + type: Enum description: | The ingress settings for version or service. - default_value: :INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED - values: - - :INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED - - :INGRESS_TRAFFIC_ALLOWED_ALL - - :INGRESS_TRAFFIC_ALLOWED_INTERNAL_ONLY - - :INGRESS_TRAFFIC_ALLOWED_INTERNAL_AND_LB + default_value: "INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED" + enum_values: + - 'INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED' + - 'INGRESS_TRAFFIC_ALLOWED_ALL' + - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_ONLY' + - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_AND_LB' diff --git a/mmv1/products/appengine/ServiceSplitTraffic.yaml b/mmv1/products/appengine/ServiceSplitTraffic.yaml index d9983be86724..acf21cd99ef1 100644 --- a/mmv1/products/appengine/ServiceSplitTraffic.yaml +++ b/mmv1/products/appengine/ServiceSplitTraffic.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,86 +11,88 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ServiceSplitTraffic' description: | Traffic routing configuration for versions within a single service. Traffic splits define how traffic directed to the service is assigned to versions. +references: + guides: + api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' +docs: +id_format: 'apps/{{project}}/services/{{service}}' base_url: 'apps/{{project}}/services' self_link: 'apps/{{project}}/services/{{service}}' create_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}&updateMask=split' -create_verb: :PATCH +create_verb: 'PATCH' update_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +exclude_delete: true +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'appengine#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: 'apps/{{project}}/services/{{service}}' -import_format: ['apps/{{project}}/services/{{service}}'] -mutex: 'apps/{{project}}' -skip_delete: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb +custom_code: + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_service_split_traffic' + - name: 'app_engine_service_split_traffic' primary_resource_id: 'liveapp' vars: service_id: 'default' split.allocations.v1: '1' bucket_name: 'appengine-static-content' test_env_vars: - org_id: :ORG_ID + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::Boolean - name: 'migrate_traffic' - url_param_only: true + - name: 'migrate_traffic' + type: Boolean description: | If set to true traffic will be migrated to this version. + url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'service' - api_name: 'id' - required: true + - name: 'service' + type: String description: | The name of the service these settings apply to. - - !ruby/object:Api::Type::NestedObject - name: 'split' + api_name: id + required: true + - name: 'split' + type: NestedObject description: | Mapping that defines fractional HTTP traffic diversion to different versions within the service. required: true ignore_read: true properties: - - !ruby/object:Api::Type::Enum - name: 'shardBy' + - name: 'shardBy' + type: Enum description: | Mechanism used to determine which version a request is sent to. The traffic selection algorithm will be stable for either type until allocations are changed. - values: - - :UNSPECIFIED - - :COOKIE - - :IP - - :RANDOM - - !ruby/object:Api::Type::KeyValuePairs - name: 'allocations' - required: true + enum_values: + - 'UNSPECIFIED' + - 'COOKIE' + - 'IP' + - 'RANDOM' + - name: 'allocations' + type: KeyValuePairs description: | Mapping from version IDs within the service to fractional (0.000, 1] allocations of traffic for that version. Each version can be specified only once, but some versions in the service may not have any traffic allocation. Services that have traffic allocated cannot be deleted until either the service is deleted or their traffic allocation is removed. Allocations must sum to 1. Up to two decimal place precision is supported for IP-based splits and up to three decimal places is supported for cookie-based splits. - custom_flatten: templates/terraform/custom_flatten/float64_to_string.go.erb + required: true + custom_flatten: 'templates/terraform/custom_flatten/float64_to_string.go.tmpl' diff --git a/mmv1/products/appengine/StandardAppVersion.yaml b/mmv1/products/appengine/StandardAppVersion.yaml index d17dfca95f8b..9c2e02fb945c 100644 --- a/mmv1/products/appengine/StandardAppVersion.yaml +++ b/mmv1/products/appengine/StandardAppVersion.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,435 +11,440 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- +# StandardAppVersion and FlexibleAppVersion use the same API endpoint (apps.services.versions) +# They are split apart as some of the fields will are necessary for one and not the other, and +# other fields may have different defaults. However, some fields are the same. If fixing a bug +# in one, please check the other for the same fix. name: 'StandardAppVersion' description: | Standard App Version resource to create a new version of standard GAE Application. Learn about the differences between the standard environment and the flexible environment at https://cloud.google.com/appengine/docs/the-appengine-environments. Currently supporting Zip and File Containers. -collection_url_key: 'versions' -base_url: 'apps/{{project}}/services/{{service}}/versions' -delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -delete_verb: :DELETE -update_url: 'apps/{{project}}/services/{{service}}/versions' -update_verb: :POST -update_mask: false -create_url: 'apps/{{project}}/services/{{service}}/versions' -self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard' api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +base_url: 'apps/{{project}}/services/{{service}}/versions' +self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' +create_url: 'apps/{{project}}/services/{{service}}/versions' +update_url: 'apps/{{project}}/services/{{service}}/versions' +update_verb: 'POST' +update_mask: false +delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +mutex: 'apps/{{project}}' +import_format: + - 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'appengine#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 20 update_minutes: 20 delete_minutes: 20 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -import_format: ['apps/{{project}}/services/{{service}}/versions/{{version_id}}'] -id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -mutex: 'apps/{{project}}' -error_retry_predicates: ['transport_tpg.IsAppEngineRetryableError'] -virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'noop_on_destroy' - default_value: false - description: | - If set to `true`, the application version will not be deleted. - - !ruby/object:Api::Type::Boolean - name: 'delete_service_on_destroy' - default_value: false - description: | - If set to `true`, the service will be deleted if it is the last version. -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/appversion_delete.go.erb - test_check_destroy: templates/terraform/custom_check_destroy/appengine.go.erb +collection_url_key: 'versions' +custom_code: + custom_delete: 'templates/terraform/custom_delete/appversion_delete.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/appengine.go.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsAppEngineRetryableError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'app_engine_standard_app_version' + - name: 'app_engine_standard_app_version' primary_resource_id: 'myapp_v1' - ignore_read_extra: - - 'delete_service_on_destroy' vars: project_id: 'ae-project' bucket_name: 'appengine-static-content' service_name: 'ae-service' account_id: 'my-account' test_env_vars: - org_id: :ORG_ID + org_id: 'ORG_ID' + ignore_read_extra: + - 'delete_service_on_destroy' +virtual_fields: + - name: 'noop_on_destroy' + description: | + If set to `true`, the application version will not be deleted. + type: Boolean + default_value: false + - name: 'delete_service_on_destroy' + description: | + If set to `true`, the service will be deleted if it is the last version. + type: Boolean + default_value: false parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'service' + - name: 'service' + type: ResourceRef + description: | + AppEngine service resource url_param_only: true + required: true resource: 'Service' imports: 'name' - required: true - description: | - AppEngine service resource properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Full path to the Version resource in the API. Example, "v1". - - !ruby/object:Api::Type::String - name: 'version_id' - api_name: 'id' - immutable: true + output: true + - name: 'version_id' + type: String description: | Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. Reserved names,"default", "latest", and any name with the prefix "ah-". - - !ruby/object:Api::Type::String - name: 'runtime' + api_name: id + immutable: true + - name: 'runtime' + type: String description: | Desired runtime. Example python27. required: true - - !ruby/object:Api::Type::String - name: 'serviceAccount' + - name: 'serviceAccount' + type: String description: | The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as default if this field is neither provided in app.yaml file nor through CLI flag. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'threadsafe' + - name: 'threadsafe' + type: Boolean description: | Whether multiple requests can be dispatched to this version at once. ignore_read: true - - !ruby/object:Api::Type::Boolean - name: 'appEngineApis' + - name: 'appEngineApis' + type: Boolean description: | Allows App Engine second generation runtimes to access the legacy bundled services. - - !ruby/object:Api::Type::String - name: 'runtimeApiVersion' + - name: 'runtimeApiVersion' + type: String description: | The version of the API in the given runtime environment. Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. - - !ruby/object:Api::Type::Array - name: 'handlers' + - name: 'handlers' + type: Array description: | An ordered list of URL-matching patterns that should be applied to incoming requests. The first matching URL handles the request and other request handlers are not attempted. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'urlRegex' + - name: 'urlRegex' + type: String description: | URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. - - !ruby/object:Api::Type::Enum - name: 'securityLevel' - required: false + - name: 'securityLevel' + type: Enum description: | Security (HTTPS) enforcement for this URL. - values: - - :SECURE_DEFAULT - - :SECURE_NEVER - - :SECURE_OPTIONAL - - :SECURE_ALWAYS - - !ruby/object:Api::Type::Enum - name: 'login' + required: false + enum_values: + - 'SECURE_DEFAULT' + - 'SECURE_NEVER' + - 'SECURE_OPTIONAL' + - 'SECURE_ALWAYS' + - name: 'login' + type: Enum description: | Methods to restrict access to a URL based on login status. required: false - values: - - :LOGIN_OPTIONAL - - :LOGIN_ADMIN - - :LOGIN_REQUIRED - - !ruby/object:Api::Type::Enum - name: 'authFailAction' + enum_values: + - 'LOGIN_OPTIONAL' + - 'LOGIN_ADMIN' + - 'LOGIN_REQUIRED' + - name: 'authFailAction' + type: Enum description: | Actions to take when the user is not logged in. required: false - values: - - :AUTH_FAIL_ACTION_REDIRECT - - :AUTH_FAIL_ACTION_UNAUTHORIZED - - !ruby/object:Api::Type::Enum - name: 'redirectHttpResponseCode' + enum_values: + - 'AUTH_FAIL_ACTION_REDIRECT' + - 'AUTH_FAIL_ACTION_UNAUTHORIZED' + - name: 'redirectHttpResponseCode' + type: Enum description: | 30x code to use when performing redirects for the secure field. required: false - values: - - :REDIRECT_HTTP_RESPONSE_CODE_301 - - :REDIRECT_HTTP_RESPONSE_CODE_302 - - :REDIRECT_HTTP_RESPONSE_CODE_303 - - :REDIRECT_HTTP_RESPONSE_CODE_307 - - !ruby/object:Api::Type::NestedObject - name: 'script' + enum_values: + - 'REDIRECT_HTTP_RESPONSE_CODE_301' + - 'REDIRECT_HTTP_RESPONSE_CODE_302' + - 'REDIRECT_HTTP_RESPONSE_CODE_303' + - 'REDIRECT_HTTP_RESPONSE_CODE_307' + - name: 'script' + type: NestedObject # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". properties: - - !ruby/object:Api::Type::String - name: 'scriptPath' - required: true + - name: 'scriptPath' + type: String description: | Path to the script from the application root directory. - - !ruby/object:Api::Type::NestedObject - name: 'staticFiles' + required: true + - name: 'staticFiles' + type: NestedObject # TODO (mbang): Exactly one of script, staticFiles, or apiEndpoint must be set description: | Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them. properties: - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: | Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern. - - !ruby/object:Api::Type::String - name: 'uploadPathRegex' + - name: 'uploadPathRegex' + type: String description: | Regular expression that matches the file paths for all files that should be referenced by this handler. - - !ruby/object:Api::Type::KeyValuePairs - name: 'httpHeaders' + - name: 'httpHeaders' + type: KeyValuePairs description: | HTTP headers to use for all responses from these URLs. An object containing a list of "key:value" value pairs.". - - !ruby/object:Api::Type::String - name: 'mimeType' + - name: 'mimeType' + type: String description: | MIME type used to serve all files served by this handler. Defaults to file-specific MIME types, which are derived from each file's filename extension. - - !ruby/object:Api::Type::String - name: 'expiration' + - name: 'expiration' + type: String description: | Time a static file served by this handler should be cached by web proxies and browsers. A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". - - !ruby/object:Api::Type::Boolean - name: 'requireMatchingFile' + - name: 'requireMatchingFile' + type: Boolean description: | Whether this handler should match the request if the file referenced by the handler does not exist. - - !ruby/object:Api::Type::Boolean - name: 'applicationReadable' + - name: 'applicationReadable' + type: Boolean description: | Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas. - - !ruby/object:Api::Type::Array - name: 'libraries' + - name: 'libraries' + type: Array description: | Configuration for third-party Python runtime libraries that are required by the application. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the library. Example "django". - - !ruby/object:Api::Type::String - name: 'version' + - name: 'version' + type: String description: | Version of the library to select, or "latest". - - !ruby/object:Api::Type::KeyValuePairs - name: 'envVariables' + - name: 'envVariables' + type: KeyValuePairs description: | Environment variables available to the application. ignore_read: true - - !ruby/object:Api::Type::NestedObject - name: 'deployment' + - name: 'deployment' + type: NestedObject description: | Code and application artifacts that make up this version. required: true ignore_read: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'zip' + - name: 'zip' + type: NestedObject description: 'Zip File' required: false at_least_one_of: - - deployment.0.zip - - deployment.0.files + - 'deployment.0.zip' + - 'deployment.0.files' properties: - - !ruby/object:Api::Type::String - name: 'sourceUrl' + - name: 'sourceUrl' + type: String description: 'Source URL' required: true - - !ruby/object:Api::Type::Integer - name: 'filesCount' + - name: 'filesCount' + type: Integer description: 'files count' required: false - - !ruby/object:Api::Type::Map - name: 'files' + - name: 'files' + type: Map description: | Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call. required: false at_least_one_of: - - deployment.0.zip - - deployment.0.files + - 'deployment.0.zip' + - 'deployment.0.files' key_name: 'name' key_description: | name of file - value_type: !ruby/object:Api::Type::NestedObject + value_type: + name: files + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'sha1Sum' + - name: 'sha1Sum' + type: String description: | SHA1 checksum of the file - - !ruby/object:Api::Type::String - name: 'sourceUrl' - required: true + - name: 'sourceUrl' + type: String description: | Source URL - - !ruby/object:Api::Type::NestedObject - name: 'entrypoint' + required: true + - name: 'entrypoint' + type: NestedObject description: | The entrypoint for the application. required: true ignore_read: true properties: - - !ruby/object:Api::Type::String - name: 'shell' - required: true + - name: 'shell' + type: String description: | The format should be a shell command that can be fed to bash -c. - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccessConnector' + required: true + - name: 'vpcAccessConnector' + type: NestedObject description: | Enables VPC connectivity for standard apps. properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. - - !ruby/object:Api::Type::String - name: 'egressSetting' + required: true + - name: 'egressSetting' + type: String description: | The egress setting for the connector, controlling what traffic is diverted through it. - - !ruby/object:Api::Type::Array - name: 'inboundServices' + - name: 'inboundServices' + type: Array description: | A list of the types of messages that this application is able to receive. is_set: true - item_type: !ruby/object:Api::Type::Enum - name: 'inboundService' + item_type: + type: Enum description: | One type of message that this application is able to receive. - values: - - :INBOUND_SERVICE_MAIL - - :INBOUND_SERVICE_MAIL_BOUNCE - - :INBOUND_SERVICE_XMPP_ERROR - - :INBOUND_SERVICE_XMPP_MESSAGE - - :INBOUND_SERVICE_XMPP_SUBSCRIBE - - :INBOUND_SERVICE_XMPP_PRESENCE - - :INBOUND_SERVICE_CHANNEL_PRESENCE - - :INBOUND_SERVICE_WARMUP - - !ruby/object:Api::Type::String - name: 'instanceClass' + enum_values: + - 'INBOUND_SERVICE_MAIL' + - 'INBOUND_SERVICE_MAIL_BOUNCE' + - 'INBOUND_SERVICE_XMPP_ERROR' + - 'INBOUND_SERVICE_XMPP_MESSAGE' + - 'INBOUND_SERVICE_XMPP_SUBSCRIBE' + - 'INBOUND_SERVICE_XMPP_PRESENCE' + - 'INBOUND_SERVICE_CHANNEL_PRESENCE' + - 'INBOUND_SERVICE_WARMUP' + - name: 'instanceClass' + type: String description: | Instance class that is used to run this version. Valid values are AutomaticScaling: F1, F2, F4, F4_1G BasicScaling or ManualScaling: B1, B2, B4, B4_1G, B8 Defaults to F1 for AutomaticScaling and B2 for ManualScaling and BasicScaling. If no scaling is specified, AutomaticScaling is chosen. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'automaticScaling' - # This flattener is entirely handwritten and must be updated with **any** new field or subfield - custom_flatten: 'templates/terraform/custom_flatten/appengine_standardappversion_automatic_scaling_handlenil.go.erb' + - name: 'automaticScaling' + type: NestedObject description: | Automatic scaling is based on request rate, response latencies, and other application metrics. conflicts: - basic_scaling - manual_scaling + # This flattener is entirely handwritten and must be updated with **any** new field or subfield + custom_flatten: 'templates/terraform/custom_flatten/appengine_standardappversion_automatic_scaling_handlenil.go.tmpl' properties: - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentRequests' + - name: 'maxConcurrentRequests' + type: Integer description: | Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. Defaults to a runtime-specific value. - - !ruby/object:Api::Type::Integer - name: 'maxIdleInstances' + - name: 'maxIdleInstances' + type: Integer description: | Maximum number of idle instances that should be maintained for this version. - - !ruby/object:Api::Type::String - name: 'maxPendingLatency' + - name: 'maxPendingLatency' + type: String description: | Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - !ruby/object:Api::Type::Integer - name: 'minIdleInstances' + - name: 'minIdleInstances' + type: Integer description: | Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. - - !ruby/object:Api::Type::String - name: 'minPendingLatency' + - name: 'minPendingLatency' + type: String description: | Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - !ruby/object:Api::Type::NestedObject - name: 'standardSchedulerSettings' + - name: 'standardSchedulerSettings' + type: NestedObject description: | Scheduler settings for standard environment. properties: - - !ruby/object:Api::Type::Double - name: 'targetCpuUtilization' + - name: 'targetCpuUtilization' + type: Double description: | Target CPU utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. - - !ruby/object:Api::Type::Double - name: 'targetThroughputUtilization' + - name: 'targetThroughputUtilization' + type: Double description: | Target throughput utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. - - !ruby/object:Api::Type::Integer - name: 'minInstances' + - name: 'minInstances' + type: Integer description: | Minimum number of instances to run for this version. Set to zero to disable minInstances configuration. - - !ruby/object:Api::Type::Integer - name: 'maxInstances' + - name: 'maxInstances' + type: Integer description: | Maximum number of instances to run for this version. Set to zero to disable maxInstances configuration. - - !ruby/object:Api::Type::NestedObject - name: 'basicScaling' + - name: 'basicScaling' + type: NestedObject description: | Basic scaling creates instances when your application receives requests. Each instance will be shut down when the application becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity. conflicts: - automatic_scaling - manual_scaling properties: - - !ruby/object:Api::Type::String - name: 'idleTimeout' - default_value: 900s + - name: 'idleTimeout' + type: String description: | Duration of time after the last request that an instance must wait before the instance is shut down. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. - - !ruby/object:Api::Type::Integer - name: 'maxInstances' - required: true + default_value: "900s" + - name: 'maxInstances' + type: Integer description: | Maximum number of instances to create for this version. Must be in the range [1.0, 200.0]. - - !ruby/object:Api::Type::NestedObject - name: 'manualScaling' + required: true + - name: 'manualScaling' + type: NestedObject description: | A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. conflicts: - automatic_scaling - basic_scaling properties: - - !ruby/object:Api::Type::Integer - name: 'instances' - required: true + - name: 'instances' + type: Integer description: | Number of instances to assign to the service at the start. **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. - -# StandardAppVersion and FlexibleAppVersion use the same API endpoint (apps.services.versions) -# They are split apart as some of the fields will are necessary for one and not the other, and -# other fields may have different defaults. However, some fields are the same. If fixing a bug -# in one, please check the other for the same fix. + required: true diff --git a/mmv1/products/appengine/go_ApplicationUrlDispatchRules.yaml b/mmv1/products/appengine/go_ApplicationUrlDispatchRules.yaml deleted file mode 100644 index 3753b8d480e6..000000000000 --- a/mmv1/products/appengine/go_ApplicationUrlDispatchRules.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ApplicationUrlDispatchRules' -description: | - Rules to match an HTTP request and dispatch that request to a service. -references: - guides: - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps#UrlDispatchRule' -docs: -id_format: '{{project}}' -base_url: 'apps/{{project}}' -create_url: 'apps/{{project}}?updateMask=dispatch_rules' -create_verb: 'PATCH' -update_url: 'apps/{{project}}?updateMask=dispatch_rules' -update_verb: 'PATCH' -delete_url: 'apps/{{project}}?updateMask=dispatch_rules' -delete_verb: 'PATCH' -mutex: 'apps/{{project}}' -import_format: - - '{{project}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - test_check_destroy: 'templates/terraform/custom_check_destroy/go/appengine.go.tmpl' -exclude_sweeper: true -error_retry_predicates: - - - 'transport_tpg.IsAppEngineRetryableError' -examples: - - name: 'app_engine_application_url_dispatch_rules_basic' - primary_resource_id: 'web_service' - vars: - bucket_name: 'appengine-test-bucket' -parameters: -properties: - - name: 'dispatchRules' - type: Array - description: | - Rules to match an HTTP request and dispatch that request to a service. - required: true - item_type: - type: NestedObject - properties: - - name: 'domain' - type: String - description: | - Domain name to match against. The wildcard "*" is supported if specified before a period: "*.". - Defaults to matching all domains: "*". - default_value: "*" - - name: 'path' - type: String - description: | - Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. - The sum of the lengths of the domain and path may not exceed 100 characters. - required: true - - name: 'service' - type: String - description: | - Pathname within the host. Must start with a "/". A single "*" can be included at the end of the path. - The sum of the lengths of the domain and path may not exceed 100 characters. - required: true diff --git a/mmv1/products/appengine/go_DomainMapping.yaml b/mmv1/products/appengine/go_DomainMapping.yaml deleted file mode 100644 index a1ea9451554d..000000000000 --- a/mmv1/products/appengine/go_DomainMapping.yaml +++ /dev/null @@ -1,145 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DomainMapping' -description: | - A domain serving an App Engine application. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains' - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.domainMappings' -docs: -id_format: 'apps/{{project}}/domainMappings/{{domain_name}}' -base_url: 'apps/{{project}}/domainMappings' -self_link: 'apps/{{project}}/domainMappings/{{domain_name}}' -update_verb: 'PATCH' -update_mask: true -mutex: 'apps/{{project}}' -import_format: - - 'apps/{{project}}/domainMappings/{{domain_name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - decoder: 'templates/terraform/decoders/go/app_engine_domain_mapping.go.tmpl' -examples: - - name: 'app_engine_domain_mapping_basic' - primary_resource_id: 'domain_mapping' - ignore_read_extra: - - 'ssl_settings.0.ssl_management_type' -parameters: - - name: 'overrideStrategy' - type: Enum - description: | - Whether the domain creation should override any existing mappings for this domain. - By default, overrides are rejected. - url_param_only: true - ignore_read: true - default_value: "STRICT" - enum_values: - - 'STRICT' - - 'OVERRIDE' - - name: 'domainName' - type: String - description: | - Relative name of the domain serving the application. Example: example.com. - api_name: id - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Full path to the DomainMapping resource in the API. Example: apps/myapp/domainMapping/example.com. - output: true - - name: 'sslSettings' - type: NestedObject - description: | - SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. - default_from_api: true - update_mask_fields: - - 'ssl_settings.certificate_id' - - 'ssl_settings.ssl_management_type' - properties: - - name: 'certificateId' - type: String - description: | - ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will - remove SSL support. - By default, a managed certificate is automatically created for every domain mapping. To omit SSL support - or to configure SSL manually, specify `SslManagementType.MANUAL` on a `CREATE` or `UPDATE` request. You must be - authorized to administer the `AuthorizedCertificate` resource to manually map it to a DomainMapping resource. - Example: 12345. - default_from_api: true - - name: 'sslManagementType' - type: Enum - description: | - SSL management type for this domain. If `AUTOMATIC`, a managed certificate is automatically provisioned. - If `MANUAL`, `certificateId` must be manually specified in order to configure SSL for this domain. - required: true - enum_values: - - 'AUTOMATIC' - - 'MANUAL' - - name: 'pendingManagedCertificateId' - type: Enum - description: | - ID of the managed `AuthorizedCertificate` resource currently being provisioned, if applicable. Until the new - managed certificate has been successfully provisioned, the previous SSL state will be preserved. Once the - provisioning process completes, the `certificateId` field will reflect the new managed certificate and this - field will be left empty. To remove SSL support while there is still a pending managed certificate, clear the - `certificateId` field with an update request. - output: true - enum_values: - - 'AUTOMATIC' - - 'MANUAL' - - name: 'resourceRecords' - type: Array - description: | - The resource records required to configure this domain mapping. These records must be added to the domain's DNS - configuration in order to serve the application via this domain mapping. - output: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'. - - name: 'rrdata' - type: String - description: | - Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). - - name: 'type' - type: Enum - description: | - Resource record type. Example: `AAAA`. - enum_values: - - 'A' - - 'AAAA' - - 'CNAME' diff --git a/mmv1/products/appengine/go_FirewallRule.yaml b/mmv1/products/appengine/go_FirewallRule.yaml deleted file mode 100644 index 2d5734c7bde5..000000000000 --- a/mmv1/products/appengine/go_FirewallRule.yaml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'FirewallRule' -description: | - A single firewall rule that is evaluated against incoming traffic - and provides an action to take on matched requests. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard/python/creating-firewalls#creating_firewall_rules' - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.firewall.ingressRules' -docs: -base_url: 'apps/{{project}}/firewall/ingressRules' -self_link: 'apps/{{project}}/firewall/ingressRules/{{priority}}' -update_verb: 'PATCH' -update_mask: true -mutex: 'apps/{{project}}' -import_format: - - 'apps/{{project}}/firewall/ingressRules/{{priority}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - type: 'PollAsync' - check_response_func_existence: 'transport_tpg.PollCheckForExistence' - check_response_func_absence: 'transport_tpg.PollCheckForAbsence' - suppress_error: false - target_occurrences: 1 - actions: ['create'] -collection_url_key: 'ingressRules' -custom_code: -exclude_sweeper: true -examples: - - name: 'app_engine_firewall_rule_basic' - primary_resource_id: 'rule' - vars: - project_id: 'ae-project' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' -parameters: - - name: 'priority' - type: Integer - description: | - A positive integer that defines the order of rule evaluation. - Rules with the lowest priority are evaluated first. - - A default rule at priority Int32.MaxValue matches all IPv4 and - IPv6 traffic when no previous rule matches. Only the action of - this rule can be modified by the user. -properties: - - name: 'description' - type: String - description: | - An optional string description of this rule. - required: false - - name: 'sourceRange' - type: String - description: | - IP address or range, defined using CIDR notation, of requests that this rule applies to. - required: true - - name: 'action' - type: Enum - description: | - The action to take if this rule matches. - required: true - enum_values: - - 'UNSPECIFIED_ACTION' - - 'ALLOW' - - 'DENY' diff --git a/mmv1/products/appengine/go_FlexibleAppVersion.yaml b/mmv1/products/appengine/go_FlexibleAppVersion.yaml deleted file mode 100644 index 4a4707ce7e40..000000000000 --- a/mmv1/products/appengine/go_FlexibleAppVersion.yaml +++ /dev/null @@ -1,846 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'FlexibleAppVersion' -description: | - Flexible App Version resource to create a new version of flexible GAE Application. Based on Google Compute Engine, - the App Engine flexible environment automatically scales your app up and down while also balancing the load. - Learn about the differences between the standard environment and the flexible environment - at https://cloud.google.com/appengine/docs/the-appengine-environments. - - ~> **Note:** The App Engine flexible environment service account uses the member ID `service-[YOUR_PROJECT_NUMBER]@gae-api-prod.google.com.iam.gserviceaccount.com` - It should have the App Engine Flexible Environment Service Agent role, which will be applied when the `appengineflex.googleapis.com` service is enabled. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/appengine/docs/flexible' - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' -docs: -id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -base_url: 'apps/{{project}}/services/{{service}}/versions' -self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' -update_url: 'apps/{{project}}/services/{{service}}/versions' -update_verb: 'POST' -update_mask: false -delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -mutex: 'apps/{{project}}' -import_format: - - 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'appengine#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'versions' -custom_code: - encoder: 'templates/terraform/encoders/go/flex_app_version.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/appversion_delete.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -error_retry_predicates: - - - 'transport_tpg.IsAppEngineRetryableError' -examples: - - name: 'app_engine_flexible_app_version' - primary_resource_id: 'myapp_v1' - vars: - bucket_name: 'appengine-static-content' - project: 'appeng-flex' - account_id: 'my-account' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - ignore_read_extra: - - 'noop_on_destroy' - - 'deployment.0.zip' - skip_test: true -virtual_fields: - - name: 'noop_on_destroy' - description: | - If set to `true`, the application version will not be deleted. - type: Boolean - default_value: false - - name: 'delete_service_on_destroy' - description: | - If set to `true`, the service will be deleted if it is the last version. - type: Boolean - default_value: false -parameters: - - name: 'service' - type: ResourceRef - description: | - AppEngine service resource. Can contain numbers, letters, and hyphens. - url_param_only: true - required: true - resource: 'Service' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Full path to the Version resource in the API. Example, "v1". - output: true - - name: 'version_id' - type: String - description: | - Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. - Reserved names,"default", "latest", and any name with the prefix "ah-". - api_name: id - immutable: true - - name: 'inboundServices' - type: Array - description: | - A list of the types of messages that this application is able to receive. - is_set: true - item_type: - type: Enum - description: | - One type of message that this application is able to receive. - enum_values: - - 'INBOUND_SERVICE_MAIL' - - 'INBOUND_SERVICE_MAIL_BOUNCE' - - 'INBOUND_SERVICE_XMPP_ERROR' - - 'INBOUND_SERVICE_XMPP_MESSAGE' - - 'INBOUND_SERVICE_XMPP_SUBSCRIBE' - - 'INBOUND_SERVICE_XMPP_PRESENCE' - - 'INBOUND_SERVICE_CHANNEL_PRESENCE' - - 'INBOUND_SERVICE_WARMUP' - - name: 'instanceClass' - type: String - description: | - Instance class that is used to run this version. Valid values are - AutomaticScaling: F1, F2, F4, F4_1G - ManualScaling: B1, B2, B4, B8, B4_1G - Defaults to F1 for AutomaticScaling and B1 for ManualScaling. - - name: 'network' - type: NestedObject - description: Extra network settings - properties: - - name: 'forwardedPorts' - type: Array - description: | - List of ports, or port pairs, to forward from the virtual machine to the application container. - item_type: - type: String - - name: 'instanceIpMode' - type: Enum - description: | - Prevent instances from receiving an ephemeral external IP address. - min_version: 'beta' - enum_values: - - 'EXTERNAL' - - 'INTERNAL' - - name: 'instanceTag' - type: String - description: | - Tag to apply to the instance during creation. - - name: 'name' - type: String - description: | - Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. - required: true - - name: 'subnetwork' - type: String - description: | - Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path. - - If the network that the instance is being created in is a Legacy network, then the IP address is allocated from the IPv4Range. - If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetworkName) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. - If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetworkName must be specified and the IP address is created from the IPCidrRange of the subnetwork. - If specified, the subnetwork must exist in the same region as the App Engine flexible environment application. - api_name: subnetworkName - - name: 'sessionAffinity' - type: Boolean - description: | - Enable session affinity. - - name: 'resources' - type: NestedObject - description: Machine resources for a version. - properties: - - name: 'cpu' - type: Integer - description: | - Number of CPU cores needed. - at_least_one_of: - - 'resources.0.cpu' - - 'resources.0.disk_gb' - - 'resources.0.memory_gb' - - 'resources.0.volumes' - - name: 'diskGb' - type: Integer - description: | - Disk size (GB) needed. - at_least_one_of: - - 'resources.0.cpu' - - 'resources.0.disk_gb' - - 'resources.0.memory_gb' - - 'resources.0.volumes' - - name: 'memoryGb' - type: Double - description: | - Memory (GB) needed. - at_least_one_of: - - 'resources.0.cpu' - - 'resources.0.disk_gb' - - 'resources.0.memory_gb' - - 'resources.0.volumes' - - name: 'volumes' - type: Array - description: | - List of ports, or port pairs, to forward from the virtual machine to the application container. - at_least_one_of: - - 'resources.0.cpu' - - 'resources.0.disk_gb' - - 'resources.0.memory_gb' - - 'resources.0.volumes' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Unique name for the volume. - required: true - - name: 'volumeType' - type: String - description: | - Underlying volume type, e.g. 'tmpfs'. - required: true - - name: 'sizeGb' - type: Integer - description: | - Volume size in gigabytes. - required: true - - name: 'runtime' - type: String - description: | - Desired runtime. Example python27. - required: true - - name: 'runtimeChannel' - type: String - description: | - The channel of the runtime to use. Only available for some runtimes. - - name: 'flexibleRuntimeSettings' - type: NestedObject - description: Runtime settings for App Engine flexible environment. - properties: - - name: 'operatingSystem' - type: String - description: | - Operating System of the application runtime. - - name: 'runtimeVersion' - type: String - description: | - The runtime version of an App Engine flexible application. - - name: 'betaSettings' - type: KeyValuePairs - description: | - Metadata settings that are supplied to this version to enable beta runtime features. - ignore_read: true - - name: 'servingStatus' - type: Enum - description: | - Current serving status of this version. Only the versions with a SERVING status create instances and can be billed. - default_value: "SERVING" - enum_values: - - 'SERVING' - - 'STOPPED' - - name: 'runtimeApiVersion' - type: String - description: | - The version of the API in the given runtime environment. - Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ - Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. - default_from_api: true - - name: 'handlers' - type: Array - description: | - An ordered list of URL-matching patterns that should be applied to incoming requests. - The first matching URL handles the request and other request handlers are not attempted. - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'urlRegex' - type: String - description: | - URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. - All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. - - name: 'securityLevel' - type: Enum - description: | - Security (HTTPS) enforcement for this URL. - required: false - enum_values: - - 'SECURE_DEFAULT' - - 'SECURE_NEVER' - - 'SECURE_OPTIONAL' - - 'SECURE_ALWAYS' - - name: 'login' - type: Enum - description: | - Methods to restrict access to a URL based on login status. - required: false - enum_values: - - 'LOGIN_OPTIONAL' - - 'LOGIN_ADMIN' - - 'LOGIN_REQUIRED' - - name: 'authFailAction' - type: Enum - description: | - Actions to take when the user is not logged in. - required: false - enum_values: - - 'AUTH_FAIL_ACTION_REDIRECT' - - 'AUTH_FAIL_ACTION_UNAUTHORIZED' - - name: 'redirectHttpResponseCode' - type: Enum - description: | - 30x code to use when performing redirects for the secure field. - required: false - enum_values: - - 'REDIRECT_HTTP_RESPONSE_CODE_301' - - 'REDIRECT_HTTP_RESPONSE_CODE_302' - - 'REDIRECT_HTTP_RESPONSE_CODE_303' - - 'REDIRECT_HTTP_RESPONSE_CODE_307' - - name: 'script' - type: NestedObject - description: | - Executes a script to handle the requests that match this URL pattern. - Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". - properties: - - name: 'scriptPath' - type: String - description: | - Path to the script from the application root directory. - required: true - - name: 'staticFiles' - type: NestedObject - description: | - Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. - Static file handlers describe which files in the application directory are static files, and which URLs serve them. - properties: - - name: 'path' - type: String - description: | - Path to the static files matched by the URL pattern, from the application root directory. - The path can refer to text matched in groupings in the URL pattern. - - name: 'uploadPathRegex' - type: String - description: | - Regular expression that matches the file paths for all files that should be referenced by this handler. - - name: 'httpHeaders' - type: KeyValuePairs - description: | - HTTP headers to use for all responses from these URLs. - An object containing a list of "key:value" value pairs.". - - name: 'mimeType' - type: String - description: | - MIME type used to serve all files served by this handler. - Defaults to file-specific MIME types, which are derived from each file's filename extension. - - name: 'expiration' - type: String - description: | - Time a static file served by this handler should be cached by web proxies and browsers. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". - Default is '0s' - default_value: "0s" - - name: 'requireMatchingFile' - type: Boolean - description: | - Whether this handler should match the request if the file referenced by the handler does not exist. - - name: 'applicationReadable' - type: Boolean - description: | - Whether files should also be uploaded as code data. By default, files declared in static file handlers are - uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, - uploads are charged against both your code and static data storage resource quotas. - - name: 'runtimeMainExecutablePath' - type: String - description: | - The path or name of the app's main executable. - - name: 'serviceAccount' - type: String - description: | - The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as - default if this field is neither provided in app.yaml file nor through CLI flag. - default_from_api: true - - name: 'apiConfig' - type: NestedObject - description: | - Serving configuration for Google Cloud Endpoints. - properties: - - name: 'authFailAction' - type: Enum - description: | - Action to take when users access resources that require authentication. - default_value: "AUTH_FAIL_ACTION_REDIRECT" - enum_values: - - 'AUTH_FAIL_ACTION_REDIRECT' - - 'AUTH_FAIL_ACTION_UNAUTHORIZED' - - name: 'login' - type: Enum - description: | - Level of login required to access this resource. - default_value: "LOGIN_OPTIONAL" - enum_values: - - 'LOGIN_OPTIONAL' - - 'LOGIN_ADMIN' - - 'LOGIN_REQUIRED' - - name: 'script' - type: String - description: | - Path to the script from the application root directory. - required: true - - name: 'securityLevel' - type: Enum - description: | - Security (HTTPS) enforcement for this URL. - enum_values: - - 'SECURE_DEFAULT' - - 'SECURE_NEVER' - - 'SECURE_OPTIONAL' - - 'SECURE_ALWAYS' - - name: 'url' - type: String - description: | - URL to serve the endpoint at. - - name: 'envVariables' - type: KeyValuePairs - description: |- - Environment variables available to the application. As these are not returned in the API request, Terraform will not detect any changes made outside of the Terraform config. - ignore_read: true - - name: 'defaultExpiration' - type: String - description: | - Duration that static files should be cached by web proxies and browsers. - Only applicable if the corresponding StaticFilesHandler does not specify its own expiration time. - - name: 'readinessCheck' - type: NestedObject - description: | - Configures readiness health checking for instances. Unhealthy instances are not put into the backend traffic rotation. - required: true - properties: - - name: 'path' - type: String - description: | - The request path. - required: true - - name: 'host' - type: String - description: | - Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" - - name: 'failureThreshold' - type: Double - description: | - Number of consecutive failed checks required before removing traffic. Default: 2. - default_value: 2.0 - - name: 'successThreshold' - type: Double - description: | - Number of consecutive successful checks required before receiving traffic. Default: 2. - default_value: 2.0 - - name: 'checkInterval' - type: String - description: | - Interval between health checks. Default: "5s". - default_value: "5s" - - name: 'timeout' - type: String - description: | - Time before the check is considered failed. Default: "4s" - default_value: "4s" - - name: 'appStartTimeout' - type: String - description: | - A maximum time limit on application initialization, measured from moment the application successfully - replies to a healthcheck until it is ready to serve traffic. Default: "300s" - default_value: "300s" - - name: 'livenessCheck' - type: NestedObject - description: | - Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. - required: true - properties: - - name: 'path' - type: String - description: | - The request path. - required: true - - name: 'host' - type: String - description: | - Host header to send when performing a HTTP Readiness check. Example: "myapp.appspot.com" - - name: 'failureThreshold' - type: Double - description: | - Number of consecutive failed checks required before considering the VM unhealthy. Default: 4. - default_value: 4.0 - - name: 'successThreshold' - type: Double - description: | - Number of consecutive successful checks required before considering the VM healthy. Default: 2. - default_value: 2.0 - - name: 'checkInterval' - type: String - description: | - Interval between health checks. - default_value: "30s" - - name: 'timeout' - type: String - description: | - Time before the check is considered failed. Default: "4s" - default_value: "4s" - - name: 'initialDelay' - type: String - description: | - The initial delay before starting to execute the checks. Default: "300s" - default_value: "300s" - - name: 'nobuildFilesRegex' - type: String - description: | - Files that match this pattern will not be built into this version. Only applicable for Go runtimes. - - name: 'deployment' - type: NestedObject - description: | - Code and application artifacts that make up this version. - ignore_read: true - properties: - - name: 'zip' - type: NestedObject - description: 'Zip File' - at_least_one_of: - - 'deployment.0.zip' - - 'deployment.0.files' - - 'deployment.0.container' - properties: - - name: 'sourceUrl' - type: String - description: 'Source URL' - required: true - - name: 'filesCount' - type: Integer - description: 'files count' - - name: 'files' - type: Map - description: | - Manifest of the files stored in Google Cloud Storage that are included as part of this version. - All files must be readable using the credentials supplied with this call. - at_least_one_of: - - 'deployment.0.zip' - - 'deployment.0.files' - - 'deployment.0.container' - key_name: 'name' - key_description: | - name of file - value_type: - name: files - type: NestedObject - properties: - - name: 'sha1Sum' - type: String - description: | - SHA1 checksum of the file - - name: 'sourceUrl' - type: String - description: | - Source URL - required: true - - name: 'container' - type: NestedObject - description: 'The Docker image for the container that runs the version.' - default_from_api: true - at_least_one_of: - - 'deployment.0.zip' - - 'deployment.0.files' - - 'deployment.0.container' - properties: - - name: 'image' - type: String - description: | - URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. - Examples: "gcr.io/my-project/image:tag" or "gcr.io/my-project/image@digest" - required: true - - name: 'cloudBuildOptions' - type: NestedObject - description: - Options for the build operations performed as a part of the version - deployment. Only applicable when creating a version using source code - directly. - at_least_one_of: - - 'deployment.0.zip' - - 'deployment.0.files' - - 'deployment.0.container' - properties: - - name: 'appYamlPath' - type: String - description: | - Path to the yaml file used in deployment, used to determine runtime configuration details. - required: true - - name: 'cloudBuildTimeout' - type: String - description: | - The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes. - - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - name: 'endpointsApiService' - type: NestedObject - description: | - Code and application artifacts that make up this version. - properties: - - name: 'name' - type: String - description: | - Endpoints service name which is the name of the "service" resource in the Service Management API. - For example "myapi.endpoints.myproject.cloud.goog" - required: true - - name: 'configId' - type: String - description: | - Endpoints service configuration ID as specified by the Service Management API. For example "2016-09-19r1". - - By default, the rollout strategy for Endpoints is "FIXED". This means that Endpoints starts up with a particular configuration ID. - When a new configuration is rolled out, Endpoints must be given the new configuration ID. The configId field is used to give the configuration ID - and is required in this case. - - Endpoints also has a rollout strategy called "MANAGED". When using this, Endpoints fetches the latest configuration and does not need - the configuration ID. In this case, configId must be omitted. - - name: 'rolloutStrategy' - type: Enum - description: | - Endpoints rollout strategy. If FIXED, configId must be specified. If MANAGED, configId must be omitted. - default_value: "FIXED" - enum_values: - - 'FIXED' - - 'MANAGED' - - name: 'disableTraceSampling' - type: Boolean - description: - Enable or disable trace sampling. By default, this is set to false for - enabled. - default_value: false - - name: 'entrypoint' - type: NestedObject - description: | - The entrypoint for the application. - ignore_read: true - properties: - - name: 'shell' - type: String - description: | - The format should be a shell command that can be fed to bash -c. - required: true - - name: 'vpcAccessConnector' - type: NestedObject - description: | - Enables VPC connectivity for standard apps. - properties: - - name: 'name' - type: String - description: | - Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. - required: true - - name: 'automaticScaling' - type: NestedObject - description: | - Automatic scaling is based on request rate, response latencies, and other application metrics. - exactly_one_of: - - 'automatic_scaling' - - 'manual_scaling' - properties: - - name: 'coolDownPeriod' - type: String - description: | - The time period that the Autoscaler should wait before it starts collecting information from a new instance. - This prevents the autoscaler from collecting information when the instance is initializing, - during which the collected usage would not be reliable. Default: 120s - default_value: "120s" - - name: 'cpuUtilization' - type: NestedObject - description: | - Target scaling by CPU usage. - required: true - properties: - - name: 'aggregationWindowLength' - type: String - description: | - Period of time over which CPU utilization is calculated. - - name: 'targetUtilization' - type: Double - description: | - Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1. - required: true - - name: 'maxConcurrentRequests' - type: Integer - description: | - Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. - - Defaults to a runtime-specific value. - default_from_api: true - - name: 'maxIdleInstances' - type: Integer - description: | - Maximum number of idle instances that should be maintained for this version. - - name: 'maxTotalInstances' - type: Integer - description: | - Maximum number of instances that should be started to handle requests for this version. Default: 20 - default_value: 20 - - name: 'maxPendingLatency' - type: String - description: | - Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. - - name: 'minIdleInstances' - type: Integer - description: | - Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. - - name: 'minTotalInstances' - type: Integer - description: | - Minimum number of running instances that should be maintained for this version. Default: 2 - default_value: 2 - - name: 'minPendingLatency' - type: String - description: | - Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. - - name: 'requestUtilization' - type: NestedObject - description: | - Target scaling by request utilization. - properties: - - name: 'targetRequestCountPerSecond' - type: String - description: | - Target requests per second. - at_least_one_of: - - 'automatic_scaling.0.request_utilization.0.target_request_count_per_second' - - 'automatic_scaling.0.request_utilization.0.target_concurrent_requests' - - name: 'targetConcurrentRequests' - type: Double - description: | - Target number of concurrent requests. - at_least_one_of: - - 'automatic_scaling.0.request_utilization.0.target_request_count_per_second' - - 'automatic_scaling.0.request_utilization.0.target_concurrent_requests' - - name: 'diskUtilization' - type: NestedObject - description: | - Target scaling by disk usage. - properties: - - name: 'targetWriteBytesPerSecond' - type: Integer - description: | - Target bytes written per second. - at_least_one_of: - - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' - - name: 'targetWriteOpsPerSecond' - type: Integer - description: | - Target ops written per second. - at_least_one_of: - - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' - - name: 'targetReadBytesPerSecond' - type: Integer - description: | - Target bytes read per second. - at_least_one_of: - - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' - - name: 'targetReadOpsPerSecond' - type: Integer - description: | - Target ops read per seconds. - at_least_one_of: - - 'automatic_scaling.0.disk_utilization.0.target_write_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_write_ops_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_bytes_per_second' - - 'automatic_scaling.0.disk_utilization.0.target_read_ops_per_second' - - name: 'networkUtilization' - type: NestedObject - description: | - Target scaling by network usage. - properties: - - name: 'targetSentBytesPerSecond' - type: Integer - description: | - Target bytes sent per second. - at_least_one_of: - - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' - - name: 'targetSentPacketsPerSecond' - type: Integer - description: | - Target packets sent per second. - at_least_one_of: - - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' - - name: 'targetReceivedBytesPerSecond' - type: Integer - description: | - Target bytes received per second. - at_least_one_of: - - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' - - name: 'targetReceivedPacketsPerSecond' - type: Integer - description: | - Target packets received per second. - at_least_one_of: - - 'automatic_scaling.0.network_utilization.0.target_sent_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_sent_packets_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_bytes_per_second' - - 'automatic_scaling.0.network_utilization.0.target_received_packets_per_second' - - name: 'manualScaling' - type: NestedObject - description: | - A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. - exactly_one_of: - - 'automatic_scaling' - - 'manual_scaling' - properties: - - name: 'instances' - type: Integer - description: | - Number of instances to assign to the service at the start. - - **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 - Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. - required: true diff --git a/mmv1/products/appengine/go_Service.yaml b/mmv1/products/appengine/go_Service.yaml deleted file mode 100644 index e8ec7bec64ac..000000000000 --- a/mmv1/products/appengine/go_Service.yaml +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Service' -description: | - A Service resource is a logical component of an application that can share state and communicate in a secure fashion with other services. - For example, an application that handles customer requests might include separate services to handle tasks such as backend data analysis or API requests from mobile devices. - Each service has a collection of versions that define a specific set of code used to implement the functionality of that service. -exclude: true -references: - guides: - 'Official Documentation': 'https://cloud.google.com/appengine/docs/admin-api/deploying-overview' - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' -docs: -base_url: 'apps/{{project}}/services' -self_link: 'apps/{{project}}/services/{{id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -parameters: -properties: - - name: 'name' - type: String - description: | - Full path to the Service resource in the API. Example apps/myapp/services/default. - This field is used in responses only. Any value specified here in a request is ignored. - output: true - - name: 'id' - type: String - description: | - Relative name of the service within the application. Example default. - output: true diff --git a/mmv1/products/appengine/go_ServiceNetworkSettings.yaml b/mmv1/products/appengine/go_ServiceNetworkSettings.yaml deleted file mode 100644 index 8f88f1a6a318..000000000000 --- a/mmv1/products/appengine/go_ServiceNetworkSettings.yaml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServiceNetworkSettings' -description: | - A NetworkSettings resource is a container for ingress settings for a version or service. -references: - guides: - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' -docs: -id_format: 'apps/{{project}}/services/{{service}}' -base_url: 'apps/{{project}}/services' -self_link: 'apps/{{project}}/services/{{service}}' -create_url: 'apps/{{project}}/services/{{service}}?updateMask=networkSettings' -create_verb: 'PATCH' -update_url: 'apps/{{project}}/services/{{service}}' -update_verb: 'PATCH' -update_mask: true -exclude_delete: true -mutex: 'apps/{{project}}' -import_format: - - 'apps/{{project}}/services/{{service}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'appengine#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -examples: - - name: 'app_engine_service_network_settings' - primary_resource_id: 'internalapp' - vars: - bucket_name: 'appengine-static-content' -parameters: -properties: - - name: 'service' - type: String - description: | - The name of the service these settings apply to. - api_name: id - required: true - - name: 'networkSettings' - type: NestedObject - description: | - Ingress settings for this service. Will apply to all versions. - required: true - properties: - - name: 'ingressTrafficAllowed' - type: Enum - description: | - The ingress settings for version or service. - default_value: "INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED" - enum_values: - - 'INGRESS_TRAFFIC_ALLOWED_UNSPECIFIED' - - 'INGRESS_TRAFFIC_ALLOWED_ALL' - - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_ONLY' - - 'INGRESS_TRAFFIC_ALLOWED_INTERNAL_AND_LB' diff --git a/mmv1/products/appengine/go_ServiceSplitTraffic.yaml b/mmv1/products/appengine/go_ServiceSplitTraffic.yaml deleted file mode 100644 index 18518fdce859..000000000000 --- a/mmv1/products/appengine/go_ServiceSplitTraffic.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServiceSplitTraffic' -description: | - Traffic routing configuration for versions within a single service. Traffic splits define how traffic directed to the service is assigned to versions. -references: - guides: - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services' -docs: -id_format: 'apps/{{project}}/services/{{service}}' -base_url: 'apps/{{project}}/services' -self_link: 'apps/{{project}}/services/{{service}}' -create_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}&updateMask=split' -create_verb: 'PATCH' -update_url: 'apps/{{project}}/services/{{service}}?migrateTraffic={{migrate_traffic}}' -update_verb: 'PATCH' -update_mask: true -exclude_delete: true -mutex: 'apps/{{project}}' -import_format: - - 'apps/{{project}}/services/{{service}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'appengine#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -examples: - - name: 'app_engine_service_split_traffic' - primary_resource_id: 'liveapp' - vars: - service_id: 'default' - split.allocations.v1: '1' - bucket_name: 'appengine-static-content' - test_env_vars: - org_id: 'ORG_ID' -parameters: - - name: 'migrate_traffic' - type: Boolean - description: | - If set to true traffic will be migrated to this version. - url_param_only: true -properties: - - name: 'service' - type: String - description: | - The name of the service these settings apply to. - api_name: id - required: true - - name: 'split' - type: NestedObject - description: | - Mapping that defines fractional HTTP traffic diversion to different versions within the service. - required: true - ignore_read: true - properties: - - name: 'shardBy' - type: Enum - description: | - Mechanism used to determine which version a request is sent to. The traffic selection algorithm will be stable for either type until allocations are changed. - enum_values: - - 'UNSPECIFIED' - - 'COOKIE' - - 'IP' - - 'RANDOM' - - name: 'allocations' - type: KeyValuePairs - description: | - Mapping from version IDs within the service to fractional (0.000, 1] allocations of traffic for that version. Each version can be specified only once, but some versions in the service may not have any traffic allocation. Services that have traffic allocated cannot be deleted until either the service is deleted or their traffic allocation is removed. Allocations must sum to 1. Up to two decimal place precision is supported for IP-based splits and up to three decimal places is supported for cookie-based splits. - - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_string.go.tmpl' diff --git a/mmv1/products/appengine/go_StandardAppVersion.yaml b/mmv1/products/appengine/go_StandardAppVersion.yaml deleted file mode 100644 index 93a5f71fadb9..000000000000 --- a/mmv1/products/appengine/go_StandardAppVersion.yaml +++ /dev/null @@ -1,449 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'StandardAppVersion' -description: | - Standard App Version resource to create a new version of standard GAE Application. - Learn about the differences between the standard environment and the flexible environment - at https://cloud.google.com/appengine/docs/the-appengine-environments. - Currently supporting Zip and File Containers. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/appengine/docs/standard' - api: 'https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions' -docs: -id_format: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -base_url: 'apps/{{project}}/services/{{service}}/versions' -self_link: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}?view=FULL' -create_url: 'apps/{{project}}/services/{{service}}/versions' -update_url: 'apps/{{project}}/services/{{service}}/versions' -update_verb: 'POST' -update_mask: false -delete_url: 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -mutex: 'apps/{{project}}' -import_format: - - 'apps/{{project}}/services/{{service}}/versions/{{version_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'appengine#operation' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'versions' -custom_code: - custom_delete: 'templates/terraform/custom_delete/go/appversion_delete.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/appengine.go.tmpl' -error_retry_predicates: - - - 'transport_tpg.IsAppEngineRetryableError' -examples: - - name: 'app_engine_standard_app_version' - primary_resource_id: 'myapp_v1' - vars: - project_id: 'ae-project' - bucket_name: 'appengine-static-content' - service_name: 'ae-service' - account_id: 'my-account' - test_env_vars: - org_id: 'ORG_ID' - ignore_read_extra: - - 'delete_service_on_destroy' -virtual_fields: - - name: 'noop_on_destroy' - description: | - If set to `true`, the application version will not be deleted. - type: Boolean - default_value: false - - name: 'delete_service_on_destroy' - description: | - If set to `true`, the service will be deleted if it is the last version. - type: Boolean - default_value: false -parameters: - - name: 'service' - type: ResourceRef - description: | - AppEngine service resource - url_param_only: true - required: true - resource: 'Service' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Full path to the Version resource in the API. Example, "v1". - output: true - - name: 'version_id' - type: String - description: | - Relative name of the version within the service. For example, `v1`. Version names can contain only lowercase letters, numbers, or hyphens. Reserved names,"default", "latest", and any name with the prefix "ah-". - api_name: id - immutable: true - - name: 'runtime' - type: String - description: | - Desired runtime. Example python27. - required: true - - name: 'serviceAccount' - type: String - description: | - The identity that the deployed version will run as. Admin API will use the App Engine Appspot service account as default if this field is neither provided in app.yaml file nor through CLI flag. - default_from_api: true - - name: 'threadsafe' - type: Boolean - description: | - Whether multiple requests can be dispatched to this version at once. - ignore_read: true - - name: 'appEngineApis' - type: Boolean - description: | - Allows App Engine second generation runtimes to access the legacy bundled services. - - name: 'runtimeApiVersion' - type: String - description: | - The version of the API in the given runtime environment. - Please see the app.yaml reference for valid values at `https://cloud.google.com/appengine/docs/standard//config/appref`\ - Substitute `` with `python`, `java`, `php`, `ruby`, `go` or `nodejs`. - - name: 'handlers' - type: Array - description: | - An ordered list of URL-matching patterns that should be applied to incoming requests. - The first matching URL handles the request and other request handlers are not attempted. - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'urlRegex' - type: String - description: | - URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. - All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path. - - name: 'securityLevel' - type: Enum - description: | - Security (HTTPS) enforcement for this URL. - required: false - enum_values: - - 'SECURE_DEFAULT' - - 'SECURE_NEVER' - - 'SECURE_OPTIONAL' - - 'SECURE_ALWAYS' - - name: 'login' - type: Enum - description: | - Methods to restrict access to a URL based on login status. - required: false - enum_values: - - 'LOGIN_OPTIONAL' - - 'LOGIN_ADMIN' - - 'LOGIN_REQUIRED' - - name: 'authFailAction' - type: Enum - description: | - Actions to take when the user is not logged in. - required: false - enum_values: - - 'AUTH_FAIL_ACTION_REDIRECT' - - 'AUTH_FAIL_ACTION_UNAUTHORIZED' - - name: 'redirectHttpResponseCode' - type: Enum - description: | - 30x code to use when performing redirects for the secure field. - required: false - enum_values: - - 'REDIRECT_HTTP_RESPONSE_CODE_301' - - 'REDIRECT_HTTP_RESPONSE_CODE_302' - - 'REDIRECT_HTTP_RESPONSE_CODE_303' - - 'REDIRECT_HTTP_RESPONSE_CODE_307' - - name: 'script' - type: NestedObject - description: | - Executes a script to handle the requests that match this URL pattern. - Only the auto value is supported for Node.js in the App Engine standard environment, for example "script:" "auto". - properties: - - name: 'scriptPath' - type: String - description: | - Path to the script from the application root directory. - required: true - - name: 'staticFiles' - type: NestedObject - description: | - Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them. - properties: - - name: 'path' - type: String - description: | - Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern. - - name: 'uploadPathRegex' - type: String - description: | - Regular expression that matches the file paths for all files that should be referenced by this handler. - - name: 'httpHeaders' - type: KeyValuePairs - description: | - HTTP headers to use for all responses from these URLs. - An object containing a list of "key:value" value pairs.". - - name: 'mimeType' - type: String - description: | - MIME type used to serve all files served by this handler. - Defaults to file-specific MIME types, which are derived from each file's filename extension. - - name: 'expiration' - type: String - description: | - Time a static file served by this handler should be cached by web proxies and browsers. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example "3.5s". - - name: 'requireMatchingFile' - type: Boolean - description: | - Whether this handler should match the request if the file referenced by the handler does not exist. - - name: 'applicationReadable' - type: Boolean - description: | - Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as - static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged - against both your code and static data storage resource quotas. - - name: 'libraries' - type: Array - description: | - Configuration for third-party Python runtime libraries that are required by the application. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the library. Example "django". - - name: 'version' - type: String - description: | - Version of the library to select, or "latest". - - name: 'envVariables' - type: KeyValuePairs - description: | - Environment variables available to the application. - ignore_read: true - - name: 'deployment' - type: NestedObject - description: | - Code and application artifacts that make up this version. - required: true - ignore_read: true - properties: - - name: 'zip' - type: NestedObject - description: 'Zip File' - required: false - at_least_one_of: - - 'deployment.0.zip' - - 'deployment.0.files' - properties: - - name: 'sourceUrl' - type: String - description: 'Source URL' - required: true - - name: 'filesCount' - type: Integer - description: 'files count' - required: false - - name: 'files' - type: Map - description: | - Manifest of the files stored in Google Cloud Storage that are included as part of this version. - All files must be readable using the credentials supplied with this call. - required: false - at_least_one_of: - - 'deployment.0.zip' - - 'deployment.0.files' - key_name: 'name' - key_description: | - name of file - value_type: - name: files - type: NestedObject - properties: - - name: 'sha1Sum' - type: String - description: | - SHA1 checksum of the file - - name: 'sourceUrl' - type: String - description: | - Source URL - required: true - - name: 'entrypoint' - type: NestedObject - description: | - The entrypoint for the application. - required: true - ignore_read: true - properties: - - name: 'shell' - type: String - description: | - The format should be a shell command that can be fed to bash -c. - required: true - - name: 'vpcAccessConnector' - type: NestedObject - description: | - Enables VPC connectivity for standard apps. - properties: - - name: 'name' - type: String - description: | - Full Serverless VPC Access Connector name e.g. /projects/my-project/locations/us-central1/connectors/c1. - required: true - - name: 'egressSetting' - type: String - description: | - The egress setting for the connector, controlling what traffic is diverted through it. - - name: 'inboundServices' - type: Array - description: | - A list of the types of messages that this application is able to receive. - is_set: true - item_type: - type: Enum - description: | - One type of message that this application is able to receive. - enum_values: - - 'INBOUND_SERVICE_MAIL' - - 'INBOUND_SERVICE_MAIL_BOUNCE' - - 'INBOUND_SERVICE_XMPP_ERROR' - - 'INBOUND_SERVICE_XMPP_MESSAGE' - - 'INBOUND_SERVICE_XMPP_SUBSCRIBE' - - 'INBOUND_SERVICE_XMPP_PRESENCE' - - 'INBOUND_SERVICE_CHANNEL_PRESENCE' - - 'INBOUND_SERVICE_WARMUP' - - name: 'instanceClass' - type: String - description: | - Instance class that is used to run this version. Valid values are - AutomaticScaling: F1, F2, F4, F4_1G - BasicScaling or ManualScaling: B1, B2, B4, B4_1G, B8 - Defaults to F1 for AutomaticScaling and B2 for ManualScaling and BasicScaling. If no scaling is specified, AutomaticScaling is chosen. - default_from_api: true - - name: 'automaticScaling' - type: NestedObject - description: | - Automatic scaling is based on request rate, response latencies, and other application metrics. - conflicts: - - basic_scaling - - manual_scaling - custom_flatten: 'templates/terraform/custom_flatten/go/appengine_standardappversion_automatic_scaling_handlenil.go.tmpl' - properties: - - name: 'maxConcurrentRequests' - type: Integer - description: | - Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance. - - Defaults to a runtime-specific value. - - name: 'maxIdleInstances' - type: Integer - description: | - Maximum number of idle instances that should be maintained for this version. - - name: 'maxPendingLatency' - type: String - description: | - Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - name: 'minIdleInstances' - type: Integer - description: | - Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service. - - name: 'minPendingLatency' - type: String - description: | - Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - name: 'standardSchedulerSettings' - type: NestedObject - description: | - Scheduler settings for standard environment. - properties: - - name: 'targetCpuUtilization' - type: Double - description: | - Target CPU utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. - - name: 'targetThroughputUtilization' - type: Double - description: | - Target throughput utilization ratio to maintain when scaling. Should be a value in the range [0.50, 0.95], zero, or a negative value. - - name: 'minInstances' - type: Integer - description: | - Minimum number of instances to run for this version. Set to zero to disable minInstances configuration. - - name: 'maxInstances' - type: Integer - description: | - Maximum number of instances to run for this version. Set to zero to disable maxInstances configuration. - - name: 'basicScaling' - type: NestedObject - description: | - Basic scaling creates instances when your application receives requests. Each instance will be shut down when the application becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity. - conflicts: - - automatic_scaling - - manual_scaling - properties: - - name: 'idleTimeout' - type: String - description: | - Duration of time after the last request that an instance must wait before the instance is shut down. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. - default_value: "900s" - - name: 'maxInstances' - type: Integer - description: | - Maximum number of instances to create for this version. Must be in the range [1.0, 200.0]. - required: true - - name: 'manualScaling' - type: NestedObject - description: | - A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. - conflicts: - - automatic_scaling - - basic_scaling - properties: - - name: 'instances' - type: Integer - description: | - Number of instances to assign to the service at the start. - - **Note:** When managing the number of instances at runtime through the App Engine Admin API or the (now deprecated) Python 2 - Modules API set_num_instances() you must use `lifecycle.ignore_changes = ["manual_scaling"[0].instances]` to prevent drift detection. - -# StandardAppVersion and FlexibleAppVersion use the same API endpoint (apps.services.versions) -# They are split apart as some of the fields will are necessary for one and not the other, and -# other fields may have different defaults. However, some fields are the same. If fixing a bug -# in one, please check the other for the same fix. - required: true diff --git a/mmv1/products/appengine/go_product.yaml b/mmv1/products/appengine/go_product.yaml deleted file mode 100644 index c8c6d3e2b51d..000000000000 --- a/mmv1/products/appengine/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AppEngine' -display_name: 'App Engine' -versions: - - name: 'ga' - base_url: 'https://appengine.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://appengine.googleapis.com/v1beta/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/appengine/product.yaml b/mmv1/products/appengine/product.yaml index 12417a18d59e..0b6d91d805de 100644 --- a/mmv1/products/appengine/product.yaml +++ b/mmv1/products/appengine/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: AppEngine -display_name: App Engine +--- +name: 'AppEngine' +display_name: 'App Engine' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://appengine.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://appengine.googleapis.com/v1beta/ + - name: 'ga' + base_url: 'https://appengine.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://appengine.googleapis.com/v1beta/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/apphub/Application.yaml b/mmv1/products/apphub/Application.yaml index 94f0ec009493..1abcc520e527 100644 --- a/mmv1/products/apphub/Application.yaml +++ b/mmv1/products/apphub/Application.yaml @@ -11,179 +11,181 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/{{location}}/applications -create_url: projects/{{project}}/locations/{{location}}/applications?applicationId={{application_id}} -self_link: projects/{{project}}/locations/{{location}}/applications/{{application_id}} -id_format: projects/{{project}}/locations/{{location}}/applications/{{application_id}} -import_format: - - projects/{{project}}/locations/{{location}}/applications/{{application_id}} -name: Application +--- +name: 'Application' description: 'Application is a functional grouping of Services and Workloads that helps achieve a desired end-to-end business functionality. Services and Workloads are owned by the Application.' -update_verb: :PATCH +docs: +id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/applications' +self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/applications?applicationId={{application_id}}' +update_verb: 'PATCH' update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response + result: + path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "application_basic" - primary_resource_id: "example" - config_path: "templates/terraform/examples/apphub_application_basic.tf.erb" + - name: 'application_basic' + config_path: 'templates/terraform/examples/apphub_application_basic.tf.tmpl' + primary_resource_id: 'example' vars: - application_id: "example-application" - - !ruby/object:Provider::Terraform::Examples - name: "application_full" - primary_resource_id: "example2" - config_path: "templates/terraform/examples/apphub_application_full.tf.erb" + application_id: 'example-application' + - name: 'application_full' + config_path: 'templates/terraform/examples/apphub_application_full.tf.tmpl' + primary_resource_id: 'example2' vars: - application_id: "example-application" - display_name: "Application Full" + application_id: 'example-application' + display_name: 'Application Full' desc: 'Application for testing' - business_name: "Alice" - business_email: "alice@google.com" - developer_name: "Bob" - developer_email: "bob@google.com" - operator_name: "Charlie" - operator_email: "charlie@google.com" + business_name: 'Alice' + business_email: 'alice@google.com' + developer_name: 'Bob' + developer_email: 'bob@google.com' + operator_name: 'Charlie' + operator_email: 'charlie@google.com' parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: 'Part of `parent`. See documentation of `projectsId`.' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: applicationId + - name: 'applicationId' + type: String description: 'Required. The Application identifier.' url_param_only: true required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: "Identifier. The resource name of an Application. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}\"" - - !ruby/object:Api::Type::String - name: displayName + output: true + - name: 'displayName' + type: String description: 'Optional. User-defined name for the Application.' - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: 'Optional. User-defined description of an Application.' - - !ruby/object:Api::Type::NestedObject - name: attributes + - name: 'attributes' + type: NestedObject description: 'Consumer provided attributes.' properties: - - !ruby/object:Api::Type::NestedObject - name: criticality + - name: 'criticality' + type: NestedObject description: 'Criticality of the Application, Service, or Workload' properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Criticality type.' required: true - values: - - :MISSION_CRITICAL - - :HIGH - - :MEDIUM - - :LOW - - !ruby/object:Api::Type::NestedObject - name: environment + enum_values: + - 'MISSION_CRITICAL' + - 'HIGH' + - 'MEDIUM' + - 'LOW' + - name: 'environment' + type: NestedObject description: 'Environment of the Application, Service, or Workload' properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Environment type.' required: true - values: - - :PRODUCTION - - :STAGING - - :TEST - - :DEVELOPMENT - - !ruby/object:Api::Type::Array - name: developerOwners + enum_values: + - 'PRODUCTION' + - 'STAGING' + - 'TEST' + - 'DEVELOPMENT' + - name: 'developerOwners' + type: Array description: 'Optional. Developer team that owns development and coding.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Optional. Contact''s name.' - - !ruby/object:Api::Type::String - name: email - required: true + - name: 'email' + type: String description: 'Required. Email address of the contacts.' - - !ruby/object:Api::Type::Array - name: operatorOwners + required: true + - name: 'operatorOwners' + type: Array description: 'Optional. Operator team that ensures runtime and operations.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Optional. Contact''s name.' - - !ruby/object:Api::Type::String - name: email - required: true + - name: 'email' + type: String description: 'Required. Email address of the contacts.' - - !ruby/object:Api::Type::Array - name: businessOwners + required: true + - name: 'businessOwners' + type: Array description: 'Optional. Business team that ensures user needs are met and value is delivered' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Optional. Contact''s name.' - - !ruby/object:Api::Type::String - name: email - required: true + - name: 'email' + type: String description: 'Required. Email address of the contacts.' - - !ruby/object:Api::Type::String - name: createTime + required: true + - name: 'createTime' + type: String description: 'Output only. Create time.' output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: 'Output only. Update time.' output: true - - !ruby/object:Api::Type::NestedObject - name: scope + - name: 'scope' + type: NestedObject description: 'Scope of an application.' required: true properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: "Required. Scope Type. \n Possible values:\nREGIONAL" required: true - values: - - :REGIONAL - - !ruby/object:Api::Type::String - name: uid + enum_values: + - 'REGIONAL' + - name: 'uid' + type: String description: 'Output only. A universally unique identifier (in UUID4 format) for the `Application`.' output: true - - !ruby/object:Api::Type::Enum - name: state + - name: 'state' + type: Enum description: "Output only. Application state. \n Possible values:\n STATE_UNSPECIFIED\nCREATING\nACTIVE\nDELETING" output: true - values: - - :STATE_UNSPECIFIED - - :CREATING - - :ACTIVE - - :DELETING + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'ACTIVE' + - 'DELETING' diff --git a/mmv1/products/apphub/Service.yaml b/mmv1/products/apphub/Service.yaml index 84e3c408c1a2..5b6a5084cc51 100644 --- a/mmv1/products/apphub/Service.yaml +++ b/mmv1/products/apphub/Service.yaml @@ -11,225 +11,227 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services -create_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services?serviceId={{service_id}} -self_link: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}} -id_format: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}} -import_format: - - projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}} -name: Service +--- +name: 'Service' description: 'Service is a network/api interface that exposes some functionality to clients for consumption over the network. Service typically has one or more Workloads behind it. It registers identified service to the Application.' -update_verb: :PATCH +docs: +id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services' +self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services?serviceId={{service_id}}' +update_verb: 'PATCH' update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response + result: + path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "apphub_service_basic" - external_providers: ["random", "time"] - primary_resource_id: "example" + - name: 'apphub_service_basic' + primary_resource_id: 'example' vars: - application_id: "example-application-1" - service_project_attachment_id: "project-1" - ilb_network: "l7-ilb-network" - ilb_subnet: "l7-ilb-subnet" - forwarding_rule: "l7-ilb-forwarding-rule" - backend_service: "l7-ilb-backend-subnet" - health_check: "l7-ilb-hc" + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + forwarding_rule: 'l7-ilb-forwarding-rule' + backend_service: 'l7-ilb-backend-subnet' + health_check: 'l7-ilb-hc' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: "apphub_service_full" + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' external_providers: ["random", "time"] - primary_resource_id: "example" + - name: 'apphub_service_full' + primary_resource_id: 'example' vars: - application_id: "example-application-1" - service_project_attachment_id: "project-1" - display_name: "Example Service Full" + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + display_name: 'Example Service Full' desc: 'Register service for testing' - business_name: "Alice" - business_email: "alice@google.com" - developer_name: "Bob" - developer_email: "bob@google.com" - operator_name: "Charlie" - operator_email: "charlie@google.com" - ilb_network: "l7-ilb-network" - ilb_subnet: "l7-ilb-subnet" - forwarding_rule: "l7-ilb-forwarding-rule" - backend_service: "l7-ilb-backend-subnet" - health_check: "l7-ilb-hc" + business_name: 'Alice' + business_email: 'alice@google.com' + developer_name: 'Bob' + developer_email: 'bob@google.com' + operator_name: 'Charlie' + operator_email: 'charlie@google.com' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + forwarding_rule: 'l7-ilb-forwarding-rule' + backend_service: 'l7-ilb-backend-subnet' + health_check: 'l7-ilb-hc' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + external_providers: ["random", "time"] parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: applicationId + - name: 'applicationId' + type: String description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: serviceId + - name: 'serviceId' + type: String description: 'The Service identifier.' url_param_only: true required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: "Identifier. The resource name of a Service. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}\"" - - !ruby/object:Api::Type::String - name: displayName + output: true + - name: 'displayName' + type: String description: 'User-defined name for the Service.' - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: 'User-defined description of a Service.' - - !ruby/object:Api::Type::NestedObject - output: true - name: serviceReference + - name: 'serviceReference' + type: NestedObject description: 'Reference to an underlying networking resource that can comprise a Service.' + output: true properties: - - !ruby/object:Api::Type::String - name: uri + - name: 'uri' + type: String description: "Output only. The underlying resource URI (For example, URI of Forwarding Rule, URL Map,\nand Backend Service)." output: true - - !ruby/object:Api::Type::NestedObject - output: true - name: serviceProperties + - name: 'serviceProperties' + type: NestedObject description: 'Properties of an underlying cloud resource that can comprise a Service.' + output: true properties: - - !ruby/object:Api::Type::String - name: gcpProject + - name: 'gcpProject' + type: String description: "Output only. The service project identifier that the underlying cloud resource resides in." output: true - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: "Output only. The location that the underlying resource resides in, for example, us-west1." output: true - - !ruby/object:Api::Type::String - name: zone + - name: 'zone' + type: String description: "Output only. The location that the underlying resource resides in if it is zonal, for example, us-west1-a)." output: true - - !ruby/object:Api::Type::NestedObject - name: attributes + - name: 'attributes' + type: NestedObject description: 'Consumer provided attributes.' properties: - - !ruby/object:Api::Type::NestedObject - name: criticality + - name: 'criticality' + type: NestedObject description: 'Criticality of the Application, Service, or Workload' properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Criticality type.' required: true - values: - - :MISSION_CRITICAL - - :HIGH - - :MEDIUM - - :LOW - - !ruby/object:Api::Type::NestedObject - name: environment + enum_values: + - 'MISSION_CRITICAL' + - 'HIGH' + - 'MEDIUM' + - 'LOW' + - name: 'environment' + type: NestedObject description: 'Environment of the Application, Service, or Workload' properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Environment type.' required: true - values: - - :PRODUCTION - - :STAGING - - :TEST - - :DEVELOPMENT - - !ruby/object:Api::Type::Array - name: developerOwners + enum_values: + - 'PRODUCTION' + - 'STAGING' + - 'TEST' + - 'DEVELOPMENT' + - name: 'developerOwners' + type: Array description: 'Developer team that owns development and coding.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Contact''s name.' - - !ruby/object:Api::Type::String - name: email + - name: 'email' + type: String description: 'Required. Email address of the contacts.' required: true - - !ruby/object:Api::Type::Array - name: operatorOwners + - name: 'operatorOwners' + type: Array description: 'Operator team that ensures runtime and operations.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Contact''s name.' - - !ruby/object:Api::Type::String - name: email + - name: 'email' + type: String description: 'Required. Email address of the contacts.' required: true - - !ruby/object:Api::Type::Array - name: businessOwners + - name: 'businessOwners' + type: Array description: 'Business team that ensures user needs are met and value is delivered' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Contact''s name.' - - !ruby/object:Api::Type::String - name: email + - name: 'email' + type: String description: 'Required. Email address of the contacts.' required: true - - !ruby/object:Api::Type::String - name: discoveredService - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'discoveredService' + type: String description: 'Immutable. The resource name of the original discovered service.' required: true immutable: true - - !ruby/object:Api::Type::String - name: createTime + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'createTime' + type: String description: 'Output only. Create time.' output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: 'Output only. Update time.' output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: "Output only. A universally unique identifier (UUID) for the `Service` in the UUID4\nformat." output: true - - !ruby/object:Api::Type::String - name: state + - name: 'state' + type: String description: "Output only. Service state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" output: true diff --git a/mmv1/products/apphub/ServiceProjectAttachment.yaml b/mmv1/products/apphub/ServiceProjectAttachment.yaml index 458552f82596..8eb51ca7b9a2 100644 --- a/mmv1/products/apphub/ServiceProjectAttachment.yaml +++ b/mmv1/products/apphub/ServiceProjectAttachment.yaml @@ -11,63 +11,60 @@ # See the License for the specific language governing permissions and # limitations under the License. - ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/global/serviceProjectAttachments -create_url: projects/{{project}}/locations/global/serviceProjectAttachments?serviceProjectAttachmentId={{service_project_attachment_id}} -self_link: projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}} -id_format: projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}} -import_format: - - projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}} -name: ServiceProjectAttachment +--- +name: 'ServiceProjectAttachment' description: | Represents a Service project attachment to the Host Project. +docs: +id_format: 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' +base_url: 'projects/{{project}}/locations/global/serviceProjectAttachments' +self_link: 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' +create_url: 'projects/{{project}}/locations/global/serviceProjectAttachments?serviceProjectAttachmentId={{service_project_attachment_id}}' immutable: true +import_format: + - 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response + result: + path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/apphub_service_project.go.erb' + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/apphub_service_project.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: "service_project_attachment_basic" - external_providers: ["random", "time"] - primary_resource_id: "example" - config_path: "templates/terraform/examples/apphub_service_project_attachment_basic.tf.erb" + - name: 'service_project_attachment_basic' + config_path: 'templates/terraform/examples/apphub_service_project_attachment_basic.tf.tmpl' + primary_resource_id: 'example' vars: - service_project_attachment_id: "project-1" + service_project_attachment_id: 'project-1' test_env_vars: - org_id: :ORG_ID - host_project: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: "service_project_attachment_full" + org_id: 'ORG_ID' + host_project: 'PROJECT_NAME' external_providers: ["random", "time"] - primary_resource_id: "example2" - config_path: "templates/terraform/examples/apphub_service_project_attachment_full.tf.erb" + - name: 'service_project_attachment_full' + config_path: 'templates/terraform/examples/apphub_service_project_attachment_full.tf.tmpl' + primary_resource_id: 'example2' vars: - service_project_attachment_id: "project-1" + service_project_attachment_id: 'project-1' test_env_vars: - org_id: :ORG_ID - host_project: :PROJECT_NAME + org_id: 'ORG_ID' + host_project: 'PROJECT_NAME' + external_providers: ["random", "time"] parameters: - - !ruby/object:Api::Type::String - name: serviceProjectAttachmentId + - name: 'serviceProjectAttachmentId' + type: String description: "Required. The service project attachment identifier must contain the project_id of the service project specified in the service_project_attachment.service_project field. Hint: \"projects/{project_id}\"" @@ -75,36 +72,36 @@ parameters: required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: | "Identifier. The resource name of a ServiceProjectAttachment. Format:\"projects/{host-project-id}/locations/global/serviceProjectAttachments/{service-project-id}.\"" - - !ruby/object:Api::Type::String - name: serviceProject - diff_suppress_func: 'ServiceProjectDiffSuppress' - custom_expand: 'templates/terraform/custom_expand/apphub_service_project.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/apphub_service_project.go.erb' + output: true + - name: 'serviceProject' + type: String description: | "Immutable. Service project name in the format: \"projects/abc\" or \"projects/123\". As input, project name with either project id or number are accepted. As output, this field will contain project number." immutable: true - - !ruby/object:Api::Type::String - name: createTime + diff_suppress_func: 'ServiceProjectDiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/apphub_service_project.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/apphub_service_project.go.tmpl' + - name: 'createTime' + type: String description: 'Output only. Create time.' output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: "Output only. A globally unique identifier (in UUID4 format) for the `ServiceProjectAttachment`." output: true - - !ruby/object:Api::Type::Enum - name: 'state' + - name: 'state' + type: Enum description: | ServiceProjectAttachment state. output: true - values: - - :STATE_UNSPECIFIED - - :CREATING - - :ACTIVE - - :DELETING + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'ACTIVE' + - 'DELETING' diff --git a/mmv1/products/apphub/Workload.yaml b/mmv1/products/apphub/Workload.yaml index 42b9a9d80d24..60b53e8de302 100644 --- a/mmv1/products/apphub/Workload.yaml +++ b/mmv1/products/apphub/Workload.yaml @@ -11,218 +11,220 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads -create_url: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads?workloadId={{workload_id}} -self_link: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}} -id_format: projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}} -import_format: - - projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}} -name: Workload +--- +name: 'Workload' description: 'Workload represents a binary deployment (such as Managed Instance Groups (MIGs), GKE deployments, etc.) that performs the smallest logical subset of business functionality. It registers identified workload to the Application.' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads' +self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads?workloadId={{workload_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "apphub_workload_basic" - external_providers: ["random", "time"] - primary_resource_id: "example" + - name: 'apphub_workload_basic' + primary_resource_id: 'example' vars: - application_id: "example-application-1" - service_project_attachment_id: "project-1" - ilb_network: "l7-ilb-network" - ilb_subnet: "l7-ilb-subnet" - instance_template: "l7-ilb-mig-template" - mig: "l7-ilb-mig1" + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + instance_template: 'l7-ilb-mig-template' + mig: 'l7-ilb-mig1' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: "apphub_workload_full" + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' external_providers: ["random", "time"] - primary_resource_id: "example" + - name: 'apphub_workload_full' + primary_resource_id: 'example' vars: - application_id: "example-application-1" - service_project_attachment_id: "project-1" - display_name: "Example Service Full" + application_id: 'example-application-1' + service_project_attachment_id: 'project-1' + display_name: 'Example Service Full' desc: 'Register service for testing' - business_name: "Alice" - business_email: "alice@google.com" - developer_name: "Bob" - developer_email: "bob@google.com" - operator_name: "Charlie" - operator_email: "charlie@google.com" - ilb_network: "l7-ilb-network" - ilb_subnet: "l7-ilb-subnet" - instance_template: "l7-ilb-mig-template" - mig: "l7-ilb-mig1" + business_name: 'Alice' + business_email: 'alice@google.com' + developer_name: 'Bob' + developer_email: 'bob@google.com' + operator_name: 'Charlie' + operator_email: 'charlie@google.com' + ilb_network: 'l7-ilb-network' + ilb_subnet: 'l7-ilb-subnet' + instance_template: 'l7-ilb-mig-template' + mig: 'l7-ilb-mig1' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" - wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response - resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message -update_verb: :PATCH -update_mask: true + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + external_providers: ["random", "time"] parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: applicationId + - name: 'applicationId' + type: String description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: workloadId + - name: 'workloadId' + type: String description: 'The Workload identifier.' url_param_only: true required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: "Identifier. The resource name of the Workload. Format:\"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}\"" - - !ruby/object:Api::Type::String - name: displayName + output: true + - name: 'displayName' + type: String description: 'User-defined name for the Workload.' - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: 'User-defined description of a Workload.' - - !ruby/object:Api::Type::NestedObject - output: true - name: workloadReference + - name: 'workloadReference' + type: NestedObject description: 'Reference of an underlying compute resource represented by the Workload.' + output: true properties: - - !ruby/object:Api::Type::String - name: uri + - name: 'uri' + type: String description: 'Output only. The underlying compute resource uri.' output: true - - !ruby/object:Api::Type::NestedObject - output: true - name: workloadProperties + - name: 'workloadProperties' + type: NestedObject description: 'Properties of an underlying compute resource represented by the Workload.' + output: true properties: - - !ruby/object:Api::Type::String - name: gcpProject + - name: 'gcpProject' + type: String description: "Output only. The service project identifier that the underlying cloud resource resides in. Empty for non cloud resources." output: true - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: "Output only. The location that the underlying compute resource resides in (e.g us-west1)." output: true - - !ruby/object:Api::Type::String - name: zone + - name: 'zone' + type: String description: "Output only. The location that the underlying compute resource resides in if it is zonal (e.g us-west1-a)." output: true - - !ruby/object:Api::Type::String - name: discoveredWorkload - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'discoveredWorkload' + type: String description: 'Immutable. The resource name of the original discovered workload.' required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: attributes + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'attributes' + type: NestedObject description: 'Consumer provided attributes.' properties: - - !ruby/object:Api::Type::NestedObject - name: criticality + - name: 'criticality' + type: NestedObject description: 'Criticality of the Application, Service, or Workload' properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Criticality type.' required: true - values: - - :MISSION_CRITICAL - - :HIGH - - :MEDIUM - - :LOW - - !ruby/object:Api::Type::NestedObject - name: environment + enum_values: + - 'MISSION_CRITICAL' + - 'HIGH' + - 'MEDIUM' + - 'LOW' + - name: 'environment' + type: NestedObject description: 'Environment of the Application, Service, or Workload' properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Environment type.' required: true - values: - - :PRODUCTION - - :STAGING - - :TEST - - :DEVELOPMENT - - !ruby/object:Api::Type::Array - name: developerOwners + enum_values: + - 'PRODUCTION' + - 'STAGING' + - 'TEST' + - 'DEVELOPMENT' + - name: 'developerOwners' + type: Array description: 'Developer team that owns development and coding.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Contact''s name.' - - !ruby/object:Api::Type::String - name: email + - name: 'email' + type: String description: 'Email address of the contacts.' required: true - - !ruby/object:Api::Type::Array - name: operatorOwners + - name: 'operatorOwners' + type: Array description: 'Operator team that ensures runtime and operations.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Contact''s name.' - - !ruby/object:Api::Type::String - name: email + - name: 'email' + type: String description: 'Email address of the contacts.' required: true - - !ruby/object:Api::Type::Array - name: businessOwners + - name: 'businessOwners' + type: Array description: 'Business team that ensures user needs are met and value is delivered' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: 'Contact''s name.' - - !ruby/object:Api::Type::String - name: email + - name: 'email' + type: String description: 'Email address of the contacts.' required: true - - !ruby/object:Api::Type::String - name: createTime + - name: 'createTime' + type: String description: 'Output only. Create time.' output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: 'Output only. Update time.' output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: "Output only. A universally unique identifier (UUID) for the `Workload` in the UUID4 format." output: true - - !ruby/object:Api::Type::String - name: state + - name: 'state' + type: String description: "Output only. Workload state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" output: true diff --git a/mmv1/products/apphub/go_Application.yaml b/mmv1/products/apphub/go_Application.yaml deleted file mode 100644 index 241e2b4cc1f5..000000000000 --- a/mmv1/products/apphub/go_Application.yaml +++ /dev/null @@ -1,192 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Application' -description: 'Application is a functional grouping of Services and Workloads that helps achieve a desired end-to-end business functionality. - Services and Workloads are owned by the Application.' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/applications' -self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/applications?applicationId={{application_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'application_basic' - config_path: 'templates/terraform/examples/go/apphub_application_basic.tf.tmpl' - primary_resource_id: 'example' - vars: - application_id: 'example-application' - - name: 'application_full' - config_path: 'templates/terraform/examples/go/apphub_application_full.tf.tmpl' - primary_resource_id: 'example2' - vars: - application_id: 'example-application' - display_name: 'Application Full' - desc: 'Application for testing' - business_name: 'Alice' - business_email: 'alice@google.com' - developer_name: 'Bob' - developer_email: 'bob@google.com' - operator_name: 'Charlie' - operator_email: 'charlie@google.com' -parameters: - - name: 'location' - type: String - description: 'Part of `parent`. See documentation of `projectsId`.' - url_param_only: true - required: true - immutable: true - - name: 'applicationId' - type: String - description: 'Required. The Application identifier.' - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: "Identifier. The resource name of an Application. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}\"" - output: true - - name: 'displayName' - type: String - description: 'Optional. User-defined name for the Application.' - - name: 'description' - type: String - description: 'Optional. User-defined description of an Application.' - - name: 'attributes' - type: NestedObject - description: 'Consumer provided attributes.' - properties: - - name: 'criticality' - type: NestedObject - description: 'Criticality of the Application, Service, or Workload' - properties: - - name: 'type' - type: Enum - description: 'Criticality type.' - required: true - enum_values: - - 'MISSION_CRITICAL' - - 'HIGH' - - 'MEDIUM' - - 'LOW' - - name: 'environment' - type: NestedObject - description: 'Environment of the Application, Service, or Workload' - properties: - - name: 'type' - type: Enum - description: 'Environment type.' - required: true - enum_values: - - 'PRODUCTION' - - 'STAGING' - - 'TEST' - - 'DEVELOPMENT' - - name: 'developerOwners' - type: Array - description: 'Optional. Developer team that owns development and coding.' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Optional. Contact''s name.' - - name: 'email' - type: String - description: 'Required. Email address of the contacts.' - required: true - - name: 'operatorOwners' - type: Array - description: 'Optional. Operator team that ensures runtime and operations.' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Optional. Contact''s name.' - - name: 'email' - type: String - description: 'Required. Email address of the contacts.' - required: true - - name: 'businessOwners' - type: Array - description: 'Optional. Business team that ensures user needs are met and value - is delivered' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Optional. Contact''s name.' - - name: 'email' - type: String - description: 'Required. Email address of the contacts.' - required: true - - name: 'createTime' - type: String - description: 'Output only. Create time.' - output: true - - name: 'updateTime' - type: String - description: 'Output only. Update time.' - output: true - - name: 'scope' - type: NestedObject - description: 'Scope of an application.' - required: true - properties: - - name: 'type' - type: Enum - description: "Required. Scope Type. \n Possible values:\nREGIONAL" - required: true - enum_values: - - 'REGIONAL' - - name: 'uid' - type: String - description: 'Output only. A universally unique identifier (in UUID4 format) for - the `Application`.' - output: true - - name: 'state' - type: Enum - description: "Output only. Application state. \n Possible values:\n STATE_UNSPECIFIED\nCREATING\nACTIVE\nDELETING" - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'CREATING' - - 'ACTIVE' - - 'DELETING' diff --git a/mmv1/products/apphub/go_Service.yaml b/mmv1/products/apphub/go_Service.yaml deleted file mode 100644 index c821f75d5cec..000000000000 --- a/mmv1/products/apphub/go_Service.yaml +++ /dev/null @@ -1,238 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Service' -description: 'Service is a network/api interface that exposes some functionality to clients for consumption over the network. - Service typically has one or more Workloads behind it. It registers identified service to the Application.' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services' -self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services?serviceId={{service_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/services/{{service_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'apphub_service_basic' - primary_resource_id: 'example' - vars: - application_id: 'example-application-1' - service_project_attachment_id: 'project-1' - ilb_network: 'l7-ilb-network' - ilb_subnet: 'l7-ilb-subnet' - forwarding_rule: 'l7-ilb-forwarding-rule' - backend_service: 'l7-ilb-backend-subnet' - health_check: 'l7-ilb-hc' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - external_providers: ["random", "time"] - - name: 'apphub_service_full' - primary_resource_id: 'example' - vars: - application_id: 'example-application-1' - service_project_attachment_id: 'project-1' - display_name: 'Example Service Full' - desc: 'Register service for testing' - business_name: 'Alice' - business_email: 'alice@google.com' - developer_name: 'Bob' - developer_email: 'bob@google.com' - operator_name: 'Charlie' - operator_email: 'charlie@google.com' - ilb_network: 'l7-ilb-network' - ilb_subnet: 'l7-ilb-subnet' - forwarding_rule: 'l7-ilb-forwarding-rule' - backend_service: 'l7-ilb-backend-subnet' - health_check: 'l7-ilb-hc' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - external_providers: ["random", "time"] -parameters: - - name: 'location' - type: String - description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' - url_param_only: true - required: true - immutable: true - - name: 'applicationId' - type: String - description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' - url_param_only: true - required: true - immutable: true - - name: 'serviceId' - type: String - description: 'The Service identifier.' - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: "Identifier. The resource name of a Service. Format:\n\"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}\"" - output: true - - name: 'displayName' - type: String - description: 'User-defined name for the Service.' - - name: 'description' - type: String - description: 'User-defined description of a Service.' - - name: 'serviceReference' - type: NestedObject - description: 'Reference to an underlying networking resource that can comprise a - Service.' - output: true - properties: - - name: 'uri' - type: String - description: "Output only. The underlying resource URI (For example, URI of Forwarding - Rule, URL Map,\nand Backend Service)." - output: true - - name: 'serviceProperties' - type: NestedObject - description: 'Properties of an underlying cloud resource that can comprise a Service.' - output: true - properties: - - name: 'gcpProject' - type: String - description: "Output only. The service project identifier that the underlying - cloud resource resides in." - output: true - - name: 'location' - type: String - description: "Output only. The location that the underlying resource resides in, - for example, us-west1." - output: true - - name: 'zone' - type: String - description: "Output only. The location that the underlying resource resides in - if it is zonal, for example, us-west1-a)." - output: true - - name: 'attributes' - type: NestedObject - description: 'Consumer provided attributes.' - properties: - - name: 'criticality' - type: NestedObject - description: 'Criticality of the Application, Service, or Workload' - properties: - - name: 'type' - type: Enum - description: 'Criticality type.' - required: true - enum_values: - - 'MISSION_CRITICAL' - - 'HIGH' - - 'MEDIUM' - - 'LOW' - - name: 'environment' - type: NestedObject - description: 'Environment of the Application, Service, or Workload' - properties: - - name: 'type' - type: Enum - description: 'Environment type.' - required: true - enum_values: - - 'PRODUCTION' - - 'STAGING' - - 'TEST' - - 'DEVELOPMENT' - - name: 'developerOwners' - type: Array - description: 'Developer team that owns development and coding.' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Contact''s name.' - - name: 'email' - type: String - description: 'Required. Email address of the contacts.' - required: true - - name: 'operatorOwners' - type: Array - description: 'Operator team that ensures runtime and operations.' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Contact''s name.' - - name: 'email' - type: String - description: 'Required. Email address of the contacts.' - required: true - - name: 'businessOwners' - type: Array - description: 'Business team that ensures user needs are met and value - is delivered' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Contact''s name.' - - name: 'email' - type: String - description: 'Required. Email address of the contacts.' - required: true - - name: 'discoveredService' - type: String - description: 'Immutable. The resource name of the original discovered - service.' - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'createTime' - type: String - description: 'Output only. Create time.' - output: true - - name: 'updateTime' - type: String - description: 'Output only. Update time.' - output: true - - name: 'uid' - type: String - description: "Output only. A universally unique identifier (UUID) for the `Service` - in the UUID4\nformat." - output: true - - name: 'state' - type: String - description: "Output only. Service state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" - output: true diff --git a/mmv1/products/apphub/go_ServiceProjectAttachment.yaml b/mmv1/products/apphub/go_ServiceProjectAttachment.yaml deleted file mode 100644 index 7fd1138037e5..000000000000 --- a/mmv1/products/apphub/go_ServiceProjectAttachment.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServiceProjectAttachment' -description: | - Represents a Service project attachment to the Host Project. -docs: -id_format: 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' -base_url: 'projects/{{project}}/locations/global/serviceProjectAttachments' -self_link: 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' -create_url: 'projects/{{project}}/locations/global/serviceProjectAttachments?serviceProjectAttachmentId={{service_project_attachment_id}}' -immutable: true -import_format: - - 'projects/{{project}}/locations/global/serviceProjectAttachments/{{service_project_attachment_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/apphub_service_project.go.tmpl' -examples: - - name: 'service_project_attachment_basic' - config_path: 'templates/terraform/examples/go/apphub_service_project_attachment_basic.tf.tmpl' - primary_resource_id: 'example' - vars: - service_project_attachment_id: 'project-1' - test_env_vars: - org_id: 'ORG_ID' - host_project: 'PROJECT_NAME' - external_providers: ["random", "time"] - - name: 'service_project_attachment_full' - config_path: 'templates/terraform/examples/go/apphub_service_project_attachment_full.tf.tmpl' - primary_resource_id: 'example2' - vars: - service_project_attachment_id: 'project-1' - test_env_vars: - org_id: 'ORG_ID' - host_project: 'PROJECT_NAME' - external_providers: ["random", "time"] -parameters: - - name: 'serviceProjectAttachmentId' - type: String - description: "Required. The service project attachment identifier must contain the - project_id of the service project specified in the service_project_attachment.service_project - field. Hint: \"projects/{project_id}\"" - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - "Identifier. The resource name of a ServiceProjectAttachment. Format:\"projects/{host-project-id}/locations/global/serviceProjectAttachments/{service-project-id}.\"" - output: true - - name: 'serviceProject' - type: String - description: | - "Immutable. Service project name in the format: \"projects/abc\" - or \"projects/123\". As input, project name with either project id or number - are accepted. As output, this field will contain project number." - immutable: true - diff_suppress_func: 'ServiceProjectDiffSuppress' - custom_flatten: 'templates/terraform/custom_flatten/go/apphub_service_project.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/apphub_service_project.go.tmpl' - - name: 'createTime' - type: String - description: 'Output only. Create time.' - output: true - - name: 'uid' - type: String - description: "Output only. A globally unique identifier (in UUID4 format) for the `ServiceProjectAttachment`." - output: true - - name: 'state' - type: Enum - description: | - ServiceProjectAttachment state. - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'CREATING' - - 'ACTIVE' - - 'DELETING' diff --git a/mmv1/products/apphub/go_Workload.yaml b/mmv1/products/apphub/go_Workload.yaml deleted file mode 100644 index b020d2925e0c..000000000000 --- a/mmv1/products/apphub/go_Workload.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Workload' -description: 'Workload represents a binary deployment (such as Managed Instance Groups (MIGs), GKE deployments, etc.) that performs the smallest logical subset of business functionality. - It registers identified workload to the Application.' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads' -self_link: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads?workloadId={{workload_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/applications/{{application_id}}/workloads/{{workload_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'apphub_workload_basic' - primary_resource_id: 'example' - vars: - application_id: 'example-application-1' - service_project_attachment_id: 'project-1' - ilb_network: 'l7-ilb-network' - ilb_subnet: 'l7-ilb-subnet' - instance_template: 'l7-ilb-mig-template' - mig: 'l7-ilb-mig1' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - external_providers: ["random", "time"] - - name: 'apphub_workload_full' - primary_resource_id: 'example' - vars: - application_id: 'example-application-1' - service_project_attachment_id: 'project-1' - display_name: 'Example Service Full' - desc: 'Register service for testing' - business_name: 'Alice' - business_email: 'alice@google.com' - developer_name: 'Bob' - developer_email: 'bob@google.com' - operator_name: 'Charlie' - operator_email: 'charlie@google.com' - ilb_network: 'l7-ilb-network' - ilb_subnet: 'l7-ilb-subnet' - instance_template: 'l7-ilb-mig-template' - mig: 'l7-ilb-mig1' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - external_providers: ["random", "time"] -parameters: - - name: 'location' - type: String - description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' - url_param_only: true - required: true - immutable: true - - name: 'applicationId' - type: String - description: 'Part of `parent`. Full resource name of a parent Application. Example: projects/{HOST_PROJECT_ID}/locations/{LOCATION}/applications/{APPLICATION_ID}' - url_param_only: true - required: true - immutable: true - - name: 'workloadId' - type: String - description: 'The Workload identifier.' - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: "Identifier. The resource name of the Workload. Format:\"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}\"" - output: true - - name: 'displayName' - type: String - description: 'User-defined name for the Workload.' - - name: 'description' - type: String - description: 'User-defined description of a Workload.' - - name: 'workloadReference' - type: NestedObject - description: 'Reference of an underlying compute resource represented by the Workload.' - output: true - properties: - - name: 'uri' - type: String - description: 'Output only. The underlying compute resource uri.' - output: true - - name: 'workloadProperties' - type: NestedObject - description: 'Properties of an underlying compute resource represented by the Workload.' - output: true - properties: - - name: 'gcpProject' - type: String - description: "Output only. The service project identifier that the underlying - cloud resource resides in. Empty for non cloud resources." - output: true - - name: 'location' - type: String - description: "Output only. The location that the underlying compute resource resides - in (e.g us-west1)." - output: true - - name: 'zone' - type: String - description: "Output only. The location that the underlying compute resource resides - in if it is zonal (e.g us-west1-a)." - output: true - - name: 'discoveredWorkload' - type: String - description: 'Immutable. The resource name of the original discovered workload.' - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'attributes' - type: NestedObject - description: 'Consumer provided attributes.' - properties: - - name: 'criticality' - type: NestedObject - description: 'Criticality of the Application, Service, or Workload' - properties: - - name: 'type' - type: Enum - description: 'Criticality type.' - required: true - enum_values: - - 'MISSION_CRITICAL' - - 'HIGH' - - 'MEDIUM' - - 'LOW' - - name: 'environment' - type: NestedObject - description: 'Environment of the Application, Service, or Workload' - properties: - - name: 'type' - type: Enum - description: 'Environment type.' - required: true - enum_values: - - 'PRODUCTION' - - 'STAGING' - - 'TEST' - - 'DEVELOPMENT' - - name: 'developerOwners' - type: Array - description: 'Developer team that owns development and coding.' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Contact''s name.' - - name: 'email' - type: String - description: 'Email address of the contacts.' - required: true - - name: 'operatorOwners' - type: Array - description: 'Operator team that ensures runtime and operations.' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Contact''s name.' - - name: 'email' - type: String - description: 'Email address of the contacts.' - required: true - - name: 'businessOwners' - type: Array - description: 'Business team that ensures user needs are met and value is delivered' - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: 'Contact''s name.' - - name: 'email' - type: String - description: 'Email address of the contacts.' - required: true - - name: 'createTime' - type: String - description: 'Output only. Create time.' - output: true - - name: 'updateTime' - type: String - description: 'Output only. Update time.' - output: true - - name: 'uid' - type: String - description: "Output only. A universally unique identifier (UUID) for the `Workload` in the UUID4 format." - output: true - - name: 'state' - type: String - description: "Output only. Workload state. Possible values: STATE_UNSPECIFIED CREATING ACTIVE DELETING DETACHED" - output: true diff --git a/mmv1/products/apphub/go_product.yaml b/mmv1/products/apphub/go_product.yaml deleted file mode 100644 index ce83ca90e290..000000000000 --- a/mmv1/products/apphub/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Apphub' -display_name: 'App Hub' -versions: - - name: 'ga' - base_url: 'https://apphub.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/apphub/product.yaml b/mmv1/products/apphub/product.yaml index 4df439355736..78db0b99b055 100644 --- a/mmv1/products/apphub/product.yaml +++ b/mmv1/products/apphub/product.yaml @@ -11,13 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. - ---- !ruby/object:Api::Product -name: Apphub -display_name: App Hub +--- +name: 'Apphub' +display_name: 'App Hub' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://apphub.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://apphub.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/artifactregistry/Repository.yaml b/mmv1/products/artifactregistry/Repository.yaml index 573c53133848..f5749bb71791 100644 --- a/mmv1/products/artifactregistry/Repository.yaml +++ b/mmv1/products/artifactregistry/Repository.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,64 +11,76 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Repository' -base_url: projects/{{project}}/locations/{{location}}/repositories -create_url: projects/{{project}}/locations/{{location}}/repositories?repository_id={{repository_id}} -self_link: projects/{{project}}/locations/{{location}}/repositories/{{repository_id}} -update_verb: :PATCH -update_mask: true description: A repository for storing artifacts -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/artifact-registry/docs/overview' api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/projects.locations.repositories' -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: - ':' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/repositories' +self_link: 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/repositories?repository_id={{repository_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' + - '{{repository_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + allowed_iam_role: 'roles/artifactregistry.reader' # TODO (camthornton): Change to repository_id in 4.0 parent_resource_attribute: 'repository' + base_url: 'projects/{{project}}/locations/{{location}}/repositories/{{name}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + self_link: 'projects/{{project}}/locations/{{location}}/repositories/{{name}}' import_format: - [ - 'projects/{{project}}/locations/{{location}}/repositories/{{repository}}', - '{{repository}}', - ] - base_url: projects/{{project}}/locations/{{location}}/repositories/{{name}} - self_link: projects/{{project}}/locations/{{location}}/repositories/{{name}} - allowed_iam_role: 'roles/artifactregistry.reader' -id_format: projects/{{project}}/locations/{{location}}/repositories/{{repository_id}} -import_format: - [ - 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}', - '{{repository_id}}', - ] -autogen_async: true + - 'projects/{{project}}/locations/{{location}}/repositories/{{repository}}' + - '{{repository}}' +custom_code: + constants: 'templates/terraform/constants/artifact_registry_repository.go.tmpl' + encoder: 'templates/terraform/encoders/location_from_region.go.tmpl' + pre_create: 'templates/terraform/pre_create/artifact_registry_remote_repository.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_basic' + - name: 'artifact_registry_repository_basic' primary_resource_id: 'my-repo' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-repository%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-repository%s", context["random_suffix"])' vars: repository_id: 'my-repository' desc: 'example docker repository' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_docker' + - name: 'artifact_registry_repository_docker' primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' desc: 'example docker repository' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_cmek' + - name: 'artifact_registry_repository_cmek' primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' kms_key_name: 'kms-key' test_vars_overrides: - kms_key_name: 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_virtual' + 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + - name: 'artifact_registry_repository_virtual' primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' @@ -76,37 +88,28 @@ examples: upstream_repository_id: 'my-repository-upstream' upstream_desc: 'example docker repository (upstream source)' upstream_policy_id: 'my-repository-upstream' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote' + - name: 'artifact_registry_repository_remote' primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' desc: 'example remote docker repository' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_apt' + - name: 'artifact_registry_repository_remote_apt' primary_resource_id: 'my-repo' vars: repository_id: 'debian-buster' desc: 'example remote apt repository' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_yum' + - name: 'artifact_registry_repository_remote_yum' primary_resource_id: 'my-repo' vars: repository_id: 'rocky-9' desc: 'example remote yum repository' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_cleanup' + - name: 'artifact_registry_repository_cleanup' primary_resource_id: 'my-repo' vars: repository_id: 'my-repository' desc: 'example docker repository with cleanup policies' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_dockerhub_auth' + - name: 'artifact_registry_repository_remote_dockerhub_auth' primary_resource_id: 'my-repo' - # Ignore this field as it is INPUT_ONLY. AR will not return this in the - # response. - ignore_read_extra: - - 'remote_repository_config.0.disable_upstream_validation' vars: repository_id: 'example-dockerhub-remote' desc: 'example remote dockerhub repository with credentials' @@ -114,13 +117,12 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_docker_custom_with_auth' - primary_resource_id: 'my-repo' + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. ignore_read_extra: - # Ignore this field as it is INPUT_ONLY. AR will not return this in the - # response. - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_docker_custom_with_auth' + primary_resource_id: 'my-repo' vars: repository_id: 'example-docker-custom-remote' desc: 'example remote custom docker repository with credentials' @@ -128,13 +130,12 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_maven_custom_with_auth' - primary_resource_id: 'my-repo' ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_maven_custom_with_auth' + primary_resource_id: 'my-repo' vars: repository_id: 'example-maven-custom-remote' desc: 'example remote custom maven repository with credentials' @@ -142,13 +143,12 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_npm_custom_with_auth' - primary_resource_id: 'my-repo' ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_npm_custom_with_auth' + primary_resource_id: 'my-repo' vars: repository_id: 'example-npm-custom-remote' desc: 'example remote custom npm repository with credentials' @@ -156,13 +156,12 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' - - !ruby/object:Provider::Terraform::Examples - name: 'artifact_registry_repository_remote_python_custom_with_auth' - primary_resource_id: 'my-repo' ignore_read_extra: # Ignore this field as it is INPUT_ONLY. AR will not return this in the # response. - 'remote_repository_config.0.disable_upstream_validation' + - name: 'artifact_registry_repository_remote_python_custom_with_auth' + primary_resource_id: 'my-repo' vars: repository_id: 'example-python-custom-remote' desc: 'example remote custom python repository with credentials' @@ -170,38 +169,39 @@ examples: secret_resource_id: 'example-remote-secret' username: 'remote-username' secret_data: 'remote-password' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/artifact_registry_repository.go.erb - encoder: templates/terraform/encoders/location_from_region.go.erb - pre_create: templates/terraform/pre_create/artifact_registry_remote_repository.go.erb + ignore_read_extra: + # Ignore this field as it is INPUT_ONLY. AR will not return this in the + # response. + - 'remote_repository_config.0.disable_upstream_validation' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- The name of the repository, for example: "repo1" output: true - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: repository_id + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'repository_id' + type: String description: |- The last part of the repository name, for example: "repo1" + url_param_only: true required: true immutable: true - url_param_only: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: 'location' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'location' + type: String description: | The name of the location this repository is located in. + url_param_only: true required: false immutable: true - url_param_only: true default_from_api: true - - !ruby/object:Api::Type::String - name: format + - name: 'format' + type: String description: |- The format of packages that are stored in the repository. Supported formats can be found [here](https://cloud.google.com/artifact-registry/docs/supported-formats). @@ -210,46 +210,46 @@ properties: required: true immutable: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: |- The user-provided description of the repository. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Labels with user-defined metadata. This field may contain up to 64 entries. Label keys and values may be no longer than 63 characters. Label keys must begin with a lowercase letter and may only contain lowercase letters, numeric characters, underscores, and dashes. - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: |- The Cloud KMS resource name of the customer managed encryption key that’s used to encrypt the contents of the Repository. Has the form: `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. This value may not be changed after the Repository has been created. immutable: true - - !ruby/object:Api::Type::Time - name: createTime + - name: 'createTime' + type: Time description: The time when the repository was created. output: true - - !ruby/object:Api::Type::Time - name: updateTime + - name: 'updateTime' + type: Time description: The time when the repository was last updated. output: true - - !ruby/object:Api::Type::NestedObject - name: 'dockerConfig' + - name: 'dockerConfig' + type: NestedObject description: |- Docker repository config contains repository level configuration for the repositories of docker type. allow_empty_object: true properties: - - !ruby/object:Api::Type::Boolean - name: 'immutableTags' + - name: 'immutableTags' + type: Boolean description: |- The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created. - - !ruby/object:Api::Type::NestedObject - name: 'mavenConfig' + - name: 'mavenConfig' + type: NestedObject description: |- MavenRepositoryConfig is maven related repository details. Provides additional configuration details for repositories of the maven @@ -257,407 +257,414 @@ properties: allow_empty_object: true properties: # Maven properties. - - !ruby/object:Api::Type::Boolean - name: 'allowSnapshotOverwrites' + - name: 'allowSnapshotOverwrites' + type: Boolean description: |- The repository with this flag will allow publishing the same snapshot versions. immutable: true - - !ruby/object:Api::Type::Enum - name: 'versionPolicy' + - name: 'versionPolicy' + type: Enum description: |- Version policy defines the versions that the registry will accept. immutable: true - values: - - :VERSION_POLICY_UNSPECIFIED - - :RELEASE - - :SNAPSHOT - default_value: :VERSION_POLICY_UNSPECIFIED - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Enum - name: 'mode' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "VERSION_POLICY_UNSPECIFIED" + enum_values: + - 'VERSION_POLICY_UNSPECIFIED' + - 'RELEASE' + - 'SNAPSHOT' + - name: 'mode' + type: Enum description: |- The mode configures the repository to serve artifacts from different sources. immutable: true - values: - - :STANDARD_REPOSITORY - - :VIRTUAL_REPOSITORY - - :REMOTE_REPOSITORY - default_value: :STANDARD_REPOSITORY - - !ruby/object:Api::Type::NestedObject - name: 'virtualRepositoryConfig' - conflicts: - - remote_repository_config + default_value: "STANDARD_REPOSITORY" + enum_values: + - 'STANDARD_REPOSITORY' + - 'VIRTUAL_REPOSITORY' + - 'REMOTE_REPOSITORY' + - name: 'virtualRepositoryConfig' + type: NestedObject description: |- Configuration specific for a Virtual Repository. + conflicts: + - remote_repository_config properties: - - !ruby/object:Api::Type::Array - name: 'upstreamPolicies' - diff_suppress_func: 'upstreamPoliciesDiffSuppress' + - name: 'upstreamPolicies' + type: Array description: |- Policies that configure the upstream artifacts distributed by the Virtual Repository. Upstream policies cannot be set on a standard repository. - item_type: !ruby/object:Api::Type::NestedObject + diff_suppress_func: 'upstreamPoliciesDiffSuppress' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'id' + - name: 'id' + type: String description: |- The user-provided ID of the upstream policy. - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | A reference to the repository resource, for example: "projects/p1/locations/us-central1/repository/repo1". - - !ruby/object:Api::Type::Integer - name: 'priority' + - name: 'priority' + type: Integer description: |- Entries with a greater priority value take precedence in the pull order. - - !ruby/object:Api::Type::Map - name: 'cleanupPolicies' + - name: 'cleanupPolicies' + type: Map description: |- Cleanup policies for this repository. Cleanup policies indicate when certain package versions can be automatically deleted. Map keys are policy IDs supplied by users during policy creation. They must unique within a repository and be under 128 characters in length. - key_name: id + key_name: 'id' key_description: |- The policy ID. Must be unique within a repository. - value_type: !ruby/object:Api::Type::NestedObject + value_type: + name: cleanupPolicies + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: action + - name: 'action' + type: Enum description: |- Policy action. - values: - - :DELETE - - :KEEP - - !ruby/object:Api::Type::NestedObject - name: condition + enum_values: + - 'DELETE' + - 'KEEP' + - name: 'condition' + type: NestedObject description: |- Policy condition for matching versions. # TODO (jrsb): exactly_one_of: condition, mostRecentVersions properties: - - !ruby/object:Api::Type::Enum - name: tagState + - name: 'tagState' + type: Enum description: |- Match versions by tag status. - values: - - :TAGGED - - :UNTAGGED - - :ANY - default_value: :ANY - - !ruby/object:Api::Type::Array - name: tagPrefixes + default_value: "ANY" + enum_values: + - 'TAGGED' + - 'UNTAGGED' + - 'ANY' + - name: 'tagPrefixes' + type: Array description: |- Match versions by tag prefix. Applied on any prefix match. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: versionNamePrefixes + item_type: + type: String + - name: 'versionNamePrefixes' + type: Array description: |- Match versions by version name prefix. Applied on any prefix match. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: packageNamePrefixes + item_type: + type: String + - name: 'packageNamePrefixes' + type: Array description: |- Match versions by package prefix. Applied on any prefix match. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: olderThan + item_type: + type: String + - name: 'olderThan' + type: String description: |- Match versions older than a duration. diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - !ruby/object:Api::Type::String - name: newerThan + - name: 'newerThan' + type: String description: |- Match versions newer than a duration. diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - !ruby/object:Api::Type::NestedObject - name: mostRecentVersions + - name: 'mostRecentVersions' + type: NestedObject description: |- Policy condition for retaining a minimum number of versions. May only be specified with a Keep action. # TODO (jrsb): exactly_one_of: condition, mostRecentVersions properties: - - !ruby/object:Api::Type::Array - name: packageNamePrefixes + - name: 'packageNamePrefixes' + type: Array description: |- Match versions by package prefix. Applied on any prefix match. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: keepCount + item_type: + type: String + - name: 'keepCount' + type: Integer description: |- Minimum number of versions to keep. - - !ruby/object:Api::Type::NestedObject - name: 'remoteRepositoryConfig' - conflicts: - - virtual_repository_config + - name: 'remoteRepositoryConfig' + type: NestedObject description: |- Configuration specific for a Remote Repository. immutable: true + conflicts: + - virtual_repository_config properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: |- The description of the remote source. immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'aptRepository' - exactly_one_of: - - remoteRepositoryConfig.0.apt_repository - - remoteRepositoryConfig.0.docker_repository - - remoteRepositoryConfig.0.maven_repository - - remoteRepositoryConfig.0.npm_repository - - remoteRepositoryConfig.0.python_repository - - remoteRepositoryConfig.0.yum_repository + - name: 'aptRepository' + type: NestedObject description: |- Specific settings for an Apt remote repository. immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' properties: - - !ruby/object:Api::Type::NestedObject - name: 'publicRepository' + - name: 'publicRepository' + type: NestedObject description: |- One of the publicly available Apt repositories supported by Artifact Registry. immutable: true properties: - - !ruby/object:Api::Type::Enum - name: 'repositoryBase' - required: true + - name: 'repositoryBase' + type: Enum description: |- A common public repository base for Apt, e.g. `"debian/dists/buster"` - immutable: true - values: - - :DEBIAN - - :UBUNTU - - !ruby/object:Api::Type::String - name: 'repositoryPath' required: true + immutable: true + enum_values: + - 'DEBIAN' + - 'UBUNTU' + - name: 'repositoryPath' + type: String description: |- Specific repository from the base. + required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'dockerRepository' - exactly_one_of: - - remoteRepositoryConfig.0.apt_repository - - remoteRepositoryConfig.0.docker_repository - - remoteRepositoryConfig.0.maven_repository - - remoteRepositoryConfig.0.npm_repository - - remoteRepositoryConfig.0.python_repository - - remoteRepositoryConfig.0.yum_repository + - name: 'dockerRepository' + type: NestedObject description: |- Specific settings for a Docker remote repository. immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' properties: - - !ruby/object:Api::Type::Enum - name: 'publicRepository' + - name: 'publicRepository' + type: Enum description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.docker_repository.0.custom_repository - values: - - :DOCKER_HUB + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release - default_value: :DOCKER_HUB - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::NestedObject - name: 'customRepository' + default_value: "DOCKER_HUB" + enum_values: + - 'DOCKER_HUB' + - name: 'customRepository' + type: NestedObject description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.docker_repository.0.public_repository properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: |- Specific uri to the registry, e.g. `"https://registry-1.docker.io"` immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'mavenRepository' - exactly_one_of: - - remoteRepositoryConfig.0.apt_repository - - remoteRepositoryConfig.0.docker_repository - - remoteRepositoryConfig.0.maven_repository - - remoteRepositoryConfig.0.npm_repository - - remoteRepositoryConfig.0.python_repository - - remoteRepositoryConfig.0.yum_repository + - name: 'mavenRepository' + type: NestedObject description: |- Specific settings for a Maven remote repository. immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' properties: - - !ruby/object:Api::Type::Enum - name: 'publicRepository' + - name: 'publicRepository' + type: Enum description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.maven_repository.0.custom_repository - values: - - :MAVEN_CENTRAL + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release - default_value: :MAVEN_CENTRAL - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::NestedObject - name: 'customRepository' + default_value: "MAVEN_CENTRAL" + enum_values: + - 'MAVEN_CENTRAL' + - name: 'customRepository' + type: NestedObject description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.maven_repository.0.public_repository properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: |- Specific uri to the registry, e.g. `"https://repo.maven.apache.org/maven2"` immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'npmRepository' - exactly_one_of: - - remoteRepositoryConfig.0.apt_repository - - remoteRepositoryConfig.0.docker_repository - - remoteRepositoryConfig.0.maven_repository - - remoteRepositoryConfig.0.npm_repository - - remoteRepositoryConfig.0.python_repository - - remoteRepositoryConfig.0.yum_repository + - name: 'npmRepository' + type: NestedObject description: |- Specific settings for an Npm remote repository. immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' properties: - - !ruby/object:Api::Type::Enum - name: 'publicRepository' + - name: 'publicRepository' + type: Enum description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.npm_repository.0.custom_repository - values: - - :NPMJS + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release - default_value: :NPMJS - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::NestedObject - name: 'customRepository' + default_value: "NPMJS" + enum_values: + - 'NPMJS' + - name: 'customRepository' + type: NestedObject description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.npm_repository.0.public_repository properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: |- Specific uri to the registry, e.g. `"https://registry.npmjs.org"` immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'pythonRepository' - exactly_one_of: - - remoteRepositoryConfig.0.apt_repository - - remoteRepositoryConfig.0.docker_repository - - remoteRepositoryConfig.0.maven_repository - - remoteRepositoryConfig.0.npm_repository - - remoteRepositoryConfig.0.python_repository - - remoteRepositoryConfig.0.yum_repository + - name: 'pythonRepository' + type: NestedObject description: |- Specific settings for a Python remote repository. immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' properties: - - !ruby/object:Api::Type::Enum - name: 'publicRepository' + - name: 'publicRepository' + type: Enum description: |- Address of the remote repository. immutable: true conflicts: - remoteRepositoryConfig.0.python_repository.0.custom_repository - values: - - :PYPI + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' # Eventually lets delete default_value and custom_flatten in a major release - default_value: :PYPI - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::NestedObject - name: 'customRepository' + default_value: "PYPI" + enum_values: + - 'PYPI' + - name: 'customRepository' + type: NestedObject description: |- Settings for a remote repository with a custom uri. immutable: true conflicts: - remoteRepositoryConfig.0.python_repository.0.public_repository properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: |- Specific uri to the registry, e.g. `"https://pypi.io"` immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'yumRepository' - exactly_one_of: - - remoteRepositoryConfig.0.apt_repository - - remoteRepositoryConfig.0.docker_repository - - remoteRepositoryConfig.0.maven_repository - - remoteRepositoryConfig.0.npm_repository - - remoteRepositoryConfig.0.python_repository - - remoteRepositoryConfig.0.yum_repository + - name: 'yumRepository' + type: NestedObject description: |- Specific settings for an Yum remote repository. immutable: true + exactly_one_of: + - 'remoteRepositoryConfig.0.apt_repository' + - 'remoteRepositoryConfig.0.docker_repository' + - 'remoteRepositoryConfig.0.maven_repository' + - 'remoteRepositoryConfig.0.npm_repository' + - 'remoteRepositoryConfig.0.python_repository' + - 'remoteRepositoryConfig.0.yum_repository' properties: - - !ruby/object:Api::Type::NestedObject - name: 'publicRepository' + - name: 'publicRepository' + type: NestedObject description: |- One of the publicly available Yum repositories supported by Artifact Registry. immutable: true properties: - - !ruby/object:Api::Type::Enum - name: 'repositoryBase' - required: true + - name: 'repositoryBase' + type: Enum description: |- A common public repository base for Yum. - immutable: true - values: - - :CENTOS - - :CENTOS_DEBUG - - :CENTOS_VAULT - - :CENTOS_STREAM - - :ROCKY - - :EPEL - - !ruby/object:Api::Type::String - name: 'repositoryPath' required: true + immutable: true + enum_values: + - 'CENTOS' + - 'CENTOS_DEBUG' + - 'CENTOS_VAULT' + - 'CENTOS_STREAM' + - 'ROCKY' + - 'EPEL' + - name: 'repositoryPath' + type: String description: |- Specific repository from the base, e.g. `"pub/rocky/9/BaseOS/x86_64/os"` + required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'upstreamCredentials' + - name: 'upstreamCredentials' + type: NestedObject description: |- The credentials used to access the remote repository. immutable: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'usernamePasswordCredentials' + - name: 'usernamePasswordCredentials' + type: NestedObject description: |- Use username and password to access the remote repository. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'username' + - name: 'username' + type: String description: |- The username to access the remote repository. immutable: true - - !ruby/object:Api::Type::String - name: 'passwordSecretVersion' + - name: 'passwordSecretVersion' + type: String description: |- The Secret Manager key version that holds the password to access the remote repository. Must be in the format of `projects/{project}/secrets/{secret}/versions/{version}`. immutable: true - - !ruby/object:Api::Type::Boolean - name: 'disableUpstreamValidation' - # Ignore read on this field because it is INPUT_ONLY. - # Need to use custom flatten because ignore_read doesn't work with nested fields. - custom_flatten: 'templates/terraform/custom_flatten/artifactregistry_rr_disable_upstream_validation.go.erb' + - name: 'disableUpstreamValidation' + type: Boolean description: |- If true, the remote repository upstream and upstream credentials will not be validated. - - !ruby/object:Api::Type::Boolean - name: 'cleanupPolicyDryRun' + # Ignore read on this field because it is INPUT_ONLY. + # Need to use custom flatten because ignore_read doesn't work with nested fields. + custom_flatten: 'templates/terraform/custom_flatten/artifactregistry_rr_disable_upstream_validation.go.tmpl' + - name: 'cleanupPolicyDryRun' + type: Boolean description: |- If true, the cleanup pipeline is prevented from deleting versions in this repository. diff --git a/mmv1/products/artifactregistry/VPCSCConfig.yaml b/mmv1/products/artifactregistry/VPCSCConfig.yaml index 6751669c1bb3..01bde3cfff05 100644 --- a/mmv1/products/artifactregistry/VPCSCConfig.yaml +++ b/mmv1/products/artifactregistry/VPCSCConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'VPCSCConfig' description: |- The Artifact Registry VPC SC config that applies to a Project. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: + guides: api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/VPCSCConfig' -min_version: beta -docs: !ruby/object:Provider::Terraform::Docs +docs: note: |- VPC SC configs are automatically created for a given location. Creating a resource of this type will acquire and update the resource that already @@ -27,44 +28,51 @@ docs: !ruby/object:Provider::Terraform::Docs base_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' self_link: 'projects/{{project}}/locations/{{location}}/vpcscConfig' create_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' -create_verb: :PATCH -update_verb: :PATCH -skip_delete: true -examples: - - !ruby/object:Provider::Terraform::Examples - # Requires VPC SC Policy configured on organization - skip_test: true - name: 'artifact_registry_vpcsc_config' - primary_resource_id: 'my-config' -autogen_async: false -async: !ruby/object:Api::OpAsync - actions: [] +create_verb: 'PATCH' +update_verb: 'PATCH' +exclude_delete: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: [''] + type: 'OpAsync' # necessary to compile - operation: !ruby/object:Api::OpAsync::Operation + operation: base_url: '{{op_id}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/location_from_region.go.erb + result: + resource_inside_response: false +custom_code: + encoder: 'templates/terraform/encoders/location_from_region.go.tmpl' +examples: + - name: 'artifact_registry_vpcsc_config' + primary_resource_id: 'my-config' + # Requires VPC SC Policy configured on organization + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String + description: | + The name of the location this config is located in. + min_version: 'beta' + url_param_only: true required: false immutable: true - url_param_only: true default_from_api: true - description: | - The name of the location this config is located in. - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: |- The name of the project's VPC SC Config. Always of the form: projects/{project}/location/{location}/vpcscConfig + min_version: 'beta' + output: true properties: - - !ruby/object:Api::Type::Enum - name: vpcscPolicy - min_version: beta + - name: 'vpcscPolicy' + type: Enum description: |- The VPC SC policy for project and location. - values: - - :DENY - - :ALLOW + min_version: 'beta' + enum_values: + - 'DENY' + - 'ALLOW' diff --git a/mmv1/products/artifactregistry/go_Repository.yaml b/mmv1/products/artifactregistry/go_Repository.yaml deleted file mode 100644 index 02159eb7daae..000000000000 --- a/mmv1/products/artifactregistry/go_Repository.yaml +++ /dev/null @@ -1,653 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Repository' -description: A repository for storing artifacts -references: - guides: - 'Official Documentation': 'https://cloud.google.com/artifact-registry/docs/overview' - api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/projects.locations.repositories' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/repositories' -self_link: 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/repositories?repository_id={{repository_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/repositories/{{repository_id}}' - - '{{repository_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - allowed_iam_role: 'roles/artifactregistry.reader' - parent_resource_attribute: 'repository' - base_url: 'projects/{{project}}/locations/{{location}}/repositories/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - self_link: 'projects/{{project}}/locations/{{location}}/repositories/{{name}}' - import_format: - - 'projects/{{project}}/locations/{{location}}/repositories/{{repository}}' - - '{{repository}}' -custom_code: - constants: 'templates/terraform/constants/go/artifact_registry_repository.go.tmpl' - encoder: 'templates/terraform/encoders/go/location_from_region.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/artifact_registry_remote_repository.go.tmpl' -examples: - - name: 'artifact_registry_repository_basic' - primary_resource_id: 'my-repo' - primary_resource_name: 'fmt.Sprintf("tf-test-my-repository%s", context["random_suffix"])' - vars: - repository_id: 'my-repository' - desc: 'example docker repository' - - name: 'artifact_registry_repository_docker' - primary_resource_id: 'my-repo' - vars: - repository_id: 'my-repository' - desc: 'example docker repository' - - name: 'artifact_registry_repository_cmek' - primary_resource_id: 'my-repo' - vars: - repository_id: 'my-repository' - kms_key_name: 'kms-key' - test_vars_overrides: - 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - - name: 'artifact_registry_repository_virtual' - primary_resource_id: 'my-repo' - vars: - repository_id: 'my-repository' - desc: 'example virtual docker repository' - upstream_repository_id: 'my-repository-upstream' - upstream_desc: 'example docker repository (upstream source)' - upstream_policy_id: 'my-repository-upstream' - - name: 'artifact_registry_repository_remote' - primary_resource_id: 'my-repo' - vars: - repository_id: 'my-repository' - desc: 'example remote docker repository' - - name: 'artifact_registry_repository_remote_apt' - primary_resource_id: 'my-repo' - vars: - repository_id: 'debian-buster' - desc: 'example remote apt repository' - - name: 'artifact_registry_repository_remote_yum' - primary_resource_id: 'my-repo' - vars: - repository_id: 'rocky-9' - desc: 'example remote yum repository' - - name: 'artifact_registry_repository_cleanup' - primary_resource_id: 'my-repo' - vars: - repository_id: 'my-repository' - desc: 'example docker repository with cleanup policies' - - name: 'artifact_registry_repository_remote_dockerhub_auth' - primary_resource_id: 'my-repo' - vars: - repository_id: 'example-dockerhub-remote' - desc: 'example remote dockerhub repository with credentials' - secret_id: 'example-secret' - secret_resource_id: 'example-remote-secret' - username: 'remote-username' - secret_data: 'remote-password' - ignore_read_extra: - - 'remote_repository_config.0.disable_upstream_validation' - - name: 'artifact_registry_repository_remote_docker_custom_with_auth' - primary_resource_id: 'my-repo' - vars: - repository_id: 'example-docker-custom-remote' - desc: 'example remote custom docker repository with credentials' - secret_id: 'example-secret' - secret_resource_id: 'example-remote-secret' - username: 'remote-username' - secret_data: 'remote-password' - ignore_read_extra: - - 'remote_repository_config.0.disable_upstream_validation' - - name: 'artifact_registry_repository_remote_maven_custom_with_auth' - primary_resource_id: 'my-repo' - vars: - repository_id: 'example-maven-custom-remote' - desc: 'example remote custom maven repository with credentials' - secret_id: 'example-secret' - secret_resource_id: 'example-remote-secret' - username: 'remote-username' - secret_data: 'remote-password' - ignore_read_extra: - - 'remote_repository_config.0.disable_upstream_validation' - - name: 'artifact_registry_repository_remote_npm_custom_with_auth' - primary_resource_id: 'my-repo' - vars: - repository_id: 'example-npm-custom-remote' - desc: 'example remote custom npm repository with credentials' - secret_id: 'example-secret' - secret_resource_id: 'example-remote-secret' - username: 'remote-username' - secret_data: 'remote-password' - ignore_read_extra: - - 'remote_repository_config.0.disable_upstream_validation' - - name: 'artifact_registry_repository_remote_python_custom_with_auth' - primary_resource_id: 'my-repo' - vars: - repository_id: 'example-python-custom-remote' - desc: 'example remote custom python repository with credentials' - secret_id: 'example-secret' - secret_resource_id: 'example-remote-secret' - username: 'remote-username' - secret_data: 'remote-password' - ignore_read_extra: - - 'remote_repository_config.0.disable_upstream_validation' -parameters: -properties: - - name: 'name' - type: String - description: |- - The name of the repository, for example: - "repo1" - output: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'repository_id' - type: String - description: |- - The last part of the repository name, for example: - "repo1" - url_param_only: true - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'location' - type: String - description: | - The name of the location this repository is located in. - url_param_only: true - required: false - immutable: true - default_from_api: true - - name: 'format' - type: String - description: |- - The format of packages that are stored in the repository. Supported formats - can be found [here](https://cloud.google.com/artifact-registry/docs/supported-formats). - You can only create alpha formats if you are a member of the - [alpha user group](https://cloud.google.com/artifact-registry/docs/supported-formats#alpha-access). - required: true - immutable: true - diff_suppress_func: 'tpgresource.CaseDiffSuppress' - - name: 'description' - type: String - description: |- - The user-provided description of the repository. - - name: 'labels' - type: KeyValueLabels - description: | - Labels with user-defined metadata. - This field may contain up to 64 entries. Label keys and values may be no - longer than 63 characters. Label keys must begin with a lowercase letter - and may only contain lowercase letters, numeric characters, underscores, - and dashes. - - name: 'kmsKeyName' - type: String - description: |- - The Cloud KMS resource name of the customer managed encryption key that’s - used to encrypt the contents of the Repository. Has the form: - `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. - This value may not be changed after the Repository has been created. - immutable: true - - name: 'createTime' - type: Time - description: The time when the repository was created. - output: true - - name: 'updateTime' - type: Time - description: The time when the repository was last updated. - output: true - - name: 'dockerConfig' - type: NestedObject - description: |- - Docker repository config contains repository level configuration for the repositories of docker type. - allow_empty_object: true - properties: - - name: 'immutableTags' - type: Boolean - description: |- - The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created. - - name: 'mavenConfig' - type: NestedObject - description: |- - MavenRepositoryConfig is maven related repository details. - Provides additional configuration details for repositories of the maven - format type. - allow_empty_object: true - properties: - - name: 'allowSnapshotOverwrites' - type: Boolean - description: |- - The repository with this flag will allow publishing the same - snapshot versions. - immutable: true - - name: 'versionPolicy' - type: Enum - description: |- - Version policy defines the versions that the registry will accept. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "VERSION_POLICY_UNSPECIFIED" - enum_values: - - 'VERSION_POLICY_UNSPECIFIED' - - 'RELEASE' - - 'SNAPSHOT' - - name: 'mode' - type: Enum - description: |- - The mode configures the repository to serve artifacts from different sources. - immutable: true - default_value: "STANDARD_REPOSITORY" - enum_values: - - 'STANDARD_REPOSITORY' - - 'VIRTUAL_REPOSITORY' - - 'REMOTE_REPOSITORY' - - name: 'virtualRepositoryConfig' - type: NestedObject - description: |- - Configuration specific for a Virtual Repository. - conflicts: - - remote_repository_config - properties: - - name: 'upstreamPolicies' - type: Array - description: |- - Policies that configure the upstream artifacts distributed by the Virtual - Repository. Upstream policies cannot be set on a standard repository. - diff_suppress_func: 'upstreamPoliciesDiffSuppress' - item_type: - type: NestedObject - properties: - - name: 'id' - type: String - description: |- - The user-provided ID of the upstream policy. - - name: 'repository' - type: String - description: | - A reference to the repository resource, for example: - "projects/p1/locations/us-central1/repository/repo1". - - name: 'priority' - type: Integer - description: |- - Entries with a greater priority value take precedence in the pull order. - - name: 'cleanupPolicies' - type: Map - description: |- - Cleanup policies for this repository. Cleanup policies indicate when - certain package versions can be automatically deleted. - Map keys are policy IDs supplied by users during policy creation. They must - unique within a repository and be under 128 characters in length. - key_name: 'id' - key_description: |- - The policy ID. Must be unique within a repository. - value_type: - name: cleanupPolicies - type: NestedObject - properties: - - name: 'action' - type: Enum - description: |- - Policy action. - enum_values: - - 'DELETE' - - 'KEEP' - - name: 'condition' - type: NestedObject - description: |- - Policy condition for matching versions. - # TODO (jrsb): exactly_one_of: condition, mostRecentVersions - properties: - - name: 'tagState' - type: Enum - description: |- - Match versions by tag status. - default_value: "ANY" - enum_values: - - 'TAGGED' - - 'UNTAGGED' - - 'ANY' - - name: 'tagPrefixes' - type: Array - description: |- - Match versions by tag prefix. Applied on any prefix match. - item_type: - type: String - - name: 'versionNamePrefixes' - type: Array - description: |- - Match versions by version name prefix. Applied on any prefix match. - item_type: - type: String - - name: 'packageNamePrefixes' - type: Array - description: |- - Match versions by package prefix. Applied on any prefix match. - item_type: - type: String - - name: 'olderThan' - type: String - description: |- - Match versions older than a duration. - diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - name: 'newerThan' - type: String - description: |- - Match versions newer than a duration. - diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - name: 'mostRecentVersions' - type: NestedObject - description: |- - Policy condition for retaining a minimum number of versions. May only be - specified with a Keep action. - # TODO (jrsb): exactly_one_of: condition, mostRecentVersions - properties: - - name: 'packageNamePrefixes' - type: Array - description: |- - Match versions by package prefix. Applied on any prefix match. - item_type: - type: String - - name: 'keepCount' - type: Integer - description: |- - Minimum number of versions to keep. - - name: 'remoteRepositoryConfig' - type: NestedObject - description: |- - Configuration specific for a Remote Repository. - immutable: true - conflicts: - - virtual_repository_config - properties: - - name: 'description' - type: String - description: |- - The description of the remote source. - immutable: true - - name: 'aptRepository' - type: NestedObject - description: |- - Specific settings for an Apt remote repository. - immutable: true - exactly_one_of: - - 'remoteRepositoryConfig.0.apt_repository' - - 'remoteRepositoryConfig.0.docker_repository' - - 'remoteRepositoryConfig.0.maven_repository' - - 'remoteRepositoryConfig.0.npm_repository' - - 'remoteRepositoryConfig.0.python_repository' - - 'remoteRepositoryConfig.0.yum_repository' - properties: - - name: 'publicRepository' - type: NestedObject - description: |- - One of the publicly available Apt repositories supported by Artifact Registry. - immutable: true - properties: - - name: 'repositoryBase' - type: Enum - description: |- - A common public repository base for Apt, e.g. `"debian/dists/buster"` - required: true - immutable: true - enum_values: - - 'DEBIAN' - - 'UBUNTU' - - name: 'repositoryPath' - type: String - description: |- - Specific repository from the base. - required: true - immutable: true - - name: 'dockerRepository' - type: NestedObject - description: |- - Specific settings for a Docker remote repository. - immutable: true - exactly_one_of: - - 'remoteRepositoryConfig.0.apt_repository' - - 'remoteRepositoryConfig.0.docker_repository' - - 'remoteRepositoryConfig.0.maven_repository' - - 'remoteRepositoryConfig.0.npm_repository' - - 'remoteRepositoryConfig.0.python_repository' - - 'remoteRepositoryConfig.0.yum_repository' - properties: - - name: 'publicRepository' - type: Enum - description: |- - Address of the remote repository. - immutable: true - conflicts: - - remoteRepositoryConfig.0.docker_repository.0.custom_repository - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "DOCKER_HUB" - enum_values: - - 'DOCKER_HUB' - - name: 'customRepository' - type: NestedObject - description: |- - Settings for a remote repository with a custom uri. - immutable: true - conflicts: - - remoteRepositoryConfig.0.docker_repository.0.public_repository - properties: - - name: 'uri' - type: String - description: |- - Specific uri to the registry, e.g. `"https://registry-1.docker.io"` - immutable: true - - name: 'mavenRepository' - type: NestedObject - description: |- - Specific settings for a Maven remote repository. - immutable: true - exactly_one_of: - - 'remoteRepositoryConfig.0.apt_repository' - - 'remoteRepositoryConfig.0.docker_repository' - - 'remoteRepositoryConfig.0.maven_repository' - - 'remoteRepositoryConfig.0.npm_repository' - - 'remoteRepositoryConfig.0.python_repository' - - 'remoteRepositoryConfig.0.yum_repository' - properties: - - name: 'publicRepository' - type: Enum - description: |- - Address of the remote repository. - immutable: true - conflicts: - - remoteRepositoryConfig.0.maven_repository.0.custom_repository - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "MAVEN_CENTRAL" - enum_values: - - 'MAVEN_CENTRAL' - - name: 'customRepository' - type: NestedObject - description: |- - Settings for a remote repository with a custom uri. - immutable: true - conflicts: - - remoteRepositoryConfig.0.maven_repository.0.public_repository - properties: - - name: 'uri' - type: String - description: |- - Specific uri to the registry, e.g. `"https://repo.maven.apache.org/maven2"` - immutable: true - - name: 'npmRepository' - type: NestedObject - description: |- - Specific settings for an Npm remote repository. - immutable: true - exactly_one_of: - - 'remoteRepositoryConfig.0.apt_repository' - - 'remoteRepositoryConfig.0.docker_repository' - - 'remoteRepositoryConfig.0.maven_repository' - - 'remoteRepositoryConfig.0.npm_repository' - - 'remoteRepositoryConfig.0.python_repository' - - 'remoteRepositoryConfig.0.yum_repository' - properties: - - name: 'publicRepository' - type: Enum - description: |- - Address of the remote repository. - immutable: true - conflicts: - - remoteRepositoryConfig.0.npm_repository.0.custom_repository - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "NPMJS" - enum_values: - - 'NPMJS' - - name: 'customRepository' - type: NestedObject - description: |- - Settings for a remote repository with a custom uri. - immutable: true - conflicts: - - remoteRepositoryConfig.0.npm_repository.0.public_repository - properties: - - name: 'uri' - type: String - description: |- - Specific uri to the registry, e.g. `"https://registry.npmjs.org"` - immutable: true - - name: 'pythonRepository' - type: NestedObject - description: |- - Specific settings for a Python remote repository. - immutable: true - exactly_one_of: - - 'remoteRepositoryConfig.0.apt_repository' - - 'remoteRepositoryConfig.0.docker_repository' - - 'remoteRepositoryConfig.0.maven_repository' - - 'remoteRepositoryConfig.0.npm_repository' - - 'remoteRepositoryConfig.0.python_repository' - - 'remoteRepositoryConfig.0.yum_repository' - properties: - - name: 'publicRepository' - type: Enum - description: |- - Address of the remote repository. - immutable: true - conflicts: - - remoteRepositoryConfig.0.python_repository.0.custom_repository - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "PYPI" - enum_values: - - 'PYPI' - - name: 'customRepository' - type: NestedObject - description: |- - Settings for a remote repository with a custom uri. - immutable: true - conflicts: - - remoteRepositoryConfig.0.python_repository.0.public_repository - properties: - - name: 'uri' - type: String - description: |- - Specific uri to the registry, e.g. `"https://pypi.io"` - immutable: true - - name: 'yumRepository' - type: NestedObject - description: |- - Specific settings for an Yum remote repository. - immutable: true - exactly_one_of: - - 'remoteRepositoryConfig.0.apt_repository' - - 'remoteRepositoryConfig.0.docker_repository' - - 'remoteRepositoryConfig.0.maven_repository' - - 'remoteRepositoryConfig.0.npm_repository' - - 'remoteRepositoryConfig.0.python_repository' - - 'remoteRepositoryConfig.0.yum_repository' - properties: - - name: 'publicRepository' - type: NestedObject - description: |- - One of the publicly available Yum repositories supported by Artifact Registry. - immutable: true - properties: - - name: 'repositoryBase' - type: Enum - description: |- - A common public repository base for Yum. - required: true - immutable: true - enum_values: - - 'CENTOS' - - 'CENTOS_DEBUG' - - 'CENTOS_VAULT' - - 'CENTOS_STREAM' - - 'ROCKY' - - 'EPEL' - - name: 'repositoryPath' - type: String - description: |- - Specific repository from the base, e.g. `"pub/rocky/9/BaseOS/x86_64/os"` - required: true - immutable: true - - name: 'upstreamCredentials' - type: NestedObject - description: |- - The credentials used to access the remote repository. - immutable: true - properties: - - name: 'usernamePasswordCredentials' - type: NestedObject - description: |- - Use username and password to access the remote repository. - immutable: true - properties: - - name: 'username' - type: String - description: |- - The username to access the remote repository. - immutable: true - - name: 'passwordSecretVersion' - type: String - description: |- - The Secret Manager key version that holds the password to access the - remote repository. Must be in the format of - `projects/{project}/secrets/{secret}/versions/{version}`. - immutable: true - - name: 'disableUpstreamValidation' - type: Boolean - description: |- - If true, the remote repository upstream and upstream credentials will - not be validated. - custom_flatten: 'templates/terraform/custom_flatten/go/artifactregistry_rr_disable_upstream_validation.go.tmpl' - - name: 'cleanupPolicyDryRun' - type: Boolean - description: |- - If true, the cleanup pipeline is prevented from deleting versions in this - repository. diff --git a/mmv1/products/artifactregistry/go_VPCSCConfig.yaml b/mmv1/products/artifactregistry/go_VPCSCConfig.yaml deleted file mode 100644 index d94e36b3bee6..000000000000 --- a/mmv1/products/artifactregistry/go_VPCSCConfig.yaml +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'VPCSCConfig' -description: |- - The Artifact Registry VPC SC config that applies to a Project. -min_version: 'beta' -references: - guides: - api: 'https://cloud.google.com/artifact-registry/docs/reference/rest/v1/VPCSCConfig' -docs: - note: |- - VPC SC configs are automatically created for a given location. Creating a - resource of this type will acquire and update the resource that already - exists at the location. Deleting this resource will remove the config from - your Terraform state but leave the resource as is. -base_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' -self_link: 'projects/{{project}}/locations/{{location}}/vpcscConfig' -create_url: 'projects/{{project}}/locations/{{location}}/vpcscConfig' -create_verb: 'PATCH' -update_verb: 'PATCH' -exclude_delete: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: [''] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - result: - resource_inside_response: false -custom_code: - encoder: 'templates/terraform/encoders/go/location_from_region.go.tmpl' -examples: - - name: 'artifact_registry_vpcsc_config' - primary_resource_id: 'my-config' - skip_test: true -parameters: - - name: 'location' - type: String - description: | - The name of the location this config is located in. - min_version: 'beta' - url_param_only: true - required: false - immutable: true - default_from_api: true - - name: 'name' - type: String - description: |- - The name of the project's VPC SC Config. - Always of the form: projects/{project}/location/{location}/vpcscConfig - min_version: 'beta' - output: true -properties: - - name: 'vpcscPolicy' - type: Enum - description: |- - The VPC SC policy for project and location. - min_version: 'beta' - enum_values: - - 'DENY' - - 'ALLOW' diff --git a/mmv1/products/artifactregistry/go_product.yaml b/mmv1/products/artifactregistry/go_product.yaml deleted file mode 100644 index 7e2842eb9ec3..000000000000 --- a/mmv1/products/artifactregistry/go_product.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ArtifactRegistry' -display_name: 'Artifact Registry' -versions: - - name: 'beta' - base_url: 'https://artifactregistry.googleapis.com/v1/' - - name: 'ga' - base_url: 'https://artifactregistry.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/artifactregistry/product.yaml b/mmv1/products/artifactregistry/product.yaml index 068579383829..c8c98003c1cd 100644 --- a/mmv1/products/artifactregistry/product.yaml +++ b/mmv1/products/artifactregistry/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,33 +11,25 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: ArtifactRegistry -display_name: Artifact Registry -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'ArtifactRegistry' +display_name: 'Artifact Registry' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://artifactregistry.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://artifactregistry.googleapis.com/v1/ -async: !ruby/object:Api::OpAsync - actions: ['create', 'delete'] - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - name: 'beta' + base_url: 'https://artifactregistry.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://artifactregistry.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/backupdr/BackupVault.yaml b/mmv1/products/backupdr/BackupVault.yaml index b8e3df6e5c0d..1a455d31d662 100644 --- a/mmv1/products/backupdr/BackupVault.yaml +++ b/mmv1/products/backupdr/BackupVault.yaml @@ -11,146 +11,167 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/{{location}}/backupVaults -create_url: projects/{{project}}/locations/{{location}}/backupVaults?backupVaultId={{backup_vault_id}} -update_url: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_update}} -delete_url: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_delete}}&allowMissing={{allow_missing}} -self_link: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}} -id_format: projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}} -import_format: - - projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}} -name: BackupVault +--- +name: 'BackupVault' description: Container to store and organize immutable and indelible backups. +min_version: 'beta' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/backupVaults' +self_link: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/backupVaults?backupVaultId={{backup_vault_id}}' +update_url: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_update}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_delete}}&allowMissing={{allow_missing}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response + result: + path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message -update_verb: :PATCH -update_mask: true + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'backup_dr_backup_vault_full' + - name: 'backup_dr_backup_vault_full' primary_resource_id: 'backup-vault-test' + min_version: 'beta' vars: backup_vault_id: 'backup-vault-test' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: "The GCP location for the backup vault. " + min_version: 'beta' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: backupVaultId + - name: 'backupVaultId' + type: String description: "Required. ID of the requesting object." + min_version: 'beta' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::Boolean - name: 'force_update' - default_value: false - url_param_only: true + - name: 'force_update' + type: Boolean description: | If set, allow update to extend the minimum enforced retention for backup vault. This overrides the restriction against conflicting retention periods. This conflict may occur when the expiration schedule defined by the associated backup plan is shorter than the minimum retention set by the backup vault. - - !ruby/object:Api::Type::Boolean - name: 'force_delete' - default_value: false + min_version: 'beta' url_param_only: true + default_value: false + - name: 'force_delete' + type: Boolean description: | If set, the following restrictions against deletion of the backup vault instance can be overridden: * deletion of a backup vault instance containing no backups, but still containing empty datasources. * deletion of a backup vault instance that is being referenced by an active backup plan. - - !ruby/object:Api::Type::Boolean - name: 'allow_missing' - default_value: false + min_version: 'beta' url_param_only: true + default_value: false + - name: 'allow_missing' + type: Boolean description: | Allow idempotent deletion of backup vault. The request will still succeed in case the backup vault does not exist. + min_version: 'beta' + url_param_only: true + default_value: false properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: 'Output only. Identifier. The resource name. ' + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: 'Optional. The description of the BackupVault instance (2048 characters or less). ' - - !ruby/object:Api::Type::KeyValueLabels - name: labels + min_version: 'beta' + - name: 'labels' + type: KeyValueLabels description: "Optional. Resource labels to represent user provided metadata. " - - !ruby/object:Api::Type::String - name: createTime + min_version: 'beta' + - name: 'createTime' + type: String description: 'Output only. The time when the instance was created. ' + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: 'Output only. The time when the instance was updated. ' + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: backupMinimumEnforcedRetentionDuration + - name: 'backupMinimumEnforcedRetentionDuration' + type: String description: "Required. The default and minimum enforced retention for each backup within the backup vault. The enforced retention for each backup can be extended. " + min_version: 'beta' required: true - - !ruby/object:Api::Type::Boolean - name: deletable + - name: 'deletable' + type: Boolean description: 'Output only. Set to true when there are no backups nested under this resource. ' + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: etag - output: true + - name: 'etag' + type: String description: "Optional. Server specified ETag for the backup vault resource to prevent simultaneous updates from overwiting each other. " - - !ruby/object:Api::Type::String - name: state + min_version: 'beta' + output: true + - name: 'state' + type: String description: "Output only. The BackupVault resource instance state. \n Possible values:\n STATE_UNSPECIFIED\n CREATING\n ACTIVE\n DELETING\n ERROR" + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: effectiveTime + - name: 'effectiveTime' + type: String description: 'Optional. Time after which the BackupVault resource is locked. ' - - !ruby/object:Api::Type::String - name: backupCount + min_version: 'beta' + - name: 'backupCount' + type: String description: 'Output only. The number of backups in this backup vault. ' + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: serviceAccount + - name: 'serviceAccount' + type: String description: "Output only. Service account used by the BackupVault Service for this BackupVault. The user should grant this account permissions in their workload project to enable the service to run backups and restores there. " + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: totalStoredBytes + - name: 'totalStoredBytes' + type: String description: 'Output only. Total size of the storage used by all backup resources. ' + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: "Output only. Output only Immutable after resource creation until resource deletion. " + min_version: 'beta' output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: annotations + - name: 'annotations' + type: KeyValueAnnotations description: "Optional. User annotations. See https://google.aip.dev/128#annotations\nStores small amounts of arbitrary data. " + min_version: 'beta' diff --git a/mmv1/products/backupdr/ManagementServer.yaml b/mmv1/products/backupdr/ManagementServer.yaml index 4bc27c814895..0705c465ceb6 100644 --- a/mmv1/products/backupdr/ManagementServer.yaml +++ b/mmv1/products/backupdr/ManagementServer.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,96 +11,121 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ManagementServer' -min_version: beta -base_url: projects/{{project}}/locations/{{location}}/managementServers -create_url: projects/{{project}}/locations/{{location}}/managementServers/?management_server_id={{name}} -self_link: projects/{{project}}/locations/{{location}}/managementServers/{{name}} -create_verb: :POST -immutable: true -delete_url: projects/{{project}}/locations/{{location}}/managementServers/{{name}} description: A Backup and DR Management Server (Also referred as Management Console) -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/backup-disaster-recovery/docs' api: 'https://cloud.google.com/backup-disaster-recovery/docs/deployment/deployment-plan' -autogen_async: true -timeouts: !ruby/object:Api::Timeouts +docs: +base_url: 'projects/{{project}}/locations/{{location}}/managementServers' +self_link: 'projects/{{project}}/locations/{{location}}/managementServers/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/managementServers/?management_server_id={{name}}' +delete_url: 'projects/{{project}}/locations/{{location}}/managementServers/{{name}}' +immutable: true +timeouts: insert_minutes: 40 + update_minutes: 20 delete_minutes: 40 +autogen_async: true +async: + actions: ['create', 'delete'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'backup_dr_management_server' + - name: 'backup_dr_management_server' primary_resource_id: 'ms-console' + min_version: 'beta' vars: network_name: 'vpc-network' managementserver_name: 'ms-console' test_env_vars: - project: :PROJECT_NAME - skip_test: true + project: 'PROJECT_NAME' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'location' - required: true - url_param_only: true + - name: 'location' + type: String description: | The location for the management server (management console) - - !ruby/object:Api::Type::String - name: 'name' - required: true + min_version: 'beta' url_param_only: true + required: true + - name: 'name' + type: String description: |- The name of management server (management console) - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + min_version: 'beta' + url_param_only: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' properties: - - !ruby/object:Api::Type::Enum - name: 'type' - values: - - :BACKUP_RESTORE - default_value: :BACKUP_RESTORE + - name: 'type' + type: Enum description: | The type of management server (management console). - - !ruby/object:Api::Type::Array - name: 'networks' + min_version: 'beta' + default_value: "BACKUP_RESTORE" + enum_values: + - 'BACKUP_RESTORE' + - name: 'networks' + type: Array description: | Network details to create management server (management console). + min_version: 'beta' required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'network' + - name: 'network' + type: String description: | Network with format `projects/{{project_id}}/global/networks/{{network_id}}` + min_version: 'beta' required: true - - !ruby/object:Api::Type::Enum - name: 'peeringMode' + - name: 'peeringMode' + type: Enum description: | Type of Network peeringMode - values: - - :PRIVATE_SERVICE_ACCESS - default_value: :PRIVATE_SERVICE_ACCESS + min_version: 'beta' + default_value: "PRIVATE_SERVICE_ACCESS" + enum_values: + - 'PRIVATE_SERVICE_ACCESS' ## outputs - - !ruby/object:Api::Type::String - name: 'oauth2ClientId' + - name: 'oauth2ClientId' + type: String description: | The oauth2ClientId of management console. + min_version: 'beta' output: true - - !ruby/object:Api::Type::NestedObject - name: 'managementUri' + - name: 'managementUri' + type: NestedObject description: |- The management console URI + min_version: 'beta' output: true properties: - - !ruby/object:Api::Type::String - name: 'webUi' + - name: 'webUi' + type: String description: |- The management console webUi. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: 'api' + - name: 'api' + type: String description: |- The management console api endpoint. + min_version: 'beta' output: true diff --git a/mmv1/products/backupdr/go_BackupVault.yaml b/mmv1/products/backupdr/go_BackupVault.yaml deleted file mode 100644 index 2270f1b45c9d..000000000000 --- a/mmv1/products/backupdr/go_BackupVault.yaml +++ /dev/null @@ -1,178 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BackupVault' -description: Container to store and organize immutable and indelible backups. -min_version: 'beta' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/backupVaults' -self_link: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/backupVaults?backupVaultId={{backup_vault_id}}' -update_url: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_update}}' -update_verb: 'PATCH' -update_mask: true -delete_url: 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}?force={{force_delete}}&allowMissing={{allow_missing}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/backupVaults/{{backup_vault_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'backup_dr_backup_vault_full' - primary_resource_id: 'backup-vault-test' - min_version: 'beta' - vars: - backup_vault_id: 'backup-vault-test' - test_env_vars: - project: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: "The GCP location for the backup vault. " - min_version: 'beta' - url_param_only: true - required: true - immutable: true - - name: 'backupVaultId' - type: String - description: "Required. ID of the requesting object." - min_version: 'beta' - url_param_only: true - required: true - immutable: true - - name: 'force_update' - type: Boolean - description: | - If set, allow update to extend the minimum enforced retention for backup vault. This overrides - the restriction against conflicting retention periods. This conflict may occur when the - expiration schedule defined by the associated backup plan is shorter than the minimum - retention set by the backup vault. - min_version: 'beta' - url_param_only: true - default_value: false - - name: 'force_delete' - type: Boolean - description: | - If set, the following restrictions against deletion of the backup vault instance can be overridden: - * deletion of a backup vault instance containing no backups, but still containing empty datasources. - * deletion of a backup vault instance that is being referenced by an active backup plan. - min_version: 'beta' - url_param_only: true - default_value: false - - name: 'allow_missing' - type: Boolean - description: | - Allow idempotent deletion of backup vault. The request will still succeed in case the backup vault does not exist. - min_version: 'beta' - url_param_only: true - default_value: false -properties: - - name: 'name' - type: String - description: 'Output only. Identifier. The resource name. ' - min_version: 'beta' - output: true - - name: 'description' - type: String - description: 'Optional. The description of the BackupVault instance (2048 characters - or less). ' - min_version: 'beta' - - name: 'labels' - type: KeyValueLabels - description: "Optional. Resource labels to represent user provided metadata. " - min_version: 'beta' - - name: 'createTime' - type: String - description: 'Output only. The time when the instance was created. ' - min_version: 'beta' - output: true - - name: 'updateTime' - type: String - description: 'Output only. The time when the instance was updated. ' - min_version: 'beta' - output: true - - name: 'backupMinimumEnforcedRetentionDuration' - type: String - description: "Required. The default and minimum enforced retention for each backup - within the backup vault. The enforced retention for each backup can be extended. " - min_version: 'beta' - required: true - - name: 'deletable' - type: Boolean - description: 'Output only. Set to true when there are no backups nested under this - resource. ' - min_version: 'beta' - output: true - - name: 'etag' - type: String - description: "Optional. Server specified ETag for the backup vault resource to prevent - simultaneous updates from overwiting each other. " - min_version: 'beta' - output: true - - name: 'state' - type: String - description: "Output only. The BackupVault resource instance state. \n - Possible values:\n STATE_UNSPECIFIED\n CREATING\n ACTIVE\n DELETING\n ERROR" - min_version: 'beta' - output: true - - name: 'effectiveTime' - type: String - description: 'Optional. Time after which the BackupVault resource is locked. ' - min_version: 'beta' - - name: 'backupCount' - type: String - description: 'Output only. The number of backups in this backup vault. ' - min_version: 'beta' - output: true - - name: 'serviceAccount' - type: String - description: "Output only. Service account used by the BackupVault Service for this - BackupVault. The user should grant this account permissions in their workload - project to enable the service to run backups and restores there. " - min_version: 'beta' - output: true - - name: 'totalStoredBytes' - type: String - description: 'Output only. Total size of the storage used by all backup resources. ' - min_version: 'beta' - output: true - - name: 'uid' - type: String - description: "Output only. Output only Immutable after resource creation until - resource deletion. " - min_version: 'beta' - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: "Optional. User annotations. See https://google.aip.dev/128#annotations\nStores - small amounts of arbitrary data. " - min_version: 'beta' diff --git a/mmv1/products/backupdr/go_ManagementServer.yaml b/mmv1/products/backupdr/go_ManagementServer.yaml deleted file mode 100644 index 71b4420f9ed1..000000000000 --- a/mmv1/products/backupdr/go_ManagementServer.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ManagementServer' -description: A Backup and DR Management Server (Also referred as Management Console) -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/backup-disaster-recovery/docs' - api: 'https://cloud.google.com/backup-disaster-recovery/docs/deployment/deployment-plan' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/managementServers' -self_link: 'projects/{{project}}/locations/{{location}}/managementServers/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/managementServers/?management_server_id={{name}}' -delete_url: 'projects/{{project}}/locations/{{location}}/managementServers/{{name}}' -immutable: true -timeouts: - insert_minutes: 40 - update_minutes: 20 - delete_minutes: 40 -autogen_async: true -async: - actions: ['create', 'delete'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'backup_dr_management_server' - primary_resource_id: 'ms-console' - min_version: 'beta' - vars: - network_name: 'vpc-network' - managementserver_name: 'ms-console' - test_env_vars: - project: 'PROJECT_NAME' - skip_test: true -parameters: - - name: 'location' - type: String - description: | - The location for the management server (management console) - min_version: 'beta' - url_param_only: true - required: true - - name: 'name' - type: String - description: |- - The name of management server (management console) - min_version: 'beta' - url_param_only: true - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' -properties: - - name: 'type' - type: Enum - description: | - The type of management server (management console). - min_version: 'beta' - default_value: "BACKUP_RESTORE" - enum_values: - - 'BACKUP_RESTORE' - - name: 'networks' - type: Array - description: | - Network details to create management server (management console). - min_version: 'beta' - required: true - item_type: - type: NestedObject - properties: - - name: 'network' - type: String - description: | - Network with format `projects/{{project_id}}/global/networks/{{network_id}}` - min_version: 'beta' - required: true - - name: 'peeringMode' - type: Enum - description: | - Type of Network peeringMode - min_version: 'beta' - default_value: "PRIVATE_SERVICE_ACCESS" - enum_values: - - 'PRIVATE_SERVICE_ACCESS' - - name: 'oauth2ClientId' - type: String - description: | - The oauth2ClientId of management console. - min_version: 'beta' - output: true - - name: 'managementUri' - type: NestedObject - description: |- - The management console URI - min_version: 'beta' - output: true - properties: - - name: 'webUi' - type: String - description: |- - The management console webUi. - min_version: 'beta' - output: true - - name: 'api' - type: String - description: |- - The management console api endpoint. - min_version: 'beta' - output: true diff --git a/mmv1/products/backupdr/go_product.yaml b/mmv1/products/backupdr/go_product.yaml deleted file mode 100644 index c2a50b6b6705..000000000000 --- a/mmv1/products/backupdr/go_product.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BackupDR' -display_name: 'Backup and DR Service' -versions: - - name: 'beta' - base_url: 'https://backupdr.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/backupdr/product.yaml b/mmv1/products/backupdr/product.yaml index 5c1c9d13da02..ca3302aadfdd 100644 --- a/mmv1/products/backupdr/product.yaml +++ b/mmv1/products/backupdr/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,30 +11,23 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BackupDR -display_name: Backup and DR Service -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'BackupDR' +display_name: 'Backup and DR Service' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://backupdr.googleapis.com/v1/ -async: !ruby/object:Api::OpAsync - actions: ['create', 'delete'] - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - name: 'beta' + base_url: 'https://backupdr.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/beyondcorp/AppConnection.yaml b/mmv1/products/beyondcorp/AppConnection.yaml index 55bdb8dc1d9b..8c84d05b3e8b 100644 --- a/mmv1/products/beyondcorp/AppConnection.yaml +++ b/mmv1/products/beyondcorp/AppConnection.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,139 +11,139 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AppConnection' description: "A BeyondCorp AppConnection resource represents a BeyondCorp protected AppConnection to a remote application.\nIt creates all the necessary GCP components needed for creating a BeyondCorp protected AppConnection. \nMultiple connectors can be authorised for a single AppConnection.\n" -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnections' -base_url: projects/{{project}}/locations/{{region}}/appConnections -self_link: projects/{{project}}/locations/{{region}}/appConnections/{{name}} -create_url: projects/{{project}}/locations/{{region}}/appConnections?app_connection_id={{name}} -update_verb: :PATCH +docs: +base_url: 'projects/{{project}}/locations/{{region}}/appConnections' +self_link: 'projects/{{project}}/locations/{{region}}/appConnections/{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/appConnections?app_connection_id={{name}}' +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +timeouts: + insert_minutes: 30 + update_minutes: 30 + delete_minutes: 30 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 30 update_minutes: 30 delete_minutes: 30 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -autogen_async: true +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'beyondcorp_app_connection_basic' + - name: 'beyondcorp_app_connection_basic' primary_resource_id: 'app_connection' - primary_resource_name: - 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' vars: account_id: 'my-account' app_connector_name: 'my-app-connector' app_connection_name: 'my-app-connection' - - !ruby/object:Provider::Terraform::Examples - name: 'beyondcorp_app_connection_full' + - name: 'beyondcorp_app_connection_full' primary_resource_id: 'app_connection' - primary_resource_name: - 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' vars: account_id: 'my-account' app_gateway_name: 'my-app-gateway' app_connector_name: 'my-app-connector' app_connection_name: 'my-app-connection' display_name: 'some display name' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | ID of the AppConnection. url_param_only: true - - !ruby/object:Api::Type::String - name: 'region' + required: true + immutable: true + - name: 'region' + type: String description: | The region of the AppConnection. - immutable: true url_param_only: true - - !ruby/object:Api::Type::String - name: 'displayName' + immutable: true + - name: 'displayName' + type: String description: | An arbitrary user-provided name for the AppConnection. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Resource labels to represent user provided metadata. - - !ruby/object:Api::Type::String - name: 'type' + - name: 'type' + type: String description: | The type of network connectivity used by the AppConnection. Refer to https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#type for a list of possible values. immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'applicationEndpoint' + - name: 'applicationEndpoint' + type: NestedObject description: | Address of the remote application endpoint for the BeyondCorp AppConnection. required: true properties: - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | Hostname or IP address of the remote application endpoint. required: true - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | Port of the remote application endpoint. required: true - - !ruby/object:Api::Type::Array - name: connectors - item_type: Api::Type::String + - name: 'connectors' + type: Array description: | List of AppConnectors that are authorised to be associated with this AppConnection - - !ruby/object:Api::Type::NestedObject - name: gateway + item_type: + type: String + - name: 'gateway' + type: NestedObject description: | Gateway used by the AppConnection. default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'appGateway' + - name: 'appGateway' + type: String description: | AppGateway name in following format: projects/{project_id}/locations/{locationId}/appgateways/{gateway_id}. required: true - - !ruby/object:Api::Type::String - name: 'type' + - name: 'type' + type: String description: | The type of hosting used by the gateway. Refer to https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#Type_1 for a list of possible values. - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: | Server-defined URI for this resource. output: true - - !ruby/object:Api::Type::Integer - name: 'ingressPort' + - name: 'ingressPort' + type: Integer description: | Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443. output: true diff --git a/mmv1/products/beyondcorp/AppConnector.yaml b/mmv1/products/beyondcorp/AppConnector.yaml index fb8e23bedbf6..9bcc62c089c5 100644 --- a/mmv1/products/beyondcorp/AppConnector.yaml +++ b/mmv1/products/beyondcorp/AppConnector.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,7 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AppConnector' description: "A BeyondCorp AppConnector resource represents an application facing component @@ -19,99 +19,98 @@ description: is used to establish connectivity between the \nremote enterprise environment and GCP. It initiates connections to the applications and can proxy the \ndata from users over the connection.\n" -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnectors' -base_url: projects/{{project}}/locations/{{region}}/appConnectors -self_link: projects/{{project}}/locations/{{region}}/appConnectors/{{name}} -create_url: projects/{{project}}/locations/{{region}}/appConnectors?app_connector_id={{name}} -update_verb: :PATCH +docs: +base_url: 'projects/{{project}}/locations/{{region}}/appConnectors' +self_link: 'projects/{{project}}/locations/{{region}}/appConnectors/{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/appConnectors?app_connector_id={{name}}' +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -autogen_async: true +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'beyondcorp_app_connector_basic' + - name: 'beyondcorp_app_connector_basic' primary_resource_id: 'app_connector' - primary_resource_name: - 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' vars: app_connector_name: 'my-app-connector' account_id: 'my-account' - - !ruby/object:Provider::Terraform::Examples - name: 'beyondcorp_app_connector_full' + - name: 'beyondcorp_app_connector_full' primary_resource_id: 'app_connector' - primary_resource_name: - 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' vars: app_connector_name: 'my-app-connector' account_id: 'my-account' display_name: 'some display name' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | ID of the AppConnector. url_param_only: true - - !ruby/object:Api::Type::String - name: 'region' + required: true + immutable: true + - name: 'region' + type: String description: | The region of the AppConnector. - immutable: true url_param_only: true - - !ruby/object:Api::Type::String - name: 'displayName' + immutable: true + - name: 'displayName' + type: String description: | An arbitrary user-provided name for the AppConnector. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Resource labels to represent user provided metadata. - - !ruby/object:Api::Type::NestedObject - name: 'principalInfo' + - name: 'principalInfo' + type: NestedObject description: | Principal information about the Identity of the AppConnector. required: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'serviceAccount' + - name: 'serviceAccount' + type: NestedObject description: | ServiceAccount represents a GCP service account. required: true properties: - - !ruby/object:Api::Type::String - name: 'email' + - name: 'email' + type: String description: | Email address of the service account. required: true - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + - name: 'state' + type: Enum description: | Represents the different states of a AppConnector. - values: - - :STATE_UNSPECIFIED - - :CREATING - - :CREATED - - :UPDATING - - :DELETING - - :DOWN + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'CREATED' + - 'UPDATING' + - 'DELETING' + - 'DOWN' diff --git a/mmv1/products/beyondcorp/AppGateway.yaml b/mmv1/products/beyondcorp/AppGateway.yaml index a1d33fc98da6..e228ec4b3999 100644 --- a/mmv1/products/beyondcorp/AppGateway.yaml +++ b/mmv1/products/beyondcorp/AppGateway.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,127 +11,127 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AppGateway' description: "A BeyondCorp AppGateway resource represents a BeyondCorp protected AppGateway to a remote application. It creates \nall the necessary GCP components needed for creating a BeyondCorp protected AppGateway. Multiple connectors can be \n\ authorised for a single AppGateway.\n" -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appgateways' -base_url: projects/{{project}}/locations/{{region}}/appGateways -self_link: projects/{{project}}/locations/{{region}}/appGateways/{{name}} -create_url: projects/{{project}}/locations/{{region}}/appGateways?app_gateway_id={{name}} +docs: +base_url: 'projects/{{project}}/locations/{{region}}/appGateways' +self_link: 'projects/{{project}}/locations/{{region}}/appGateways/{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/appGateways?app_gateway_id={{name}}' # This resources is not updatable immutable: true -schema_version: 1 -state_upgraders: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 20 + update_minutes: 20 delete_minutes: 20 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -autogen_async: true +custom_code: +schema_version: 1 +state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'beyondcorp_app_gateway_basic' + - name: 'beyondcorp_app_gateway_basic' primary_resource_id: 'app_gateway' - primary_resource_name: - 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' vars: app_gateway_name: 'my-app-gateway' - - !ruby/object:Provider::Terraform::Examples - name: 'beyondcorp_app_gateway_full' + - name: 'beyondcorp_app_gateway_full' primary_resource_id: 'app_gateway' - primary_resource_name: - 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' vars: app_gateway_name: 'my-app-gateway' display_name: 'some display name' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | ID of the AppGateway. url_param_only: true - - !ruby/object:Api::Type::String - name: 'region' + required: true + immutable: true + - name: 'region' + type: String description: | The region of the AppGateway. - immutable: true url_param_only: true - - !ruby/object:Api::Type::Enum - name: 'type' + immutable: true + - name: 'type' + type: Enum description: | The type of network connectivity used by the AppGateway. - values: - - :TYPE_UNSPECIFIED - - :TCP_PROXY - default_value: :TYPE_UNSPECIFIED - - !ruby/object:Api::Type::Enum - name: 'hostType' + default_value: "TYPE_UNSPECIFIED" + enum_values: + - 'TYPE_UNSPECIFIED' + - 'TCP_PROXY' + - name: 'hostType' + type: Enum description: | The type of hosting used by the AppGateway. - values: - - :HOST_TYPE_UNSPECIFIED - - :GCP_REGIONAL_MIG - default_value: :HOST_TYPE_UNSPECIFIED - - !ruby/object:Api::Type::String - name: 'displayName' + default_value: "HOST_TYPE_UNSPECIFIED" + enum_values: + - 'HOST_TYPE_UNSPECIFIED' + - 'GCP_REGIONAL_MIG' + - name: 'displayName' + type: String description: | An arbitrary user-provided name for the AppGateway. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Resource labels to represent user provided metadata. - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + - name: 'state' + type: Enum description: | Represents the different states of a AppGateway. - values: - - :STATE_UNSPECIFIED - - :CREATING - - :CREATED - - :UPDATING - - :DELETING - - :DOWN - - !ruby/object:Api::Type::String - name: 'uri' output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'CREATING' + - 'CREATED' + - 'UPDATING' + - 'DELETING' + - 'DOWN' + - name: 'uri' + type: String description: | Server-defined URI for this resource. - - !ruby/object:Api::Type::NestedObject - name: 'allocatedConnections' + output: true + - name: 'allocatedConnections' + type: NestedObject description: | A list of connections allocated for the Gateway. output: true properties: - - !ruby/object:Api::Type::String - name: 'pscUri' + - name: 'pscUri' + type: String description: | The PSC uri of an allocated connection. - - !ruby/object:Api::Type::Integer - name: 'ingressPort' + - name: 'ingressPort' + type: Integer description: | The ingress port of an allocated connection. diff --git a/mmv1/products/beyondcorp/go_AppConnection.yaml b/mmv1/products/beyondcorp/go_AppConnection.yaml deleted file mode 100644 index 287bed2319fa..000000000000 --- a/mmv1/products/beyondcorp/go_AppConnection.yaml +++ /dev/null @@ -1,150 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AppConnection' -description: - "A BeyondCorp AppConnection resource represents a BeyondCorp protected - AppConnection to a remote application.\nIt creates all the necessary GCP - components needed for creating a BeyondCorp protected AppConnection. - \nMultiple connectors can be authorised for a single AppConnection.\n" -references: - guides: - 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' - api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnections' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/appConnections' -self_link: 'projects/{{project}}/locations/{{region}}/appConnections/{{name}}' -create_url: 'projects/{{project}}/locations/{{region}}/appConnections?app_connection_id={{name}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 30 - update_minutes: 30 - delete_minutes: 30 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 30 - update_minutes: 30 - delete_minutes: 30 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'beyondcorp_app_connection_basic' - primary_resource_id: 'app_connection' - primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' - vars: - account_id: 'my-account' - app_connector_name: 'my-app-connector' - app_connection_name: 'my-app-connection' - - name: 'beyondcorp_app_connection_full' - primary_resource_id: 'app_connection' - primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connection%s", context["random_suffix"])' - vars: - account_id: 'my-account' - app_gateway_name: 'my-app-gateway' - app_connector_name: 'my-app-connector' - app_connection_name: 'my-app-connection' - display_name: 'some display name' -parameters: -properties: - - name: 'name' - type: String - description: | - ID of the AppConnection. - url_param_only: true - required: true - immutable: true - - name: 'region' - type: String - description: | - The region of the AppConnection. - url_param_only: true - immutable: true - - name: 'displayName' - type: String - description: | - An arbitrary user-provided name for the AppConnection. - - name: 'labels' - type: KeyValueLabels - description: | - Resource labels to represent user provided metadata. - - name: 'type' - type: String - description: | - The type of network connectivity used by the AppConnection. Refer - to https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#type - for a list of possible values. - immutable: true - - name: 'applicationEndpoint' - type: NestedObject - description: | - Address of the remote application endpoint for the BeyondCorp AppConnection. - required: true - properties: - - name: 'host' - type: String - description: | - Hostname or IP address of the remote application endpoint. - required: true - - name: 'port' - type: Integer - description: | - Port of the remote application endpoint. - required: true - - name: 'connectors' - type: Array - description: | - List of AppConnectors that are authorised to be associated with this AppConnection - item_type: - type: String - - name: 'gateway' - type: NestedObject - description: | - Gateway used by the AppConnection. - default_from_api: true - properties: - - name: 'appGateway' - type: String - description: | - AppGateway name in following format: projects/{project_id}/locations/{locationId}/appgateways/{gateway_id}. - required: true - - name: 'type' - type: String - description: | - The type of hosting used by the gateway. Refer to - https://cloud.google.com/beyondcorp/docs/reference/rest/v1/projects.locations.appConnections#Type_1 - for a list of possible values. - - name: 'uri' - type: String - description: | - Server-defined URI for this resource. - output: true - - name: 'ingressPort' - type: Integer - description: | - Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443. - output: true diff --git a/mmv1/products/beyondcorp/go_AppConnector.yaml b/mmv1/products/beyondcorp/go_AppConnector.yaml deleted file mode 100644 index 1e322033d474..000000000000 --- a/mmv1/products/beyondcorp/go_AppConnector.yaml +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AppConnector' -description: - "A BeyondCorp AppConnector resource represents an application facing component - deployed proximal to \nand with direct access to the application instances. It - is used to establish connectivity between the \nremote enterprise environment - and GCP. It initiates connections to the applications and can proxy the \ndata - from users over the connection.\n" -references: - guides: - 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' - api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appconnectors' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/appConnectors' -self_link: 'projects/{{project}}/locations/{{region}}/appConnectors/{{name}}' -create_url: 'projects/{{project}}/locations/{{region}}/appConnectors?app_connector_id={{name}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'beyondcorp_app_connector_basic' - primary_resource_id: 'app_connector' - primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' - vars: - app_connector_name: 'my-app-connector' - account_id: 'my-account' - - name: 'beyondcorp_app_connector_full' - primary_resource_id: 'app_connector' - primary_resource_name: 'fmt.Sprintf("tf_test_my_app_connector%s", context["random_suffix"])' - vars: - app_connector_name: 'my-app-connector' - account_id: 'my-account' - display_name: 'some display name' -parameters: -properties: - - name: 'name' - type: String - description: | - ID of the AppConnector. - url_param_only: true - required: true - immutable: true - - name: 'region' - type: String - description: | - The region of the AppConnector. - url_param_only: true - immutable: true - - name: 'displayName' - type: String - description: | - An arbitrary user-provided name for the AppConnector. - - name: 'labels' - type: KeyValueLabels - description: | - Resource labels to represent user provided metadata. - - name: 'principalInfo' - type: NestedObject - description: | - Principal information about the Identity of the AppConnector. - required: true - properties: - - name: 'serviceAccount' - type: NestedObject - description: | - ServiceAccount represents a GCP service account. - required: true - properties: - - name: 'email' - type: String - description: | - Email address of the service account. - required: true - - name: 'state' - type: Enum - description: | - Represents the different states of a AppConnector. - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'CREATING' - - 'CREATED' - - 'UPDATING' - - 'DELETING' - - 'DOWN' diff --git a/mmv1/products/beyondcorp/go_AppGateway.yaml b/mmv1/products/beyondcorp/go_AppGateway.yaml deleted file mode 100644 index ce6b17482dd0..000000000000 --- a/mmv1/products/beyondcorp/go_AppGateway.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AppGateway' -description: "A BeyondCorp AppGateway resource represents a BeyondCorp protected - AppGateway to a remote application. It creates \nall the necessary GCP - components needed for creating a BeyondCorp protected AppGateway. Multiple - connectors can be \n\ - authorised for a single AppGateway.\n" -references: - guides: - 'Official Documentation': 'https://cloud.google.com/beyondcorp-enterprise/docs/enable-app-connector' - api: 'https://cloud.google.com/beyondcorp/docs/reference/rest#rest-resource:-v1.projects.locations.appgateways' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/appGateways' -self_link: 'projects/{{project}}/locations/{{region}}/appGateways/{{name}}' -create_url: 'projects/{{project}}/locations/{{region}}/appGateways?app_gateway_id={{name}}' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -schema_version: 1 -state_upgraders: true -examples: - - name: 'beyondcorp_app_gateway_basic' - primary_resource_id: 'app_gateway' - primary_resource_name: 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' - vars: - app_gateway_name: 'my-app-gateway' - - name: 'beyondcorp_app_gateway_full' - primary_resource_id: 'app_gateway' - primary_resource_name: 'fmt.Sprintf("tf_test_my_app_gateway%s", context["random_suffix"])' - vars: - app_gateway_name: 'my-app-gateway' - display_name: 'some display name' -parameters: -properties: - - name: 'name' - type: String - description: | - ID of the AppGateway. - url_param_only: true - required: true - immutable: true - - name: 'region' - type: String - description: | - The region of the AppGateway. - url_param_only: true - immutable: true - - name: 'type' - type: Enum - description: | - The type of network connectivity used by the AppGateway. - default_value: "TYPE_UNSPECIFIED" - enum_values: - - 'TYPE_UNSPECIFIED' - - 'TCP_PROXY' - - name: 'hostType' - type: Enum - description: | - The type of hosting used by the AppGateway. - default_value: "HOST_TYPE_UNSPECIFIED" - enum_values: - - 'HOST_TYPE_UNSPECIFIED' - - 'GCP_REGIONAL_MIG' - - name: 'displayName' - type: String - description: | - An arbitrary user-provided name for the AppGateway. - - name: 'labels' - type: KeyValueLabels - description: | - Resource labels to represent user provided metadata. - - name: 'state' - type: Enum - description: | - Represents the different states of a AppGateway. - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'CREATING' - - 'CREATED' - - 'UPDATING' - - 'DELETING' - - 'DOWN' - - name: 'uri' - type: String - description: | - Server-defined URI for this resource. - output: true - - name: 'allocatedConnections' - type: NestedObject - description: | - A list of connections allocated for the Gateway. - output: true - properties: - - name: 'pscUri' - type: String - description: | - The PSC uri of an allocated connection. - - name: 'ingressPort' - type: Integer - description: | - The ingress port of an allocated connection. diff --git a/mmv1/products/beyondcorp/go_product.yaml b/mmv1/products/beyondcorp/go_product.yaml deleted file mode 100644 index ff7a934c2034..000000000000 --- a/mmv1/products/beyondcorp/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Beyondcorp' -display_name: 'BeyondCorp' -versions: - - name: 'ga' - base_url: 'https://beyondcorp.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/beyondcorp/product.yaml b/mmv1/products/beyondcorp/product.yaml index 39be52f97c04..947673f83ca1 100644 --- a/mmv1/products/beyondcorp/product.yaml +++ b/mmv1/products/beyondcorp/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,12 +10,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Beyondcorp -display_name: BeyondCorp + +--- +name: 'Beyondcorp' +display_name: 'BeyondCorp' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://beyondcorp.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://beyondcorp.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/biglake/Catalog.yaml b/mmv1/products/biglake/Catalog.yaml index dda11a837712..4d14cc3cd65d 100644 --- a/mmv1/products/biglake/Catalog.yaml +++ b/mmv1/products/biglake/Catalog.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,67 +12,71 @@ # limitations under the License. --- -!ruby/object:Api::Resource -name: "Catalog" +name: 'Catalog' description: | Catalogs are top-level containers for Databases and Tables. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - "Manage open source metadata with BigLake Metastore": "https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_catalogs" - api: "https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs" -base_url: "projects/{{project}}/locations/{{location}}/catalogs" -self_link: "projects/{{project}}/locations/{{location}}/catalogs/{{name}}" + 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_catalogs' + api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/catalogs' +self_link: 'projects/{{project}}/locations/{{location}}/catalogs/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/catalogs?catalogId={{name}}' immutable: true -create_url: "projects/{{project}}/locations/{{location}}/catalogs?catalogId={{name}}" +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "bigquery_biglake_catalog" - primary_resource_id: "default" + - name: 'bigquery_biglake_catalog' + primary_resource_id: 'default' vars: - name: "my_catalog" + name: 'my_catalog' parameters: - - !ruby/object:Api::Type::String - name: "location" - required: true - immutable: true - url_param_only: true + - name: 'location' + type: String description: | The geographic location where the Catalog should reside. - - !ruby/object:Api::Type::String - name: "name" + url_param_only: true required: true immutable: true - url_param_only: true + - name: 'name' + type: String description: | The name of the Catalog. Format: projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId} + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: "createTime" - output: true + - name: 'createTime' + type: String description: | Output only. The creation time of the catalog. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - - !ruby/object:Api::Type::String - name: "updateTime" output: true + - name: 'updateTime' + type: String description: | Output only. The last modification time of the catalog. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - - !ruby/object:Api::Type::String - name: "deleteTime" output: true + - name: 'deleteTime' + type: String description: | Output only. The deletion time of the catalog. Only set after the catalog is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - - !ruby/object:Api::Type::String - name: "expireTime" output: true + - name: 'expireTime' + type: String description: | Output only. The time when this catalog is considered expired. Only set after the catalog is deleted. Only set after the catalog is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. + output: true diff --git a/mmv1/products/biglake/Database.yaml b/mmv1/products/biglake/Database.yaml index 6799ee8c4014..911f9f52a8c5 100644 --- a/mmv1/products/biglake/Database.yaml +++ b/mmv1/products/biglake/Database.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,95 +12,99 @@ # limitations under the License. --- -!ruby/object:Api::Resource -name: "Database" +name: 'Database' description: | Databases are containers of tables. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - "Manage open source metadata with BigLake Metastore": "https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_databases" - api: "https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases" -base_url: "{{catalog}}/databases" -self_link: "{{catalog}}/databases/{{name}}" -create_url: "{{catalog}}/databases?databaseId={{name}}" -id_format: "{{catalog}}/databases/{{name}}" -import_format: ["{{%catalog}}/databases/{{name}}"] + 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_databases' + api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases' +docs: +id_format: '{{catalog}}/databases/{{name}}' +base_url: '{{catalog}}/databases' +self_link: '{{catalog}}/databases/{{name}}' +create_url: '{{catalog}}/databases?databaseId={{name}}' +update_verb: 'PATCH' update_mask: true -update_verb: :PATCH +import_format: + - '{{%catalog}}/databases/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "biglake_database" - primary_resource_id: "database" + - name: 'biglake_database' + primary_resource_id: 'database' vars: - name: "my_database" - catalog_id: "my_catalog" - bucket_id: "my_bucket" + name: 'my_database' + catalog_id: 'my_catalog' + bucket_id: 'my_bucket' parameters: - - !ruby/object:Api::Type::String - name: "catalog" - required: true - immutable: true - url_param_only: true + - name: 'catalog' + type: String description: | The parent catalog. - - !ruby/object:Api::Type::String - name: "name" + url_param_only: true required: true immutable: true - url_param_only: true + - name: 'name' + type: String description: | The name of the database. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: "createTime" + - name: 'createTime' + type: String description: | Output only. The creation time of the database. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "updateTime" + - name: 'updateTime' + type: String description: | Output only. The last modification time of the database. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "deleteTime" + - name: 'deleteTime' + type: String description: | Output only. The deletion time of the database. Only set after the database is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "expireTime" + - name: 'expireTime' + type: String description: | Output only. The time when this database is considered expired. Only set after the database is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - - !ruby/object:Api::Type::String - name: "type" - required: true + - name: 'type' + type: String description: | The database type. - - !ruby/object:Api::Type::NestedObject - name: "hiveOptions" required: true + - name: 'hiveOptions' + type: NestedObject description: | Options of a Hive database. + required: true properties: - - !ruby/object:Api::Type::String - name: "locationUri" + - name: 'locationUri' + type: String description: | Cloud Storage folder URI where the database data is stored, starting with "gs://". - - !ruby/object:Api::Type::KeyValuePairs - name: "parameters" + - name: 'parameters' + type: KeyValuePairs description: | Stores user supplied Hive database parameters. An object containing a list of"key": value pairs. diff --git a/mmv1/products/biglake/Table.yaml b/mmv1/products/biglake/Table.yaml index c30733a322b4..cd8376bddf49 100644 --- a/mmv1/products/biglake/Table.yaml +++ b/mmv1/products/biglake/Table.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,123 +12,126 @@ # limitations under the License. --- -!ruby/object:Api::Resource -name: "Table" +name: 'Table' description: | Represents a table. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - "Manage open source metadata with BigLake Metastore": "https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_tables" - api: "https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases.tables" -base_url: "{{database}}/tables" -self_link: "{{database}}/tables/{{name}}" -create_url: "{{database}}/tables?tableId={{name}}" -id_format: "{{database}}/tables/{{name}}" -import_format: ["{{%database}}/tables/{{name}}"] -update_verb: :PATCH + 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_tables' + api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases.tables' +docs: +id_format: '{{database}}/tables/{{name}}' +base_url: '{{database}}/tables' +self_link: '{{database}}/tables/{{name}}' +create_url: '{{database}}/tables?tableId={{name}}' +update_verb: 'PATCH' update_mask: true +import_format: + - '{{%database}}/tables/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "biglake_table" - primary_resource_id: "table" + - name: 'biglake_table' + primary_resource_id: 'table' vars: - name: "my_table" - catalog: "my_catalog" - database: "my_database" - bucket: "my_bucket" - + name: 'my_table' + catalog: 'my_catalog' + database: 'my_database' + bucket: 'my_bucket' parameters: - - !ruby/object:Api::Type::String - name: "name" - required: true - immutable: true - url_param_only: true + - name: 'name' + type: String description: | Output only. The name of the Table. Format: projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId}/databases/{databaseId}/tables/{tableId} - - !ruby/object:Api::Type::String - name: "database" - immutable: true url_param_only: true + required: true + immutable: true + - name: 'database' + type: String description: | The id of the parent database. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: "createTime" + - name: 'createTime' + type: String description: | Output only. The creation time of the table. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "updateTime" + - name: 'updateTime' + type: String description: | Output only. The last modification time of the table. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "deleteTime" + - name: 'deleteTime' + type: String description: | Output only. The deletion time of the table. Only set after the table is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "expireTime" + - name: 'expireTime' + type: String description: | Output only. The time when this table is considered expired. Only set after the table is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: "etag" + - name: 'etag' + type: String description: | The checksum of a table object computed by the server based on the value of other fields. It may be sent on update requests to ensure the client has an up-to-date value before proceeding. It is only checked for update table operations. output: true - - - !ruby/object:Api::Type::Enum - name: "type" + - name: 'type' + type: Enum description: | The database type. - values: - - :HIVE - - !ruby/object:Api::Type::NestedObject - name: "hiveOptions" + enum_values: + - 'HIVE' + - name: 'hiveOptions' + type: NestedObject description: | Options of a Hive table. properties: - - !ruby/object:Api::Type::KeyValuePairs - name: "parameters" + - name: 'parameters' + type: KeyValuePairs description: | Stores user supplied Hive table parameters. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::String - name: "tableType" + - name: 'tableType' + type: String description: | Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE. - - !ruby/object:Api::Type::NestedObject - name: "storageDescriptor" + - name: 'storageDescriptor' + type: NestedObject description: | Stores physical storage information on the data. properties: - - !ruby/object:Api::Type::String - name: "locationUri" + - name: 'locationUri' + type: String description: | Cloud Storage folder URI where the table data is stored, starting with "gs://". - - !ruby/object:Api::Type::String - name: "inputFormat" + - name: 'inputFormat' + type: String description: | The fully qualified Java class name of the input format. - - !ruby/object:Api::Type::String - name: "outputFormat" + - name: 'outputFormat' + type: String description: | The fully qualified Java class name of the output format. diff --git a/mmv1/products/biglake/go_Catalog.yaml b/mmv1/products/biglake/go_Catalog.yaml deleted file mode 100644 index de624f1fa61d..000000000000 --- a/mmv1/products/biglake/go_Catalog.yaml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Catalog' -description: | - Catalogs are top-level containers for Databases and Tables. -references: - guides: - 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_catalogs' - api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/catalogs' -self_link: 'projects/{{project}}/locations/{{location}}/catalogs/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/catalogs?catalogId={{name}}' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'bigquery_biglake_catalog' - primary_resource_id: 'default' - vars: - name: 'my_catalog' -parameters: - - name: 'location' - type: String - description: | - The geographic location where the Catalog should reside. - url_param_only: true - required: true - immutable: true - - name: 'name' - type: String - description: | - The name of the Catalog. Format: - projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId} - url_param_only: true - required: true - immutable: true -properties: - - name: 'createTime' - type: String - description: | - Output only. The creation time of the catalog. A timestamp in RFC3339 UTC - "Zulu" format, with nanosecond resolution and up to nine fractional - digits. - output: true - - name: 'updateTime' - type: String - description: | - Output only. The last modification time of the catalog. A timestamp in - RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine - fractional digits. - output: true - - name: 'deleteTime' - type: String - description: | - Output only. The deletion time of the catalog. Only set after the catalog - is deleted. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond - resolution and up to nine fractional digits. - output: true - - name: 'expireTime' - type: String - description: | - Output only. The time when this catalog is considered expired. Only set - after the catalog is deleted. Only set after the catalog is deleted. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and - up to nine fractional digits. - output: true diff --git a/mmv1/products/biglake/go_Database.yaml b/mmv1/products/biglake/go_Database.yaml deleted file mode 100644 index a7d294804377..000000000000 --- a/mmv1/products/biglake/go_Database.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Database' -description: | - Databases are containers of tables. -references: - guides: - 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_databases' - api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases' -docs: -id_format: '{{catalog}}/databases/{{name}}' -base_url: '{{catalog}}/databases' -self_link: '{{catalog}}/databases/{{name}}' -create_url: '{{catalog}}/databases?databaseId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{%catalog}}/databases/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'biglake_database' - primary_resource_id: 'database' - vars: - name: 'my_database' - catalog_id: 'my_catalog' - bucket_id: 'my_bucket' -parameters: - - name: 'catalog' - type: String - description: | - The parent catalog. - url_param_only: true - required: true - immutable: true - - name: 'name' - type: String - description: | - The name of the database. - url_param_only: true - required: true - immutable: true -properties: - - name: 'createTime' - type: String - description: | - Output only. The creation time of the database. A timestamp in RFC3339 - UTC "Zulu" format, with nanosecond resolution and up to nine fractional - digits. Examples: "2014-10-02T15:01:23Z" and - "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: String - description: | - Output only. The last modification time of the database. A timestamp in - RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine - fractional digits. Examples: "2014-10-02T15:01:23Z" and - "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'deleteTime' - type: String - description: | - Output only. The deletion time of the database. Only set after the - database is deleted. A timestamp in RFC3339 UTC "Zulu" format, with - nanosecond resolution and up to nine fractional digits. Examples: - "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'expireTime' - type: String - description: | - Output only. The time when this database is considered expired. Only set - after the database is deleted. A timestamp in RFC3339 UTC "Zulu" format, - with nanosecond resolution and up to nine fractional digits. Examples: - "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'type' - type: String - description: | - The database type. - required: true - - name: 'hiveOptions' - type: NestedObject - description: | - Options of a Hive database. - required: true - properties: - - name: 'locationUri' - type: String - description: | - Cloud Storage folder URI where the database data is stored, starting with "gs://". - - name: 'parameters' - type: KeyValuePairs - description: | - Stores user supplied Hive database parameters. An object containing a - list of"key": value pairs. - Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. diff --git a/mmv1/products/biglake/go_Table.yaml b/mmv1/products/biglake/go_Table.yaml deleted file mode 100644 index e7d6f241501d..000000000000 --- a/mmv1/products/biglake/go_Table.yaml +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Table' -description: | - Represents a table. -references: - guides: - 'Manage open source metadata with BigLake Metastore': 'https://cloud.google.com/bigquery/docs/manage-open-source-metadata#create_tables' - api: 'https://cloud.google.com/bigquery/docs/reference/biglake/rest/v1/projects.locations.catalogs.databases.tables' -docs: -id_format: '{{database}}/tables/{{name}}' -base_url: '{{database}}/tables' -self_link: '{{database}}/tables/{{name}}' -create_url: '{{database}}/tables?tableId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{%database}}/tables/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'biglake_table' - primary_resource_id: 'table' - vars: - name: 'my_table' - catalog: 'my_catalog' - database: 'my_database' - bucket: 'my_bucket' -parameters: - - name: 'name' - type: String - description: | - Output only. The name of the Table. Format: - projects/{project_id_or_number}/locations/{locationId}/catalogs/{catalogId}/databases/{databaseId}/tables/{tableId} - url_param_only: true - required: true - immutable: true - - name: 'database' - type: String - description: | - The id of the parent database. - url_param_only: true - immutable: true -properties: - - name: 'createTime' - type: String - description: | - Output only. The creation time of the table. A timestamp in RFC3339 UTC - "Zulu" format, with nanosecond resolution and up to nine fractional - digits. Examples: "2014-10-02T15:01:23Z" and - "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: String - description: | - Output only. The last modification time of the table. A timestamp in - RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine - fractional digits. Examples: "2014-10-02T15:01:23Z" and - "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'deleteTime' - type: String - description: | - Output only. The deletion time of the table. Only set after the - table is deleted. A timestamp in RFC3339 UTC "Zulu" format, with - nanosecond resolution and up to nine fractional digits. Examples: - "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'expireTime' - type: String - description: | - Output only. The time when this table is considered expired. Only set - after the table is deleted. A timestamp in RFC3339 UTC "Zulu" format, - with nanosecond resolution and up to nine fractional digits. Examples: - "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'etag' - type: String - description: | - The checksum of a table object computed by the server based on the value - of other fields. It may be sent on update requests to ensure the client - has an up-to-date value before proceeding. It is only checked for update - table operations. - output: true - - name: 'type' - type: Enum - description: | - The database type. - enum_values: - - 'HIVE' - - name: 'hiveOptions' - type: NestedObject - description: | - Options of a Hive table. - properties: - - name: 'parameters' - type: KeyValuePairs - description: | - Stores user supplied Hive table parameters. An object containing a - list of "key": value pairs. - Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - name: 'tableType' - type: String - description: | - Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE. - - name: 'storageDescriptor' - type: NestedObject - description: | - Stores physical storage information on the data. - properties: - - name: 'locationUri' - type: String - description: | - Cloud Storage folder URI where the table data is stored, starting with "gs://". - - name: 'inputFormat' - type: String - description: | - The fully qualified Java class name of the input format. - - name: 'outputFormat' - type: String - description: | - The fully qualified Java class name of the output format. diff --git a/mmv1/products/biglake/go_product.yaml b/mmv1/products/biglake/go_product.yaml deleted file mode 100644 index d60030540160..000000000000 --- a/mmv1/products/biglake/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Biglake' -display_name: 'Biglake' -versions: - - name: 'ga' - base_url: 'https://biglake.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/biglake/product.yaml b/mmv1/products/biglake/product.yaml index 93e6ec3f96a2..ace0ecd93f81 100644 --- a/mmv1/products/biglake/product.yaml +++ b/mmv1/products/biglake/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,12 +12,10 @@ # limitations under the License. --- -!ruby/object:Api::Product -name: Biglake -display_name: Biglake +name: 'Biglake' +display_name: 'Biglake' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://biglake.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://biglake.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/bigquery + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigquery/Dataset.yaml b/mmv1/products/bigquery/Dataset.yaml index ac93725eb90b..35597b1f2913 100644 --- a/mmv1/products/bigquery/Dataset.yaml +++ b/mmv1/products/bigquery/Dataset.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,163 +11,159 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Dataset' kind: 'bigquery#dataset' -base_url: projects/{{project}}/datasets -self_link: projects/{{project}}/datasets/{{dataset_id}} -has_self_link: true description: | Datasets allow you to organize and control access to your tables. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Datasets Intro': 'https://cloud.google.com/bigquery/docs/datasets-intro' api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' -import_format: ['projects/{{project}}/datasets/{{dataset_id}}'] -delete_url: projects/{{project}}/datasets/{{dataset_id}}?deleteContents={{delete_contents_on_destroy}} -skip_sweeper: true +docs: + warning: | + You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. + The API does accept both formats but it will always return the legacy format which results in Terraform + showing permanent diff on each plan and apply operation. +base_url: 'projects/{{project}}/datasets' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}' +has_self_link: true +delete_url: 'projects/{{project}}/datasets/{{dataset_id}}?deleteContents={{delete_contents_on_destroy}}' +import_format: + - 'projects/{{project}}/datasets/{{dataset_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/bigquery_dataset.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_basic' + - name: 'bigquery_dataset_basic' primary_resource_id: 'dataset' vars: dataset_id: 'example_dataset' account_name: 'bqowner' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_with_max_time_travel_hours' + - name: 'bigquery_dataset_with_max_time_travel_hours' primary_resource_id: 'dataset' - skip_docs: true vars: dataset_id: 'example_dataset' account_name: 'bqowner' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_cmek' - skip_test: true + exclude_docs: true + - name: 'bigquery_dataset_cmek' primary_resource_id: 'dataset' vars: dataset_id: 'example_dataset' key_name: 'example-key' keyring_name: 'example-keyring' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_authorized_dataset' + exclude_test: true + - name: 'bigquery_dataset_authorized_dataset' primary_resource_id: 'dataset' vars: private: 'private' public: 'public' account_name: 'bqowner' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_authorized_routine' + - name: 'bigquery_dataset_authorized_routine' primary_resource_id: 'private' vars: private_dataset: 'private_dataset' public_dataset: 'public_dataset' public_routine: 'public_routine' test_env_vars: - service_account: :SERVICE_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_case_insensitive_names' + service_account: 'SERVICE_ACCT' + - name: 'bigquery_dataset_case_insensitive_names' primary_resource_id: 'dataset' - skip_docs: true vars: dataset_id: 'example_dataset' account_name: 'bqowner' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_default_collation_set' + exclude_docs: true + - name: 'bigquery_dataset_default_collation_set' primary_resource_id: 'dataset' - skip_docs: true vars: dataset_id: 'example_dataset' account_name: 'bqowner' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_external_reference_aws_test' + exclude_docs: true + - name: 'bigquery_dataset_external_reference_aws_test' primary_resource_id: 'dataset' - skip_docs: true vars: dataset_id: 'example_dataset' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_external_reference_aws' + exclude_docs: true + - name: 'bigquery_dataset_external_reference_aws' primary_resource_id: 'dataset' - skip_test: true vars: dataset_id: 'example_dataset' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_resource_tags' + exclude_test: true + - name: 'bigquery_dataset_resource_tags' primary_resource_id: 'dataset' - primary_resource_name: - 'fmt.Sprintf("tf_test_dataset%s", context["random_suffix"])' - skip_docs: true + primary_resource_name: 'fmt.Sprintf("tf_test_dataset%s", context["random_suffix"])' vars: dataset_id: 'dataset' tag_key1: 'tag_key1' tag_value1: 'tag_value1' tag_key2: 'tag_key2' tag_value2: 'tag_value2' + exclude_docs: true virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'delete_contents_on_destroy' - default_value: false + - name: 'delete_contents_on_destroy' description: | If set to `true`, delete all the tables in the dataset when destroying the resource; otherwise, destroying the resource will fail if tables are present. -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/bigquery_dataset.go.erb -docs: !ruby/object:Provider::Terraform::Docs - warning: | - You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. - The API does accept both formats but it will always return the legacy format which results in Terraform - showing permanent diff on each plan and apply operation. + type: Boolean + default_value: false +parameters: properties: - - !ruby/object:Api::Type::String - name: 'maxTimeTravelHours' + - name: 'maxTimeTravelHours' + type: String description: 'Defines the time travel window in hours. The value can be from 48 to 168 hours (2 to 7 days).' default_from_api: true - - !ruby/object:Api::Type::Array - name: 'access' + - name: 'access' + type: Array description: 'An array of objects that define dataset access for one or more entities.' - default_from_api: true is_set: true - item_type: !ruby/object:Api::Type::NestedObject + default_from_api: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'domain' + - name: 'domain' + type: String description: | A domain to grant access to. Any users signed in with the domain specified will be granted the specified access - - !ruby/object:Api::Type::String - name: 'groupByEmail' + - name: 'groupByEmail' + type: String description: An email address of a Google Group to grant access to. - - !ruby/object:Api::Type::String - name: 'role' + - name: 'role' + type: String description: | Describes the rights granted to the user specified by the other member of the access object. Basic, predefined, and custom roles are supported. Predefined roles that have equivalent basic roles are swapped by the API to their basic counterparts. See [official docs](https://cloud.google.com/bigquery/docs/access-control). - - !ruby/object:Api::Type::String - name: 'specialGroup' + - name: 'specialGroup' + type: String description: | A special group to grant access to. Possible values include: * `projectOwners`: Owners of the enclosing project. * `projectReaders`: Readers of the enclosing project. * `projectWriters`: Writers of the enclosing project. * `allAuthenticatedUsers`: All authenticated BigQuery users. - - !ruby/object:Api::Type::String - name: 'iamMember' + - name: 'iamMember' + type: String description: | Some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group. For example: `allUsers` - - !ruby/object:Api::Type::String - name: 'userByEmail' + - name: 'userByEmail' + type: String description: | An email address of a user to grant access to. For example: fred@example.com - - !ruby/object:Api::Type::NestedObject - name: 'view' + - name: 'view' + type: NestedObject description: | A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in @@ -175,49 +171,50 @@ properties: set. If that view is updated by any user, access to the view needs to be granted again via an update operation. properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table. required: true - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table. required: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true - - !ruby/object:Api::Type::NestedObject - name: 'dataset' + - name: 'dataset' + type: NestedObject description: | Grants all resources of particular types in a particular dataset read access to the current dataset. properties: - - !ruby/object:Api::Type::NestedObject - name: 'dataset' - required: true + - name: 'dataset' + type: NestedObject description: | The dataset this entry applies to + required: true properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table. required: true - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table. required: true - - !ruby/object:Api::Type::Array - name: 'targetTypes' + - name: 'targetTypes' + type: Array description: | Which resources in the dataset this entry applies to. Currently, only views are supported, but additional target types may be added in the future. Possible values: VIEWS - item_type: Api::Type::String required: true - - !ruby/object:Api::Type::NestedObject - name: 'routine' + item_type: + type: String + - name: 'routine' + type: NestedObject description: | A routine from a different dataset to grant access to. Queries executed against that routine will have read access to tables in @@ -225,46 +222,46 @@ properties: set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation. properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table. required: true - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table. required: true - - !ruby/object:Api::Type::String - name: 'routineId' + - name: 'routineId' + type: String description: | The ID of the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters. required: true - - !ruby/object:Api::Type::Integer - name: 'creationTime' - output: true + - name: 'creationTime' + type: Integer description: | The time when this dataset was created, in milliseconds since the epoch. - - !ruby/object:Api::Type::NestedObject - name: 'datasetReference' + output: true + - name: 'datasetReference' + type: NestedObject description: 'A reference that identifies the dataset.' required: true immutable: true flatten_object: true properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: | A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validateDatasetId' - - !ruby/object:Api::Type::Integer - name: 'defaultTableExpirationMs' + - name: 'defaultTableExpirationMs' + type: Integer description: | The default lifetime of all tables in the dataset, in milliseconds. The minimum value is 3600000 milliseconds (one hour). @@ -277,10 +274,10 @@ properties: table expires, or if you provide an explicit `expirationTime` when creating a table, that value takes precedence over the default expiration time indicated by this property. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validateDefaultTableExpirationMs' - - !ruby/object:Api::Type::Integer - name: 'defaultPartitionExpirationMs' + - name: 'defaultPartitionExpirationMs' + type: Integer description: | The default partition expiration for all partitioned tables in the dataset, in milliseconds. @@ -295,50 +292,50 @@ properties: table. If you provide an explicit `timePartitioning.expirationMs` when creating or updating a partitioned table, that value takes precedence over the default partition expiration time indicated by this property. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: A user-friendly description of the dataset - - !ruby/object:Api::Type::String - name: 'etag' + - name: 'etag' + type: String description: | A hash of the resource. output: true - - !ruby/object:Api::Type::NestedObject - name: 'externalDatasetReference' + - name: 'externalDatasetReference' + type: NestedObject description: | Information about the external metadata storage where the dataset is defined. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'externalSource' + - name: 'externalSource' + type: String description: | External source that backs this dataset. required: true immutable: true - - !ruby/object:Api::Type::String - name: 'connection' + - name: 'connection' + type: String description: | The connection id that is used to access the externalSource. Format: projects/{projectId}/locations/{locationId}/connections/{connectionId} required: true immutable: true - - !ruby/object:Api::Type::String - name: 'friendlyName' + - name: 'friendlyName' + type: String description: A descriptive name for the dataset send_empty_value: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | The labels associated with this dataset. You can use these to organize and group your datasets. - - !ruby/object:Api::Type::Integer - name: 'lastModifiedTime' + - name: 'lastModifiedTime' + type: Integer description: | The date when this dataset or any of its tables was last modified, in milliseconds since the epoch. output: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The geographic location where the dataset should reside. See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). @@ -348,33 +345,33 @@ properties: contains at least two geographic places. The default value is multi-regional location `US`. Changing this forces a new resource to be created. - default_value: US immutable: true - custom_flatten: templates/terraform/custom_flatten/bigquery_dataset_location.go.erb diff_suppress_func: 'tpgresource.CaseDiffSuppress' - - !ruby/object:Api::Type::NestedObject - name: 'defaultEncryptionConfiguration' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_dataset_location.go.tmpl' + default_value: "US" + - name: 'defaultEncryptionConfiguration' + type: NestedObject description: | The default encryption key for all tables in the dataset. Once this property is set, all newly-created partitioned tables in the dataset will have encryption key set to this value, unless table creation request (or query) overrides the key. properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' - required: true + - name: 'kmsKeyName' + type: String description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. - - !ruby/object:Api::Type::Boolean - name: 'isCaseInsensitive' + required: true + - name: 'isCaseInsensitive' + type: Boolean description: | TRUE if the dataset and its table names are case-insensitive, otherwise FALSE. By default, this is FALSE, which means the dataset and its table names are case-sensitive. This field does not affect routine references. default_from_api: true - - !ruby/object:Api::Type::String - name: 'defaultCollation' + - name: 'defaultCollation' + type: String description: | Defines the default collation specification of future tables created in the dataset. If a table is created in this dataset without table-level @@ -387,8 +384,8 @@ properties: - 'und:ci': undetermined locale, case insensitive. - '': empty string. Default to case-sensitive behavior. default_from_api: true - - !ruby/object:Api::Type::String - name: 'storageBillingModel' + - name: 'storageBillingModel' + type: String description: | Specifies the storage billing model for the dataset. Set this flag value to LOGICAL to use logical bytes for storage billing, @@ -396,8 +393,8 @@ properties: LOGICAL is the default if this flag isn't specified. default_from_api: true - - !ruby/object:Api::Type::KeyValuePairs - name: 'resourceTags' + - name: 'resourceTags' + type: KeyValuePairs description: | The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for example "123456789012/environment" where 123456789012 is the diff --git a/mmv1/products/bigquery/DatasetAccess.yaml b/mmv1/products/bigquery/DatasetAccess.yaml index 840c4dafd4b4..8f1437ae9225 100644 --- a/mmv1/products/bigquery/DatasetAccess.yaml +++ b/mmv1/products/bigquery/DatasetAccess.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,27 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DatasetAccess' -immutable: true -base_url: projects/{{project}}/datasets/{{dataset_id}} -self_link: projects/{{project}}/datasets/{{dataset_id}} -create_verb: :PATCH -delete_verb: :PATCH -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - access - modify_by_patch: true -identity: - - role - - userByEmail - - groupByEmail - - domain - - specialGroup - - iamMember - - view - - dataset - - routine description: | Gives dataset access for a single entity. This resource is intended to be used in cases where it is not possible to compile a full list of access blocks to include in a @@ -41,67 +22,93 @@ description: | dataset resource must either have no defined `access` blocks or a `lifecycle` block with `ignore_changes = [access]` so they don't fight over which accesses should be on the dataset. Additionally, both resource cannot be modified in the same apply. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Controlling access to datasets': 'https://cloud.google.com/bigquery/docs/dataset-access-controls' api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' +docs: + warning: | + You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. + The API does accept both formats but it will always return the legacy format which results in Terraform + showing permanent diff on each plan and apply operation. +base_url: 'projects/{{project}}/datasets/{{dataset_id}}' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}' +create_verb: 'PATCH' +delete_verb: 'PATCH' +immutable: true +mutex: '{{dataset_id}}' exclude_import: true -skip_sweeper: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +identity: + - role + - userByEmail + - groupByEmail + - domain + - specialGroup + - iamMember + - view + - dataset + - routine +nested_query: + keys: + - access + is_list_of_ids: false + modify_by_patch: true +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/bigquery_dataset_access.go.tmpl' + constants: 'templates/terraform/constants/bigquery_dataset_access.go.tmpl' + post_create: 'templates/terraform/post_create/bigquery_dataset_access.go.tmpl' exclude_tgc: true -error_retry_predicates: ['transport_tpg.IsBigqueryIAMQuotaError'] -mutex: '{{dataset_id}}' +exclude_sweeper: true +error_retry_predicates: + + - 'transport_tpg.IsBigqueryIAMQuotaError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_access_basic_user' - skip_test: true # not importable + - name: 'bigquery_dataset_access_basic_user' primary_resource_id: 'access' vars: dataset_id: 'example_dataset' account_name: 'bqowner' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_access_view' - skip_test: true # not importable + # not importable + exclude_test: true + - name: 'bigquery_dataset_access_view' primary_resource_id: 'access' vars: dataset_id: 'example_dataset' dataset_id2: 'example_dataset2' table_id: 'example_table' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_access_authorized_dataset' - skip_test: true # not importable + # not importable + exclude_test: true + - name: 'bigquery_dataset_access_authorized_dataset' primary_resource_id: 'access' vars: private: 'private' public: 'public' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_dataset_access_authorized_routine' - skip_test: true # not importable - primary_resource_type: 'google_bigquery_dataset_access' + # not importable + exclude_test: true + - name: 'bigquery_dataset_access_authorized_routine' primary_resource_id: 'authorized_routine' vars: private_dataset: 'private_dataset' public_dataset: 'public_dataset' public_routine: 'public_routine' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/bigquery_dataset_access.go.erb - post_create: templates/terraform/post_create/bigquery_dataset_access.go.erb - extra_schema_entry: templates/terraform/extra_schema_entry/bigquery_dataset_access.go.erb -docs: !ruby/object:Provider::Terraform::Docs - warning: | - You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. - The API does accept both formats but it will always return the legacy format which results in Terraform - showing permanent diff on each plan and apply operation. + # not importable + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: | A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true ignore_read: true - - !ruby/object:Api::Type::String - name: 'role' + - name: 'role' + type: String description: | Describes the rights granted to the user specified by the other member of the access object. Basic, predefined, and custom roles are @@ -110,54 +117,56 @@ properties: post-create. See [official docs](https://cloud.google.com/bigquery/docs/access-control). diff_suppress_func: 'resourceBigQueryDatasetAccessRoleDiffSuppress' - custom_expand: 'templates/terraform/custom_expand/bigquery_access_role.go.erb' - - !ruby/object:Api::Type::String - name: 'userByEmail' + custom_expand: 'templates/terraform/custom_expand/bigquery_access_role.go.tmpl' + - name: 'userByEmail' + type: String description: | An email address of a user to grant access to. For example: fred@example.com exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine - custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.erb' - diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress - - !ruby/object:Api::Type::String - name: 'groupByEmail' + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.tmpl' + custom_flatten: 'templates/terraform/custom_flatten/string_to_lower_case.go.tmpl' + - name: 'groupByEmail' + type: String description: An email address of a Google Group to grant access to. exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine - custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.erb' - diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress - - !ruby/object:Api::Type::String - name: 'domain' + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/string_to_lower_case.go.tmpl' + custom_flatten: 'templates/terraform/custom_flatten/string_to_lower_case.go.tmpl' + - name: 'domain' + type: String description: | A domain to grant access to. Any users signed in with the domain specified will be granted the specified access exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine - diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress - - !ruby/object:Api::Type::String - name: 'specialGroup' + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + - name: 'specialGroup' + type: String description: | A special group to grant access to. Possible values include: * `projectOwners`: Owners of the enclosing project. @@ -165,32 +174,32 @@ properties: * `projectWriters`: Writers of the enclosing project. * `allAuthenticatedUsers`: All authenticated BigQuery users. exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine - diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress - - !ruby/object:Api::Type::String - name: 'iamMember' + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + - name: 'iamMember' + type: String description: | Some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group. For example: `allUsers` exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine - diff_suppress_func: resourceBigQueryDatasetAccessIamMemberDiffSuppress - - !ruby/object:Api::Type::NestedObject - name: 'view' + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' + diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' + - name: 'view' + type: NestedObject description: | A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in @@ -198,67 +207,68 @@ properties: set. If that view is updated by any user, access to the view needs to be granted again via an update operation. exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table. required: true - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table. required: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. required: true - - !ruby/object:Api::Type::NestedObject - name: 'dataset' + - name: 'dataset' + type: NestedObject description: | Grants all resources of particular types in a particular dataset read access to the current dataset. exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' properties: - - !ruby/object:Api::Type::NestedObject - name: 'dataset' - required: true + - name: 'dataset' + type: NestedObject description: | The dataset this entry applies to + required: true properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table. required: true - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table. required: true - - !ruby/object:Api::Type::Array - name: 'targetTypes' + - name: 'targetTypes' + type: Array description: | Which resources in the dataset this entry applies to. Currently, only views are supported, but additional target types may be added in the future. Possible values: VIEWS - item_type: Api::Type::String required: true - - !ruby/object:Api::Type::NestedObject - name: 'routine' + item_type: + type: String + - name: 'routine' + type: NestedObject description: | A routine from a different dataset to grant access to. Queries executed against that routine will have read access to tables in @@ -266,25 +276,25 @@ properties: set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation. exactly_one_of: - - user_by_email - - group_by_email - - domain - - special_group - - iam_member - - view - - dataset - - routine + - 'user_by_email' + - 'group_by_email' + - 'domain' + - 'special_group' + - 'iam_member' + - 'view' + - 'dataset' + - 'routine' properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table. required: true - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table. required: true - - !ruby/object:Api::Type::String - name: 'routineId' + - name: 'routineId' + type: String description: | The ID of the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length diff --git a/mmv1/products/bigquery/Job.yaml b/mmv1/products/bigquery/Job.yaml index 04f5a5dff4f5..89637b3e9ffd 100644 --- a/mmv1/products/bigquery/Job.yaml +++ b/mmv1/products/bigquery/Job.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,36 +11,45 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Job' kind: 'bigquery#job' -base_url: projects/{{project}}/jobs -self_link: projects/{{project}}/jobs/{{job_id}}?location={{location}} -immutable: true -schema_version: 1 -state_upgraders: true description: | Jobs are actions that BigQuery runs on your behalf to load data, export data, query data, or copy data. Once a BigQuery job is created, it cannot be changed or deleted. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'BigQuery Jobs Intro': 'https://cloud.google.com/bigquery/docs/jobs-overview' api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs' +docs: +id_format: 'projects/{{project}}/jobs/{{job_id}}' +base_url: 'projects/{{project}}/jobs' +self_link: 'projects/{{project}}/jobs/{{job_id}}?location={{location}}' +exclude_delete: true +immutable: true import_format: - [ - 'projects/{{project}}/jobs/{{job_id}}/location/{{location}}', - 'projects/{{project}}/jobs/{{job_id}}', - '{{project}}/{{job_id}}', - '{{job_id}}', - ] -skip_delete: true -id_format: projects/{{project}}/jobs/{{job_id}} -async: !ruby/object:Provider::Terraform::PollAsync - check_response_func_existence: transport_tpg.PollCheckForExistence + - 'projects/{{project}}/jobs/{{job_id}}/location/{{location}}' + - 'projects/{{project}}/jobs/{{job_id}}' + - '{{project}}/{{job_id}}' + - '{{job_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistence' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 actions: ['create'] +custom_code: + constants: 'templates/terraform/constants/bigquery_job.go.tmpl' + encoder: 'templates/terraform/encoders/bigquery_job.go.tmpl' +schema_version: 1 +state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_query' + - name: 'bigquery_job_query' primary_resource_id: 'job' vars: job_id: 'job_query' @@ -48,8 +57,7 @@ examples: ignore_read_extra: - 'etag' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_query_table_reference' + - name: 'bigquery_job_query_table_reference' primary_resource_id: 'job' vars: job_id: 'job_query' @@ -59,35 +67,32 @@ examples: - 'query.0.default_dataset.0.dataset_id' - 'query.0.destination_table.0.table_id' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_load' + - name: 'bigquery_job_load' primary_resource_id: 'job' vars: job_id: 'job_load' ignore_read_extra: - 'etag' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_load_geojson' + - name: 'bigquery_job_load_geojson' primary_resource_id: 'job' vars: job_id: 'job_load' - bucket_name: 'bq-geojson' # Keep small(er) to avoid downstream acctest having too-long a bucket name + # Keep small(er) to avoid downstream acctest having too-long a bucket name + bucket_name: 'bq-geojson' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'etag' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_load_parquet' + - name: 'bigquery_job_load_parquet' primary_resource_id: 'job' vars: - job_id: "job_load" + job_id: 'job_load' ignore_read_extra: - 'etag' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_load_table_reference' + - name: 'bigquery_job_load_table_reference' primary_resource_id: 'job' vars: job_id: 'job_load' @@ -95,9 +100,9 @@ examples: - 'etag' - 'load.0.destination_table.0.table_id' - 'status.0.state' - skip_docs: true # there are a lot of examples for this resource, so omitting some that are similar to others - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_copy' + # there are a lot of examples for this resource, so omitting some that are similar to others + exclude_docs: true + - name: 'bigquery_job_copy' primary_resource_id: 'job' vars: job_id: 'job_copy' @@ -105,12 +110,11 @@ examples: key_name: 'example-key' keyring_name: 'example-keyring' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'etag' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_copy_table_reference' + - name: 'bigquery_job_copy_table_reference' primary_resource_id: 'job' vars: job_id: 'job_copy' @@ -118,16 +122,16 @@ examples: key_name: 'example-key' keyring_name: 'example-keyring' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'etag' - 'copy.0.destination_table.0.table_id' - 'copy.0.source_tables.0.table_id' - 'copy.0.source_tables.1.table_id' - 'status.0.state' - skip_docs: true # there are a lot of examples for this resource, so omitting some that are similar to others - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_extract' + # there are a lot of examples for this resource, so omitting some that are similar to others + exclude_docs: true + - name: 'bigquery_job_extract' primary_resource_id: 'job' vars: job_id: 'job_extract' @@ -135,8 +139,7 @@ examples: ignore_read_extra: - 'etag' - 'status.0.state' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_job_extract_table_reference' + - name: 'bigquery_job_extract_table_reference' primary_resource_id: 'job' vars: job_id: 'job_extract' @@ -145,109 +148,109 @@ examples: - 'etag' - 'extract.0.source_table.0.table_id' - 'status.0.state' - skip_docs: true # there are a lot of examples for this resource, so omitting some that are similar to others -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/bigquery_job.go - encoder: templates/terraform/encoders/bigquery_job.go.erb + # there are a lot of examples for this resource, so omitting some that are similar to others + exclude_docs: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'user_email' - output: true + - name: 'user_email' + type: String description: | Email address of the user who ran the job. - - !ruby/object:Api::Type::NestedObject - name: 'configuration' + output: true + - name: 'configuration' + type: NestedObject description: 'Describes the job configuration.' required: true flatten_object: true properties: - - !ruby/object:Api::Type::String - name: 'jobType' + - name: 'jobType' + type: String description: | The type of the job. output: true - - !ruby/object:Api::Type::String - name: 'jobTimeoutMs' + - name: 'jobTimeoutMs' + type: String description: | Job timeout in milliseconds. If this time limit is exceeded, BigQuery may attempt to terminate the job. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | The labels associated with this job. You can use these to organize and group your jobs. - - !ruby/object:Api::Type::NestedObject - name: 'query' + - name: 'query' + type: NestedObject description: 'Configures a query job.' exactly_one_of: - - configuration.0.query - - configuration.0.load - - configuration.0.copy - - configuration.0.extract + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' properties: - - !ruby/object:Api::Type::String - name: 'query' + - name: 'query' + type: String description: | SQL query text to execute. The useLegacySql field can be used to indicate whether the query uses legacy SQL or standard SQL. *NOTE*: queries containing [DML language](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) (`DELETE`, `UPDATE`, `MERGE`, `INSERT`) must specify `create_disposition = ""` and `write_disposition = ""`. required: true - - !ruby/object:Api::Type::NestedObject - name: 'destinationTable' + - name: 'destinationTable' + type: NestedObject description: | Describes the table where the query results should be stored. This property must be set for large results that exceed the maximum response size. For queries that produce anonymous (cached) results, this field will be populated by BigQuery. - custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_query_destinationtable.go.erb' default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_query_destinationtable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: 'The ID of the dataset containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Array - name: 'userDefinedFunctionResources' + - name: 'userDefinedFunctionResources' + type: Array description: | Describes user-defined function resources used in the query. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'resourceUri' + - name: 'resourceUri' + type: String # TODO (mbang): exactly_one_of: resourceUri, inlineCode description: 'A code resource to load from a Google Cloud Storage URI (gs://bucket/path).' - - !ruby/object:Api::Type::String - name: 'inlineCode' + - name: 'inlineCode' + type: String # TODO (mbang): exactly_one_of: resourceUri, inlineCode description: | An inline resource that contains code for a user-defined function (UDF). Providing a inline code resource is equivalent to providing a URI for a file containing the same code. - - !ruby/object:Api::Type::Enum - name: 'createDisposition' + - name: 'createDisposition' + type: Enum description: | Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. Creation, truncation and append actions occur as one atomic update upon job completion - default_value: :CREATE_IF_NEEDED - values: - - :CREATE_IF_NEEDED - - :CREATE_NEVER - - !ruby/object:Api::Type::Enum - name: 'writeDisposition' + default_value: "CREATE_IF_NEEDED" + enum_values: + - 'CREATE_IF_NEEDED' + - 'CREATE_NEVER' + - name: 'writeDisposition' + type: Enum description: | Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. @@ -255,78 +258,78 @@ properties: WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion. - default_value: :WRITE_EMPTY - values: - - :WRITE_TRUNCATE - - :WRITE_APPEND - - :WRITE_EMPTY - - !ruby/object:Api::Type::NestedObject - name: 'defaultDataset' + default_value: "WRITE_EMPTY" + enum_values: + - 'WRITE_TRUNCATE' + - 'WRITE_APPEND' + - 'WRITE_EMPTY' + - name: 'defaultDataset' + type: NestedObject description: | Specifies the default dataset to use for unqualified table names in the query. Note that this does not alter behavior of unqualified dataset names. - custom_expand: 'templates/terraform/custom_expand/bigquery_dataset_ref.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigquery_dataset_ref.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_dataset_ref.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigquery_dataset_ref.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: | The dataset. Can be specified `{{dataset_id}}` if `project_id` is also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'priority' + - name: 'priority' + type: Enum description: | Specifies a priority for the query. - default_value: :INTERACTIVE - values: - - :INTERACTIVE - - :BATCH - - !ruby/object:Api::Type::Boolean - name: 'allowLargeResults' + default_value: "INTERACTIVE" + enum_values: + - 'INTERACTIVE' + - 'BATCH' + - name: 'allowLargeResults' + type: Boolean description: | If true and query uses legacy SQL dialect, allows the query to produce arbitrarily large result tables at a slight cost in performance. Requires destinationTable to be set. For standard SQL queries, this flag is ignored and large results are always allowed. However, you must still set destinationTable when result size exceeds the allowed maximum response size. - - !ruby/object:Api::Type::Boolean - name: 'useQueryCache' + - name: 'useQueryCache' + type: Boolean description: | Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever tables in the query are modified. Moreover, the query cache is only available when a query does not have a destination table specified. The default value is true. default_value: true - - !ruby/object:Api::Type::Boolean - name: 'flattenResults' + - name: 'flattenResults' + type: Boolean description: | If true and query uses legacy SQL dialect, flattens all nested and repeated fields in the query results. allowLargeResults must be true if this is set to false. For standard SQL queries, this flag is ignored and results are never flattened. - - !ruby/object:Api::Type::Integer - name: 'maximumBillingTier' + - name: 'maximumBillingTier' + type: Integer description: | Limits the billing tier for this job. Queries that have resource usage beyond this tier will fail (without incurring a charge). If unspecified, this will be set to your project default. - - !ruby/object:Api::Type::String - name: 'maximumBytesBilled' + - name: 'maximumBytesBilled' + type: String description: | Limits the bytes billed for this job. Queries that will have bytes billed beyond this limit will fail (without incurring a charge). If unspecified, this will be set to your project default. - - !ruby/object:Api::Type::Boolean - name: 'useLegacySql' + - name: 'useLegacySql' + type: Boolean description: | Specifies whether to use BigQuery's legacy SQL dialect for this query. The default value is true. If set to false, the query will use BigQuery's standard SQL. send_empty_value: true - - !ruby/object:Api::Type::String - name: 'parameterMode' + - name: 'parameterMode' + type: String description: | Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query. - - !ruby/object:Api::Type::Array - name: 'schemaUpdateOptions' + - name: 'schemaUpdateOptions' + type: Array description: | Allows the schema of the destination table to be updated as a side effect of the query job. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; @@ -335,68 +338,69 @@ properties: One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'destinationEncryptionConfiguration' + item_type: + type: String + - name: 'destinationEncryptionConfiguration' + type: NestedObject description: | Custom encryption configuration (e.g., Cloud KMS keys) - custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. required: true - - !ruby/object:Api::Type::String - name: 'kmsKeyVersion' + - name: 'kmsKeyVersion' + type: String description: | Describes the Cloud KMS encryption key version used to protect destination BigQuery table. output: true - - !ruby/object:Api::Type::NestedObject - name: 'scriptOptions' + - name: 'scriptOptions' + type: NestedObject description: | Options controlling the execution of scripts. properties: - - !ruby/object:Api::Type::String - name: 'statementTimeoutMs' + - name: 'statementTimeoutMs' + type: String description: 'Timeout period for each statement in a script.' at_least_one_of: - - configuration.0.query.0.script_options.0.statement_timeout_ms - - configuration.0.query.0.script_options.0.statement_byte_budget - - configuration.0.query.0.script_options.0.key_result_statement - - !ruby/object:Api::Type::String - name: 'statementByteBudget' + - 'configuration.0.query.0.script_options.0.statement_timeout_ms' + - 'configuration.0.query.0.script_options.0.statement_byte_budget' + - 'configuration.0.query.0.script_options.0.key_result_statement' + - name: 'statementByteBudget' + type: String description: 'Limit on the number of bytes billed per statement. Exceeding this budget results in an error.' at_least_one_of: - - configuration.0.query.0.script_options.0.statement_timeout_ms - - configuration.0.query.0.script_options.0.statement_byte_budget - - configuration.0.query.0.script_options.0.key_result_statement - - !ruby/object:Api::Type::Enum - name: 'keyResultStatement' + - 'configuration.0.query.0.script_options.0.statement_timeout_ms' + - 'configuration.0.query.0.script_options.0.statement_byte_budget' + - 'configuration.0.query.0.script_options.0.key_result_statement' + - name: 'keyResultStatement' + type: Enum description: | Determines which statement in the script represents the "key result", used to populate the schema and query results of the script job. at_least_one_of: - - configuration.0.query.0.script_options.0.statement_timeout_ms - - configuration.0.query.0.script_options.0.statement_byte_budget - - configuration.0.query.0.script_options.0.key_result_statement - values: - - :LAST - - :FIRST_SELECT - - !ruby/object:Api::Type::NestedObject - name: 'load' + - 'configuration.0.query.0.script_options.0.statement_timeout_ms' + - 'configuration.0.query.0.script_options.0.statement_byte_budget' + - 'configuration.0.query.0.script_options.0.key_result_statement' + enum_values: + - 'LAST' + - 'FIRST_SELECT' + - name: 'load' + type: NestedObject description: 'Configures a load job.' exactly_one_of: - - configuration.0.query - - configuration.0.load - - configuration.0.copy - - configuration.0.extract + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' properties: - - !ruby/object:Api::Type::Array - name: 'sourceUris' + - name: 'sourceUris' + type: Array description: | The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '\*' wildcard character @@ -404,46 +408,47 @@ properties: to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups: Exactly one URI can be specified. Also, the '\*' wildcard character is not allowed. - item_type: Api::Type::String required: true - - !ruby/object:Api::Type::NestedObject - name: 'destinationTable' + item_type: + type: String + - name: 'destinationTable' + type: NestedObject description: | The destination table to load the data into. required: true - custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_load_destinationtable.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_load_destinationtable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: 'The ID of the dataset containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Enum - name: 'createDisposition' + - name: 'createDisposition' + type: Enum description: | Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. Creation, truncation and append actions occur as one atomic update upon job completion - default_value: :CREATE_IF_NEEDED - values: - - :CREATE_IF_NEEDED - - :CREATE_NEVER - - !ruby/object:Api::Type::Enum - name: 'writeDisposition' + default_value: "CREATE_IF_NEEDED" + enum_values: + - 'CREATE_IF_NEEDED' + - 'CREATE_NEVER' + - name: 'writeDisposition' + type: Enum description: | Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. @@ -451,21 +456,21 @@ properties: WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion. - default_value: :WRITE_EMPTY - values: - - :WRITE_TRUNCATE - - :WRITE_APPEND - - :WRITE_EMPTY - - !ruby/object:Api::Type::String - name: 'nullMarker' + default_value: "WRITE_EMPTY" + enum_values: + - 'WRITE_TRUNCATE' + - 'WRITE_APPEND' + - 'WRITE_EMPTY' + - name: 'nullMarker' + type: String description: | Specifies a string that represents a null value in a CSV file. For example, if you specify "\N", BigQuery interprets "\N" as a null value when loading a CSV file. The default value is the empty string. If you set this property to a custom value, BigQuery throws an error if an empty string is present for all data types except for STRING and BYTE. For STRING and BYTE columns, BigQuery interprets the empty string as an empty value. - default_value: '' - - !ruby/object:Api::Type::String - name: 'fieldDelimiter' + default_value: "" + - name: 'fieldDelimiter' + type: String description: | The separator for fields in a CSV file. The separator can be any ISO-8859-1 single-byte character. To use a character in the range 128-255, you must encode the character as UTF8. BigQuery converts @@ -473,8 +478,8 @@ properties: data in its raw, binary state. BigQuery also supports the escape sequence "\t" to specify a tab separator. The default value is a comma (','). default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'skipLeadingRows' + - name: 'skipLeadingRows' + type: Integer description: | The number of rows at the top of a CSV file that BigQuery will skip when loading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. @@ -484,59 +489,59 @@ properties: skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. - default_value: 0 - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::String - name: 'encoding' + default_value: 0 + - name: 'encoding' + type: String description: | The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. The default value is UTF-8. BigQuery decodes the data after the raw, binary data has been split using the values of the quote and fieldDelimiter properties. - default_value: 'UTF-8' - - !ruby/object:Api::Type::String - name: 'quote' + default_value: "UTF-8" + - name: 'quote' + type: String description: | The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxBadRecords' + - name: 'maxBadRecords' + type: Integer description: | The maximum number of bad records that BigQuery can ignore when running the job. If the number of bad records exceeds this value, an invalid error is returned in the job result. The default value is 0, which requires that all records are valid. default_value: 0 - - !ruby/object:Api::Type::Boolean - name: 'allowQuotedNewlines' + - name: 'allowQuotedNewlines' + type: Boolean description: | Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. The default value is false. default_value: false - - !ruby/object:Api::Type::String - name: 'sourceFormat' + - name: 'sourceFormat' + type: String description: | The format of the data files. For CSV files, specify "CSV". For datastore backups, specify "DATASTORE_BACKUP". For newline-delimited JSON, specify "NEWLINE_DELIMITED_JSON". For Avro, specify "AVRO". For parquet, specify "PARQUET". For orc, specify "ORC". [Beta] For Bigtable, specify "BIGTABLE". The default value is CSV. - default_value: 'CSV' - - !ruby/object:Api::Type::String - name: 'jsonExtension' + default_value: "CSV" + - name: 'jsonExtension' + type: String description: | If sourceFormat is set to newline-delimited JSON, indicates whether it should be processed as a JSON variant such as GeoJSON. For a sourceFormat other than JSON, omit this field. If the sourceFormat is newline-delimited JSON: - for newline-delimited GeoJSON: set to GEOJSON. - - !ruby/object:Api::Type::Boolean - name: 'allowJaggedRows' + - name: 'allowJaggedRows' + type: Boolean description: | Accept rows that are missing trailing optional columns. The missing values are treated as nulls. If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. Only applicable to CSV, ignored for other formats. default_value: false - - !ruby/object:Api::Type::Boolean - name: 'ignoreUnknownValues' + - name: 'ignoreUnknownValues' + type: Boolean description: | Indicates if BigQuery should allow extra values that are not represented in the table schema. If true, the extra values are ignored. If false, records with extra columns are treated as bad records, @@ -545,19 +550,20 @@ properties: CSV: Trailing columns JSON: Named values that don't match any column names default_value: false - - !ruby/object:Api::Type::Array - name: 'projectionFields' + - name: 'projectionFields' + type: Array description: | If sourceFormat is set to "DATASTORE_BACKUP", indicates which entity properties to load into BigQuery from a Cloud Datastore backup. Property names are case sensitive and must be top-level properties. If no properties are specified, BigQuery loads all properties. If any named property isn't found in the Cloud Datastore backup, an invalid error is returned in the job result. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'autodetect' + item_type: + type: String + - name: 'autodetect' + type: Boolean description: | Indicates if we should automatically infer the options and schema for CSV and JSON sources. - - !ruby/object:Api::Type::Array - name: 'schemaUpdateOptions' + - name: 'schemaUpdateOptions' + type: Array description: | Allows the schema of the destination table to be updated as a side effect of the load job if a schema is autodetected or supplied in the job configuration. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; @@ -565,132 +571,134 @@ properties: For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'timePartitioning' + item_type: + type: String + - name: 'timePartitioning' + type: NestedObject description: | Time-based partitioning specification for the destination table. properties: - - !ruby/object:Api::Type::String - name: 'type' + - name: 'type' + type: String description: | The only type supported is DAY, which will generate one partition per day. Providing an empty string used to cause an error, but in OnePlatform the field will be treated as unset. required: true - - !ruby/object:Api::Type::String - name: 'expirationMs' + - name: 'expirationMs' + type: String description: | Number of milliseconds for which to keep the storage for a partition. A wrapper is used here because 0 is an invalid value. - - !ruby/object:Api::Type::String - name: 'field' + - name: 'field' + type: String description: | If not set, the table is partitioned by pseudo column '_PARTITIONTIME'; if set, the table is partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. A wrapper is used here because an empty string is an invalid value. - - !ruby/object:Api::Type::NestedObject - name: 'destinationEncryptionConfiguration' + - name: 'destinationEncryptionConfiguration' + type: NestedObject description: | Custom encryption configuration (e.g., Cloud KMS keys) - custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. required: true - - !ruby/object:Api::Type::String - name: 'kmsKeyVersion' + - name: 'kmsKeyVersion' + type: String description: | Describes the Cloud KMS encryption key version used to protect destination BigQuery table. output: true - - !ruby/object:Api::Type::NestedObject - name: 'parquetOptions' + - name: 'parquetOptions' + type: NestedObject description: | Parquet Options for load and make external tables. properties: - - !ruby/object:Api::Type::Boolean - name: 'enumAsString' + - name: 'enumAsString' + type: Boolean description: | If sourceFormat is set to PARQUET, indicates whether to infer Parquet ENUM logical type as STRING instead of BYTES by default. - - !ruby/object:Api::Type::Boolean - name: 'enableListInference' + - name: 'enableListInference' + type: Boolean description: | If sourceFormat is set to PARQUET, indicates whether to use schema inference specifically for Parquet LIST logical type. at_least_one_of: - - configuration.0.load.0.parquet_options.0.enum_as_string - - configuration.0.load.0.parquet_options.0.enable_list_inference - - !ruby/object:Api::Type::NestedObject - name: 'copy' + - 'configuration.0.load.0.parquet_options.0.enum_as_string' + - 'configuration.0.load.0.parquet_options.0.enable_list_inference' + - name: 'copy' + type: NestedObject description: 'Copies a table.' exactly_one_of: - - configuration.0.query - - configuration.0.load - - configuration.0.copy - - configuration.0.extract + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' properties: - - !ruby/object:Api::Type::Array - name: 'sourceTables' + - name: 'sourceTables' + type: Array description: | Source tables to copy. required: true - custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref_array.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_copy_sourcetables.go.erb' - item_type: !ruby/object:Api::Type::NestedObject + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_copy_sourcetables.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref_array.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: 'The ID of the dataset containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::NestedObject - name: 'destinationTable' + - name: 'destinationTable' + type: NestedObject description: 'The destination table.' - custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_copy_destinationtable.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_copy_destinationtable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: 'The ID of the dataset containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Enum - name: 'createDisposition' + - name: 'createDisposition' + type: Enum description: | Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. Creation, truncation and append actions occur as one atomic update upon job completion - default_value: :CREATE_IF_NEEDED - values: - - :CREATE_IF_NEEDED - - :CREATE_NEVER - - !ruby/object:Api::Type::Enum - name: 'writeDisposition' + default_value: "CREATE_IF_NEEDED" + enum_values: + - 'CREATE_IF_NEEDED' + - 'CREATE_NEVER' + - name: 'writeDisposition' + type: Enum description: | Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. @@ -698,175 +706,177 @@ properties: WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion. - default_value: :WRITE_EMPTY - values: - - :WRITE_TRUNCATE - - :WRITE_APPEND - - :WRITE_EMPTY - - !ruby/object:Api::Type::NestedObject - name: 'destinationEncryptionConfiguration' + default_value: "WRITE_EMPTY" + enum_values: + - 'WRITE_TRUNCATE' + - 'WRITE_APPEND' + - 'WRITE_EMPTY' + - name: 'destinationEncryptionConfiguration' + type: NestedObject description: | Custom encryption configuration (e.g., Cloud KMS keys) - custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_kms_version.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. required: true - - !ruby/object:Api::Type::String - name: 'kmsKeyVersion' + - name: 'kmsKeyVersion' + type: String description: | Describes the Cloud KMS encryption key version used to protect destination BigQuery table. output: true - - !ruby/object:Api::Type::NestedObject - name: 'extract' + - name: 'extract' + type: NestedObject description: 'Configures an extract job.' exactly_one_of: - - configuration.0.query - - configuration.0.load - - configuration.0.copy - - configuration.0.extract + - 'configuration.0.query' + - 'configuration.0.load' + - 'configuration.0.copy' + - 'configuration.0.extract' properties: - - !ruby/object:Api::Type::Array - name: 'destinationUris' + - name: 'destinationUris' + type: Array description: | A list of fully-qualified Google Cloud Storage URIs where the extracted table should be written. required: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'printHeader' + item_type: + type: String + - name: 'printHeader' + type: Boolean description: | Whether to print out a header row in the results. Default is true. default_value: true - - !ruby/object:Api::Type::String - name: 'fieldDelimiter' + - name: 'fieldDelimiter' + type: String description: | When extracting data in CSV format, this defines the delimiter to use between fields in the exported data. Default is ',' default_from_api: true - - !ruby/object:Api::Type::String - name: 'destinationFormat' + - name: 'destinationFormat' + type: String description: | The exported file format. Possible values include CSV, NEWLINE_DELIMITED_JSON and AVRO for tables and SAVED_MODEL for models. The default value for tables is CSV. Tables with nested or repeated fields cannot be exported as CSV. The default value for models is SAVED_MODEL. default_from_api: true - - !ruby/object:Api::Type::String - name: 'compression' + - name: 'compression' + type: String description: | The compression type to use for exported files. Possible values include GZIP, DEFLATE, SNAPPY, and NONE. The default value is NONE. DEFLATE and SNAPPY are only supported for Avro. - default_value: 'NONE' - - !ruby/object:Api::Type::Boolean - name: 'useAvroLogicalTypes' + default_value: "NONE" + - name: 'useAvroLogicalTypes' + type: Boolean description: | Whether to use logical types when extracting to AVRO format. - - !ruby/object:Api::Type::NestedObject - name: 'sourceTable' + - name: 'sourceTable' + type: NestedObject description: | A reference to the table being exported. exactly_one_of: - - configuration.0.extract.0.source_table - - configuration.0.extract.0.source_model - custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_extract_sourcetable.go.erb' + - 'configuration.0.extract.0.source_table' + - 'configuration.0.extract.0.source_model' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_table_ref_extract_sourcetable.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigquery_table_ref.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: 'The ID of the dataset containing this table.' required: false default_from_api: true - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::NestedObject - name: 'sourceModel' + - name: 'sourceModel' + type: NestedObject description: | A reference to the model being exported. exactly_one_of: - - configuration.0.extract.0.source_table - - configuration.0.extract.0.source_model + - 'configuration.0.extract.0.source_table' + - 'configuration.0.extract.0.source_model' properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: 'The ID of the project containing this model.' required: true - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: 'The ID of the dataset containing this model.' required: true - - !ruby/object:Api::Type::String - name: 'modelId' + - name: 'modelId' + type: String description: 'The ID of the model.' required: true - - !ruby/object:Api::Type::NestedObject - name: 'jobReference' + - name: 'jobReference' + type: NestedObject description: | Reference describing the unique-per-user name of the job. flatten_object: true properties: - - !ruby/object:Api::Type::String - name: 'jobId' + - name: 'jobId' + type: String description: | The ID of the job. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum length is 1,024 characters. required: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The geographic location of the job. The default value is US. - default_value: 'US' - - !ruby/object:Api::Type::NestedObject - name: 'status' - output: true + default_value: "US" + - name: 'status' + type: NestedObject description: | The status of this job. Examine this value when polling an asynchronous job to see if the job is complete. + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'errorResult' - output: true + - name: 'errorResult' + type: NestedObject description: | Final error result of the job. If present, indicates that the job has completed and was unsuccessful. + output: true properties: - - !ruby/object:Api::Type::String - name: 'reason' + - name: 'reason' + type: String description: A short error code that summarizes the error. - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: Specifies where the error occurred, if present. - - !ruby/object:Api::Type::String - name: 'message' + - name: 'message' + type: String description: A human-readable description of the error. - - !ruby/object:Api::Type::Array - name: 'errors' - output: true + - name: 'errors' + type: Array description: | The first errors encountered during the running of the job. The final message includes the number of errors that caused the process to stop. Errors here do not necessarily mean that the job has not completed or was unsuccessful. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'reason' + - name: 'reason' + type: String description: A short error code that summarizes the error. - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: Specifies where the error occurred, if present. - - !ruby/object:Api::Type::String - name: 'message' + - name: 'message' + type: String description: A human-readable description of the error. - - !ruby/object:Api::Type::String - name: 'state' - output: true + - name: 'state' + type: String description: | Running state of the job. Valid states include 'PENDING', 'RUNNING', and 'DONE'. + output: true diff --git a/mmv1/products/bigquery/Routine.yaml b/mmv1/products/bigquery/Routine.yaml index dc95d0bfadc7..759b27b169e6 100644 --- a/mmv1/products/bigquery/Routine.yaml +++ b/mmv1/products/bigquery/Routine.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,163 +11,157 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Routine' kind: 'bigquery#routine' -base_url: projects/{{project}}/datasets/{{dataset_id}}/routines -self_link: projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}} description: | A user-defined function or a stored procedure that belongs to a Dataset -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Routines Intro': 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' +docs: +base_url: 'projects/{{project}}/datasets/{{dataset_id}}/routines' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}' import_format: - ['projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}'] + - 'projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_basic' + - name: 'bigquery_routine_basic' primary_resource_id: 'sproc' - primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' vars: dataset_id: 'dataset_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_json' + - name: 'bigquery_routine_json' primary_resource_id: 'sproc' - primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' vars: dataset_id: 'dataset_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_tvf' + - name: 'bigquery_routine_tvf' primary_resource_id: 'sproc' - primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' vars: dataset_id: 'dataset_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_pyspark' + - name: 'bigquery_routine_pyspark' primary_resource_id: 'pyspark' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_pyspark_mainfile' + - name: 'bigquery_routine_pyspark_mainfile' primary_resource_id: 'pyspark_mainfile' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_spark_jar' + - name: 'bigquery_routine_spark_jar' primary_resource_id: 'spark_jar' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_routine_data_governance_type' + - name: 'bigquery_routine_data_governance_type' primary_resource_id: 'custom_masking_routine' vars: dataset_id: 'dataset_id' routine_id: 'routine_id' - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'bigquery_routine_remote_function' + - name: 'bigquery_routine_remote_function' primary_resource_id: 'remote_function' vars: dataset_id: 'dataset_id' connection_id: 'connection_id' routine_id: 'routine_id' + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::NestedObject - name: routineReference + - name: 'routineReference' + type: NestedObject description: Reference describing the ID of this routine required: true - custom_expand: 'templates/terraform/custom_expand/bigquery_routine_ref.go.erb' + custom_expand: 'templates/terraform/custom_expand/bigquery_routine_ref.go.tmpl' flatten_object: true properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this routine required: true immutable: true - - !ruby/object:Api::Type::String - name: 'routineId' + - name: 'routineId' + type: String description: The ID of the the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters. required: true immutable: true - - !ruby/object:Api::Type::Enum - name: 'routineType' - immutable: true - required: true + - name: 'routineType' + type: Enum description: The type of routine. - values: - - :SCALAR_FUNCTION - - :PROCEDURE - - :TABLE_VALUED_FUNCTION - - !ruby/object:Api::Type::Integer - name: 'creationTime' - output: true + required: true + immutable: true + enum_values: + - 'SCALAR_FUNCTION' + - 'PROCEDURE' + - 'TABLE_VALUED_FUNCTION' + - name: 'creationTime' + type: Integer description: | The time when this routine was created, in milliseconds since the epoch. - - !ruby/object:Api::Type::Integer - name: 'lastModifiedTime' output: true + - name: 'lastModifiedTime' + type: Integer description: | The time when this routine was modified, in milliseconds since the epoch. - - !ruby/object:Api::Type::Enum - name: 'language' + output: true + - name: 'language' + type: Enum description: | The language of the routine. - values: - - :SQL - - :JAVASCRIPT - - :PYTHON - - :JAVA - - :SCALA - - !ruby/object:Api::Type::Array - name: 'arguments' + enum_values: + - 'SQL' + - 'JAVASCRIPT' + - 'PYTHON' + - 'JAVA' + - 'SCALA' + - name: 'arguments' + type: Array description: Input/output argument of a function or a stored procedure. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of this argument. Can be absent for function return argument. - - !ruby/object:Api::Type::Enum - name: 'argumentKind' + - name: 'argumentKind' + type: Enum description: Defaults to FIXED_TYPE. - values: - - :FIXED_TYPE - - :ANY_TYPE - default_value: :FIXED_TYPE - - !ruby/object:Api::Type::Enum - name: 'mode' + default_value: "FIXED_TYPE" + enum_values: + - 'FIXED_TYPE' + - 'ANY_TYPE' + - name: 'mode' + type: Enum description: | Specifies whether the argument is input or output. Can be set for procedures only. - values: - - :IN - - :OUT - - :INOUT + enum_values: + - 'IN' + - 'OUT' + - 'INOUT' # This is a string instead of a NestedObject because schemas contain ColumnSchemas, # which can contain nested StandardSqlDataType. # We'll have people provide the json blob for the schema instead. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | A JSON schema for the data type. Required unless argumentKind = ANY_TYPE. ~>**NOTE**: Because this field expects a JSON string, any changes to the string @@ -176,15 +170,13 @@ properties: or replaced STRUCT field type with RECORD field type, we currently cannot suppress the recurring diff this causes. As a workaround, we recommend using the schema as returned by the API. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := - structure.NormalizeJsonString(v); return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'returnType' + - name: 'returnType' + type: String description: | A JSON schema for the return type. Optional if language = "SQL"; required otherwise. If absent, the return type is inferred from definitionBody at query time in each query @@ -195,130 +187,131 @@ properties: d the order of values or replaced STRUCT field type with RECORD field type, we currently cannot suppress the recurring diff this causes. As a workaround, we recommend using the schema as returned by the API. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'returnTableType' + - name: 'returnTableType' + type: String description: | Optional. Can be set only if routineType = "TABLE_VALUED_FUNCTION". If absent, the return table type is inferred from definitionBody at query time in each query that references this routine. If present, then the columns in the evaluated table result will be cast to match the column types specificed in return table type, at query time. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'importedLibraries' + - name: 'importedLibraries' + type: Array description: | Optional. If language = "JAVASCRIPT", this field stores the path of the imported JAVASCRIPT libraries. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'definitionBody' - required: true + item_type: + type: String + - name: 'definitionBody' + type: String description: | The body of the routine. For functions, this is the expression in the AS clause. If language=SQL, it is the substring inside (but excluding) the parentheses. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: The description of the routine if defined. - - !ruby/object:Api::Type::Enum - name: 'determinismLevel' + - name: 'determinismLevel' + type: Enum description: The determinism level of the JavaScript UDF if defined. - values: - - :DETERMINISM_LEVEL_UNSPECIFIED - - :DETERMINISTIC - - :NOT_DETERMINISTIC - - !ruby/object:Api::Type::Enum - name: 'dataGovernanceType' + enum_values: + - 'DETERMINISM_LEVEL_UNSPECIFIED' + - 'DETERMINISTIC' + - 'NOT_DETERMINISTIC' + - name: 'dataGovernanceType' + type: Enum description: If set to DATA_MASKING, the function is validated and made available as a masking function. For more information, see https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask - values: - - :DATA_MASKING - - !ruby/object:Api::Type::NestedObject - name: 'sparkOptions' + enum_values: + - 'DATA_MASKING' + - name: 'sparkOptions' + type: NestedObject description: | Optional. If language is one of "PYTHON", "JAVA", "SCALA", this field stores the options for spark stored procedure. properties: - - !ruby/object:Api::Type::String - name: 'connection' + - name: 'connection' + type: String description: | Fully qualified name of the user-provided Spark connection object. Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" - - !ruby/object:Api::Type::String - name: 'runtimeVersion' + - name: 'runtimeVersion' + type: String description: Runtime version. If not specified, the default runtime version is used. - - !ruby/object:Api::Type::String - name: 'containerImage' + - name: 'containerImage' + type: String description: Custom container image for the runtime environment. - - !ruby/object:Api::Type::KeyValuePairs - name: "properties" + - name: 'properties' + type: KeyValuePairs description: | Configuration properties as a set of key/value pairs, which will be passed on to the Spark application. For more information, see Apache Spark and the procedure option list. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. default_from_api: true - - !ruby/object:Api::Type::String - name: 'mainFileUri' + - name: 'mainFileUri' + type: String description: | The main file/jar URI of the Spark application. Exactly one of the definitionBody field and the mainFileUri field must be set for Python. Exactly one of mainClass and mainFileUri field should be set for Java/Scala language type. - - !ruby/object:Api::Type::Array - name: 'pyFileUris' + - name: 'pyFileUris' + type: Array description: | Python files to be placed on the PYTHONPATH for PySpark application. Supported file types: .py, .egg, and .zip. For more information about Apache Spark, see Apache Spark. - item_type: Api::Type::String default_from_api: true - - !ruby/object:Api::Type::Array - name: 'jarUris' + item_type: + type: String + - name: 'jarUris' + type: Array description: | JARs to include on the driver and executor CLASSPATH. For more information about Apache Spark, see Apache Spark. - item_type: Api::Type::String default_from_api: true - - !ruby/object:Api::Type::Array - name: 'fileUris' + item_type: + type: String + - name: 'fileUris' + type: Array description: | Files to be placed in the working directory of each executor. For more information about Apache Spark, see Apache Spark. - item_type: Api::Type::String default_from_api: true - - !ruby/object:Api::Type::Array - name: 'archiveUris' + item_type: + type: String + - name: 'archiveUris' + type: Array description: | Archive files to be extracted into the working directory of each executor. For more information about Apache Spark, see Apache Spark. - item_type: Api::Type::String default_from_api: true - - !ruby/object:Api::Type::String - name: 'mainClass' + item_type: + type: String + - name: 'mainClass' + type: String description: | The fully qualified name of a class in jarUris, for example, com.example.wordcount. Exactly one of mainClass and main_jar_uri field should be set for Java/Scala language type. - - !ruby/object:Api::Type::NestedObject - name: 'remoteFunctionOptions' + - name: 'remoteFunctionOptions' + type: NestedObject description: Remote function specific options. properties: - - !ruby/object:Api::Type::String - name: 'endpoint' + - name: 'endpoint' + type: String description: | Endpoint of the user-provided remote service, e.g. `https://us-east1-my_gcf_project.cloudfunctions.net/remote_add` - - !ruby/object:Api::Type::String - name: 'connection' + - name: 'connection' + type: String description: | Fully qualified name of the user-provided connection object which holds the authentication information to send requests to the remote service. Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" - - !ruby/object:Api::Type::KeyValuePairs - name: 'userDefinedContext' + - name: 'userDefinedContext' + type: KeyValuePairs description: | User-defined context as a set of key/value pairs, which will be sent as function invocation context together with batched arguments in the requests to the remote @@ -327,8 +320,8 @@ properties: An object containing a list of "key": value pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. default_from_api: true - - !ruby/object:Api::Type::String - name: 'maxBatchingRows' + - name: 'maxBatchingRows' + type: String description: | Max number of rows in each batch sent to the remote service. If absent or if 0, BigQuery dynamically decides the number of rows in a batch. diff --git a/mmv1/products/bigquery/Table.yaml b/mmv1/products/bigquery/Table.yaml index 7d12731522eb..02eb4ac6a67f 100644 --- a/mmv1/products/bigquery/Table.yaml +++ b/mmv1/products/bigquery/Table.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,175 +11,179 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Table' kind: 'bigquery#table' -base_url: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' description: | A Table that belongs to a Dataset -self_link: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' exclude_resource: true -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: '{{table_id}}' +base_url: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' +self_link: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' +import_format: + - 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' + - '{{table_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' parent_resource_type: 'google_bigquery_table' - parent_resource_attribute: 'table_id' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' allowed_iam_role: 'roles/bigquery.dataOwner' + parent_resource_attribute: 'table_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' iam_policy_version: '1' -id_format: '{{table_id}}' -import_format: - [ - 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}', - '{{table_id}}', - ] +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_bigquery_table' + - name: 'bigquery_bigquery_table' primary_resource_id: 'test' - primary_resource_name: "fmt.Sprintf(\"tf_test_dataset_id%s\", - context[\"random_suffix\"\ - ]), fmt.Sprintf(\"tf_test_table_id%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' vars: dataset_id: 'dataset_id' table_id: 'table_id' parameters: # TODO(alexstephen): Remove once we have support for placing # nested object fields in URL - - !ruby/object:Api::Type::String - name: 'dataset' + - name: 'dataset' + type: String description: Name of the dataset properties: - - !ruby/object:Api::Type::NestedObject - name: tableReference + - name: 'tableReference' + type: NestedObject description: Reference describing the ID of this table properties: - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: The ID of the dataset containing this table - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: The ID of the project containing this table - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: The ID of the the table - - !ruby/object:Api::Type::Array - name: 'clustering' + - name: 'clustering' + type: Array description: | One or more fields on which data should be clustered. Only top-level, non-repeated, simple-type fields are supported. When you cluster a table using multiple columns, the order of columns you specify is important. The order of the specified columns determines the sort order of the data. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'creationTime' - output: true + item_type: + type: String + - name: 'creationTime' + type: Integer description: | The time when this dataset was created, in milliseconds since the epoch. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: A user-friendly description of the dataset - - !ruby/object:Api::Type::String - name: 'friendlyName' + - name: 'friendlyName' + type: String description: A descriptive name for this table - - !ruby/object:Api::Type::String - name: 'id' + - name: 'id' + type: String description: 'An opaque ID uniquely identifying the table.' output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | The labels associated with this dataset. You can use these to organize and group your datasets - - !ruby/object:Api::Type::Integer - name: 'lastModifiedTime' + - name: 'lastModifiedTime' + type: Integer description: | The time when this table was last modified, in milliseconds since the epoch. output: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The geographic location where the table resides. This value is inherited from the dataset. output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the table' - - !ruby/object:Api::Type::Integer - name: 'numBytes' + - name: 'numBytes' + type: Integer description: | The size of this table in bytes, excluding any data in the streaming buffer. output: true - - !ruby/object:Api::Type::Integer - name: 'numLongTermBytes' + - name: 'numLongTermBytes' + type: Integer description: | The number of bytes in the table that are considered "long-term storage". output: true - - !ruby/object:Api::Type::Integer - name: 'numRows' + - name: 'numRows' + type: Integer description: | The number of rows of data in this table, excluding any data in the streaming buffer. - - !ruby/object:Api::Type::Boolean - name: 'requirePartitionFilter' + - name: 'requirePartitionFilter' + type: Boolean description: | If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. output: true - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: 'Describes the table type' - values: - - :TABLE - - :VIEW - - :EXTERNAL output: true - - !ruby/object:Api::Type::NestedObject - name: 'view' + enum_values: + - 'TABLE' + - 'VIEW' + - 'EXTERNAL' + - name: 'view' + type: NestedObject description: The view definition. properties: - - !ruby/object:Api::Type::Boolean - name: 'useLegacySql' + - name: 'useLegacySql' + type: Boolean description: | Specifies whether to use BigQuery's legacy SQL for this view - - !ruby/object:Api::Type::Array - name: 'userDefinedFunctionResources' + - name: 'userDefinedFunctionResources' + type: Array description: | Describes user-defined function resources used in the query. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'inlineCode' + - name: 'inlineCode' + type: String description: | An inline resource that contains code for a user-defined function (UDF). Providing a inline code resource is equivalent to providing a URI for a file containing the same code. # TODO: Convert into cross-product ResourceRef - - !ruby/object:Api::Type::String - name: 'resourceUri' + - name: 'resourceUri' + type: String description: | A code resource to load from a Google Cloud Storage URI (gs://bucket/path). - - !ruby/object:Api::Type::NestedObject - name: 'timePartitioning' + - name: 'timePartitioning' + type: NestedObject description: | If specified, configures time-based partitioning for this table. properties: - - !ruby/object:Api::Type::Integer - name: 'expirationMs' + - name: 'expirationMs' + type: Integer description: | Number of milliseconds for which to keep the storage for a partition. If unspecified when the table is created in a dataset that has `defaultPartitionExpirationMs`, it will inherit the value of `defaultPartitionExpirationMs` from the dataset. To specify a unlimited expiration, set the value to 0. - - !ruby/object:Api::Type::String - name: 'field' + - name: 'field' + type: String description: | If not set, the table is partitioned by pseudo column, referenced via either '_PARTITIONTIME' as TIMESTAMP type, or @@ -187,145 +191,147 @@ properties: is instead partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: | The only type supported is DAY, which will generate one partition per day. - values: - - :DAY - - !ruby/object:Api::Type::NestedObject - name: 'streamingBuffer' + enum_values: + - 'DAY' + - name: 'streamingBuffer' + type: NestedObject description: | Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. output: true properties: - - !ruby/object:Api::Type::Integer - name: 'estimatedBytes' + - name: 'estimatedBytes' + type: Integer description: | A lower-bound estimate of the number of bytes currently in the streaming buffer. output: true - - !ruby/object:Api::Type::Integer - name: 'estimatedRows' + - name: 'estimatedRows' + type: Integer description: | A lower-bound estimate of the number of rows currently in the streaming buffer. output: true - - !ruby/object:Api::Type::Integer - name: 'oldestEntryTime' + - name: 'oldestEntryTime' + type: Integer description: | Contains the timestamp of the oldest entry in the streaming buffer, in milliseconds since the epoch, if the streaming buffer is available. output: true - - !ruby/object:Api::Type::NestedObject - name: 'schema' + - name: 'schema' + type: NestedObject description: Describes the schema of this table properties: - - !ruby/object:Api::Type::Array - name: 'fields' + - name: 'fields' + type: Array description: Describes the fields in a table. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | The field description. The maximum length is 1,024 characters. - - !ruby/object:Api::Type::Array - name: 'fields' + - name: 'fields' + type: Array description: | Describes the nested schema fields if the type property is set to RECORD. - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: 'mode' + item_type: + type: String + - name: 'mode' + type: Enum description: The field mode - values: - - :NULLABLE - - :REQUIRED - - :REPEATED - - !ruby/object:Api::Type::String - name: 'name' + enum_values: + - 'NULLABLE' + - 'REQUIRED' + - 'REPEATED' + - name: 'name' + type: String description: The field name - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: 'The field data type' - values: - - :STRING - - :BYTES - - :INTEGER - - :FLOAT - - :TIMESTAMP - - :DATE - - :TIME - - :DATETIME - - :RECORD - - !ruby/object:Api::Type::NestedObject - name: 'encryptionConfiguration' + enum_values: + - 'STRING' + - 'BYTES' + - 'INTEGER' + - 'FLOAT' + - 'TIMESTAMP' + - 'DATE' + - 'TIME' + - 'DATETIME' + - 'RECORD' + - name: 'encryptionConfiguration' + type: NestedObject description: Custom encryption configuration properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. - - !ruby/object:Api::Type::Integer - name: 'expirationTime' + - name: 'expirationTime' + type: Integer description: | The time when this table expires, in milliseconds since the epoch. If not present, the table will persist indefinitely. - - !ruby/object:Api::Type::NestedObject - name: 'externalDataConfiguration' + - name: 'externalDataConfiguration' + type: NestedObject description: | Describes the data format, location, and other properties of a table stored outside of BigQuery. By defining these properties, the data source can then be queried as if it were a standard BigQuery table. properties: - - !ruby/object:Api::Type::Boolean - name: 'autodetect' + - name: 'autodetect' + type: Boolean description: | Try to detect schema and format options automatically. Any option specified explicitly will be honored. - - !ruby/object:Api::Type::Enum - name: 'compression' + - name: 'compression' + type: Enum description: The compression type of the data source - values: - - :GZIP - - :NONE - - !ruby/object:Api::Type::Boolean - name: 'ignoreUnknownValues' + enum_values: + - 'GZIP' + - 'NONE' + - name: 'ignoreUnknownValues' + type: Boolean description: | Indicates if BigQuery should allow extra values that are not represented in the table schema - - !ruby/object:Api::Type::Integer - name: 'maxBadRecords' + - name: 'maxBadRecords' + type: Integer description: | The maximum number of bad records that BigQuery can ignore when reading data default_value: 0 - - !ruby/object:Api::Type::Enum - name: 'sourceFormat' + - name: 'sourceFormat' + type: Enum description: The data format - values: - - :CSV - - :GOOGLE_SHEETS - - :NEWLINE_DELIMITED_JSON - - :AVRO - - :DATASTORE_BACKUP - - :BIGTABLE - - :ORC - - :PARQUET - - :ICEBERG - - :DELTA_LAKE + enum_values: + - 'CSV' + - 'GOOGLE_SHEETS' + - 'NEWLINE_DELIMITED_JSON' + - 'AVRO' + - 'DATASTORE_BACKUP' + - 'BIGTABLE' + - 'ORC' + - 'PARQUET' + - 'ICEBERG' + - 'DELTA_LAKE' # TODO: Investigate if this is feasible as a ResourceRef # This is a very complicated ResourceRef (one-to-many, where the many are cross-product). - - !ruby/object:Api::Type::Array - name: 'sourceUris' + - name: 'sourceUris' + type: Array description: | The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '\*' @@ -336,204 +342,209 @@ properties: Bigtable table. For Google Cloud Datastore backups, exactly one URI can be specified. Also, the '\*' wildcard character is not allowed. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'schema' + item_type: + type: String + - name: 'schema' + type: NestedObject description: 'The schema for the data. Schema is required for CSV and JSON formats' properties: - - !ruby/object:Api::Type::Array - name: 'fields' + - name: 'fields' + type: Array description: 'Describes the fields in a table.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: The field description - - !ruby/object:Api::Type::Array - name: 'fields' + - name: 'fields' + type: Array description: | Describes the nested schema fields if the type property is set to RECORD - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: 'mode' + item_type: + type: String + - name: 'mode' + type: Enum description: Field mode. - values: - - :NULLABLE - - :REQUIRED - - :REPEATED - - !ruby/object:Api::Type::String - name: 'name' + enum_values: + - 'NULLABLE' + - 'REQUIRED' + - 'REPEATED' + - name: 'name' + type: String description: Field name - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: Field data type - values: - - :STRING - - :BYTES - - :INTEGER - - :FLOAT - - :TIMESTAMP - - :DATE - - :TIME - - :DATETIME - - :RECORD - - !ruby/object:Api::Type::NestedObject - name: 'googleSheetsOptions' + enum_values: + - 'STRING' + - 'BYTES' + - 'INTEGER' + - 'FLOAT' + - 'TIMESTAMP' + - 'DATE' + - 'TIME' + - 'DATETIME' + - 'RECORD' + - name: 'googleSheetsOptions' + type: NestedObject description: 'Additional options if sourceFormat is set to GOOGLE_SHEETS.' properties: - - !ruby/object:Api::Type::Integer - name: 'skipLeadingRows' + - name: 'skipLeadingRows' + type: Integer description: | The number of rows at the top of a Google Sheet that BigQuery will skip when reading the data. default_value: 0 - - !ruby/object:Api::Type::NestedObject - name: 'csvOptions' + - name: 'csvOptions' + type: NestedObject description: Additional properties to set if sourceFormat is set to CSV. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowJaggedRows' + - name: 'allowJaggedRows' + type: Boolean description: | Indicates if BigQuery should accept rows that are missing trailing optional columns - - !ruby/object:Api::Type::Boolean - name: 'allowQuotedNewlines' + - name: 'allowQuotedNewlines' + type: Boolean description: | Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file - - !ruby/object:Api::Type::Enum - name: 'encoding' + - name: 'encoding' + type: Enum description: 'The character encoding of the data' - values: - - :UTF-8 - - :ISO-8859-1 - - !ruby/object:Api::Type::String - name: 'fieldDelimiter' + enum_values: + - 'UTF-8' + - 'ISO-8859-1' + - name: 'fieldDelimiter' + type: String description: 'The separator for fields in a CSV file' - - !ruby/object:Api::Type::String - name: 'quote' + - name: 'quote' + type: String description: 'The value that is used to quote data sections in a CSV file' - - !ruby/object:Api::Type::Integer - name: 'skipLeadingRows' + - name: 'skipLeadingRows' + type: Integer description: | The number of rows at the top of a CSV file that BigQuery will skip when reading the data. default_value: 0 - - !ruby/object:Api::Type::NestedObject - name: 'bigtableOptions' + - name: 'bigtableOptions' + type: NestedObject description: 'Additional options if sourceFormat is set to BIGTABLE.' properties: - - !ruby/object:Api::Type::Boolean - name: 'ignoreUnspecifiedColumnFamilies' + - name: 'ignoreUnspecifiedColumnFamilies' + type: Boolean description: | If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema - - !ruby/object:Api::Type::Boolean - name: 'readRowkeyAsString' + - name: 'readRowkeyAsString' + type: Boolean description: | If field is true, then the rowkey column families will be read and converted to string. - - !ruby/object:Api::Type::Array - name: 'columnFamilies' + - name: 'columnFamilies' + type: Array description: | List of column families to expose in the table schema along with their types. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'columns' + - name: 'columns' + type: Array description: | Lists of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'encoding' + - name: 'encoding' + type: Enum description: The encoding of the values when the type is not STRING - values: - - :TEXT - - :BINARY - - !ruby/object:Api::Type::String - name: 'fieldName' + enum_values: + - 'TEXT' + - 'BINARY' + - name: 'fieldName' + type: String description: | If the qualifier is not a valid BigQuery field identifier, a valid identifier must be provided as the column field name and is used as field name in queries. - - !ruby/object:Api::Type::Boolean - name: 'onlyReadLatest' + - name: 'onlyReadLatest' + type: Boolean description: | If this is set, only the latest version of value in this column are exposed - - !ruby/object:Api::Type::String - name: 'qualifierString' + - name: 'qualifierString' + type: String description: Qualifier of the column required: true - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: The type to convert the value in cells of this column - values: - - :BYTES - - :STRING - - :INTEGER - - :FLOAT - - :BOOLEAN - - !ruby/object:Api::Type::Enum - name: 'encoding' + enum_values: + - 'BYTES' + - 'STRING' + - 'INTEGER' + - 'FLOAT' + - 'BOOLEAN' + - name: 'encoding' + type: Enum description: The encoding of the values when the type is not STRING - values: - - :TEXT - - :BINARY - - !ruby/object:Api::Type::String - name: 'familyId' + enum_values: + - 'TEXT' + - 'BINARY' + - name: 'familyId' + type: String description: Identifier of the column family. - - !ruby/object:Api::Type::Boolean - name: 'onlyReadLatest' + - name: 'onlyReadLatest' + type: Boolean description: | If this is set only the latest version of value are exposed for all columns in this column family - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: The type to convert the value in cells of this column family - values: - - :BYTES - - :STRING - - :INTEGER - - :FLOAT - - :BOOLEAN - - !ruby/object:Api::Type::NestedObject - name: 'tableReplicationInfo' + enum_values: + - 'BYTES' + - 'STRING' + - 'INTEGER' + - 'FLOAT' + - 'BOOLEAN' + - name: 'tableReplicationInfo' + type: NestedObject description: | Replication info of a table created using "AS REPLICA" DDL like: `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. properties: - - !ruby/object:Api::Type::String - name: 'sourceProjectId' + - name: 'sourceProjectId' + type: String description: The ID of the source project. required: true - - !ruby/object:Api::Type::String - name: 'sourceDatasetId' + - name: 'sourceDatasetId' + type: String description: The ID of the source dataset. required: true - - !ruby/object:Api::Type::String - name: 'sourceTableId' + - name: 'sourceTableId' + type: String description: The ID of the source materialized view. required: true - - !ruby/object:Api::Type::Integer - name: 'replicationIntervalMs' + - name: 'replicationIntervalMs' + type: Integer description: | The interval at which the source materialized view is polled for updates. The default is 300000. default_value: 300000 - - !ruby/object:Api::Type::KeyValuePairs - name: 'resourceTags' + - name: 'resourceTags' + type: KeyValuePairs description: | The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for example "123456789012/environment" where 123456789012 is the diff --git a/mmv1/products/bigquery/go_Dataset.yaml b/mmv1/products/bigquery/go_Dataset.yaml deleted file mode 100644 index d814fb3a1f96..000000000000 --- a/mmv1/products/bigquery/go_Dataset.yaml +++ /dev/null @@ -1,404 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Dataset' -kind: 'bigquery#dataset' -description: | - Datasets allow you to organize and control access to your tables. -references: - guides: - 'Datasets Intro': 'https://cloud.google.com/bigquery/docs/datasets-intro' - api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' -docs: - warning: | - You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. - The API does accept both formats but it will always return the legacy format which results in Terraform - showing permanent diff on each plan and apply operation. -base_url: 'projects/{{project}}/datasets' -self_link: 'projects/{{project}}/datasets/{{dataset_id}}' -has_self_link: true -delete_url: 'projects/{{project}}/datasets/{{dataset_id}}?deleteContents={{delete_contents_on_destroy}}' -import_format: - - 'projects/{{project}}/datasets/{{dataset_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/bigquery_dataset.go.tmpl' -exclude_sweeper: true -examples: - - name: 'bigquery_dataset_basic' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - account_name: 'bqowner' - - name: 'bigquery_dataset_with_max_time_travel_hours' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - account_name: 'bqowner' - skip_docs: true - - name: 'bigquery_dataset_cmek' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - key_name: 'example-key' - keyring_name: 'example-keyring' - skip_test: true - - name: 'bigquery_dataset_authorized_dataset' - primary_resource_id: 'dataset' - vars: - private: 'private' - public: 'public' - account_name: 'bqowner' - - name: 'bigquery_dataset_authorized_routine' - primary_resource_id: 'private' - vars: - private_dataset: 'private_dataset' - public_dataset: 'public_dataset' - public_routine: 'public_routine' - test_env_vars: - service_account: 'SERVICE_ACCT' - - name: 'bigquery_dataset_case_insensitive_names' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - account_name: 'bqowner' - skip_docs: true - - name: 'bigquery_dataset_default_collation_set' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - account_name: 'bqowner' - skip_docs: true - - name: 'bigquery_dataset_external_reference_aws_test' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - skip_docs: true - - name: 'bigquery_dataset_external_reference_aws' - primary_resource_id: 'dataset' - vars: - dataset_id: 'example_dataset' - skip_test: true - - name: 'bigquery_dataset_resource_tags' - primary_resource_id: 'dataset' - primary_resource_name: 'fmt.Sprintf("tf_test_dataset%s", context["random_suffix"])' - vars: - dataset_id: 'dataset' - tag_key1: 'tag_key1' - tag_value1: 'tag_value1' - tag_key2: 'tag_key2' - tag_value2: 'tag_value2' - skip_docs: true -virtual_fields: - - name: 'delete_contents_on_destroy' - description: | - If set to `true`, delete all the tables in the - dataset when destroying the resource; otherwise, - destroying the resource will fail if tables are present. - type: Boolean - default_value: false -parameters: -properties: - - name: 'maxTimeTravelHours' - type: String - description: - 'Defines the time travel window in hours. The value can be from 48 to 168 - hours (2 to 7 days).' - default_from_api: true - - name: 'access' - type: Array - description: - 'An array of objects that define dataset access for one or more entities.' - is_set: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'domain' - type: String - description: | - A domain to grant access to. Any users signed in with the - domain specified will be granted the specified access - - name: 'groupByEmail' - type: String - description: An email address of a Google Group to grant access to. - - name: 'role' - type: String - description: | - Describes the rights granted to the user specified by the other - member of the access object. Basic, predefined, and custom roles - are supported. Predefined roles that have equivalent basic roles - are swapped by the API to their basic counterparts. See - [official docs](https://cloud.google.com/bigquery/docs/access-control). - - name: 'specialGroup' - type: String - description: | - A special group to grant access to. Possible values include: - * `projectOwners`: Owners of the enclosing project. - * `projectReaders`: Readers of the enclosing project. - * `projectWriters`: Writers of the enclosing project. - * `allAuthenticatedUsers`: All authenticated BigQuery users. - - name: 'iamMember' - type: String - description: | - Some other type of member that appears in the IAM Policy but isn't a user, - group, domain, or special group. For example: `allUsers` - - name: 'userByEmail' - type: String - description: | - An email address of a user to grant access to. For example: - fred@example.com - - name: 'view' - type: NestedObject - description: | - A view from a different dataset to grant access to. Queries - executed against that view will have read access to tables in - this dataset. The role field is not required when this field is - set. If that view is updated by any user, access to the view - needs to be granted again via an update operation. - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table. - required: true - - name: 'projectId' - type: String - description: The ID of the project containing this table. - required: true - - name: 'tableId' - type: String - description: | - The ID of the table. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 1,024 characters. - required: true - - name: 'dataset' - type: NestedObject - description: | - Grants all resources of particular types in a particular dataset read access to the current dataset. - properties: - - name: 'dataset' - type: NestedObject - description: | - The dataset this entry applies to - required: true - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table. - required: true - - name: 'projectId' - type: String - description: The ID of the project containing this table. - required: true - - name: 'targetTypes' - type: Array - description: | - Which resources in the dataset this entry applies to. Currently, only views are supported, - but additional target types may be added in the future. Possible values: VIEWS - required: true - item_type: - type: String - - name: 'routine' - type: NestedObject - description: | - A routine from a different dataset to grant access to. Queries - executed against that routine will have read access to tables in - this dataset. The role field is not required when this field is - set. If that routine is updated by any user, access to the routine - needs to be granted again via an update operation. - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table. - required: true - - name: 'projectId' - type: String - description: The ID of the project containing this table. - required: true - - name: 'routineId' - type: String - description: | - The ID of the routine. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 256 characters. - required: true - - name: 'creationTime' - type: Integer - description: | - The time when this dataset was created, in milliseconds since the - epoch. - output: true - - name: 'datasetReference' - type: NestedObject - description: 'A reference that identifies the dataset.' - required: true - immutable: true - flatten_object: true - properties: - - name: 'datasetId' - type: String - description: | - A unique ID for this dataset, without the project name. The ID - must contain only letters (a-z, A-Z), numbers (0-9), or - underscores (_). The maximum length is 1,024 characters. - required: true - immutable: true - validation: - function: 'validateDatasetId' - - name: 'defaultTableExpirationMs' - type: Integer - description: | - The default lifetime of all tables in the dataset, in milliseconds. - The minimum value is 3600000 milliseconds (one hour). - Once this property is set, all newly-created tables in the dataset - will have an `expirationTime` property set to the creation time plus - the value in this property, and changing the value will only affect - new tables, not existing ones. When the `expirationTime` for a given - table is reached, that table will be deleted automatically. - If a table's `expirationTime` is modified or removed before the - table expires, or if you provide an explicit `expirationTime` when - creating a table, that value takes precedence over the default - expiration time indicated by this property. - validation: - function: 'validateDefaultTableExpirationMs' - - name: 'defaultPartitionExpirationMs' - type: Integer - description: | - The default partition expiration for all partitioned tables in - the dataset, in milliseconds. - Once this property is set, all newly-created partitioned tables in - the dataset will have an `expirationMs` property in the `timePartitioning` - settings set to this value, and changing the value will only - affect new tables, not existing ones. The storage in a partition will - have an expiration time of its partition time plus this value. - Setting this property overrides the use of `defaultTableExpirationMs` - for partitioned tables: only one of `defaultTableExpirationMs` and - `defaultPartitionExpirationMs` will be used for any new partitioned - table. If you provide an explicit `timePartitioning.expirationMs` when - creating or updating a partitioned table, that value takes precedence - over the default partition expiration time indicated by this property. - - name: 'description' - type: String - description: A user-friendly description of the dataset - - name: 'etag' - type: String - description: | - A hash of the resource. - output: true - - name: 'externalDatasetReference' - type: NestedObject - description: | - Information about the external metadata storage where the dataset is defined. - immutable: true - properties: - - name: 'externalSource' - type: String - description: | - External source that backs this dataset. - required: true - immutable: true - - name: 'connection' - type: String - description: | - The connection id that is used to access the externalSource. - Format: projects/{projectId}/locations/{locationId}/connections/{connectionId} - required: true - immutable: true - - name: 'friendlyName' - type: String - description: A descriptive name for the dataset - send_empty_value: true - - name: 'labels' - type: KeyValueLabels - description: | - The labels associated with this dataset. You can use these to - organize and group your datasets. - - name: 'lastModifiedTime' - type: Integer - description: | - The date when this dataset or any of its tables was last modified, in - milliseconds since the epoch. - output: true - - name: 'location' - type: String - description: | - The geographic location where the dataset should reside. - See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). - There are two types of locations, regional or multi-regional. A regional - location is a specific geographic place, such as Tokyo, and a multi-regional - location is a large geographic area, such as the United States, that - contains at least two geographic places. - The default value is multi-regional location `US`. - Changing this forces a new resource to be created. - immutable: true - diff_suppress_func: 'tpgresource.CaseDiffSuppress' - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_dataset_location.go.tmpl' - default_value: "US" - - name: 'defaultEncryptionConfiguration' - type: NestedObject - description: | - The default encryption key for all tables in the dataset. Once this property is set, - all newly-created partitioned tables in the dataset will have encryption key set to - this value, unless table creation request (or query) overrides the key. - properties: - - name: 'kmsKeyName' - type: String - description: | - Describes the Cloud KMS encryption key that will be used to protect destination - BigQuery table. The BigQuery Service Account associated with your project requires - access to this encryption key. - required: true - - name: 'isCaseInsensitive' - type: Boolean - description: | - TRUE if the dataset and its table names are case-insensitive, otherwise FALSE. - By default, this is FALSE, which means the dataset and its table names are - case-sensitive. This field does not affect routine references. - default_from_api: true - - name: 'defaultCollation' - type: String - description: | - Defines the default collation specification of future tables created - in the dataset. If a table is created in this dataset without table-level - default collation, then the table inherits the dataset default collation, - which is applied to the string fields that do not have explicit collation - specified. A change to this field affects only tables created afterwards, - and does not alter the existing tables. - - The following values are supported: - - 'und:ci': undetermined locale, case insensitive. - - '': empty string. Default to case-sensitive behavior. - default_from_api: true - - name: 'storageBillingModel' - type: String - description: | - Specifies the storage billing model for the dataset. - Set this flag value to LOGICAL to use logical bytes for storage billing, - or to PHYSICAL to use physical bytes instead. - - LOGICAL is the default if this flag isn't specified. - default_from_api: true - - name: 'resourceTags' - type: KeyValuePairs - description: | - The tags attached to this table. Tag keys are globally unique. Tag key is expected to be - in the namespaced format, for example "123456789012/environment" where 123456789012 is the - ID of the parent organization or project resource for this tag key. Tag value is expected - to be the short name, for example "Production". See [Tag definitions](/iam/docs/tags-access-control#definitions) - for more details. diff --git a/mmv1/products/bigquery/go_DatasetAccess.yaml b/mmv1/products/bigquery/go_DatasetAccess.yaml deleted file mode 100644 index b7e6728dd9d2..000000000000 --- a/mmv1/products/bigquery/go_DatasetAccess.yaml +++ /dev/null @@ -1,297 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DatasetAccess' -description: | - Gives dataset access for a single entity. This resource is intended to be used in cases where - it is not possible to compile a full list of access blocks to include in a - `google_bigquery_dataset` resource, to enable them to be added separately. - - ~> **Note:** If this resource is used alongside a `google_bigquery_dataset` resource, the - dataset resource must either have no defined `access` blocks or a `lifecycle` block with - `ignore_changes = [access]` so they don't fight over which accesses should be on the dataset. - Additionally, both resource cannot be modified in the same apply. -references: - guides: - 'Controlling access to datasets': 'https://cloud.google.com/bigquery/docs/dataset-access-controls' - api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets' -docs: - warning: | - You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`. - The API does accept both formats but it will always return the legacy format which results in Terraform - showing permanent diff on each plan and apply operation. -base_url: 'projects/{{project}}/datasets/{{dataset_id}}' -self_link: 'projects/{{project}}/datasets/{{dataset_id}}' -create_verb: 'PATCH' -delete_verb: 'PATCH' -immutable: true -mutex: '{{dataset_id}}' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -identity: - - role - - userByEmail - - groupByEmail - - domain - - specialGroup - - iamMember - - view - - dataset - - routine -nested_query: - keys: - - access - is_list_of_ids: false - modify_by_patch: true -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/bigquery_dataset_access.go.tmpl' - constants: 'templates/terraform/constants/go/bigquery_dataset_access.go.tmpl' - post_create: 'templates/terraform/post_create/go/bigquery_dataset_access.go.tmpl' -exclude_tgc: true -exclude_sweeper: true -error_retry_predicates: - - - 'transport_tpg.IsBigqueryIAMQuotaError' -examples: - - name: 'bigquery_dataset_access_basic_user' - primary_resource_id: 'access' - vars: - dataset_id: 'example_dataset' - account_name: 'bqowner' - skip_test: true - - name: 'bigquery_dataset_access_view' - primary_resource_id: 'access' - vars: - dataset_id: 'example_dataset' - dataset_id2: 'example_dataset2' - table_id: 'example_table' - skip_test: true - - name: 'bigquery_dataset_access_authorized_dataset' - primary_resource_id: 'access' - vars: - private: 'private' - public: 'public' - skip_test: true - - name: 'bigquery_dataset_access_authorized_routine' - primary_resource_id: 'authorized_routine' - vars: - private_dataset: 'private_dataset' - public_dataset: 'public_dataset' - public_routine: 'public_routine' - skip_test: true -parameters: -properties: - - name: 'datasetId' - type: String - description: | - A unique ID for this dataset, without the project name. The ID - must contain only letters (a-z, A-Z), numbers (0-9), or - underscores (_). The maximum length is 1,024 characters. - required: true - ignore_read: true - - name: 'role' - type: String - description: | - Describes the rights granted to the user specified by the other - member of the access object. Basic, predefined, and custom roles are - supported. Predefined roles that have equivalent basic roles are - swapped by the API to their basic counterparts, and will show a diff - post-create. See - [official docs](https://cloud.google.com/bigquery/docs/access-control). - diff_suppress_func: 'resourceBigQueryDatasetAccessRoleDiffSuppress' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_access_role.go.tmpl' - - name: 'userByEmail' - type: String - description: | - An email address of a user to grant access to. For example: - fred@example.com - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - custom_expand: 'templates/terraform/custom_expand/go/string_to_lower_case.go.tmpl' - - name: 'groupByEmail' - type: String - description: An email address of a Google Group to grant access to. - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - custom_expand: 'templates/terraform/custom_expand/go/string_to_lower_case.go.tmpl' - - name: 'domain' - type: String - description: | - A domain to grant access to. Any users signed in with the - domain specified will be granted the specified access - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - - name: 'specialGroup' - type: String - description: | - A special group to grant access to. Possible values include: - * `projectOwners`: Owners of the enclosing project. - * `projectReaders`: Readers of the enclosing project. - * `projectWriters`: Writers of the enclosing project. - * `allAuthenticatedUsers`: All authenticated BigQuery users. - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - - name: 'iamMember' - type: String - description: | - Some other type of member that appears in the IAM Policy but isn't a user, - group, domain, or special group. For example: `allUsers` - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - diff_suppress_func: 'resourceBigQueryDatasetAccessIamMemberDiffSuppress' - - name: 'view' - type: NestedObject - description: | - A view from a different dataset to grant access to. Queries - executed against that view will have read access to tables in - this dataset. The role field is not required when this field is - set. If that view is updated by any user, access to the view - needs to be granted again via an update operation. - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table. - required: true - - name: 'projectId' - type: String - description: The ID of the project containing this table. - required: true - - name: 'tableId' - type: String - description: | - The ID of the table. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 1,024 characters. - required: true - - name: 'dataset' - type: NestedObject - description: | - Grants all resources of particular types in a particular dataset read access to the current dataset. - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - properties: - - name: 'dataset' - type: NestedObject - description: | - The dataset this entry applies to - required: true - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table. - required: true - - name: 'projectId' - type: String - description: The ID of the project containing this table. - required: true - - name: 'targetTypes' - type: Array - description: | - Which resources in the dataset this entry applies to. Currently, only views are supported, - but additional target types may be added in the future. Possible values: VIEWS - required: true - item_type: - type: String - - name: 'routine' - type: NestedObject - description: | - A routine from a different dataset to grant access to. Queries - executed against that routine will have read access to tables in - this dataset. The role field is not required when this field is - set. If that routine is updated by any user, access to the routine - needs to be granted again via an update operation. - exactly_one_of: - - 'user_by_email' - - 'group_by_email' - - 'domain' - - 'special_group' - - 'iam_member' - - 'view' - - 'dataset' - - 'routine' - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table. - required: true - - name: 'projectId' - type: String - description: The ID of the project containing this table. - required: true - - name: 'routineId' - type: String - description: | - The ID of the routine. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 256 characters. - required: true diff --git a/mmv1/products/bigquery/go_Job.yaml b/mmv1/products/bigquery/go_Job.yaml deleted file mode 100644 index d01e11410fa4..000000000000 --- a/mmv1/products/bigquery/go_Job.yaml +++ /dev/null @@ -1,877 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Job' -kind: 'bigquery#job' -description: | - Jobs are actions that BigQuery runs on your behalf to load data, export data, query data, or copy data. - Once a BigQuery job is created, it cannot be changed or deleted. -references: - guides: - 'BigQuery Jobs Intro': 'https://cloud.google.com/bigquery/docs/jobs-overview' - api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs' -docs: -id_format: 'projects/{{project}}/jobs/{{job_id}}' -base_url: 'projects/{{project}}/jobs' -self_link: 'projects/{{project}}/jobs/{{job_id}}?location={{location}}' -exclude_delete: true -immutable: true -import_format: - - 'projects/{{project}}/jobs/{{job_id}}/location/{{location}}' - - 'projects/{{project}}/jobs/{{job_id}}' - - '{{project}}/{{job_id}}' - - '{{job_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - type: 'PollAsync' - check_response_func_existence: 'transport_tpg.PollCheckForExistence' - check_response_func_absence: 'transport_tpg.PollCheckForAbsence' - suppress_error: false - target_occurrences: 1 - actions: ['create'] -custom_code: - constants: 'templates/terraform/constants/go/bigquery_job.go.tmpl' - encoder: 'templates/terraform/encoders/go/bigquery_job.go.tmpl' -schema_version: 1 -state_upgraders: true -examples: - - name: 'bigquery_job_query' - primary_resource_id: 'job' - vars: - job_id: 'job_query' - account_name: 'bqowner' - ignore_read_extra: - - 'etag' - - 'status.0.state' - - name: 'bigquery_job_query_table_reference' - primary_resource_id: 'job' - vars: - job_id: 'job_query' - account_name: 'bqowner' - ignore_read_extra: - - 'etag' - - 'query.0.default_dataset.0.dataset_id' - - 'query.0.destination_table.0.table_id' - - 'status.0.state' - - name: 'bigquery_job_load' - primary_resource_id: 'job' - vars: - job_id: 'job_load' - ignore_read_extra: - - 'etag' - - 'status.0.state' - - name: 'bigquery_job_load_geojson' - primary_resource_id: 'job' - vars: - job_id: 'job_load' - bucket_name: 'bq-geojson' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'etag' - - 'status.0.state' - - name: 'bigquery_job_load_parquet' - primary_resource_id: 'job' - vars: - job_id: 'job_load' - ignore_read_extra: - - 'etag' - - 'status.0.state' - - name: 'bigquery_job_load_table_reference' - primary_resource_id: 'job' - vars: - job_id: 'job_load' - ignore_read_extra: - - 'etag' - - 'load.0.destination_table.0.table_id' - - 'status.0.state' - skip_docs: true - - name: 'bigquery_job_copy' - primary_resource_id: 'job' - vars: - job_id: 'job_copy' - account_name: 'bqowner' - key_name: 'example-key' - keyring_name: 'example-keyring' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'etag' - - 'status.0.state' - - name: 'bigquery_job_copy_table_reference' - primary_resource_id: 'job' - vars: - job_id: 'job_copy' - account_name: 'bqowner' - key_name: 'example-key' - keyring_name: 'example-keyring' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'etag' - - 'copy.0.destination_table.0.table_id' - - 'copy.0.source_tables.0.table_id' - - 'copy.0.source_tables.1.table_id' - - 'status.0.state' - skip_docs: true - - name: 'bigquery_job_extract' - primary_resource_id: 'job' - vars: - job_id: 'job_extract' - account_name: 'bqowner' - ignore_read_extra: - - 'etag' - - 'status.0.state' - - name: 'bigquery_job_extract_table_reference' - primary_resource_id: 'job' - vars: - job_id: 'job_extract' - account_name: 'bqowner' - ignore_read_extra: - - 'etag' - - 'extract.0.source_table.0.table_id' - - 'status.0.state' - skip_docs: true -parameters: -properties: - - name: 'user_email' - type: String - description: | - Email address of the user who ran the job. - output: true - - name: 'configuration' - type: NestedObject - description: 'Describes the job configuration.' - required: true - flatten_object: true - properties: - - name: 'jobType' - type: String - description: | - The type of the job. - output: true - - name: 'jobTimeoutMs' - type: String - description: | - Job timeout in milliseconds. If this time limit is exceeded, BigQuery may attempt to terminate the job. - - name: 'labels' - type: KeyValueLabels - description: | - The labels associated with this job. You can use these to organize and group your jobs. - - name: 'query' - type: NestedObject - description: 'Configures a query job.' - exactly_one_of: - - 'configuration.0.query' - - 'configuration.0.load' - - 'configuration.0.copy' - - 'configuration.0.extract' - properties: - - name: 'query' - type: String - description: | - SQL query text to execute. The useLegacySql field can be used to indicate whether the query uses legacy SQL or standard SQL. - *NOTE*: queries containing [DML language](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) - (`DELETE`, `UPDATE`, `MERGE`, `INSERT`) must specify `create_disposition = ""` and `write_disposition = ""`. - required: true - - name: 'destinationTable' - type: NestedObject - description: | - Describes the table where the query results should be stored. - This property must be set for large results that exceed the maximum response size. - For queries that produce anonymous (cached) results, this field will be populated by BigQuery. - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_query_destinationtable.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' - properties: - - name: 'projectId' - type: String - description: 'The ID of the project containing this table.' - required: false - default_from_api: true - - name: 'datasetId' - type: String - description: 'The ID of the dataset containing this table.' - required: false - default_from_api: true - - name: 'tableId' - type: String - description: | - The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, - or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'userDefinedFunctionResources' - type: Array - description: | - Describes user-defined function resources used in the query. - item_type: - type: NestedObject - properties: - - name: 'resourceUri' - type: String - description: - 'A code resource to load from a Google Cloud Storage URI - (gs://bucket/path).' - - name: 'inlineCode' - type: String - description: | - An inline resource that contains code for a user-defined function (UDF). - Providing a inline code resource is equivalent to providing a URI for a file containing the same code. - - name: 'createDisposition' - type: Enum - description: | - Specifies whether the job is allowed to create new tables. The following values are supported: - CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. - CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. - Creation, truncation and append actions occur as one atomic update upon job completion - default_value: "CREATE_IF_NEEDED" - enum_values: - - 'CREATE_IF_NEEDED' - - 'CREATE_NEVER' - - name: 'writeDisposition' - type: Enum - description: | - Specifies the action that occurs if the destination table already exists. The following values are supported: - WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. - WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. - WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. - Each action is atomic and only occurs if BigQuery is able to complete the job successfully. - Creation, truncation and append actions occur as one atomic update upon job completion. - default_value: "WRITE_EMPTY" - enum_values: - - 'WRITE_TRUNCATE' - - 'WRITE_APPEND' - - 'WRITE_EMPTY' - - name: 'defaultDataset' - type: NestedObject - description: | - Specifies the default dataset to use for unqualified table names in the query. Note that this does not alter behavior of unqualified dataset names. - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_dataset_ref.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_dataset_ref.go.tmpl' - properties: - - name: 'datasetId' - type: String - description: | - The dataset. Can be specified `{{dataset_id}}` if `project_id` is also set, - or of the form `projects/{{project}}/datasets/{{dataset_id}}` if not. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'projectId' - type: String - description: 'The ID of the project containing this table.' - required: false - default_from_api: true - - name: 'priority' - type: Enum - description: | - Specifies a priority for the query. - default_value: "INTERACTIVE" - enum_values: - - 'INTERACTIVE' - - 'BATCH' - - name: 'allowLargeResults' - type: Boolean - description: | - If true and query uses legacy SQL dialect, allows the query to produce arbitrarily large result tables at a slight cost in performance. - Requires destinationTable to be set. For standard SQL queries, this flag is ignored and large results are always allowed. - However, you must still set destinationTable when result size exceeds the allowed maximum response size. - - name: 'useQueryCache' - type: Boolean - description: | - Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever - tables in the query are modified. Moreover, the query cache is only available when a query does not have a destination table specified. - The default value is true. - default_value: true - - name: 'flattenResults' - type: Boolean - description: | - If true and query uses legacy SQL dialect, flattens all nested and repeated fields in the query results. - allowLargeResults must be true if this is set to false. For standard SQL queries, this flag is ignored and results are never flattened. - - name: 'maximumBillingTier' - type: Integer - description: | - Limits the billing tier for this job. Queries that have resource usage beyond this tier will fail (without incurring a charge). - If unspecified, this will be set to your project default. - - name: 'maximumBytesBilled' - type: String - description: | - Limits the bytes billed for this job. Queries that will have bytes billed beyond this limit will fail (without incurring a charge). - If unspecified, this will be set to your project default. - - name: 'useLegacySql' - type: Boolean - description: | - Specifies whether to use BigQuery's legacy SQL dialect for this query. The default value is true. - If set to false, the query will use BigQuery's standard SQL. - send_empty_value: true - - name: 'parameterMode' - type: String - description: | - Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query. - - name: 'schemaUpdateOptions' - type: Array - description: | - Allows the schema of the destination table to be updated as a side effect of the query job. - Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; - when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, - specified by partition decorators. For normal tables, WRITE_TRUNCATE will always overwrite the schema. - One or more of the following values are specified: - ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. - ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. - item_type: - type: String - - name: 'destinationEncryptionConfiguration' - type: NestedObject - description: | - Custom encryption configuration (e.g., Cloud KMS keys) - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_kms_version.go.tmpl' - properties: - - name: 'kmsKeyName' - type: String - description: | - Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. - The BigQuery Service Account associated with your project requires access to this encryption key. - required: true - - name: 'kmsKeyVersion' - type: String - description: | - Describes the Cloud KMS encryption key version used to protect destination BigQuery table. - output: true - - name: 'scriptOptions' - type: NestedObject - description: | - Options controlling the execution of scripts. - properties: - - name: 'statementTimeoutMs' - type: String - description: 'Timeout period for each statement in a script.' - at_least_one_of: - - 'configuration.0.query.0.script_options.0.statement_timeout_ms' - - 'configuration.0.query.0.script_options.0.statement_byte_budget' - - 'configuration.0.query.0.script_options.0.key_result_statement' - - name: 'statementByteBudget' - type: String - description: - 'Limit on the number of bytes billed per statement. Exceeding - this budget results in an error.' - at_least_one_of: - - 'configuration.0.query.0.script_options.0.statement_timeout_ms' - - 'configuration.0.query.0.script_options.0.statement_byte_budget' - - 'configuration.0.query.0.script_options.0.key_result_statement' - - name: 'keyResultStatement' - type: Enum - description: | - Determines which statement in the script represents the "key result", - used to populate the schema and query results of the script job. - at_least_one_of: - - 'configuration.0.query.0.script_options.0.statement_timeout_ms' - - 'configuration.0.query.0.script_options.0.statement_byte_budget' - - 'configuration.0.query.0.script_options.0.key_result_statement' - enum_values: - - 'LAST' - - 'FIRST_SELECT' - - name: 'load' - type: NestedObject - description: 'Configures a load job.' - exactly_one_of: - - 'configuration.0.query' - - 'configuration.0.load' - - 'configuration.0.copy' - - 'configuration.0.extract' - properties: - - name: 'sourceUris' - type: Array - description: | - The fully-qualified URIs that point to your data in Google Cloud. - For Google Cloud Storage URIs: Each URI can contain one '\*' wildcard character - and it must come after the 'bucket' name. Size limits related to load jobs apply - to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be - specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. - For Google Cloud Datastore backups: Exactly one URI can be specified. Also, the '\*' wildcard character is not allowed. - required: true - item_type: - type: String - - name: 'destinationTable' - type: NestedObject - description: | - The destination table to load the data into. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_load_destinationtable.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' - properties: - - name: 'projectId' - type: String - description: 'The ID of the project containing this table.' - required: false - default_from_api: true - - name: 'datasetId' - type: String - description: 'The ID of the dataset containing this table.' - required: false - default_from_api: true - - name: 'tableId' - type: String - description: | - The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, - or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'createDisposition' - type: Enum - description: | - Specifies whether the job is allowed to create new tables. The following values are supported: - CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. - CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. - Creation, truncation and append actions occur as one atomic update upon job completion - default_value: "CREATE_IF_NEEDED" - enum_values: - - 'CREATE_IF_NEEDED' - - 'CREATE_NEVER' - - name: 'writeDisposition' - type: Enum - description: | - Specifies the action that occurs if the destination table already exists. The following values are supported: - WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. - WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. - WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. - Each action is atomic and only occurs if BigQuery is able to complete the job successfully. - Creation, truncation and append actions occur as one atomic update upon job completion. - default_value: "WRITE_EMPTY" - enum_values: - - 'WRITE_TRUNCATE' - - 'WRITE_APPEND' - - 'WRITE_EMPTY' - - name: 'nullMarker' - type: String - description: | - Specifies a string that represents a null value in a CSV file. For example, if you specify "\N", BigQuery interprets "\N" as a null value - when loading a CSV file. The default value is the empty string. If you set this property to a custom value, BigQuery throws an error if an - empty string is present for all data types except for STRING and BYTE. For STRING and BYTE columns, BigQuery interprets the empty string as - an empty value. - default_value: "" - - name: 'fieldDelimiter' - type: String - description: | - The separator for fields in a CSV file. The separator can be any ISO-8859-1 single-byte character. - To use a character in the range 128-255, you must encode the character as UTF8. BigQuery converts - the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the - data in its raw, binary state. BigQuery also supports the escape sequence "\t" to specify a tab separator. - The default value is a comma (','). - default_from_api: true - - name: 'skipLeadingRows' - type: Integer - description: | - The number of rows at the top of a CSV file that BigQuery will skip when loading the data. - The default value is 0. This property is useful if you have header rows in the file that should be skipped. - When autodetect is on, the behavior is the following: - skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, - the row is read as data. Otherwise data is read starting from the second row. - skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. - skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, - row N is just skipped. Otherwise row N is used to extract column names for the detected schema. - validation: - function: 'validation.IntAtLeast(0)' - default_value: 0 - - name: 'encoding' - type: String - description: | - The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. - The default value is UTF-8. BigQuery decodes the data after the raw, binary data - has been split using the values of the quote and fieldDelimiter properties. - default_value: "UTF-8" - - name: 'quote' - type: String - description: | - The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, - and then uses the first byte of the encoded string to split the data in its raw, binary state. - The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. - If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. - default_from_api: true - - name: 'maxBadRecords' - type: Integer - description: | - The maximum number of bad records that BigQuery can ignore when running the job. If the number of bad records exceeds this value, - an invalid error is returned in the job result. The default value is 0, which requires that all records are valid. - default_value: 0 - - name: 'allowQuotedNewlines' - type: Boolean - description: | - Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. - The default value is false. - default_value: false - - name: 'sourceFormat' - type: String - description: | - The format of the data files. For CSV files, specify "CSV". For datastore backups, specify "DATASTORE_BACKUP". - For newline-delimited JSON, specify "NEWLINE_DELIMITED_JSON". For Avro, specify "AVRO". For parquet, specify "PARQUET". - For orc, specify "ORC". [Beta] For Bigtable, specify "BIGTABLE". - The default value is CSV. - default_value: "CSV" - - name: 'jsonExtension' - type: String - description: | - If sourceFormat is set to newline-delimited JSON, indicates whether it should be processed as a JSON variant such as GeoJSON. - For a sourceFormat other than JSON, omit this field. If the sourceFormat is newline-delimited JSON: - for newline-delimited - GeoJSON: set to GEOJSON. - - name: 'allowJaggedRows' - type: Boolean - description: | - Accept rows that are missing trailing optional columns. The missing values are treated as nulls. - If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, - an invalid error is returned in the job result. The default value is false. Only applicable to CSV, ignored for other formats. - default_value: false - - name: 'ignoreUnknownValues' - type: Boolean - description: | - Indicates if BigQuery should allow extra values that are not represented in the table schema. - If true, the extra values are ignored. If false, records with extra columns are treated as bad records, - and if there are too many bad records, an invalid error is returned in the job result. - The default value is false. The sourceFormat property determines what BigQuery treats as an extra value: - CSV: Trailing columns - JSON: Named values that don't match any column names - default_value: false - - name: 'projectionFields' - type: Array - description: | - If sourceFormat is set to "DATASTORE_BACKUP", indicates which entity properties to load into BigQuery from a Cloud Datastore backup. - Property names are case sensitive and must be top-level properties. If no properties are specified, BigQuery loads all properties. - If any named property isn't found in the Cloud Datastore backup, an invalid error is returned in the job result. - item_type: - type: String - - name: 'autodetect' - type: Boolean - description: | - Indicates if we should automatically infer the options and schema for CSV and JSON sources. - - name: 'schemaUpdateOptions' - type: Array - description: | - Allows the schema of the destination table to be updated as a side effect of the load job if a schema is autodetected or - supplied in the job configuration. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; - when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, specified by partition decorators. - For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: - ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. - ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable. - item_type: - type: String - - name: 'timePartitioning' - type: NestedObject - description: | - Time-based partitioning specification for the destination table. - properties: - - name: 'type' - type: String - description: | - The only type supported is DAY, which will generate one partition per day. Providing an empty string used to cause an error, - but in OnePlatform the field will be treated as unset. - required: true - - name: 'expirationMs' - type: String - description: | - Number of milliseconds for which to keep the storage for a partition. A wrapper is used here because 0 is an invalid value. - - name: 'field' - type: String - description: | - If not set, the table is partitioned by pseudo column '_PARTITIONTIME'; if set, the table is partitioned by this field. - The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. - A wrapper is used here because an empty string is an invalid value. - - name: 'destinationEncryptionConfiguration' - type: NestedObject - description: | - Custom encryption configuration (e.g., Cloud KMS keys) - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_kms_version.go.tmpl' - properties: - - name: 'kmsKeyName' - type: String - description: | - Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. - The BigQuery Service Account associated with your project requires access to this encryption key. - required: true - - name: 'kmsKeyVersion' - type: String - description: | - Describes the Cloud KMS encryption key version used to protect destination BigQuery table. - output: true - - name: 'parquetOptions' - type: NestedObject - description: | - Parquet Options for load and make external tables. - properties: - - name: 'enumAsString' - type: Boolean - description: | - If sourceFormat is set to PARQUET, indicates whether to infer Parquet ENUM logical type as STRING instead of BYTES by default. - - name: 'enableListInference' - type: Boolean - description: | - If sourceFormat is set to PARQUET, indicates whether to use schema inference specifically for Parquet LIST logical type. - at_least_one_of: - - 'configuration.0.load.0.parquet_options.0.enum_as_string' - - 'configuration.0.load.0.parquet_options.0.enable_list_inference' - - name: 'copy' - type: NestedObject - description: 'Copies a table.' - exactly_one_of: - - 'configuration.0.query' - - 'configuration.0.load' - - 'configuration.0.copy' - - 'configuration.0.extract' - properties: - - name: 'sourceTables' - type: Array - description: | - Source tables to copy. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_copy_sourcetables.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref_array.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'projectId' - type: String - description: 'The ID of the project containing this table.' - required: false - default_from_api: true - - name: 'datasetId' - type: String - description: 'The ID of the dataset containing this table.' - required: false - default_from_api: true - - name: 'tableId' - type: String - description: | - The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, - or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'destinationTable' - type: NestedObject - description: 'The destination table.' - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_copy_destinationtable.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' - properties: - - name: 'projectId' - type: String - description: 'The ID of the project containing this table.' - required: false - default_from_api: true - - name: 'datasetId' - type: String - description: 'The ID of the dataset containing this table.' - required: false - default_from_api: true - - name: 'tableId' - type: String - description: | - The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, - or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'createDisposition' - type: Enum - description: | - Specifies whether the job is allowed to create new tables. The following values are supported: - CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. - CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. - Creation, truncation and append actions occur as one atomic update upon job completion - default_value: "CREATE_IF_NEEDED" - enum_values: - - 'CREATE_IF_NEEDED' - - 'CREATE_NEVER' - - name: 'writeDisposition' - type: Enum - description: | - Specifies the action that occurs if the destination table already exists. The following values are supported: - WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. - WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. - WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. - Each action is atomic and only occurs if BigQuery is able to complete the job successfully. - Creation, truncation and append actions occur as one atomic update upon job completion. - default_value: "WRITE_EMPTY" - enum_values: - - 'WRITE_TRUNCATE' - - 'WRITE_APPEND' - - 'WRITE_EMPTY' - - name: 'destinationEncryptionConfiguration' - type: NestedObject - description: | - Custom encryption configuration (e.g., Cloud KMS keys) - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_kms_version.go.tmpl' - properties: - - name: 'kmsKeyName' - type: String - description: | - Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. - The BigQuery Service Account associated with your project requires access to this encryption key. - required: true - - name: 'kmsKeyVersion' - type: String - description: | - Describes the Cloud KMS encryption key version used to protect destination BigQuery table. - output: true - - name: 'extract' - type: NestedObject - description: 'Configures an extract job.' - exactly_one_of: - - 'configuration.0.query' - - 'configuration.0.load' - - 'configuration.0.copy' - - 'configuration.0.extract' - properties: - - name: 'destinationUris' - type: Array - description: | - A list of fully-qualified Google Cloud Storage URIs where the extracted table should be written. - required: true - item_type: - type: String - - name: 'printHeader' - type: Boolean - description: | - Whether to print out a header row in the results. Default is true. - default_value: true - - name: 'fieldDelimiter' - type: String - description: | - When extracting data in CSV format, this defines the delimiter to use between fields in the exported data. - Default is ',' - default_from_api: true - - name: 'destinationFormat' - type: String - description: | - The exported file format. Possible values include CSV, NEWLINE_DELIMITED_JSON and AVRO for tables and SAVED_MODEL for models. - The default value for tables is CSV. Tables with nested or repeated fields cannot be exported as CSV. - The default value for models is SAVED_MODEL. - default_from_api: true - - name: 'compression' - type: String - description: | - The compression type to use for exported files. Possible values include GZIP, DEFLATE, SNAPPY, and NONE. - The default value is NONE. DEFLATE and SNAPPY are only supported for Avro. - default_value: "NONE" - - name: 'useAvroLogicalTypes' - type: Boolean - description: | - Whether to use logical types when extracting to AVRO format. - - name: 'sourceTable' - type: NestedObject - description: | - A reference to the table being exported. - exactly_one_of: - - 'configuration.0.extract.0.source_table' - - 'configuration.0.extract.0.source_model' - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_table_ref_extract_sourcetable.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigquery_table_ref.go.tmpl' - properties: - - name: 'projectId' - type: String - description: 'The ID of the project containing this table.' - required: false - default_from_api: true - - name: 'datasetId' - type: String - description: 'The ID of the dataset containing this table.' - required: false - default_from_api: true - - name: 'tableId' - type: String - description: | - The table. Can be specified `{{table_id}}` if `project_id` and `dataset_id` are also set, - or of the form `projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}` if not. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'sourceModel' - type: NestedObject - description: | - A reference to the model being exported. - exactly_one_of: - - 'configuration.0.extract.0.source_table' - - 'configuration.0.extract.0.source_model' - properties: - - name: 'projectId' - type: String - description: 'The ID of the project containing this model.' - required: true - - name: 'datasetId' - type: String - description: 'The ID of the dataset containing this model.' - required: true - - name: 'modelId' - type: String - description: 'The ID of the model.' - required: true - - name: 'jobReference' - type: NestedObject - description: | - Reference describing the unique-per-user name of the job. - flatten_object: true - properties: - - name: 'jobId' - type: String - description: | - The ID of the job. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum length is 1,024 characters. - required: true - - name: 'location' - type: String - description: | - The geographic location of the job. The default value is US. - default_value: "US" - - name: 'status' - type: NestedObject - description: | - The status of this job. Examine this value when polling an asynchronous job to see if the job is complete. - output: true - properties: - - name: 'errorResult' - type: NestedObject - description: | - Final error result of the job. If present, indicates that the job has completed and was unsuccessful. - output: true - properties: - - name: 'reason' - type: String - description: A short error code that summarizes the error. - - name: 'location' - type: String - description: Specifies where the error occurred, if present. - - name: 'message' - type: String - description: A human-readable description of the error. - - name: 'errors' - type: Array - description: | - The first errors encountered during the running of the job. The final message - includes the number of errors that caused the process to stop. Errors here do - not necessarily mean that the job has not completed or was unsuccessful. - output: true - item_type: - type: NestedObject - properties: - - name: 'reason' - type: String - description: A short error code that summarizes the error. - - name: 'location' - type: String - description: Specifies where the error occurred, if present. - - name: 'message' - type: String - description: A human-readable description of the error. - - name: 'state' - type: String - description: | - Running state of the job. Valid states include 'PENDING', 'RUNNING', and 'DONE'. - output: true diff --git a/mmv1/products/bigquery/go_Routine.yaml b/mmv1/products/bigquery/go_Routine.yaml deleted file mode 100644 index 2d012385c6c3..000000000000 --- a/mmv1/products/bigquery/go_Routine.yaml +++ /dev/null @@ -1,325 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Routine' -kind: 'bigquery#routine' -description: | - A user-defined function or a stored procedure that belongs to a Dataset -references: - guides: - 'Routines Intro': 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' - api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/routines' -docs: -base_url: 'projects/{{project}}/datasets/{{dataset_id}}/routines' -self_link: 'projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}' -import_format: - - 'projects/{{project}}/datasets/{{dataset_id}}/routines/{{routine_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'bigquery_routine_basic' - primary_resource_id: 'sproc' - primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' - vars: - dataset_id: 'dataset_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_json' - primary_resource_id: 'sproc' - primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' - vars: - dataset_id: 'dataset_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_tvf' - primary_resource_id: 'sproc' - primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' - vars: - dataset_id: 'dataset_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_pyspark' - primary_resource_id: 'pyspark' - vars: - dataset_id: 'dataset_id' - connection_id: 'connection_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_pyspark_mainfile' - primary_resource_id: 'pyspark_mainfile' - vars: - dataset_id: 'dataset_id' - connection_id: 'connection_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_spark_jar' - primary_resource_id: 'spark_jar' - vars: - dataset_id: 'dataset_id' - connection_id: 'connection_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_data_governance_type' - primary_resource_id: 'custom_masking_routine' - vars: - dataset_id: 'dataset_id' - routine_id: 'routine_id' - - name: 'bigquery_routine_remote_function' - primary_resource_id: 'remote_function' - vars: - dataset_id: 'dataset_id' - connection_id: 'connection_id' - routine_id: 'routine_id' - skip_test: true -parameters: -properties: - - name: 'routineReference' - type: NestedObject - description: Reference describing the ID of this routine - required: true - custom_expand: 'templates/terraform/custom_expand/go/bigquery_routine_ref.go.tmpl' - flatten_object: true - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this routine - required: true - immutable: true - - name: 'routineId' - type: String - description: - The ID of the the routine. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length is 256 - characters. - required: true - immutable: true - - name: 'routineType' - type: Enum - description: The type of routine. - required: true - immutable: true - enum_values: - - 'SCALAR_FUNCTION' - - 'PROCEDURE' - - 'TABLE_VALUED_FUNCTION' - - name: 'creationTime' - type: Integer - description: | - The time when this routine was created, in milliseconds since the - epoch. - output: true - - name: 'lastModifiedTime' - type: Integer - description: | - The time when this routine was modified, in milliseconds since the - epoch. - output: true - - name: 'language' - type: Enum - description: | - The language of the routine. - enum_values: - - 'SQL' - - 'JAVASCRIPT' - - 'PYTHON' - - 'JAVA' - - 'SCALA' - - name: 'arguments' - type: Array - description: Input/output argument of a function or a stored procedure. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name of this argument. Can be absent for function return argument. - - name: 'argumentKind' - type: Enum - description: Defaults to FIXED_TYPE. - default_value: "FIXED_TYPE" - enum_values: - - 'FIXED_TYPE' - - 'ANY_TYPE' - - name: 'mode' - type: Enum - description: | - Specifies whether the argument is input or output. Can be set for procedures only. - enum_values: - - 'IN' - - 'OUT' - - 'INOUT' - - name: 'dataType' - type: String - description: | - A JSON schema for the data type. Required unless argumentKind = ANY_TYPE. - ~>**NOTE**: Because this field expects a JSON string, any changes to the string - will create a diff, even if the JSON itself hasn't changed. If the API returns - a different value for the same schema, e.g. it switched the order of values - or replaced STRUCT field type with RECORD field type, we currently cannot - suppress the recurring diff this causes. As a workaround, we recommend using - the schema as returned by the API. - state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' - custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' - validation: - function: 'validation.StringIsJSON' - - name: 'returnType' - type: String - description: | - A JSON schema for the return type. Optional if language = "SQL"; required otherwise. - If absent, the return type is inferred from definitionBody at query time in each query - that references this routine. If present, then the evaluated result will be cast to - the specified returned type at query time. ~>**NOTE**: Because this field expects a JSON - string, any changes to the string will create a diff, even if the JSON itself hasn't - changed. If the API returns a different value for the same schema, e.g. it switche - d the order of values or replaced STRUCT field type with RECORD field type, we currently - cannot suppress the recurring diff this causes. As a workaround, we recommend using - the schema as returned by the API. - state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' - custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' - validation: - function: 'validation.StringIsJSON' - - name: 'returnTableType' - type: String - description: | - Optional. Can be set only if routineType = "TABLE_VALUED_FUNCTION". - - If absent, the return table type is inferred from definitionBody at query time in each query - that references this routine. If present, then the columns in the evaluated table result will - be cast to match the column types specificed in return table type, at query time. - state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' - custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' - validation: - function: 'validation.StringIsJSON' - - name: 'importedLibraries' - type: Array - description: | - Optional. If language = "JAVASCRIPT", this field stores the path of the - imported JAVASCRIPT libraries. - item_type: - type: String - - name: 'definitionBody' - type: String - description: | - The body of the routine. For functions, this is the expression in the AS clause. - If language=SQL, it is the substring inside (but excluding) the parentheses. - required: true - - name: 'description' - type: String - description: The description of the routine if defined. - - name: 'determinismLevel' - type: Enum - description: The determinism level of the JavaScript UDF if defined. - enum_values: - - 'DETERMINISM_LEVEL_UNSPECIFIED' - - 'DETERMINISTIC' - - 'NOT_DETERMINISTIC' - - name: 'dataGovernanceType' - type: Enum - description: If set to DATA_MASKING, the function is validated and made available as a masking function. For more information, see https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask - enum_values: - - 'DATA_MASKING' - - name: 'sparkOptions' - type: NestedObject - description: | - Optional. If language is one of "PYTHON", "JAVA", "SCALA", this field stores the options for spark stored procedure. - properties: - - name: 'connection' - type: String - description: | - Fully qualified name of the user-provided Spark connection object. - Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" - - name: 'runtimeVersion' - type: String - description: Runtime version. If not specified, the default runtime version is used. - - name: 'containerImage' - type: String - description: Custom container image for the runtime environment. - - name: 'properties' - type: KeyValuePairs - description: | - Configuration properties as a set of key/value pairs, which will be passed on to the Spark application. - For more information, see Apache Spark and the procedure option list. - An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - default_from_api: true - - name: 'mainFileUri' - type: String - description: | - The main file/jar URI of the Spark application. - Exactly one of the definitionBody field and the mainFileUri field must be set for Python. - Exactly one of mainClass and mainFileUri field should be set for Java/Scala language type. - - name: 'pyFileUris' - type: Array - description: | - Python files to be placed on the PYTHONPATH for PySpark application. Supported file types: .py, .egg, and .zip. For more information about Apache Spark, see Apache Spark. - default_from_api: true - item_type: - type: String - - name: 'jarUris' - type: Array - description: | - JARs to include on the driver and executor CLASSPATH. For more information about Apache Spark, see Apache Spark. - default_from_api: true - item_type: - type: String - - name: 'fileUris' - type: Array - description: | - Files to be placed in the working directory of each executor. For more information about Apache Spark, see Apache Spark. - default_from_api: true - item_type: - type: String - - name: 'archiveUris' - type: Array - description: | - Archive files to be extracted into the working directory of each executor. For more information about Apache Spark, see Apache Spark. - default_from_api: true - item_type: - type: String - - name: 'mainClass' - type: String - description: | - The fully qualified name of a class in jarUris, for example, com.example.wordcount. - Exactly one of mainClass and main_jar_uri field should be set for Java/Scala language type. - - name: 'remoteFunctionOptions' - type: NestedObject - description: Remote function specific options. - properties: - - name: 'endpoint' - type: String - description: | - Endpoint of the user-provided remote service, e.g. - `https://us-east1-my_gcf_project.cloudfunctions.net/remote_add` - - name: 'connection' - type: String - description: | - Fully qualified name of the user-provided connection object which holds - the authentication information to send requests to the remote service. - Format: "projects/{projectId}/locations/{locationId}/connections/{connectionId}" - - name: 'userDefinedContext' - type: KeyValuePairs - description: | - User-defined context as a set of key/value pairs, which will be sent as function - invocation context together with batched arguments in the requests to the remote - service. The total number of bytes of keys and values must be less than 8KB. - - An object containing a list of "key": value pairs. Example: - `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. - default_from_api: true - - name: 'maxBatchingRows' - type: String - description: | - Max number of rows in each batch sent to the remote service. If absent or if 0, - BigQuery dynamically decides the number of rows in a batch. diff --git a/mmv1/products/bigquery/go_Table.yaml b/mmv1/products/bigquery/go_Table.yaml deleted file mode 100644 index 0dc0faf20302..000000000000 --- a/mmv1/products/bigquery/go_Table.yaml +++ /dev/null @@ -1,549 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Table' -kind: 'bigquery#table' -description: | - A Table that belongs to a Dataset -exclude_resource: true -docs: -id_format: '{{table_id}}' -base_url: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' -self_link: 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' -import_format: - - 'projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}' - - '{{table_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_type: 'google_bigquery_table' - fetch_iam_policy_verb: 'POST' - allowed_iam_role: 'roles/bigquery.dataOwner' - parent_resource_attribute: 'table_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - iam_policy_version: '1' -custom_code: -examples: - - name: 'bigquery_bigquery_table' - primary_resource_id: 'test' - primary_resource_name: 'fmt.Sprintf("tf_test_dataset_id%s", context["random_suffix"]), fmt.Sprintf("tf_test_table_id%s", context["random_suffix"])' - vars: - dataset_id: 'dataset_id' - table_id: 'table_id' -parameters: - - name: 'dataset' - type: String - description: Name of the dataset -properties: - - name: 'tableReference' - type: NestedObject - description: Reference describing the ID of this table - properties: - - name: 'datasetId' - type: String - description: The ID of the dataset containing this table - - name: 'projectId' - type: String - description: The ID of the project containing this table - - name: 'tableId' - type: String - description: The ID of the the table - - name: 'clustering' - type: Array - description: | - One or more fields on which data should be clustered. Only - top-level, non-repeated, simple-type fields are supported. When - you cluster a table using multiple columns, the order of columns - you specify is important. The order of the specified columns - determines the sort order of the data. - item_type: - type: String - - name: 'creationTime' - type: Integer - description: | - The time when this dataset was created, in milliseconds since the - epoch. - output: true - - name: 'description' - type: String - description: A user-friendly description of the dataset - - name: 'friendlyName' - type: String - description: A descriptive name for this table - - name: 'id' - type: String - description: 'An opaque ID uniquely identifying the table.' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - The labels associated with this dataset. You can use these to - organize and group your datasets - - name: 'lastModifiedTime' - type: Integer - description: | - The time when this table was last modified, in milliseconds since the - epoch. - output: true - - name: 'location' - type: String - description: | - The geographic location where the table resides. This value is - inherited from the dataset. - output: true - - name: 'name' - type: String - description: 'Name of the table' - - name: 'numBytes' - type: Integer - description: | - The size of this table in bytes, excluding any data in the streaming - buffer. - output: true - - name: 'numLongTermBytes' - type: Integer - description: | - The number of bytes in the table that are considered "long-term - storage". - output: true - - name: 'numRows' - type: Integer - description: | - The number of rows of data in this table, excluding any data in the - streaming buffer. - - name: 'requirePartitionFilter' - type: Boolean - description: | - If set to true, queries over this table require a partition filter - that can be used for partition elimination to be specified. - output: true - - name: 'type' - type: Enum - description: 'Describes the table type' - output: true - enum_values: - - 'TABLE' - - 'VIEW' - - 'EXTERNAL' - - name: 'view' - type: NestedObject - description: The view definition. - properties: - - name: 'useLegacySql' - type: Boolean - description: | - Specifies whether to use BigQuery's legacy SQL for this view - - name: 'userDefinedFunctionResources' - type: Array - description: | - Describes user-defined function resources used in the query. - item_type: - type: NestedObject - properties: - - name: 'inlineCode' - type: String - description: | - An inline resource that contains code for a user-defined - function (UDF). Providing a inline code resource is - equivalent to providing a URI for a file containing the - same code. - # TODO: Convert into cross-product ResourceRef - - name: 'resourceUri' - type: String - description: | - A code resource to load from a Google Cloud Storage URI - (gs://bucket/path). - - name: 'timePartitioning' - type: NestedObject - description: | - If specified, configures time-based partitioning for this table. - properties: - - name: 'expirationMs' - type: Integer - description: | - Number of milliseconds for which to keep the storage for a - partition. If unspecified when the table is created in a dataset - that has `defaultPartitionExpirationMs`, it will inherit - the value of `defaultPartitionExpirationMs` from the dataset. - To specify a unlimited expiration, set the value to 0. - - name: 'field' - type: String - description: | - If not set, the table is partitioned by pseudo column, - referenced via either '_PARTITIONTIME' as TIMESTAMP type, or - '_PARTITIONDATE' as DATE type. If field is specified, the table - is instead partitioned by this field. The field must be a - top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or - REQUIRED. - - name: 'type' - type: Enum - description: | - The only type supported is DAY, which will generate one partition - per day. - enum_values: - - 'DAY' - - name: 'streamingBuffer' - type: NestedObject - description: | - Contains information regarding this table's streaming buffer, if one - is present. This field will be absent if the table is not being - streamed to or if there is no data in the streaming buffer. - output: true - properties: - - name: 'estimatedBytes' - type: Integer - description: | - A lower-bound estimate of the number of bytes currently in the - streaming buffer. - output: true - - name: 'estimatedRows' - type: Integer - description: | - A lower-bound estimate of the number of rows currently in the - streaming buffer. - output: true - - name: 'oldestEntryTime' - type: Integer - description: | - Contains the timestamp of the oldest entry in the streaming - buffer, in milliseconds since the epoch, if the streaming buffer - is available. - output: true - - name: 'schema' - type: NestedObject - description: Describes the schema of this table - properties: - - name: 'fields' - type: Array - description: Describes the fields in a table. - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: | - The field description. The maximum length is 1,024 - characters. - - name: 'fields' - type: Array - description: | - Describes the nested schema fields if the type property is - set to RECORD. - item_type: - type: String - - name: 'mode' - type: Enum - description: The field mode - enum_values: - - 'NULLABLE' - - 'REQUIRED' - - 'REPEATED' - - name: 'name' - type: String - description: The field name - - name: 'type' - type: Enum - description: 'The field data type' - enum_values: - - 'STRING' - - 'BYTES' - - 'INTEGER' - - 'FLOAT' - - 'TIMESTAMP' - - 'DATE' - - 'TIME' - - 'DATETIME' - - 'RECORD' - - name: 'encryptionConfiguration' - type: NestedObject - description: Custom encryption configuration - properties: - - name: 'kmsKeyName' - type: String - description: | - Describes the Cloud KMS encryption key that will be used to - protect destination BigQuery table. The BigQuery Service Account - associated with your project requires access to this encryption - key. - - name: 'expirationTime' - type: Integer - description: | - The time when this table expires, in milliseconds since the epoch. If - not present, the table will persist indefinitely. - - name: 'externalDataConfiguration' - type: NestedObject - description: | - Describes the data format, location, and other properties of a table - stored outside of BigQuery. By defining these properties, the data - source can then be queried as if it were a standard BigQuery table. - properties: - - name: 'autodetect' - type: Boolean - description: | - Try to detect schema and format options automatically. Any option - specified explicitly will be honored. - - name: 'compression' - type: Enum - description: The compression type of the data source - enum_values: - - 'GZIP' - - 'NONE' - - name: 'ignoreUnknownValues' - type: Boolean - description: | - Indicates if BigQuery should allow extra values that are not - represented in the table schema - - name: 'maxBadRecords' - type: Integer - description: | - The maximum number of bad records that BigQuery can ignore when reading data - default_value: 0 - - name: 'sourceFormat' - type: Enum - description: The data format - enum_values: - - 'CSV' - - 'GOOGLE_SHEETS' - - 'NEWLINE_DELIMITED_JSON' - - 'AVRO' - - 'DATASTORE_BACKUP' - - 'BIGTABLE' - - 'ORC' - - 'PARQUET' - - 'ICEBERG' - - 'DELTA_LAKE' - - name: 'sourceUris' - type: Array - description: | - The fully-qualified URIs that point to your data in Google Cloud. - For Google Cloud Storage URIs: Each URI can contain one '\*' - wildcard character and it must come after the 'bucket' name. Size - limits related to load jobs apply to external data sources. For - Google Cloud Bigtable URIs: Exactly one URI can be specified and it - has be a fully specified and valid HTTPS URL for a Google Cloud - Bigtable table. For Google Cloud Datastore backups, exactly one - URI can be specified. Also, the '\*' wildcard character is not - allowed. - item_type: - type: String - - name: 'schema' - type: NestedObject - description: - 'The schema for the data. Schema is required for CSV and JSON formats' - properties: - - name: 'fields' - type: Array - description: 'Describes the fields in a table.' - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: The field description - - name: 'fields' - type: Array - description: | - Describes the nested schema fields if the type property - is set to RECORD - item_type: - type: String - - name: 'mode' - type: Enum - description: Field mode. - enum_values: - - 'NULLABLE' - - 'REQUIRED' - - 'REPEATED' - - name: 'name' - type: String - description: Field name - - name: 'type' - type: Enum - description: Field data type - enum_values: - - 'STRING' - - 'BYTES' - - 'INTEGER' - - 'FLOAT' - - 'TIMESTAMP' - - 'DATE' - - 'TIME' - - 'DATETIME' - - 'RECORD' - - name: 'googleSheetsOptions' - type: NestedObject - description: - 'Additional options if sourceFormat is set to GOOGLE_SHEETS.' - properties: - - name: 'skipLeadingRows' - type: Integer - description: | - The number of rows at the top of a Google Sheet that BigQuery - will skip when reading the data. - default_value: 0 - - name: 'csvOptions' - type: NestedObject - description: Additional properties to set if sourceFormat is set to CSV. - properties: - - name: 'allowJaggedRows' - type: Boolean - description: | - Indicates if BigQuery should accept rows that are missing - trailing optional columns - - name: 'allowQuotedNewlines' - type: Boolean - description: | - Indicates if BigQuery should allow quoted data sections that - contain newline characters in a CSV file - - name: 'encoding' - type: Enum - description: 'The character encoding of the data' - enum_values: - - 'UTF-8' - - 'ISO-8859-1' - - name: 'fieldDelimiter' - type: String - description: 'The separator for fields in a CSV file' - - name: 'quote' - type: String - description: - 'The value that is used to quote data sections in a CSV file' - - name: 'skipLeadingRows' - type: Integer - description: | - The number of rows at the top of a CSV file that BigQuery - will skip when reading the data. - default_value: 0 - - name: 'bigtableOptions' - type: NestedObject - description: 'Additional options if sourceFormat is set to BIGTABLE.' - properties: - - name: 'ignoreUnspecifiedColumnFamilies' - type: Boolean - description: | - If field is true, then the column families that are not specified in - columnFamilies list are not exposed in the table schema - - name: 'readRowkeyAsString' - type: Boolean - description: | - If field is true, then the rowkey column families will be - read and converted to string. - - name: 'columnFamilies' - type: Array - description: | - List of column families to expose in the table schema along - with their types. - item_type: - type: NestedObject - properties: - - name: 'columns' - type: Array - description: | - Lists of columns that should be exposed as individual - fields as opposed to a list of (column name, value) pairs. - item_type: - type: NestedObject - properties: - - name: 'encoding' - type: Enum - description: - The encoding of the values when the type is not STRING - enum_values: - - 'TEXT' - - 'BINARY' - - name: 'fieldName' - type: String - description: | - If the qualifier is not a valid BigQuery field - identifier, a valid identifier must be provided as - the column field name and is used as field name in - queries. - - name: 'onlyReadLatest' - type: Boolean - description: | - If this is set, only the latest version of value in this column are exposed - - name: 'qualifierString' - type: String - description: Qualifier of the column - required: true - - name: 'type' - type: Enum - description: - The type to convert the value in cells of this column - enum_values: - - 'BYTES' - - 'STRING' - - 'INTEGER' - - 'FLOAT' - - 'BOOLEAN' - - name: 'encoding' - type: Enum - description: - The encoding of the values when the type is not STRING - enum_values: - - 'TEXT' - - 'BINARY' - - name: 'familyId' - type: String - description: Identifier of the column family. - - name: 'onlyReadLatest' - type: Boolean - description: | - If this is set only the latest version of value are - exposed for all columns in this column family - - name: 'type' - type: Enum - description: - The type to convert the value in cells of this column family - enum_values: - - 'BYTES' - - 'STRING' - - 'INTEGER' - - 'FLOAT' - - 'BOOLEAN' - - name: 'tableReplicationInfo' - type: NestedObject - description: | - Replication info of a table created using "AS REPLICA" DDL like: - `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. - properties: - - name: 'sourceProjectId' - type: String - description: The ID of the source project. - required: true - - name: 'sourceDatasetId' - type: String - description: The ID of the source dataset. - required: true - - name: 'sourceTableId' - type: String - description: The ID of the source materialized view. - required: true - - name: 'replicationIntervalMs' - type: Integer - description: | - The interval at which the source materialized view is polled for updates. The default is - 300000. - default_value: 300000 - - name: 'resourceTags' - type: KeyValuePairs - description: | - The tags attached to this table. Tag keys are globally unique. Tag key is expected to be - in the namespaced format, for example "123456789012/environment" where 123456789012 is the - ID of the parent organization or project resource for this tag key. Tag value is expected - to be the short name, for example "Production". diff --git a/mmv1/products/bigquery/go_product.yaml b/mmv1/products/bigquery/go_product.yaml deleted file mode 100644 index 804848d8e0f3..000000000000 --- a/mmv1/products/bigquery/go_product.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BigQuery' -legacy_name: 'bigquery' -display_name: 'BigQuery' -versions: - - name: 'ga' - base_url: 'https://bigquery.googleapis.com/bigquery/v2/' - - name: 'beta' - base_url: 'https://bigquery.googleapis.com/bigquery/v2/' -scopes: - - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigquery/product.yaml b/mmv1/products/bigquery/product.yaml index f280ad33d2a1..2babfba49601 100644 --- a/mmv1/products/bigquery/product.yaml +++ b/mmv1/products/bigquery/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2017 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +11,14 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BigQuery -display_name: BigQuery +--- +name: 'BigQuery' legacy_name: 'bigquery' +display_name: 'BigQuery' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://bigquery.googleapis.com/bigquery/v2/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://bigquery.googleapis.com/bigquery/v2/ + - name: 'ga' + base_url: 'https://bigquery.googleapis.com/bigquery/v2/' + - name: 'beta' + base_url: 'https://bigquery.googleapis.com/bigquery/v2/' scopes: - - https://www.googleapis.com/auth/bigquery + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigqueryanalyticshub/DataExchange.yaml b/mmv1/products/bigqueryanalyticshub/DataExchange.yaml index 4727ea1df30d..4677a3699c5f 100644 --- a/mmv1/products/bigqueryanalyticshub/DataExchange.yaml +++ b/mmv1/products/bigqueryanalyticshub/DataExchange.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,128 +11,128 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DataExchange' -base_url: projects/{{project}}/locations/{{location}}/dataExchanges -create_url: projects/{{project}}/locations/{{location}}/dataExchanges?data_exchange_id={{data_exchange_id}} -self_link: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}} -update_verb: :PATCH -update_mask: true description: A Bigquery Analytics Hub data exchange -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges' -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/dataExchanges' +self_link: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataExchanges?data_exchange_id={{data_exchange_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' + - '{{data_exchange_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'data_exchange_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}', - '{{data_exchange_id}}', - ] -id_format: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}} -import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}', - '{{data_exchange_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' + - '{{data_exchange_id}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_analyticshub_data_exchange_basic' + - name: 'bigquery_analyticshub_data_exchange_basic' primary_resource_id: 'data_exchange' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"])' region_override: 'US' vars: data_exchange_id: 'my_data_exchange' desc: 'example data exchange' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_analyticshub_data_exchange_dcr' + - name: 'bigquery_analyticshub_data_exchange_dcr' primary_resource_id: 'data_exchange' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"])' region_override: 'US' vars: data_exchange_id: 'dcr_data_exchange' desc: 'example dcr data exchange' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- The resource name of the data exchange, for example: "projects/myproject/locations/US/dataExchanges/123" output: true - - !ruby/object:Api::Type::String - name: data_exchange_id + - name: 'data_exchange_id' + type: String description: |- The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The name of the location this data exchange. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: |- Human-readable display name of the data exchange. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), and must not start or end with spaces. required: true - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: |- Description of the data exchange. - - !ruby/object:Api::Type::String - name: primaryContact + - name: 'primaryContact' + type: String description: |- Email or URL of the primary point of contact of the data exchange. - - !ruby/object:Api::Type::String - name: documentation + - name: 'documentation' + type: String description: |- Documentation describing the data exchange. - - !ruby/object:Api::Type::Integer - name: listingCount + - name: 'listingCount' + type: Integer description: |- Number of listings contained in the data exchange. output: true - - !ruby/object:Api::Type::String - name: icon + - name: 'icon' + type: String description: |- Base64 encoded image representing the data exchange. - - !ruby/object:Api::Type::NestedObject - name: sharingEnvironmentConfig - default_from_api: true - immutable: true + - name: 'sharingEnvironmentConfig' + type: NestedObject description: | Configurable data sharing environment option for a data exchange. This field is required for data clean room exchanges. + immutable: true + default_from_api: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'defaultExchangeConfig' - immutable: true - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - sharing_environment_config.0.default_exchange_config - - sharing_environment_config.0.dcr_exchange_config + - name: 'defaultExchangeConfig' + type: NestedObject description: | Default Analytics Hub data exchange, used for secured data sharing. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'dcrExchangeConfig' immutable: true - allow_empty_object: true send_empty_value: true + allow_empty_object: true exactly_one_of: - - sharing_environment_config.0.default_exchange_config - - sharing_environment_config.0.dcr_exchange_config + - 'sharing_environment_config.0.default_exchange_config' + - 'sharing_environment_config.0.dcr_exchange_config' + properties: + [] + - name: 'dcrExchangeConfig' + type: NestedObject description: | Data Clean Room (DCR), used for privacy-safe and secured data sharing. - properties: [] + immutable: true + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'sharing_environment_config.0.default_exchange_config' + - 'sharing_environment_config.0.dcr_exchange_config' + properties: + [] diff --git a/mmv1/products/bigqueryanalyticshub/Listing.yaml b/mmv1/products/bigqueryanalyticshub/Listing.yaml index b5342de37dc7..a65d420ca9bf 100644 --- a/mmv1/products/bigqueryanalyticshub/Listing.yaml +++ b/mmv1/products/bigqueryanalyticshub/Listing.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,195 +11,186 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Listing' -base_url: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings -create_url: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings?listing_id={{listing_id}} -self_link: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}} -update_verb: :PATCH -update_mask: true description: A Bigquery Analytics Hub data exchange listing -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges.listings' -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings' +self_link: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings?listing_id={{listing_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'listing_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}', - '{{listing_id}}', - ] -id_format: projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}} -import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' + - '{{listing_id}}' +custom_code: # Skipping the sweeper due to the non-standard base_url -skip_sweeper: true +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_analyticshub_listing_basic' + - name: 'bigquery_analyticshub_listing_basic' primary_resource_id: 'listing' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", - context[\"\ - random_suffix\"]), fmt.Sprintf(\"tf_test_my_listing%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' region_override: 'US' vars: data_exchange_id: 'my_data_exchange' listing_id: 'my_listing' desc: 'example data exchange' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_analyticshub_listing_restricted' + - name: 'bigquery_analyticshub_listing_restricted' primary_resource_id: 'listing' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", - context[\"\ - random_suffix\"]), fmt.Sprintf(\"tf_test_my_listing%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' region_override: 'US' vars: data_exchange_id: 'my_data_exchange' listing_id: 'my_listing' desc: 'example data exchange' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_analyticshub_listing_dcr' + - name: 'bigquery_analyticshub_listing_dcr' primary_resource_id: 'listing' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_data_exchange%s\", - context[\"\ - random_suffix\"]), fmt.Sprintf(\"tf_test_my_listing%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' region_override: 'US' vars: data_exchange_id: 'dcr_data_exchange' listing_id: 'dcr_listing' desc: 'example dcr data exchange' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456" output: true - - !ruby/object:Api::Type::String - name: data_exchange_id + - name: 'data_exchange_id' + type: String description: |- The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: listing_id + - name: 'listing_id' + type: String description: |- The ID of the listing. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The name of the location this data exchange listing. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: |- Human-readable display name of the listing. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), ampersands (&) and can't start or end with spaces. required: true - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: |- Short description of the listing. The description must not contain Unicode non-characters and C0 and C1 control codes except tabs (HT), new lines (LF), carriage returns (CR), and page breaks (FF). - - !ruby/object:Api::Type::String - name: primaryContact + - name: 'primaryContact' + type: String description: |- Email or URL of the primary point of contact of the listing. - - !ruby/object:Api::Type::String - name: documentation + - name: 'documentation' + type: String description: |- Documentation describing the listing. - - !ruby/object:Api::Type::String - name: icon + - name: 'icon' + type: String description: |- Base64 encoded image representing the listing. - - !ruby/object:Api::Type::String - name: requestAccess + - name: 'requestAccess' + type: String description: |- Email or URL of the request access of the listing. Subscribers can use this reference to request access. - - !ruby/object:Api::Type::NestedObject - name: dataProvider + - name: 'dataProvider' + type: NestedObject description: Details of the data provider who owns the source data. properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: Name of the data provider. - - !ruby/object:Api::Type::String - name: 'primaryContact' + required: true + - name: 'primaryContact' + type: String description: Email or URL of the data provider. - - !ruby/object:Api::Type::NestedObject - name: publisher + - name: 'publisher' + type: NestedObject description: Details of the publisher who owns the listing and who can share the source data. properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: Name of the listing publisher. - - !ruby/object:Api::Type::String - name: 'primaryContact' + required: true + - name: 'primaryContact' + type: String description: Email or URL of the listing publisher. - - !ruby/object:Api::Type::Array - name: 'categories' + - name: 'categories' + type: Array description: | Categories of the listing. Up to two categories are allowed. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: bigqueryDataset + item_type: + type: String + - name: 'bigqueryDataset' + type: NestedObject description: Shared dataset i.e. BigQuery dataset source. required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: 'dataset' - immutable: true + - name: 'dataset' + type: String description: Resource name of the dataset source for this listing. e.g. projects/myproject/datasets/123 required: true + immutable: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - !ruby/object:Api::Type::Array - name: selectedResources + - name: 'selectedResources' + type: Array description: Resource in this dataset that is selectively shared. This field is required for data clean room exchanges. immutable: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'table' + type: String description: | Format: For table: projects/{projectId}/datasets/{datasetId}/tables/{tableId} Example:"projects/test_project/datasets/test_dataset/tables/test_table" - - !ruby/object:Api::Type::NestedObject - name: restrictedExportConfig + immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - name: 'restrictedExportConfig' + type: NestedObject description: If set, restricted export configuration will be propagated and enforced on the linked dataset. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: If true, enable restricted export. - - !ruby/object:Api::Type::Boolean - name: 'restrictDirectTableAccess' - output: true + - name: 'restrictDirectTableAccess' + type: Boolean description: If true, restrict direct table access(read api/tabledata.list) on linked table. - - !ruby/object:Api::Type::Boolean - name: 'restrictQueryResult' + output: true + - name: 'restrictQueryResult' + type: Boolean description: If true, restrict export of query result derived from restricted linked dataset table. diff --git a/mmv1/products/bigqueryanalyticshub/go_DataExchange.yaml b/mmv1/products/bigqueryanalyticshub/go_DataExchange.yaml deleted file mode 100644 index 207306765337..000000000000 --- a/mmv1/products/bigqueryanalyticshub/go_DataExchange.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DataExchange' -description: A Bigquery Analytics Hub data exchange -references: - guides: - 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' - api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/dataExchanges' -self_link: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/dataExchanges?data_exchange_id={{data_exchange_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' - - '{{data_exchange_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'data_exchange_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}' - - '{{data_exchange_id}}' -custom_code: -examples: - - name: 'bigquery_analyticshub_data_exchange_basic' - primary_resource_id: 'data_exchange' - primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"])' - region_override: 'US' - vars: - data_exchange_id: 'my_data_exchange' - desc: 'example data exchange' - - name: 'bigquery_analyticshub_data_exchange_dcr' - primary_resource_id: 'data_exchange' - primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"])' - region_override: 'US' - vars: - data_exchange_id: 'dcr_data_exchange' - desc: 'example dcr data exchange' -parameters: -properties: - - name: 'name' - type: String - description: |- - The resource name of the data exchange, for example: - "projects/myproject/locations/US/dataExchanges/123" - output: true - - name: 'data_exchange_id' - type: String - description: |- - The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The name of the location this data exchange. - url_param_only: true - required: true - immutable: true - - name: 'displayName' - type: String - description: |- - Human-readable display name of the data exchange. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), and must not start or end with spaces. - required: true - - name: 'description' - type: String - description: |- - Description of the data exchange. - - name: 'primaryContact' - type: String - description: |- - Email or URL of the primary point of contact of the data exchange. - - name: 'documentation' - type: String - description: |- - Documentation describing the data exchange. - - name: 'listingCount' - type: Integer - description: |- - Number of listings contained in the data exchange. - output: true - - name: 'icon' - type: String - description: |- - Base64 encoded image representing the data exchange. - - name: 'sharingEnvironmentConfig' - type: NestedObject - description: | - Configurable data sharing environment option for a data exchange. - This field is required for data clean room exchanges. - immutable: true - default_from_api: true - properties: - - name: 'defaultExchangeConfig' - type: NestedObject - description: | - Default Analytics Hub data exchange, used for secured data sharing. - immutable: true - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'sharing_environment_config.0.default_exchange_config' - - 'sharing_environment_config.0.dcr_exchange_config' - properties: - [] - - name: 'dcrExchangeConfig' - type: NestedObject - description: | - Data Clean Room (DCR), used for privacy-safe and secured data sharing. - immutable: true - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'sharing_environment_config.0.default_exchange_config' - - 'sharing_environment_config.0.dcr_exchange_config' - properties: - [] diff --git a/mmv1/products/bigqueryanalyticshub/go_Listing.yaml b/mmv1/products/bigqueryanalyticshub/go_Listing.yaml deleted file mode 100644 index 8df9c1449f62..000000000000 --- a/mmv1/products/bigqueryanalyticshub/go_Listing.yaml +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Listing' -description: A Bigquery Analytics Hub data exchange listing -references: - guides: - 'Official Documentation': 'https://cloud.google.com/bigquery/docs/analytics-hub-introduction' - api: 'https://cloud.google.com/bigquery/docs/reference/analytics-hub/rest/v1/projects.locations.dataExchanges.listings' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings' -self_link: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings?listing_id={{listing_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'listing_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/dataExchanges/{{data_exchange_id}}/listings/{{listing_id}}' - - '{{listing_id}}' -custom_code: -exclude_sweeper: true -examples: - - name: 'bigquery_analyticshub_listing_basic' - primary_resource_id: 'listing' - primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' - region_override: 'US' - vars: - data_exchange_id: 'my_data_exchange' - listing_id: 'my_listing' - desc: 'example data exchange' - - name: 'bigquery_analyticshub_listing_restricted' - primary_resource_id: 'listing' - primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' - region_override: 'US' - vars: - data_exchange_id: 'my_data_exchange' - listing_id: 'my_listing' - desc: 'example data exchange' - - name: 'bigquery_analyticshub_listing_dcr' - primary_resource_id: 'listing' - primary_resource_name: 'fmt.Sprintf("tf_test_my_data_exchange%s", context["random_suffix"]), fmt.Sprintf("tf_test_my_listing%s", context["random_suffix"])' - region_override: 'US' - vars: - data_exchange_id: 'dcr_data_exchange' - listing_id: 'dcr_listing' - desc: 'example dcr data exchange' -parameters: -properties: - - name: 'name' - type: String - description: |- - The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456" - output: true - - name: 'data_exchange_id' - type: String - description: |- - The ID of the data exchange. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. - url_param_only: true - required: true - immutable: true - - name: 'listing_id' - type: String - description: |- - The ID of the listing. Must contain only Unicode letters, numbers (0-9), underscores (_). Should not use characters that require URL-escaping, or characters outside of ASCII, spaces. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The name of the location this data exchange listing. - url_param_only: true - required: true - immutable: true - - name: 'displayName' - type: String - description: |- - Human-readable display name of the listing. The display name must contain only Unicode letters, numbers (0-9), underscores (_), dashes (-), spaces ( ), ampersands (&) and can't start or end with spaces. - required: true - - name: 'description' - type: String - description: |- - Short description of the listing. The description must not contain Unicode non-characters and C0 and C1 control codes except tabs (HT), new lines (LF), carriage returns (CR), and page breaks (FF). - - name: 'primaryContact' - type: String - description: |- - Email or URL of the primary point of contact of the listing. - - name: 'documentation' - type: String - description: |- - Documentation describing the listing. - - name: 'icon' - type: String - description: |- - Base64 encoded image representing the listing. - - name: 'requestAccess' - type: String - description: |- - Email or URL of the request access of the listing. Subscribers can use this reference to request access. - - name: 'dataProvider' - type: NestedObject - description: Details of the data provider who owns the source data. - properties: - - name: 'name' - type: String - description: Name of the data provider. - required: true - - name: 'primaryContact' - type: String - description: Email or URL of the data provider. - - name: 'publisher' - type: NestedObject - description: - Details of the publisher who owns the listing and who can share the source - data. - properties: - - name: 'name' - type: String - description: Name of the listing publisher. - required: true - - name: 'primaryContact' - type: String - description: Email or URL of the listing publisher. - - name: 'categories' - type: Array - description: | - Categories of the listing. Up to two categories are allowed. - item_type: - type: String - - name: 'bigqueryDataset' - type: NestedObject - description: Shared dataset i.e. BigQuery dataset source. - required: true - immutable: true - properties: - - name: 'dataset' - type: String - description: - Resource name of the dataset source for this listing. e.g. - projects/myproject/datasets/123 - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'selectedResources' - type: Array - description: Resource in this dataset that is selectively shared. This field is required for data clean room exchanges. - immutable: true - item_type: - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Format: For table: projects/{projectId}/datasets/{datasetId}/tables/{tableId} Example:"projects/test_project/datasets/test_dataset/tables/test_table" - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'restrictedExportConfig' - type: NestedObject - description: If set, restricted export configuration will be propagated and enforced on the linked dataset. - properties: - - name: 'enabled' - type: Boolean - description: - If true, enable restricted export. - - name: 'restrictDirectTableAccess' - type: Boolean - description: - If true, restrict direct table access(read api/tabledata.list) on linked table. - output: true - - name: 'restrictQueryResult' - type: Boolean - description: - If true, restrict export of query result derived from restricted linked dataset table. diff --git a/mmv1/products/bigqueryanalyticshub/go_product.yaml b/mmv1/products/bigqueryanalyticshub/go_product.yaml deleted file mode 100644 index c8f3297c4891..000000000000 --- a/mmv1/products/bigqueryanalyticshub/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BigqueryAnalyticsHub' -display_name: 'Bigquery Analytics Hub' -versions: - - name: 'beta' - base_url: 'https://analyticshub.googleapis.com/v1/' - - name: 'ga' - base_url: 'https://analyticshub.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/bigqueryanalyticshub/product.yaml b/mmv1/products/bigqueryanalyticshub/product.yaml index bd1d0a43f266..ebbb6b142a4d 100644 --- a/mmv1/products/bigqueryanalyticshub/product.yaml +++ b/mmv1/products/bigqueryanalyticshub/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BigqueryAnalyticsHub -display_name: Bigquery Analytics Hub -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'BigqueryAnalyticsHub' +display_name: 'Bigquery Analytics Hub' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://analyticshub.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://analyticshub.googleapis.com/v1/ + - name: 'beta' + base_url: 'https://analyticshub.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://analyticshub.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/bigqueryconnection/Connection.yaml b/mmv1/products/bigqueryconnection/Connection.yaml index 6de344ec5e59..ab1781551eac 100644 --- a/mmv1/products/bigqueryconnection/Connection.yaml +++ b/mmv1/products/bigqueryconnection/Connection.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,160 +11,146 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Connection' -base_url: projects/{{project}}/locations/{{location}}/connections -self_link: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} -create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}} -update_verb: :PATCH -update_mask: true description: | A connection allows BigQuery connections to external data sources.. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Cloud SQL federated queries': 'https://cloud.google.com/bigquery/docs/cloud-sql-federated-queries' api: 'https://cloud.google.com/bigquery/docs/reference/bigqueryconnection/rest/v1/projects.locations.connections/create' -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' + - '{{project}}/{{location}}/{{connection_id}}' + - '{{location}}/{{connection_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'connection_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}', - '{{connection_id}}', - ] -id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' -import_format: - [ - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}', - '{{project}}/{{location}}/{{connection_id}}', - '{{location}}/{{connection_id}}', - ] -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/bigquery_connection_id.go.erb - encoder: templates/terraform/encoders/bigquery_connection.go.erb + - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' + - '{{connection_id}}' +custom_code: + encoder: 'templates/terraform/encoders/bigquery_connection.go.tmpl' + post_create: 'templates/terraform/post_create/bigquery_connection_id.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_cloud_resource' - external_providers: ["random", "time"] - region_override: 'US' + - name: 'bigquery_connection_cloud_resource' primary_resource_id: 'connection' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-connection%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-connection%s", context["random_suffix"])' + region_override: 'US' vars: connection_id: 'my-connection' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_basic' external_providers: ["random", "time"] - primary_resource_id: - 'connection' - # Random provider - skip_vcr: true + - name: 'bigquery_connection_basic' + primary_resource_id: 'connection' vars: database_instance_name: 'my-database-instance' username: 'user' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - - 'cloud_sql.0.credential' # password removed - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_full' + # password removed + - 'cloud_sql.0.credential' external_providers: ["random", "time"] - primary_resource_id: - 'connection' # Random provider skip_vcr: true + - name: 'bigquery_connection_full' + primary_resource_id: 'connection' vars: database_instance_name: 'my-database-instance' username: 'user' connection_id: 'my-connection' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - - 'cloud_sql.0.credential' # password removed - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_aws' + # password removed + - 'cloud_sql.0.credential' external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'bigquery_connection_aws' primary_resource_id: 'connection' vars: connection_id: 'my-connection' iam_role_id: 'arn:aws:iam::999999999999:role/omnirole' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_azure' external_providers: ["random", "time"] + - name: 'bigquery_connection_azure' primary_resource_id: 'connection' vars: connection_id: 'my-connection' customer_tenant_id: 'customer-tenant-id' federated_application_client_id: 'b43eeeee-eeee-eeee-eeee-a480155501ce' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_cloudspanner' external_providers: ["random", "time"] + - name: 'bigquery_connection_cloudspanner' primary_resource_id: 'connection' vars: connection_id: 'my-connection' database: 'projects/project/instances/instance/databases/database' database_role: 'database_role' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_cloudspanner_databoost' external_providers: ["random", "time"] + - name: 'bigquery_connection_cloudspanner_databoost' primary_resource_id: 'connection' vars: connection_id: 'my-connection' database: 'projects/project/instances/instance/databases/database' - - !ruby/object:Provider::Terraform::Examples - name: "bigquery_connection_spark" - region_override: "US" - primary_resource_id: "connection" + external_providers: ["random", "time"] + - name: 'bigquery_connection_spark' + primary_resource_id: 'connection' + region_override: 'US' vars: - connection_id: "my-connection" - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_connection_kms' - primary_resource_id: - 'bq-connection-cmek' + connection_id: 'my-connection' + - name: 'bigquery_connection_kms' + primary_resource_id: 'bq-connection-cmek' vars: database_instance_name: 'my-database-instance' username: 'user' deletion_protection: 'true' kms_key_name: 'projects/project/locations/us-central1/keyRings/us-central1/cryptoKeys/bq-key' test_vars_overrides: - deletion_protection: 'false' - kms_key_name: 'acctest.BootstrapKMSKey(t).CryptoKey.Name' - policyChanged: - "acctest.BootstrapPSARole(t, \"bq-\", \"bigquery-encryption\", - \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ - )" + 'deletion_protection': 'false' + 'kms_key_name': 'acctest.BootstrapKMSKey(t).CryptoKey.Name' + 'policyChanged': 'acctest.BootstrapPSARole(t, "bq-", "bigquery-encryption", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - - 'cloud_sql.0.credential' # password removed + # password removed + - 'cloud_sql.0.credential' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- The resource name of the connection in the form of: "projects/{project_id}/locations/{location_id}/connections/{connectionId}" output: true - - !ruby/object:Api::Type::String - name: connection_id + - name: 'connection_id' + type: String description: | Optional connection id that should be assigned to the created connection. required: false immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/id_from_name.erb' - - !ruby/object:Api::Type::String - name: 'location' - required: false - immutable: true - url_param_only: true + custom_flatten: 'templates/terraform/custom_flatten/id_from_name.tmpl' + - name: 'location' + type: String description: |- The geographic location where the connection should reside. Cloud SQL instance must be in the same location as the connection @@ -173,259 +159,260 @@ properties: Spanner Connections same as spanner region AWS allowed regions are aws-us-east-1 Azure allowed regions are azure-eastus2 - - !ruby/object:Api::Type::String - name: 'friendlyName' + url_param_only: true + required: false + immutable: true + - name: 'friendlyName' + type: String description: A descriptive name for the connection - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: A descriptive description for the connection - - !ruby/object:Api::Type::Boolean - name: 'hasCredential' - output: true + - name: 'hasCredential' + type: Boolean description: | True if the connection has credential assigned. - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + output: true + - name: 'kmsKeyName' + type: String description: | Optional. The Cloud KMS key that is used for encryption. Example: projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] - - !ruby/object:Api::Type::NestedObject - name: 'cloudSql' + - name: 'cloudSql' + type: NestedObject description: Connection properties specific to the Cloud SQL. exactly_one_of: - - cloud_sql - - aws - - azure - - cloud_spanner - - cloud_resource - - spark + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' properties: - - !ruby/object:Api::Type::String - name: 'instanceId' + - name: 'instanceId' + type: String description: Cloud SQL instance ID in the form project:location:instance. required: true - - !ruby/object:Api::Type::String - name: 'database' + - name: 'database' + type: String description: Database name. required: true - - !ruby/object:Api::Type::NestedObject - name: credential + - name: 'credential' + type: NestedObject description: Cloud SQL properties. required: true - custom_flatten: 'templates/terraform/custom_flatten/bigquery_connection_flatten.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/bigquery_connection_flatten.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Username for database. required: true - - !ruby/object:Api::Type::String - name: password + - name: 'password' + type: String description: Password for database. required: true sensitive: true - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: Type of the Cloud SQL database. required: true - values: - - :DATABASE_TYPE_UNSPECIFIED - - :POSTGRES - - :MYSQL - - !ruby/object:Api::Type::String - name: 'serviceAccountId' + enum_values: + - 'DATABASE_TYPE_UNSPECIFIED' + - 'POSTGRES' + - 'MYSQL' + - name: 'serviceAccountId' + type: String description: When the connection is used in the context of an operation in BigQuery, this service account will serve as the identity being used for connecting to the CloudSQL instance specified in this connection. output: true - - !ruby/object:Api::Type::NestedObject - name: aws + - name: 'aws' + type: NestedObject description: Connection properties specific to Amazon Web Services. - exactly_one_of: - - cloud_sql - - aws - - azure - - cloud_spanner - - cloud_resource - - spark update_mask_fields: - 'aws.access_role.iam_role_id' + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' properties: - - !ruby/object:Api::Type::NestedObject - name: accessRole + - name: 'accessRole' + type: NestedObject description: Authentication using Google owned service account to assume into customer's AWS IAM Role. required: true properties: - - !ruby/object:Api::Type::String - name: iamRoleId + - name: 'iamRoleId' + type: String description: The user’s AWS IAM Role that trusts the Google-owned AWS IAM user Connection. required: true - - !ruby/object:Api::Type::String - name: identity + - name: 'identity' + type: String description: A unique Google-owned and Google-generated identity for the Connection. This identity will be used to access the user's AWS IAM Role. output: true - - !ruby/object:Api::Type::NestedObject - name: azure + - name: 'azure' + type: NestedObject description: Container for connection properties specific to Azure. - exactly_one_of: - - cloud_sql - - aws - - azure - - cloud_spanner - - cloud_resource - - spark update_mask_fields: - 'azure.customer_tenant_id' - 'azure.federated_application_client_id' + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' properties: - - !ruby/object:Api::Type::String - name: 'application' + - name: 'application' + type: String description: The name of the Azure Active Directory Application. output: true - - !ruby/object:Api::Type::String - name: 'clientId' - output: true + - name: 'clientId' + type: String description: The client id of the Azure Active Directory Application. - - !ruby/object:Api::Type::String - name: 'objectId' output: true + - name: 'objectId' + type: String description: The object id of the Azure Active Directory Application. - - !ruby/object:Api::Type::String - name: 'customerTenantId' + output: true + - name: 'customerTenantId' + type: String description: The id of customer's directory that host the data. required: true - - !ruby/object:Api::Type::String - name: 'federatedApplicationClientId' + - name: 'federatedApplicationClientId' + type: String description: The Azure Application (client) ID where the federated credentials will be hosted. - - !ruby/object:Api::Type::String - name: 'redirectUri' - output: true + - name: 'redirectUri' + type: String description: The URL user will be redirected to after granting consent during connection setup. - - !ruby/object:Api::Type::String - name: 'identity' + output: true + - name: 'identity' + type: String description: A unique Google-owned and Google-generated identity for the Connection. This identity will be used to access the user's Azure Active Directory Application. output: true - - !ruby/object:Api::Type::NestedObject - name: cloudSpanner + - name: 'cloudSpanner' + type: NestedObject description: Connection properties specific to Cloud Spanner exactly_one_of: - - cloud_sql - - aws - - azure - - cloud_spanner - - cloud_resource - - spark + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' properties: - - !ruby/object:Api::Type::String - name: 'database' + - name: 'database' + type: String description: Cloud Spanner database in the form `project/instance/database'. required: true - - !ruby/object:Api::Type::Boolean - name: 'useParallelism' + - name: 'useParallelism' + type: Boolean description: If parallelism should be used when reading from Cloud Spanner. - - !ruby/object:Api::Type::Integer - name: 'maxParallelism' + - name: 'maxParallelism' + type: Integer description: Allows setting max parallelism per query when executing on Spanner independent compute resources. If unspecified, default values of parallelism are chosen that are dependent on the Cloud Spanner instance configuration. `useParallelism` and `useDataBoost` must be set when setting max parallelism. required_with: - - cloudSpanner.0.useDataBoost - - cloudSpanner.0.useParallelism - - !ruby/object:Api::Type::Boolean - name: 'useDataBoost' + - 'cloudSpanner.0.useDataBoost' + - 'cloudSpanner.0.useParallelism' + - name: 'useDataBoost' + type: Boolean description: If set, the request will be executed via Spanner independent compute resources. `use_parallelism` must be set when using data boost. required_with: - - cloudSpanner.0.useParallelism - - !ruby/object:Api::Type::String - name: 'databaseRole' + - 'cloudSpanner.0.useParallelism' + - name: 'databaseRole' + type: String description: Cloud Spanner database role for fine-grained access control. The Cloud Spanner admin should have provisioned the database role with appropriate permissions, such as `SELECT` and `INSERT`. Other users should only use roles provided by their Cloud Spanner admins. The database role name must start with a letter, and can only contain letters, numbers, and underscores. For more details, see https://cloud.google.com/spanner/docs/fgac-about. - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[a-zA-Z][a-zA-Z0-9_]*$' - - !ruby/object:Api::Type::Boolean - name: 'useServerlessAnalytics' + - name: 'useServerlessAnalytics' + type: Boolean description: If the serverless analytics service should be used to read data from Cloud Spanner. `useParallelism` must be set when using serverless analytics. - deprecation_message: >- - `useServerlessAnalytics` is deprecated and will be removed in a future major release. Use - `useDataBoost` instead. - - !ruby/object:Api::Type::NestedObject - name: cloudResource + deprecation_message: '`useServerlessAnalytics` is deprecated and will be removed in a future major release. Use `useDataBoost` instead.' + - name: 'cloudResource' + type: NestedObject description: Container for connection properties for delegation of access to GCP resources. - exactly_one_of: - - cloud_sql - - aws - - azure - - cloud_spanner - - cloud_resource - - spark send_empty_value: true + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' properties: - - !ruby/object:Api::Type::String - name: 'serviceAccountId' + - name: 'serviceAccountId' + type: String description: The account ID of the service created for the purpose of this connection. output: true - - !ruby/object:Api::Type::NestedObject - name: spark + - name: 'spark' + type: NestedObject description: Container for connection properties to execute stored procedures for Apache Spark. resources. - exactly_one_of: - - cloud_sql - - aws - - azure - - cloud_spanner - - cloud_resource - - spark send_empty_value: true + exactly_one_of: + - 'cloud_sql' + - 'aws' + - 'azure' + - 'cloud_spanner' + - 'cloud_resource' + - 'spark' properties: - - !ruby/object:Api::Type::String - name: 'serviceAccountId' + - name: 'serviceAccountId' + type: String description: The account ID of the service created for the purpose of this connection. output: true - - !ruby/object:Api::Type::NestedObject - name: metastoreServiceConfig + - name: 'metastoreServiceConfig' + type: NestedObject description: Dataproc Metastore Service configuration for the connection. properties: - - !ruby/object:Api::Type::String - name: metastoreService + - name: 'metastoreService' + type: String description: Resource name of an existing Dataproc Metastore service in the form of projects/[projectId]/locations/[region]/services/[serviceId]. - - !ruby/object:Api::Type::NestedObject - name: sparkHistoryServerConfig + - name: 'sparkHistoryServerConfig' + type: NestedObject description: Spark History Server configuration for the connection. properties: - - !ruby/object:Api::Type::String - name: dataprocCluster + - name: 'dataprocCluster' + type: String description: Resource name of an existing Dataproc Cluster to act as a Spark History Server for the connection if the form of projects/[projectId]/regions/[region]/clusters/[cluster_name]. diff --git a/mmv1/products/bigqueryconnection/go_Connection.yaml b/mmv1/products/bigqueryconnection/go_Connection.yaml deleted file mode 100644 index 2ec68a1d7d0a..000000000000 --- a/mmv1/products/bigqueryconnection/go_Connection.yaml +++ /dev/null @@ -1,408 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Connection' -description: | - A connection allows BigQuery connections to external data sources.. -references: - guides: - 'Cloud SQL federated queries': 'https://cloud.google.com/bigquery/docs/cloud-sql-federated-queries' - api: 'https://cloud.google.com/bigquery/docs/reference/bigqueryconnection/rest/v1/projects.locations.connections/create' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/connections' -self_link: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' - - '{{project}}/{{location}}/{{connection_id}}' - - '{{location}}/{{connection_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'connection_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' - - '{{connection_id}}' -custom_code: - encoder: 'templates/terraform/encoders/go/bigquery_connection.go.tmpl' - post_create: 'templates/terraform/post_create/go/bigquery_connection_id.go.tmpl' -examples: - - name: 'bigquery_connection_cloud_resource' - primary_resource_id: 'connection' - primary_resource_name: 'fmt.Sprintf("tf-test-my-connection%s", context["random_suffix"])' - region_override: 'US' - vars: - connection_id: 'my-connection' - external_providers: ["random", "time"] - - name: 'bigquery_connection_basic' - primary_resource_id: 'connection' - vars: - database_instance_name: 'my-database-instance' - username: 'user' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'cloud_sql.0.credential' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'bigquery_connection_full' - primary_resource_id: 'connection' - vars: - database_instance_name: 'my-database-instance' - username: 'user' - connection_id: 'my-connection' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'cloud_sql.0.credential' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'bigquery_connection_aws' - primary_resource_id: 'connection' - vars: - connection_id: 'my-connection' - iam_role_id: 'arn:aws:iam::999999999999:role/omnirole' - external_providers: ["random", "time"] - - name: 'bigquery_connection_azure' - primary_resource_id: 'connection' - vars: - connection_id: 'my-connection' - customer_tenant_id: 'customer-tenant-id' - federated_application_client_id: 'b43eeeee-eeee-eeee-eeee-a480155501ce' - external_providers: ["random", "time"] - - name: 'bigquery_connection_cloudspanner' - primary_resource_id: 'connection' - vars: - connection_id: 'my-connection' - database: 'projects/project/instances/instance/databases/database' - database_role: 'database_role' - external_providers: ["random", "time"] - - name: 'bigquery_connection_cloudspanner_databoost' - primary_resource_id: 'connection' - vars: - connection_id: 'my-connection' - database: 'projects/project/instances/instance/databases/database' - external_providers: ["random", "time"] - - name: 'bigquery_connection_spark' - primary_resource_id: 'connection' - region_override: 'US' - vars: - connection_id: 'my-connection' - - name: 'bigquery_connection_kms' - primary_resource_id: 'bq-connection-cmek' - vars: - database_instance_name: 'my-database-instance' - username: 'user' - deletion_protection: 'true' - kms_key_name: 'projects/project/locations/us-central1/keyRings/us-central1/cryptoKeys/bq-key' - test_vars_overrides: - 'deletion_protection': 'false' - 'kms_key_name': 'acctest.BootstrapKMSKey(t).CryptoKey.Name' - 'policyChanged': 'acctest.BootstrapPSARole(t, "bq-", "bigquery-encryption", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' - ignore_read_extra: - - 'cloud_sql.0.credential' -parameters: -properties: - - name: 'name' - type: String - description: |- - The resource name of the connection in the form of: - "projects/{project_id}/locations/{location_id}/connections/{connectionId}" - output: true - - name: 'connection_id' - type: String - description: | - Optional connection id that should be assigned to the created connection. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/id_from_name.tmpl' - - name: 'location' - type: String - description: |- - The geographic location where the connection should reside. - Cloud SQL instance must be in the same location as the connection - with following exceptions: Cloud SQL us-central1 maps to BigQuery US, Cloud SQL europe-west1 maps to BigQuery EU. - Examples: US, EU, asia-northeast1, us-central1, europe-west1. - Spanner Connections same as spanner region - AWS allowed regions are aws-us-east-1 - Azure allowed regions are azure-eastus2 - url_param_only: true - required: false - immutable: true - - name: 'friendlyName' - type: String - description: A descriptive name for the connection - - name: 'description' - type: String - description: A descriptive description for the connection - - name: 'hasCredential' - type: Boolean - description: | - True if the connection has credential assigned. - output: true - - name: 'kmsKeyName' - type: String - description: | - Optional. The Cloud KMS key that is used for encryption. - - Example: projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] - - name: 'cloudSql' - type: NestedObject - description: Connection properties specific to the Cloud SQL. - exactly_one_of: - - 'cloud_sql' - - 'aws' - - 'azure' - - 'cloud_spanner' - - 'cloud_resource' - - 'spark' - properties: - - name: 'instanceId' - type: String - description: - Cloud SQL instance ID in the form project:location:instance. - required: true - - name: 'database' - type: String - description: Database name. - required: true - - name: 'credential' - type: NestedObject - description: Cloud SQL properties. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/bigquery_connection_flatten.go.tmpl' - properties: - - name: 'username' - type: String - description: Username for database. - required: true - - name: 'password' - type: String - description: Password for database. - required: true - sensitive: true - - name: 'type' - type: Enum - description: Type of the Cloud SQL database. - required: true - enum_values: - - 'DATABASE_TYPE_UNSPECIFIED' - - 'POSTGRES' - - 'MYSQL' - - name: 'serviceAccountId' - type: String - description: - When the connection is used in the context of an operation in - BigQuery, this service account will serve as the identity being used - for connecting to the CloudSQL instance specified in this connection. - output: true - - name: 'aws' - type: NestedObject - description: Connection properties specific to Amazon Web Services. - update_mask_fields: - - 'aws.access_role.iam_role_id' - exactly_one_of: - - 'cloud_sql' - - 'aws' - - 'azure' - - 'cloud_spanner' - - 'cloud_resource' - - 'spark' - properties: - - name: 'accessRole' - type: NestedObject - description: - Authentication using Google owned service account to assume into - customer's AWS IAM Role. - required: true - properties: - - name: 'iamRoleId' - type: String - description: - The user’s AWS IAM Role that trusts the Google-owned AWS IAM user - Connection. - required: true - - name: 'identity' - type: String - description: - A unique Google-owned and Google-generated identity for the - Connection. This identity will be used to access the user's AWS - IAM Role. - output: true - - name: 'azure' - type: NestedObject - description: Container for connection properties specific to Azure. - update_mask_fields: - - 'azure.customer_tenant_id' - - 'azure.federated_application_client_id' - exactly_one_of: - - 'cloud_sql' - - 'aws' - - 'azure' - - 'cloud_spanner' - - 'cloud_resource' - - 'spark' - properties: - - name: 'application' - type: String - description: The name of the Azure Active Directory Application. - output: true - - name: 'clientId' - type: String - description: The client id of the Azure Active Directory Application. - output: true - - name: 'objectId' - type: String - description: The object id of the Azure Active Directory Application. - output: true - - name: 'customerTenantId' - type: String - description: The id of customer's directory that host the data. - required: true - - name: 'federatedApplicationClientId' - type: String - description: - The Azure Application (client) ID where the federated credentials will - be hosted. - - name: 'redirectUri' - type: String - description: - The URL user will be redirected to after granting consent during - connection setup. - output: true - - name: 'identity' - type: String - description: - A unique Google-owned and Google-generated identity for the - Connection. This identity will be used to access the user's Azure - Active Directory Application. - output: true - - name: 'cloudSpanner' - type: NestedObject - description: Connection properties specific to Cloud Spanner - exactly_one_of: - - 'cloud_sql' - - 'aws' - - 'azure' - - 'cloud_spanner' - - 'cloud_resource' - - 'spark' - properties: - - name: 'database' - type: String - description: - Cloud Spanner database in the form `project/instance/database'. - required: true - - name: 'useParallelism' - type: Boolean - description: - If parallelism should be used when reading from Cloud Spanner. - - name: 'maxParallelism' - type: Integer - description: - Allows setting max parallelism per query when executing on Spanner independent compute - resources. If unspecified, default values of parallelism are chosen that are dependent on - the Cloud Spanner instance configuration. `useParallelism` and `useDataBoost` must be set - when setting max parallelism. - required_with: - - 'cloudSpanner.0.useDataBoost' - - 'cloudSpanner.0.useParallelism' - - name: 'useDataBoost' - type: Boolean - description: - If set, the request will be executed via Spanner independent compute resources. - `use_parallelism` must be set when using data boost. - required_with: - - 'cloudSpanner.0.useParallelism' - - name: 'databaseRole' - type: String - description: - Cloud Spanner database role for fine-grained access control. The Cloud Spanner admin - should have provisioned the database role with appropriate permissions, such as `SELECT` - and `INSERT`. Other users should only use roles provided by their Cloud Spanner admins. - The database role name must start with a letter, and can only contain letters, numbers, - and underscores. For more details, see https://cloud.google.com/spanner/docs/fgac-about. - validation: - regex: '^[a-zA-Z][a-zA-Z0-9_]*$' - - name: 'useServerlessAnalytics' - type: Boolean - description: - If the serverless analytics service should be used to read data from - Cloud Spanner. `useParallelism` must be set when using serverless - analytics. - deprecation_message: '`useServerlessAnalytics` is deprecated and will be removed in a future major release. Use `useDataBoost` instead.' - - name: 'cloudResource' - type: NestedObject - description: - Container for connection properties for delegation of access to GCP - resources. - send_empty_value: true - exactly_one_of: - - 'cloud_sql' - - 'aws' - - 'azure' - - 'cloud_spanner' - - 'cloud_resource' - - 'spark' - properties: - - name: 'serviceAccountId' - type: String - description: - The account ID of the service created for the purpose of this - connection. - output: true - - name: 'spark' - type: NestedObject - description: Container for connection properties to execute stored procedures for Apache Spark. - resources. - send_empty_value: true - exactly_one_of: - - 'cloud_sql' - - 'aws' - - 'azure' - - 'cloud_spanner' - - 'cloud_resource' - - 'spark' - properties: - - name: 'serviceAccountId' - type: String - description: The account ID of the service created for the purpose of this - connection. - output: true - - name: 'metastoreServiceConfig' - type: NestedObject - description: Dataproc Metastore Service configuration for the connection. - properties: - - name: 'metastoreService' - type: String - description: Resource name of an existing Dataproc Metastore service in the form of projects/[projectId]/locations/[region]/services/[serviceId]. - - name: 'sparkHistoryServerConfig' - type: NestedObject - description: Spark History Server configuration for the connection. - properties: - - name: 'dataprocCluster' - type: String - description: Resource name of an existing Dataproc Cluster to act as a Spark History Server for the connection if the form of projects/[projectId]/regions/[region]/clusters/[cluster_name]. diff --git a/mmv1/products/bigqueryconnection/go_product.yaml b/mmv1/products/bigqueryconnection/go_product.yaml deleted file mode 100644 index 60e682e90d8c..000000000000 --- a/mmv1/products/bigqueryconnection/go_product.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BigqueryConnection' -legacy_name: 'bigquery' -display_name: 'BigQuery Connection' -versions: - - name: 'ga' - base_url: 'https://bigqueryconnection.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigqueryconnection/product.yaml b/mmv1/products/bigqueryconnection/product.yaml index cad9df871600..a65fa285a38c 100644 --- a/mmv1/products/bigqueryconnection/product.yaml +++ b/mmv1/products/bigqueryconnection/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,12 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BigqueryConnection -display_name: BigQuery Connection -legacy_name: bigquery +--- +name: 'BigqueryConnection' +legacy_name: 'bigquery' +display_name: 'BigQuery Connection' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://bigqueryconnection.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://bigqueryconnection.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/bigquery + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml index 1463ecae2791..1de92c006217 100644 --- a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml +++ b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,110 +11,111 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DataPolicy' -base_url: projects/{{project}}/locations/{{location}}/dataPolicies -create_url: projects/{{project}}/locations/{{location}}/dataPolicies -self_link: projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} -update_verb: :PATCH -update_mask: true description: A BigQuery Data Policy -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/bigquery/docs/column-data-masking-intro' api: 'https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create' -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/dataPolicies' +self_link: 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/dataPolicies' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' + - '{{project}}/{{location}}/{{data_policy_id}}' + - '{{location}}/{{data_policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'data_policy_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}', - '{{data_policy_id}}', - ] -id_format: projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} -import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}', - '{{project}}/{{location}}/{{data_policy_id}}', - '{{location}}/{{data_policy_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' + - '{{data_policy_id}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_datapolicy_data_policy_basic' + - name: 'bigquery_datapolicy_data_policy_basic' primary_resource_id: 'data_policy' - primary_resource_name: - 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' vars: data_policy_id: 'data_policy' taxonomy: 'taxonomy' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_datapolicy_data_policy_routine' + - name: 'bigquery_datapolicy_data_policy_routine' primary_resource_id: 'data_policy' - primary_resource_name: - 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' vars: data_policy_id: 'data_policy' taxonomy: 'taxonomy' dataset_id: 'dataset_id' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. output: true - - !ruby/object:Api::Type::String - name: dataPolicyId + - name: 'dataPolicyId' + type: String description: |- User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name. required: true immutable: true - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: | The name of the location of the data policy. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: policyTag + - name: 'policyTag' + type: String description: |- Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. required: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - !ruby/object:Api::Type::Enum - name: dataPolicyType + custom_flatten: 'templates/terraform/custom_flatten/bigquery_datapolicy_policy_tag_location_to_lower_case.go.tmpl' + - name: 'dataPolicyType' + type: Enum description: | The enrollment level of the service. required: true - values: - - :COLUMN_LEVEL_SECURITY_POLICY - - :DATA_MASKING_POLICY - - !ruby/object:Api::Type::NestedObject - name: 'dataMaskingPolicy' + enum_values: + - 'COLUMN_LEVEL_SECURITY_POLICY' + - 'DATA_MASKING_POLICY' + - name: 'dataMaskingPolicy' + type: NestedObject description: | The data masking policy that specifies the data masking rule to use. properties: - - !ruby/object:Api::Type::Enum - name: 'predefinedExpression' - exactly_one_of: - - data_masking_policy.0.predefined_expression - - data_masking_policy.0.routine + - name: 'predefinedExpression' + type: Enum description: |- The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. - values: - - :SHA256 - - :ALWAYS_NULL - - :DEFAULT_MASKING_VALUE - - :LAST_FOUR_CHARACTERS - - :FIRST_FOUR_CHARACTERS - - :EMAIL_MASK - - :DATE_YEAR_MASK - - !ruby/object:Api::Type::String exactly_one_of: - - data_masking_policy.0.predefined_expression - - data_masking_policy.0.routine - name: routine - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + - 'data_masking_policy.0.predefined_expression' + - 'data_masking_policy.0.routine' + enum_values: + - 'SHA256' + - 'ALWAYS_NULL' + - 'DEFAULT_MASKING_VALUE' + - 'LAST_FOUR_CHARACTERS' + - 'FIRST_FOUR_CHARACTERS' + - 'EMAIL_MASK' + - 'DATE_YEAR_MASK' + - name: 'routine' + type: String description: |- The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}. + exactly_one_of: + - 'data_masking_policy.0.predefined_expression' + - 'data_masking_policy.0.routine' + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' diff --git a/mmv1/products/bigquerydatapolicy/go_DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/go_DataPolicy.yaml deleted file mode 100644 index 4c879f4216c7..000000000000 --- a/mmv1/products/bigquerydatapolicy/go_DataPolicy.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DataPolicy' -description: A BigQuery Data Policy -references: - guides: - 'Official Documentation': 'https://cloud.google.com/bigquery/docs/column-data-masking-intro' - api: 'https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/dataPolicies' -self_link: 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/dataPolicies' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' - - '{{project}}/{{location}}/{{data_policy_id}}' - - '{{location}}/{{data_policy_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'data_policy_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}' - - '{{data_policy_id}}' -custom_code: -examples: - - name: 'bigquery_datapolicy_data_policy_basic' - primary_resource_id: 'data_policy' - primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' - vars: - data_policy_id: 'data_policy' - taxonomy: 'taxonomy' - - name: 'bigquery_datapolicy_data_policy_routine' - primary_resource_id: 'data_policy' - primary_resource_name: 'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])' - vars: - data_policy_id: 'data_policy' - taxonomy: 'taxonomy' - dataset_id: 'dataset_id' -parameters: -properties: - - name: 'name' - type: String - description: |- - Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. - output: true - - name: 'dataPolicyId' - type: String - description: |- - User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name. - required: true - immutable: true - - name: 'location' - type: String - description: | - The name of the location of the data policy. - url_param_only: true - required: true - immutable: true - - name: 'policyTag' - type: String - description: |- - Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. - required: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'dataPolicyType' - type: Enum - description: | - The enrollment level of the service. - required: true - enum_values: - - 'COLUMN_LEVEL_SECURITY_POLICY' - - 'DATA_MASKING_POLICY' - - name: 'dataMaskingPolicy' - type: NestedObject - description: | - The data masking policy that specifies the data masking rule to use. - properties: - - name: 'predefinedExpression' - type: Enum - description: |- - The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. - exactly_one_of: - - 'data_masking_policy.0.predefined_expression' - - 'data_masking_policy.0.routine' - enum_values: - - 'SHA256' - - 'ALWAYS_NULL' - - 'DEFAULT_MASKING_VALUE' - - 'LAST_FOUR_CHARACTERS' - - 'FIRST_FOUR_CHARACTERS' - - 'EMAIL_MASK' - - 'DATE_YEAR_MASK' - - name: 'routine' - type: String - description: |- - The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}. - exactly_one_of: - - 'data_masking_policy.0.predefined_expression' - - 'data_masking_policy.0.routine' - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' diff --git a/mmv1/products/bigquerydatapolicy/go_product.yaml b/mmv1/products/bigquerydatapolicy/go_product.yaml deleted file mode 100644 index 4ce6adf2e5b2..000000000000 --- a/mmv1/products/bigquerydatapolicy/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BigqueryDatapolicy' -display_name: 'BigQuery Data Policy' -versions: - - name: 'beta' - base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' - - name: 'ga' - base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/bigquerydatapolicy/product.yaml b/mmv1/products/bigquerydatapolicy/product.yaml index 18dbd534c8e3..9404cb928d2e 100644 --- a/mmv1/products/bigquerydatapolicy/product.yaml +++ b/mmv1/products/bigquerydatapolicy/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BigqueryDatapolicy -display_name: BigQuery Data Policy -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'BigqueryDatapolicy' +display_name: 'BigQuery Data Policy' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://bigquerydatapolicy.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://bigquerydatapolicy.googleapis.com/v1/ + - name: 'beta' + base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://bigquerydatapolicy.googleapis.com/v1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/bigquerydatatransfer/Config.yaml b/mmv1/products/bigquerydatatransfer/Config.yaml index 07bd075b8161..093bc363eac7 100644 --- a/mmv1/products/bigquerydatatransfer/Config.yaml +++ b/mmv1/products/bigquerydatatransfer/Config.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,102 +11,105 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Config' -base_url: projects/{{project}}/locations/{{location}}/transferConfigs?serviceAccountName={{service_account_name}} -self_link: '{{name}}' -update_url: "{{name}}?serviceAccountName={{service_account_name}}" -update_verb: :PATCH description: | Represents a data transfer configuration. A transfer configuration contains all metadata needed to perform a data transfer. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/' api: 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/v1/projects.locations.transferConfigs/create' -import_format: ['{{name}}'] +docs: id_format: '{{name}}' -error_retry_predicates: ['transport_tpg.IamMemberMissing'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/bigquery_data_transfer.go.erb - decoder: templates/terraform/decoders/bigquery_data_transfer.go.erb - encoder: templates/terraform/encoders/bigquery_data_transfer.go.erb - custom_import: templates/terraform/custom_import/bigquery_data_transfer_self_link_as_name_set_location.go.erb - post_create: templates/terraform/post_create/set_computed_name.erb - pre_update: templates/terraform/pre_update/bigquerydatatransfer_config.erb -custom_diff: [ - 'sensitiveParamCustomizeDiff', - 'paramsCustomizeDiff', -] +base_url: 'projects/{{project}}/locations/{{location}}/transferConfigs?serviceAccountName={{service_account_name}}' +self_link: '{{name}}' +update_url: '{{name}}?serviceAccountName={{service_account_name}}' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/bigquery_data_transfer.go.tmpl' + encoder: 'templates/terraform/encoders/bigquery_data_transfer.go.tmpl' + decoder: 'templates/terraform/decoders/bigquery_data_transfer.go.tmpl' + post_create: 'templates/terraform/post_create/set_computed_name.tmpl' + pre_update: 'templates/terraform/pre_update/bigquerydatatransfer_config.tmpl' + custom_import: 'templates/terraform/custom_import/bigquery_data_transfer_self_link_as_name_set_location.go.tmpl' +custom_diff: + - 'sensitiveParamCustomizeDiff' + - 'paramsCustomizeDiff' +error_retry_predicates: + + - 'transport_tpg.IamMemberMissing' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'bigquerydatatransfer_config_scheduled_query' + - name: 'bigquerydatatransfer_config_scheduled_query' primary_resource_id: 'query_config' vars: display_name: 'my-query' dataset_id: 'my_dataset' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquerydatatransfer_config_cmek' - skip_test: true + exclude_test: true + - name: 'bigquerydatatransfer_config_cmek' primary_resource_id: 'query_config_cmek' vars: dataset_id: 'example_dataset' key_name: 'example-key' keyring_name: 'example-keyring' - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'bigquerydatatransfer_config_salesforce' + exclude_test: true + - name: 'bigquerydatatransfer_config_salesforce' primary_resource_id: 'salesforce_config' vars: display_name: 'my-salesforce-config' dataset_id: 'my_dataset' - + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true - default_value: US + - name: 'location' + type: String description: | The geographic location where the transfer config should reside. Examples: US, EU, asia-northeast1. The default value is US. - ignore_read: true - - !ruby/object:Api::Type::String - name: 'serviceAccountName' url_param_only: true - default_value: '' + immutable: true + ignore_read: true + default_value: "US" + - name: 'serviceAccountName' + type: String description: | Service account email. If this field is set, transfer config will be created with this service account credentials. It requires that requesting user calling this API has permissions to act as this service account. + url_param_only: true + default_value: "" properties: - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + - name: 'displayName' + type: String description: | The user specified display name for the transfer config. - - !ruby/object:Api::Type::String - name: 'name' - output: true + required: true + - name: 'name' + type: String description: | The resource name of the transfer config. Transfer config names have the form projects/{projectId}/locations/{location}/transferConfigs/{configId} or projects/{projectId}/transferConfigs/{configId}, where configId is usually a uuid, but this is not required. The name is ignored when creating a transfer config. - - !ruby/object:Api::Type::String - name: 'destinationDatasetId' + output: true + - name: 'destinationDatasetId' + type: String description: | The BigQuery target dataset id. - - !ruby/object:Api::Type::String - name: 'dataSourceId' - immutable: true - required: true + - name: 'dataSourceId' + type: String description: | The data source id. Cannot be changed once the transfer config is created. - - !ruby/object:Api::Type::String - name: 'schedule' + required: true + immutable: true + - name: 'schedule' + type: String description: | Data transfer schedule. If the data source does not support a custom schedule, this should be empty. If it is empty, the default value for @@ -117,13 +120,13 @@ properties: https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format NOTE: The minimum interval time between recurring transfers depends on the data source; refer to the documentation for your data source. - - !ruby/object:Api::Type::NestedObject - name: 'scheduleOptions' + - name: 'scheduleOptions' + type: NestedObject description: | Options customizing the data transfer schedule. properties: - - !ruby/object:Api::Type::Boolean - name: 'disableAutoScheduling' + - name: 'disableAutoScheduling' + type: Boolean description: | If true, automatic scheduling of data transfer runs for this configuration will be disabled. The runs can be started on ad-hoc @@ -131,11 +134,11 @@ properties: scheduling is disabled, the TransferConfig.schedule field will be ignored. at_least_one_of: - - schedule_options.0.disable_auto_scheduling - - schedule_options.0.start_time - - schedule_options.0.end_time - - !ruby/object:Api::Type::Time - name: 'startTime' + - 'schedule_options.0.disable_auto_scheduling' + - 'schedule_options.0.start_time' + - 'schedule_options.0.end_time' + - name: 'startTime' + type: Time description: | Specifies time to start scheduling transfer runs. The first run will be scheduled at or after the start time according to a recurrence pattern @@ -143,71 +146,70 @@ properties: moment. The time when a data transfer can be triggered manually is not limited by this option. at_least_one_of: - - schedule_options.0.disable_auto_scheduling - - schedule_options.0.start_time - - schedule_options.0.end_time - - !ruby/object:Api::Type::Time - name: 'endTime' + - 'schedule_options.0.disable_auto_scheduling' + - 'schedule_options.0.start_time' + - 'schedule_options.0.end_time' + - name: 'endTime' + type: Time description: | Defines time to stop scheduling transfer runs. A transfer run cannot be scheduled at or after the end time. The end time can be changed at any moment. The time when a data transfer can be triggered manually is not limited by this option. at_least_one_of: - - schedule_options.0.disable_auto_scheduling - - schedule_options.0.start_time - - schedule_options.0.end_time - - !ruby/object:Api::Type::NestedObject - name: 'emailPreferences' + - 'schedule_options.0.disable_auto_scheduling' + - 'schedule_options.0.start_time' + - 'schedule_options.0.end_time' + - name: 'emailPreferences' + type: NestedObject description: | Email notifications will be sent according to these preferences to the email address of the user who owns this transfer config. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableFailureEmail' - required: true + - name: 'enableFailureEmail' + type: Boolean description: | If true, email notifications will be sent on transfer run failures. - - !ruby/object:Api::Type::String - name: 'notificationPubsubTopic' + required: true + - name: 'notificationPubsubTopic' + type: String description: | Pub/Sub topic where notifications will be sent after transfer runs associated with this transfer config finish. - - !ruby/object:Api::Type::Integer - name: 'dataRefreshWindowDays' + - name: 'dataRefreshWindowDays' + type: Integer description: | The number of days to look back to automatically refresh the data. For example, if dataRefreshWindowDays = 10, then every day BigQuery reingests data for [today-10, today-1], rather than ingesting data for just [today-1]. Only valid if the data source supports the feature. Set the value to 0 to use the default value. - - !ruby/object:Api::Type::NestedObject - name: 'encryptionConfiguration' + - name: 'encryptionConfiguration' + type: NestedObject description: | Represents the encryption configuration for a transfer. properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' - required: true + - name: 'kmsKeyName' + type: String description: | The name of the KMS key used for encrypting BigQuery data. - - !ruby/object:Api::Type::Boolean - name: 'disabled' + required: true + - name: 'disabled' + type: Boolean description: | When set to true, no runs are scheduled for a given transfer. - - !ruby/object:Api::Type::KeyValuePairs - name: 'params' - required: true + - name: 'params' + type: KeyValuePairs description: | Parameters specific to each data source. For more information see the bq tab in the 'Setting up a data transfer' section for each data source. For example the parameters for Cloud Storage transfers are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq **NOTE** : If you are attempting to update a parameter that cannot be updated (due to api limitations) [please force recreation of the resource](https://www.terraform.io/cli/state/taint#forcing-re-creation-of-resources). - custom_flatten: templates/terraform/custom_flatten/json_to_string_map.go.erb - - !ruby/object:Api::Type::NestedObject - name: sensitiveParams - url_param_only: true + required: true + custom_flatten: 'templates/terraform/custom_flatten/json_to_string_map.go.tmpl' + - name: 'sensitiveParams' + type: NestedObject description: | Different parameters are configured primarily using the the `params` field on this resource. This block contains the parameters which contain secrets or passwords so that they can be marked @@ -216,11 +218,12 @@ properties: Credentials may not be specified in both locations and will cause an error. Changing from one location to a different credential configuration in the config will require an apply to update state. + url_param_only: true properties: - - !ruby/object:Api::Type::String - name: secretAccessKey - required: true + - name: 'secretAccessKey' + type: String description: | The Secret Access Key of the AWS account transferring data from. + required: true sensitive: true diff --git a/mmv1/products/bigquerydatatransfer/go_Config.yaml b/mmv1/products/bigquerydatatransfer/go_Config.yaml deleted file mode 100644 index c66fafb6ccd8..000000000000 --- a/mmv1/products/bigquerydatatransfer/go_Config.yaml +++ /dev/null @@ -1,230 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Config' -description: | - Represents a data transfer configuration. A transfer configuration - contains all metadata needed to perform a data transfer. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/' - api: 'https://cloud.google.com/bigquery/docs/reference/datatransfer/rest/v1/projects.locations.transferConfigs/create' -docs: -id_format: '{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/transferConfigs?serviceAccountName={{service_account_name}}' -self_link: '{{name}}' -update_url: '{{name}}?serviceAccountName={{service_account_name}}' -update_verb: 'PATCH' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/bigquery_data_transfer.go.tmpl' - encoder: 'templates/terraform/encoders/go/bigquery_data_transfer.go.tmpl' - decoder: 'templates/terraform/decoders/go/bigquery_data_transfer.go.tmpl' - post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' - pre_update: 'templates/terraform/pre_update/go/bigquerydatatransfer_config.tmpl' - custom_import: 'templates/terraform/custom_import/go/bigquery_data_transfer_self_link_as_name_set_location.go.tmpl' -custom_diff: - - 'sensitiveParamCustomizeDiff' - - 'paramsCustomizeDiff' -error_retry_predicates: - - - 'transport_tpg.IamMemberMissing' -examples: - - name: 'bigquerydatatransfer_config_scheduled_query' - primary_resource_id: 'query_config' - vars: - display_name: 'my-query' - dataset_id: 'my_dataset' - skip_test: true - - name: 'bigquerydatatransfer_config_cmek' - primary_resource_id: 'query_config_cmek' - vars: - dataset_id: 'example_dataset' - key_name: 'example-key' - keyring_name: 'example-keyring' - skip_test: true - - name: 'bigquerydatatransfer_config_salesforce' - primary_resource_id: 'salesforce_config' - vars: - display_name: 'my-salesforce-config' - dataset_id: 'my_dataset' - skip_test: true -parameters: - - name: 'location' - type: String - description: | - The geographic location where the transfer config should reside. - Examples: US, EU, asia-northeast1. The default value is US. - url_param_only: true - immutable: true - ignore_read: true - default_value: "US" - - name: 'serviceAccountName' - type: String - description: | - Service account email. If this field is set, transfer config will - be created with this service account credentials. It requires that - requesting user calling this API has permissions to act as this service account. - url_param_only: true - default_value: "" -properties: - - name: 'displayName' - type: String - description: | - The user specified display name for the transfer config. - required: true - - name: 'name' - type: String - description: | - The resource name of the transfer config. Transfer config names have the - form projects/{projectId}/locations/{location}/transferConfigs/{configId} - or projects/{projectId}/transferConfigs/{configId}, - where configId is usually a uuid, but this is not required. - The name is ignored when creating a transfer config. - output: true - - name: 'destinationDatasetId' - type: String - description: | - The BigQuery target dataset id. - - name: 'dataSourceId' - type: String - description: | - The data source id. Cannot be changed once the transfer config is created. - required: true - immutable: true - - name: 'schedule' - type: String - description: | - Data transfer schedule. If the data source does not support a custom - schedule, this should be empty. If it is empty, the default value for - the data source will be used. The specified times are in UTC. Examples - of valid format: 1st,3rd monday of month 15:30, every wed,fri of jan, - jun 13:15, and first sunday of quarter 00:00. See more explanation - about the format here: - https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format - NOTE: The minimum interval time between recurring transfers depends - on the data source; refer to the documentation for your data source. - - name: 'scheduleOptions' - type: NestedObject - description: | - Options customizing the data transfer schedule. - properties: - - name: 'disableAutoScheduling' - type: Boolean - description: | - If true, automatic scheduling of data transfer runs for this - configuration will be disabled. The runs can be started on ad-hoc - basis using transferConfigs.startManualRuns API. When automatic - scheduling is disabled, the TransferConfig.schedule field will - be ignored. - at_least_one_of: - - 'schedule_options.0.disable_auto_scheduling' - - 'schedule_options.0.start_time' - - 'schedule_options.0.end_time' - - name: 'startTime' - type: Time - description: | - Specifies time to start scheduling transfer runs. The first run will be - scheduled at or after the start time according to a recurrence pattern - defined in the schedule string. The start time can be changed at any - moment. The time when a data transfer can be triggered manually is not - limited by this option. - at_least_one_of: - - 'schedule_options.0.disable_auto_scheduling' - - 'schedule_options.0.start_time' - - 'schedule_options.0.end_time' - - name: 'endTime' - type: Time - description: | - Defines time to stop scheduling transfer runs. A transfer run cannot be - scheduled at or after the end time. The end time can be changed at any - moment. The time when a data transfer can be triggered manually is not - limited by this option. - at_least_one_of: - - 'schedule_options.0.disable_auto_scheduling' - - 'schedule_options.0.start_time' - - 'schedule_options.0.end_time' - - name: 'emailPreferences' - type: NestedObject - description: | - Email notifications will be sent according to these preferences to the - email address of the user who owns this transfer config. - properties: - - name: 'enableFailureEmail' - type: Boolean - description: | - If true, email notifications will be sent on transfer run failures. - required: true - - name: 'notificationPubsubTopic' - type: String - description: | - Pub/Sub topic where notifications will be sent after transfer runs - associated with this transfer config finish. - - name: 'dataRefreshWindowDays' - type: Integer - description: | - The number of days to look back to automatically refresh the data. - For example, if dataRefreshWindowDays = 10, then every day BigQuery - reingests data for [today-10, today-1], rather than ingesting data for - just [today-1]. Only valid if the data source supports the feature. - Set the value to 0 to use the default value. - - name: 'encryptionConfiguration' - type: NestedObject - description: | - Represents the encryption configuration for a transfer. - properties: - - name: 'kmsKeyName' - type: String - description: | - The name of the KMS key used for encrypting BigQuery data. - required: true - - name: 'disabled' - type: Boolean - description: | - When set to true, no runs are scheduled for a given transfer. - - name: 'params' - type: KeyValuePairs - description: | - Parameters specific to each data source. For more information see the bq tab in the 'Setting up a data transfer' - section for each data source. For example the parameters for Cloud Storage transfers are listed here: - https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq - - **NOTE** : If you are attempting to update a parameter that cannot be updated (due to api limitations) [please force recreation of the resource](https://www.terraform.io/cli/state/taint#forcing-re-creation-of-resources). - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/json_to_string_map.go.tmpl' - - name: 'sensitiveParams' - type: NestedObject - description: | - Different parameters are configured primarily using the the `params` field on this - resource. This block contains the parameters which contain secrets or passwords so that they can be marked - sensitive and hidden from plan output. The name of the field, eg: secret_access_key, will be the key - in the `params` map in the api request. - - Credentials may not be specified in both locations and will cause an error. Changing from one location - to a different credential configuration in the config will require an apply to update state. - url_param_only: true - properties: - - name: 'secretAccessKey' - type: String - description: | - The Secret Access Key of the AWS account transferring data from. - - required: true - sensitive: true diff --git a/mmv1/products/bigquerydatatransfer/go_product.yaml b/mmv1/products/bigquerydatatransfer/go_product.yaml deleted file mode 100644 index da6899681aa6..000000000000 --- a/mmv1/products/bigquerydatatransfer/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BigqueryDataTransfer' -display_name: 'BigQuery Data Transfer' -versions: - - name: 'ga' - base_url: 'https://bigquerydatatransfer.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigquerydatatransfer/product.yaml b/mmv1/products/bigquerydatatransfer/product.yaml index 16ee455ab5f1..b1acc0683c06 100644 --- a/mmv1/products/bigquerydatatransfer/product.yaml +++ b/mmv1/products/bigquerydatatransfer/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BigqueryDataTransfer -display_name: BigQuery Data Transfer +--- +name: 'BigqueryDataTransfer' +display_name: 'BigQuery Data Transfer' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://bigquerydatatransfer.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://bigquerydatatransfer.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/bigquery + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigqueryreservation/BiReservation.yaml b/mmv1/products/bigqueryreservation/BiReservation.yaml index ca46432bc89c..fbc551c53549 100644 --- a/mmv1/products/bigqueryreservation/BiReservation.yaml +++ b/mmv1/products/bigqueryreservation/BiReservation.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,79 +11,81 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BiReservation' -base_url: 'projects/{{project}}/locations/{{location}}/biReservation' -self_link: 'projects/{{project}}/locations/{{location}}/biReservation' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true description: | Represents a BI Reservation. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/BiReservation' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/biReservation' +self_link: 'projects/{{project}}/locations/{{location}}/biReservation' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true import_format: - [ - 'projects/{{project}}/locations/{{location}}/biReservation', - ] -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/update_mask.erb - custom_delete: templates/terraform/custom_delete/clear_bigquery_bi_reservation.go.erb - test_check_destroy: templates/terraform/custom_check_destroy/bigquery_bi_reservation.go.erb + - 'projects/{{project}}/locations/{{location}}/biReservation' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/clear_bigquery_bi_reservation.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/bigquery_bi_reservation.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_bi_reservation_basic' - external_providers: ["random", "time"] + - name: 'bigquery_reservation_bi_reservation_basic' primary_resource_id: 'reservation' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_bi_reservation_full' external_providers: ["random", "time"] - skip_docs: true + - name: 'bigquery_reservation_bi_reservation_full' primary_resource_id: 'reservation' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' + external_providers: ["random", "time"] + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'location' - required: true - immutable: true - url_param_only: true + - name: 'location' + type: String description: | LOCATION_DESCRIPTION + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The resource name of the singleton BI reservation. Reservation names have the form `projects/{projectId}/locations/{locationId}/biReservation`. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: | The last update timestamp of a reservation. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Integer - name: 'size' + output: true + - name: 'size' + type: Integer description: | Size of a reservation, in bytes. - - !ruby/object:Api::Type::Array - name: 'preferredTables' + - name: 'preferredTables' + type: Array description: | Preferred tables to use BI capacity for. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | The assigned project ID of the project. - - !ruby/object:Api::Type::String - name: 'datasetId' + - name: 'datasetId' + type: String description: | The ID of the dataset in the above project. - - !ruby/object:Api::Type::String - name: 'tableId' + - name: 'tableId' + type: String description: | The ID of the table in the above dataset. diff --git a/mmv1/products/bigqueryreservation/CapacityCommitment.yaml b/mmv1/products/bigqueryreservation/CapacityCommitment.yaml index 4910574c5ba2..805bb9cb87e7 100644 --- a/mmv1/products/bigqueryreservation/CapacityCommitment.yaml +++ b/mmv1/products/bigqueryreservation/CapacityCommitment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,106 +11,106 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'CapacityCommitment' -base_url: projects/{{project}}/locations/{{location}}/capacityCommitments -create_url: projects/{{project}}/locations/{{location}}/capacityCommitments?capacityCommitmentId={{capacity_commitment_id}} -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true description: | Capacity commitment is a way to purchase compute capacity for BigQuery jobs (in the form of slots) with some committed period of usage. Annual commitments renew by default. Commitments can be removed after their commitment end time passes. In order to remove annual commitment, its plan needs to be changed to monthly or flex first. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.capacityCommitments' +docs: id_format: '{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/capacityCommitments' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/capacityCommitments?capacityCommitmentId={{capacity_commitment_id}}' +update_verb: 'PATCH' +update_mask: true import_format: - [ - 'projects/{{project}}/locations/{{location}}/capacityCommitments/{{capacity_commitment_id}}', - ] -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/bigquery_reservation_capacity_commitment.go.erb - custom_import: templates/terraform/custom_import/bigquery_reservation_capacity_commitment_set_id.go.erb + - 'projects/{{project}}/locations/{{location}}/capacityCommitments/{{capacity_commitment_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/bigquery_reservation_capacity_commitment.go.tmpl' + custom_import: 'templates/terraform/custom_import/bigquery_reservation_capacity_commitment_set_id.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_capacity_commitment_basic' - external_providers: ["random", "time"] - skip_docs: true + - name: 'bigquery_reservation_capacity_commitment_basic' primary_resource_id: 'commitment' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_capacity_commitment_no_id' external_providers: ["random", "time"] - skip_docs: true + exclude_docs: true + - name: 'bigquery_reservation_capacity_commitment_no_id' primary_resource_id: 'commitment' - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_capacity_commitment_docs' - skip_test: true + external_providers: ["random", "time"] + exclude_docs: true + - name: 'bigquery_reservation_capacity_commitment_docs' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'capacityCommitmentId' - url_param_only: true - immutable: true + - name: 'capacityCommitmentId' + type: String description: | The optional capacity commitment ID. Capacity commitment name will be generated automatically if this field is empty. This field must only contain lower case alphanumeric characters or dashes. The first and last character cannot be a dash. Max length is 64 characters. NOTE: this ID won't be kept if the capacity commitment is split or merged. - - !ruby/object:Api::Type::String - name: 'location' url_param_only: true immutable: true - default_value: US + - name: 'location' + type: String description: | The geographic location where the transfer config should reside. Examples: US, EU, asia-northeast1. The default value is US. - - !ruby/object:Api::Type::String - name: 'enforceSingleAdminProjectPerOrg' url_param_only: true immutable: true + default_value: "US" + - name: 'enforceSingleAdminProjectPerOrg' + type: String description: | If true, fail the request if another project in the organization has a capacity commitment. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The resource name of the capacity commitment, e.g., projects/myproject/locations/US/capacityCommitments/123 - - !ruby/object:Api::Type::Integer - name: 'slotCount' - required: true - immutable: true + output: true + - name: 'slotCount' + type: Integer description: | Number of slots in this commitment. - - !ruby/object:Api::Type::String - name: 'plan' required: true + immutable: true + - name: 'plan' + type: String description: | Capacity commitment plan. Valid values are at https://cloud.google.com/bigquery/docs/reference/reservations/rpc/google.cloud.bigquery.reservation.v1#commitmentplan - diff_suppress_func: bigqueryReservationCapacityCommitmentPlanDiffSuppressFunc - - !ruby/object:Api::Type::String - name: 'state' - output: true + required: true + diff_suppress_func: 'bigqueryReservationCapacityCommitmentPlanDiffSuppressFunc' + - name: 'state' + type: String description: | State of the commitment - - !ruby/object:Api::Type::Time - name: 'commitmentStartTime' output: true + - name: 'commitmentStartTime' + type: Time description: | The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. - - !ruby/object:Api::Type::Time - name: 'commitmentEndTime' output: true + - name: 'commitmentEndTime' + type: Time description: | The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. - - !ruby/object:Api::Type::String - name: 'renewalPlan' + output: true + - name: 'renewalPlan' + type: String description: | The plan this capacity commitment is converted to after commitmentEndTime passes. Once the plan is changed, committed period is extended according to commitment plan. Only applicable for some commitment plans. - - !ruby/object:Api::Type::String - name: 'edition' - immutable: true + - name: 'edition' + type: String description: | The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS + immutable: true diff --git a/mmv1/products/bigqueryreservation/Reservation.yaml b/mmv1/products/bigqueryreservation/Reservation.yaml index f2630b41cca6..6c9cadacc2c0 100644 --- a/mmv1/products/bigqueryreservation/Reservation.yaml +++ b/mmv1/products/bigqueryreservation/Reservation.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,77 +11,82 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Reservation' -base_url: projects/{{project}}/locations/{{location}}/reservations -create_url: projects/{{project}}/locations/{{location}}/reservations?reservationId={{name}} -update_verb: :PATCH -update_mask: true description: | A reservation is a mechanism used to guarantee BigQuery slots to users. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations/create' -skip_sweeper: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/reservations' +create_url: 'projects/{{project}}/locations/{{location}}/reservations?reservationId={{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_basic' + - name: 'bigquery_reservation_basic' primary_resource_id: 'reservation' vars: name: 'my-reservation' parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true - default_value: US + - name: 'location' + type: String description: | The geographic location where the transfer config should reside. Examples: US, EU, asia-northeast1. The default value is US. - - !ruby/object:Api::Type::String - name: 'name' url_param_only: true immutable: true - required: true + default_value: "US" + - name: 'name' + type: String description: | The name of the reservation. This field must only contain alphanumeric characters or dash. -properties: - - !ruby/object:Api::Type::Integer - name: 'slotCapacity' + url_param_only: true required: true + immutable: true +properties: + - name: 'slotCapacity' + type: Integer description: | Minimum slots available to this reservation. A slot is a unit of computational power in BigQuery, and serves as the unit of parallelism. Queries using this reservation might use more slots during runtime if ignoreIdleSlots is set to false. - - !ruby/object:Api::Type::Boolean - name: 'ignoreIdleSlots' - default_value: false + required: true + - name: 'ignoreIdleSlots' + type: Boolean description: | If false, any query using this reservation will use idle slots from other reservations within the same admin project. If true, a query using this reservation will execute with the slot capacity specified above at most. - - !ruby/object:Api::Type::Integer - name: 'concurrency' - default_value: 0 + default_value: false + - name: 'concurrency' + type: Integer description: | Maximum number of queries that are allowed to run concurrently in this reservation. This is a soft limit due to asynchronous nature of the system and various optimizations for small queries. Default value is 0 which means that concurrency will be automatically set based on the reservation size. - - !ruby/object:Api::Type::String - name: 'edition' - immutable: true - default_from_api: true + default_value: 0 + - name: 'edition' + type: String description: | The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS - - !ruby/object:Api::Type::NestedObject - name: 'autoscale' + immutable: true + default_from_api: true + - name: 'autoscale' + type: NestedObject description: | The configuration parameters for the auto scaling feature. properties: - - !ruby/object:Api::Type::Integer - name: currentSlots - output: true + - name: 'currentSlots' + type: Integer description: | The slot capacity added to this reservation when autoscale happens. Will be between [0, max_slots]. - - !ruby/object:Api::Type::Integer - name: maxSlots + output: true + - name: 'maxSlots' + type: Integer description: | Number of slots to be scaled when needed. diff --git a/mmv1/products/bigqueryreservation/ReservationAssignment.yaml b/mmv1/products/bigqueryreservation/ReservationAssignment.yaml index b4d077bdc1ff..3675940666f3 100644 --- a/mmv1/products/bigqueryreservation/ReservationAssignment.yaml +++ b/mmv1/products/bigqueryreservation/ReservationAssignment.yaml @@ -1,5 +1,5 @@ # Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,79 +11,82 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: ReservationAssignment +--- +name: 'ReservationAssignment' +description: | + The BigqueryReservation Assignment resource. +references: + guides: + 'Work with reservation assignments': 'https://cloud.google.com/bigquery/docs/reservations-assignments' + api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations.assignments' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' base_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' -create_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' self_link: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' +create_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' delete_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' -id_format: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +immutable: true import_format: - [ - 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}', - ] -nested_query: !ruby/object:Api::Resource::NestedQuery + - 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +nested_query: keys: - assignments -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Work with reservation assignments': 'https://cloud.google.com/bigquery/docs/reservations-assignments' - api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations.assignments' + is_list_of_ids: false + modify_by_patch: false +custom_code: + pre_create: 'templates/terraform/pre_create/bigquery_reservation_assignment.go.tmpl' legacy_long_form_project: true -description: | - The BigqueryReservation Assignment resource. -immutable: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/bigquery_reservation_assignment.go.erb examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_assignment_basic' + - name: 'bigquery_reservation_assignment_basic' primary_resource_id: 'assignment' vars: - reservation_name: "example-reservation" + reservation_name: 'example-reservation' test_env_vars: - project: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'bigquery_reservation_assignment_full' + project: 'PROJECT_NAME' + - name: 'bigquery_reservation_assignment_full' primary_resource_id: 'assignment' - skip_docs: true vars: - reservation_name: "example-reservation" + reservation_name: 'example-reservation' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: The location for the resource url_param_only: true immutable: true default_from_api: true - - !ruby/object:Api::Type::ResourceRef - name: reservation - resource: reservation - imports: name + - name: 'reservation' + type: ResourceRef description: The reservation for the resource url_param_only: true required: true immutable: true + resource: 'reservation' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: Output only. The resource name of the assignment. output: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: assignee + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'assignee' + type: String description: The resource which will use the reservation. E.g. projects/myproject, folders/123, organizations/456. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: jobType + - name: 'jobType' + type: String description: | Types of job, which could be specified when using the reservation. Possible values: JOB_TYPE_UNSPECIFIED, PIPELINE, QUERY required: true - - !ruby/object:Api::Type::String - name: state + - name: 'state' + type: String description: | Assignment will remain in PENDING state if no active capacity commitment is present. It will become ACTIVE when some capacity commitment becomes active. Possible values: STATE_UNSPECIFIED, PENDING, ACTIVE diff --git a/mmv1/products/bigqueryreservation/go_BiReservation.yaml b/mmv1/products/bigqueryreservation/go_BiReservation.yaml deleted file mode 100644 index 98fd71e4b7bb..000000000000 --- a/mmv1/products/bigqueryreservation/go_BiReservation.yaml +++ /dev/null @@ -1,92 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BiReservation' -description: | - Represents a BI Reservation. -references: - guides: - 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' - api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/BiReservation' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/biReservation' -self_link: 'projects/{{project}}/locations/{{location}}/biReservation' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/biReservation' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_bigquery_bi_reservation.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/bigquery_bi_reservation.go.tmpl' -examples: - - name: 'bigquery_reservation_bi_reservation_basic' - primary_resource_id: 'reservation' - external_providers: ["random", "time"] - - name: 'bigquery_reservation_bi_reservation_full' - primary_resource_id: 'reservation' - test_env_vars: - project: 'PROJECT_NAME' - external_providers: ["random", "time"] - skip_docs: true -parameters: - - name: 'location' - type: String - description: | - LOCATION_DESCRIPTION - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the singleton BI reservation. Reservation names have the form `projects/{projectId}/locations/{locationId}/biReservation`. - output: true - - name: 'updateTime' - type: Time - description: | - The last update timestamp of a reservation. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'size' - type: Integer - description: | - Size of a reservation, in bytes. - - name: 'preferredTables' - type: Array - description: | - Preferred tables to use BI capacity for. - item_type: - type: NestedObject - properties: - - name: 'projectId' - type: String - description: | - The assigned project ID of the project. - - name: 'datasetId' - type: String - description: | - The ID of the dataset in the above project. - - name: 'tableId' - type: String - description: | - The ID of the table in the above dataset. diff --git a/mmv1/products/bigqueryreservation/go_CapacityCommitment.yaml b/mmv1/products/bigqueryreservation/go_CapacityCommitment.yaml deleted file mode 100644 index 87e8daa83042..000000000000 --- a/mmv1/products/bigqueryreservation/go_CapacityCommitment.yaml +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CapacityCommitment' -description: | - Capacity commitment is a way to purchase compute capacity for BigQuery jobs (in the form of slots) with some committed period of usage. Annual commitments renew by default. Commitments can be removed after their commitment end time passes. - - In order to remove annual commitment, its plan needs to be changed to monthly or flex first. -references: - guides: - 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' - api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.capacityCommitments' -docs: -id_format: '{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/capacityCommitments' -self_link: '{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/capacityCommitments?capacityCommitmentId={{capacity_commitment_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/capacityCommitments/{{capacity_commitment_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/bigquery_reservation_capacity_commitment.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/bigquery_reservation_capacity_commitment_set_id.go.tmpl' -examples: - - name: 'bigquery_reservation_capacity_commitment_basic' - primary_resource_id: 'commitment' - external_providers: ["random", "time"] - skip_docs: true - - name: 'bigquery_reservation_capacity_commitment_no_id' - primary_resource_id: 'commitment' - external_providers: ["random", "time"] - skip_docs: true - - name: 'bigquery_reservation_capacity_commitment_docs' - skip_test: true -parameters: - - name: 'capacityCommitmentId' - type: String - description: | - The optional capacity commitment ID. Capacity commitment name will be generated automatically if this field is - empty. This field must only contain lower case alphanumeric characters or dashes. The first and last character - cannot be a dash. Max length is 64 characters. NOTE: this ID won't be kept if the capacity commitment is split - or merged. - url_param_only: true - immutable: true - - name: 'location' - type: String - description: | - The geographic location where the transfer config should reside. - Examples: US, EU, asia-northeast1. The default value is US. - url_param_only: true - immutable: true - default_value: "US" - - name: 'enforceSingleAdminProjectPerOrg' - type: String - description: | - If true, fail the request if another project in the organization has a capacity commitment. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the capacity commitment, e.g., projects/myproject/locations/US/capacityCommitments/123 - output: true - - name: 'slotCount' - type: Integer - description: | - Number of slots in this commitment. - required: true - immutable: true - - name: 'plan' - type: String - description: | - Capacity commitment plan. Valid values are at https://cloud.google.com/bigquery/docs/reference/reservations/rpc/google.cloud.bigquery.reservation.v1#commitmentplan - required: true - diff_suppress_func: 'bigqueryReservationCapacityCommitmentPlanDiffSuppressFunc' - - name: 'state' - type: String - description: | - State of the commitment - output: true - - name: 'commitmentStartTime' - type: Time - description: | - The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. - output: true - - name: 'commitmentEndTime' - type: Time - description: | - The start of the current commitment period. It is applicable only for ACTIVE capacity commitments. - output: true - - name: 'renewalPlan' - type: String - description: | - The plan this capacity commitment is converted to after commitmentEndTime passes. Once the plan is changed, committed period is extended according to commitment plan. Only applicable for some commitment plans. - - name: 'edition' - type: String - description: | - The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS - immutable: true diff --git a/mmv1/products/bigqueryreservation/go_Reservation.yaml b/mmv1/products/bigqueryreservation/go_Reservation.yaml deleted file mode 100644 index 152d81c3200f..000000000000 --- a/mmv1/products/bigqueryreservation/go_Reservation.yaml +++ /dev/null @@ -1,93 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Reservation' -description: | - A reservation is a mechanism used to guarantee BigQuery slots to users. -references: - guides: - 'Introduction to Reservations': 'https://cloud.google.com/bigquery/docs/reservations-intro' - api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations/create' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/reservations' -create_url: 'projects/{{project}}/locations/{{location}}/reservations?reservationId={{name}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -exclude_sweeper: true -examples: - - name: 'bigquery_reservation_basic' - primary_resource_id: 'reservation' - vars: - name: 'my-reservation' -parameters: - - name: 'location' - type: String - description: | - The geographic location where the transfer config should reside. - Examples: US, EU, asia-northeast1. The default value is US. - url_param_only: true - immutable: true - default_value: "US" - - name: 'name' - type: String - description: | - The name of the reservation. This field must only contain alphanumeric characters or dash. - url_param_only: true - required: true - immutable: true -properties: - - name: 'slotCapacity' - type: Integer - description: | - Minimum slots available to this reservation. A slot is a unit of computational power in BigQuery, and serves as the - unit of parallelism. Queries using this reservation might use more slots during runtime if ignoreIdleSlots is set to false. - required: true - - name: 'ignoreIdleSlots' - type: Boolean - description: | - If false, any query using this reservation will use idle slots from other reservations within - the same admin project. If true, a query using this reservation will execute with the slot - capacity specified above at most. - default_value: false - - name: 'concurrency' - type: Integer - description: | - Maximum number of queries that are allowed to run concurrently in this reservation. This is a soft limit due to asynchronous nature of the system and various optimizations for small queries. Default value is 0 which means that concurrency will be automatically set based on the reservation size. - default_value: 0 - - name: 'edition' - type: String - description: | - The edition type. Valid values are STANDARD, ENTERPRISE, ENTERPRISE_PLUS - immutable: true - default_from_api: true - - name: 'autoscale' - type: NestedObject - description: | - The configuration parameters for the auto scaling feature. - properties: - - name: 'currentSlots' - type: Integer - description: | - The slot capacity added to this reservation when autoscale happens. Will be between [0, max_slots]. - output: true - - name: 'maxSlots' - type: Integer - description: | - Number of slots to be scaled when needed. diff --git a/mmv1/products/bigqueryreservation/go_ReservationAssignment.yaml b/mmv1/products/bigqueryreservation/go_ReservationAssignment.yaml deleted file mode 100644 index 3ff6b78561e1..000000000000 --- a/mmv1/products/bigqueryreservation/go_ReservationAssignment.yaml +++ /dev/null @@ -1,94 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ReservationAssignment' -description: | - The BigqueryReservation Assignment resource. -references: - guides: - 'Work with reservation assignments': 'https://cloud.google.com/bigquery/docs/reservations-assignments' - api: 'https://cloud.google.com/bigquery/docs/reference/reservations/rest/v1/projects.locations.reservations.assignments' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' -self_link: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' -create_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments' -delete_url: 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' -immutable: true -import_format: - - 'projects/{{project}}/locations/{{location}}/reservations/{{reservation}}/assignments/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -nested_query: - keys: - - assignments - is_list_of_ids: false - modify_by_patch: false -custom_code: - pre_create: 'templates/terraform/pre_create/go/bigquery_reservation_assignment.go.tmpl' -legacy_long_form_project: true -examples: - - name: 'bigquery_reservation_assignment_basic' - primary_resource_id: 'assignment' - vars: - reservation_name: 'example-reservation' - test_env_vars: - project: 'PROJECT_NAME' - - name: 'bigquery_reservation_assignment_full' - primary_resource_id: 'assignment' - vars: - reservation_name: 'example-reservation' - test_env_vars: - project: 'PROJECT_NAME' - skip_docs: true -parameters: - - name: 'location' - type: String - description: The location for the resource - url_param_only: true - immutable: true - default_from_api: true - - name: 'reservation' - type: ResourceRef - description: The reservation for the resource - url_param_only: true - required: true - immutable: true - resource: 'reservation' - imports: 'name' -properties: - - name: 'name' - type: String - description: Output only. The resource name of the assignment. - output: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'assignee' - type: String - description: The resource which will use the reservation. E.g. projects/myproject, folders/123, organizations/456. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'jobType' - type: String - description: | - Types of job, which could be specified when using the reservation. Possible values: JOB_TYPE_UNSPECIFIED, PIPELINE, QUERY - required: true - - name: 'state' - type: String - description: | - Assignment will remain in PENDING state if no active capacity commitment is present. It will become ACTIVE when some capacity commitment becomes active. - Possible values: STATE_UNSPECIFIED, PENDING, ACTIVE - output: true diff --git a/mmv1/products/bigqueryreservation/go_product.yaml b/mmv1/products/bigqueryreservation/go_product.yaml deleted file mode 100644 index dd481356523f..000000000000 --- a/mmv1/products/bigqueryreservation/go_product.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BigqueryReservation' -legacy_name: 'bigquery' -display_name: 'BigQuery Reservation' -versions: - - name: 'beta' - base_url: 'https://bigqueryreservation.googleapis.com/v1/' - - name: 'ga' - base_url: 'https://bigqueryreservation.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigqueryreservation/product.yaml b/mmv1/products/bigqueryreservation/product.yaml index 1361f10043c9..a9553d41fd18 100644 --- a/mmv1/products/bigqueryreservation/product.yaml +++ b/mmv1/products/bigqueryreservation/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +11,14 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BigqueryReservation -display_name: BigQuery Reservation -legacy_name: bigquery +--- +name: 'BigqueryReservation' +legacy_name: 'bigquery' +display_name: 'BigQuery Reservation' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://bigqueryreservation.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://bigqueryreservation.googleapis.com/v1/ + - name: 'beta' + base_url: 'https://bigqueryreservation.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://bigqueryreservation.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/bigquery + - 'https://www.googleapis.com/auth/bigquery' diff --git a/mmv1/products/bigtable/AppProfile.yaml b/mmv1/products/bigtable/AppProfile.yaml index accb97a3caa1..61a71571806c 100644 --- a/mmv1/products/bigtable/AppProfile.yaml +++ b/mmv1/products/bigtable/AppProfile.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,179 +11,180 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AppProfile' kind: 'bigtable#appProfile' -base_url: projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}} -create_url: projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}&ignoreWarnings={{ignore_warnings}} -delete_url: projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}} -update_url: projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}} -update_verb: :PATCH -update_mask: true -self_link: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' description: | App profile is a configuration object describing how Cloud Bigtable should treat traffic from a particular end user application. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/bigtable/docs/reference/admin/rest/v2/projects.instances.appProfiles' +docs: id_format: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +base_url: 'projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}' +self_link: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +create_url: 'projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}&ignoreWarnings={{ignore_warnings}}' +update_url: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}}' import_format: - ['projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}'] -skip_sweeper: true + - 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/bigtable_app_profile.go.tmpl' + encoder: 'templates/terraform/encoders/bigtable_app_profile.go.tmpl' + pre_update: 'templates/terraform/pre_update/bigtable_app_profile.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'bigtable_app_profile_anycluster' + - name: 'bigtable_app_profile_anycluster' primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'bigtable_app_profile_singlecluster' + - name: 'bigtable_app_profile_singlecluster' primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'bigtable_app_profile_multicluster' + - name: 'bigtable_app_profile_multicluster' primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'bigtable_app_profile_priority' + - name: 'bigtable_app_profile_priority' primary_resource_id: 'ap' vars: instance_name: 'bt-instance' app_profile_name: 'bt-profile' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'ignore_warnings' # bigtable instance does not use the shared HTTP client, this test creates an instance skip_vcr: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/bigtable_app_profile.go.erb - extra_schema_entry: templates/terraform/extra_schema_entry/bigtable_app_profile.go.erb - pre_update: templates/terraform/pre_update/bigtable_app_profile.go.erb - parameters: - - !ruby/object:Api::Type::String - name: 'appProfileId' + - name: 'appProfileId' + type: String description: 'The unique name of the app profile in the form `[_a-zA-Z0-9][-_.a-zA-Z0-9]*`.' + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'instance' + - name: 'instance' + type: String description: 'The name of the instance to create the app profile within.' - immutable: true url_param_only: true - diff_suppress_func: tpgresource.CompareResourceNames - - !ruby/object:Api::Type::Boolean - name: 'ignoreWarnings' + immutable: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + - name: 'ignoreWarnings' + type: Boolean description: 'If true, ignore safety checks when deleting/updating the app profile.' - default_value: false url_param_only: true + default_value: false properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'The unique name of the requested app profile. Values are of the form `projects//instances//appProfiles/`.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Long form description of the use case for this app profile. - - !ruby/object:Api::Type::Boolean - name: 'multiClusterRoutingUseAny' - exactly_one_of: - - single_cluster_routing - - multi_cluster_routing_use_any + - name: 'multiClusterRoutingUseAny' + type: Boolean description: | If true, read/write requests are routed to the nearest cluster in the instance, and will fail over to the nearest cluster that is available in the event of transient errors or delays. Clusters in a region are considered equidistant. Choosing this option sacrifices read-your-writes consistency to improve availability. - custom_expand: 'templates/terraform/custom_expand/bigtable_app_profile_routing.erb' - custom_flatten: 'templates/terraform/custom_flatten/bigtable_app_profile_routing.erb' - - !ruby/object:Api::Type::NestedObject - name: 'singleClusterRouting' exactly_one_of: - - single_cluster_routing - - multi_cluster_routing_use_any + - 'single_cluster_routing' + - 'multi_cluster_routing_use_any' + custom_flatten: 'templates/terraform/custom_flatten/bigtable_app_profile_routing.tmpl' + custom_expand: 'templates/terraform/custom_expand/bigtable_app_profile_routing.tmpl' + - name: 'singleClusterRouting' + type: NestedObject description: | Use a single-cluster routing policy. + exactly_one_of: + - 'single_cluster_routing' + - 'multi_cluster_routing_use_any' properties: - - !ruby/object:Api::Type::String - name: 'clusterId' - required: true + - name: 'clusterId' + type: String description: | The cluster to which read/write requests should be routed. - - !ruby/object:Api::Type::Boolean - name: 'allowTransactionalWrites' + required: true + - name: 'allowTransactionalWrites' + type: Boolean description: | If true, CheckAndMutateRow and ReadModifyWriteRow requests are allowed by this app profile. It is unsafe to send these requests to the same table/row/column in multiple clusters. - - !ruby/object:Api::Type::NestedObject - name: 'standardIsolation' - default_from_api: true + - name: 'standardIsolation' + type: NestedObject description: | The standard options used for isolating this app profile's traffic from other use cases. + default_from_api: true conflicts: - data_boost_isolation_read_only properties: - - !ruby/object:Api::Type::Enum - name: 'priority' - required: true + - name: 'priority' + type: Enum description: | The priority of requests sent using this app profile. - values: - - :PRIORITY_LOW - - :PRIORITY_MEDIUM - - :PRIORITY_HIGH - - !ruby/object:Api::Type::NestedObject - name: 'dataBoostIsolationReadOnly' + required: true + enum_values: + - 'PRIORITY_LOW' + - 'PRIORITY_MEDIUM' + - 'PRIORITY_HIGH' + - name: 'dataBoostIsolationReadOnly' + type: NestedObject description: | Specifies that this app profile is intended for read-only usage via the Data Boost feature. conflicts: - standard_isolation properties: - - !ruby/object:Api::Type::Enum - name: 'computeBillingOwner' - required: true + - name: 'computeBillingOwner' + type: Enum description: | The Compute Billing Owner for this Data Boost App Profile. - values: - - :HOST_PAYS + required: true + enum_values: + - 'HOST_PAYS' diff --git a/mmv1/products/bigtable/go_AppProfile.yaml b/mmv1/products/bigtable/go_AppProfile.yaml deleted file mode 100644 index 02e6df173b1e..000000000000 --- a/mmv1/products/bigtable/go_AppProfile.yaml +++ /dev/null @@ -1,179 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AppProfile' -kind: 'bigtable#appProfile' -description: | - App profile is a configuration object describing how Cloud Bigtable should treat traffic from a particular end user application. -references: - guides: - api: 'https://cloud.google.com/bigtable/docs/reference/admin/rest/v2/projects.instances.appProfiles' -docs: -id_format: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' -base_url: 'projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}' -self_link: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' -create_url: 'projects/{{project}}/instances/{{instance}}/appProfiles?appProfileId={{app_profile_id}}&ignoreWarnings={{ignore_warnings}}' -update_url: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}}' -update_verb: 'PATCH' -update_mask: true -delete_url: 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}?ignoreWarnings={{ignore_warnings}}' -import_format: - - 'projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/bigtable_app_profile.go.tmpl' - encoder: 'templates/terraform/encoders/go/bigtable_app_profile.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/bigtable_app_profile.go.tmpl' -exclude_sweeper: true -examples: - - name: 'bigtable_app_profile_anycluster' - primary_resource_id: 'ap' - vars: - instance_name: 'bt-instance' - app_profile_name: 'bt-profile' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'ignore_warnings' - skip_vcr: true - - name: 'bigtable_app_profile_singlecluster' - primary_resource_id: 'ap' - vars: - instance_name: 'bt-instance' - app_profile_name: 'bt-profile' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'ignore_warnings' - skip_vcr: true - - name: 'bigtable_app_profile_multicluster' - primary_resource_id: 'ap' - vars: - instance_name: 'bt-instance' - app_profile_name: 'bt-profile' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'ignore_warnings' - skip_vcr: true - - name: 'bigtable_app_profile_priority' - primary_resource_id: 'ap' - vars: - instance_name: 'bt-instance' - app_profile_name: 'bt-profile' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'ignore_warnings' - skip_vcr: true -parameters: - - name: 'appProfileId' - type: String - description: - 'The unique name of the app profile in the form - `[_a-zA-Z0-9][-_.a-zA-Z0-9]*`.' - url_param_only: true - required: true - immutable: true - - name: 'instance' - type: String - description: 'The name of the instance to create the app profile within.' - url_param_only: true - immutable: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - - name: 'ignoreWarnings' - type: Boolean - description: - 'If true, ignore safety checks when deleting/updating the app profile.' - url_param_only: true - default_value: false -properties: - - name: 'name' - type: String - description: - 'The unique name of the requested app profile. Values are of the form - `projects//instances//appProfiles/`.' - output: true - - name: 'description' - type: String - description: | - Long form description of the use case for this app profile. - - name: 'multiClusterRoutingUseAny' - type: Boolean - description: | - If true, read/write requests are routed to the nearest cluster in the instance, and will fail over to the nearest cluster that is available - in the event of transient errors or delays. Clusters in a region are considered equidistant. Choosing this option sacrifices read-your-writes - consistency to improve availability. - exactly_one_of: - - 'single_cluster_routing' - - 'multi_cluster_routing_use_any' - custom_flatten: 'templates/terraform/custom_flatten/go/bigtable_app_profile_routing.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bigtable_app_profile_routing.tmpl' - - name: 'singleClusterRouting' - type: NestedObject - description: | - Use a single-cluster routing policy. - exactly_one_of: - - 'single_cluster_routing' - - 'multi_cluster_routing_use_any' - properties: - - name: 'clusterId' - type: String - description: | - The cluster to which read/write requests should be routed. - required: true - - name: 'allowTransactionalWrites' - type: Boolean - description: | - If true, CheckAndMutateRow and ReadModifyWriteRow requests are allowed by this app profile. - It is unsafe to send these requests to the same table/row/column in multiple clusters. - - name: 'standardIsolation' - type: NestedObject - description: | - The standard options used for isolating this app profile's traffic from other use cases. - default_from_api: true - conflicts: - - data_boost_isolation_read_only - properties: - - name: 'priority' - type: Enum - description: | - The priority of requests sent using this app profile. - required: true - enum_values: - - 'PRIORITY_LOW' - - 'PRIORITY_MEDIUM' - - 'PRIORITY_HIGH' - - name: 'dataBoostIsolationReadOnly' - type: NestedObject - description: | - Specifies that this app profile is intended for read-only usage via the Data Boost feature. - conflicts: - - standard_isolation - properties: - - name: 'computeBillingOwner' - type: Enum - description: | - The Compute Billing Owner for this Data Boost App Profile. - required: true - enum_values: - - 'HOST_PAYS' diff --git a/mmv1/products/bigtable/go_product.yaml b/mmv1/products/bigtable/go_product.yaml deleted file mode 100644 index 60e5015db2c0..000000000000 --- a/mmv1/products/bigtable/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Bigtable' -display_name: 'Cloud Bigtable' -versions: - - name: 'ga' - base_url: 'https://bigtableadmin.googleapis.com/v2/' -scopes: - - 'https://www.googleapis.com/auth/bigtable' diff --git a/mmv1/products/bigtable/product.yaml b/mmv1/products/bigtable/product.yaml index 68ad240371df..fad51306e1b8 100644 --- a/mmv1/products/bigtable/product.yaml +++ b/mmv1/products/bigtable/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2017 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Bigtable -display_name: Cloud Bigtable +--- +name: 'Bigtable' +display_name: 'Cloud Bigtable' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://bigtableadmin.googleapis.com/v2/ + - name: 'ga' + base_url: 'https://bigtableadmin.googleapis.com/v2/' scopes: - - https://www.googleapis.com/auth/bigtable + - 'https://www.googleapis.com/auth/bigtable' diff --git a/mmv1/products/billing/ProjectInfo.yaml b/mmv1/products/billing/ProjectInfo.yaml index 29ab22ea60cb..b33a18ec292a 100644 --- a/mmv1/products/billing/ProjectInfo.yaml +++ b/mmv1/products/billing/ProjectInfo.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,35 +11,41 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: ProjectInfo -base_url: 'projects/{{project}}/billingInfo' -create_verb: :PUT -delete_verb: :PUT +--- +name: 'ProjectInfo' description: | Billing information for a project. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Enable, disable, or change billing for a project': 'https://cloud.google.com/billing/docs/how-to/modify-project' api: 'https://cloud.google.com/billing/docs/reference/rest/v1/projects' +docs: id_format: 'projects/{{project}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - decoder: templates/terraform/decoders/billing_project_info.go.erb - encoder: templates/terraform/encoders/billing_project_info.go.erb - test_check_destroy: templates/terraform/custom_check_destroy/billing_project_info.go.erb +base_url: 'projects/{{project}}/billingInfo' +create_verb: 'PUT' +delete_verb: 'PUT' import_format: - ['projects/{{%project}}', '{{%project}}'] + - 'projects/{{%project}}' + - '{{%project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + encoder: 'templates/terraform/encoders/billing_project_info.go.tmpl' + decoder: 'templates/terraform/decoders/billing_project_info.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/billing_project_info.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'billing_project_info_basic' + - name: 'billing_project_info_basic' primary_resource_id: 'default' - skip_import_test: true test_env_vars: - billing_account: :BILLING_ACCT - org_id: :ORG_ID + billing_account: 'BILLING_ACCT' + org_id: 'ORG_ID' + exclude_import_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: billing_account + - name: 'billing_account' + type: String description: | The ID of the billing account associated with the project, if any. Set to empty string to disable billing for the project. diff --git a/mmv1/products/billing/go_ProjectInfo.yaml b/mmv1/products/billing/go_ProjectInfo.yaml deleted file mode 100644 index 9741a10ec7c6..000000000000 --- a/mmv1/products/billing/go_ProjectInfo.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ProjectInfo' -description: | - Billing information for a project. -references: - guides: - 'Enable, disable, or change billing for a project': 'https://cloud.google.com/billing/docs/how-to/modify-project' - api: 'https://cloud.google.com/billing/docs/reference/rest/v1/projects' -docs: -id_format: 'projects/{{project}}' -base_url: 'projects/{{project}}/billingInfo' -create_verb: 'PUT' -delete_verb: 'PUT' -import_format: - - 'projects/{{%project}}' - - '{{%project}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - encoder: 'templates/terraform/encoders/go/billing_project_info.go.tmpl' - decoder: 'templates/terraform/decoders/go/billing_project_info.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/billing_project_info.go.tmpl' -examples: - - name: 'billing_project_info_basic' - primary_resource_id: 'default' - test_env_vars: - billing_account: 'BILLING_ACCT' - org_id: 'ORG_ID' - skip_import_test: true -parameters: -properties: - - name: 'billing_account' - type: String - description: | - The ID of the billing account associated with the project, if - any. Set to empty string to disable billing for the project. - For example, `"012345-567890-ABCDEF"` or `""`. - required: true diff --git a/mmv1/products/billing/go_product.yaml b/mmv1/products/billing/go_product.yaml deleted file mode 100644 index 73fc53ab3204..000000000000 --- a/mmv1/products/billing/go_product.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CoreBilling' -legacy_name: 'billing' -display_name: 'Cloud Billing' -versions: - - name: 'ga' - base_url: 'https://cloudbilling.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/billing/product.yaml b/mmv1/products/billing/product.yaml index 926d88d2c360..3691bfe22f5a 100644 --- a/mmv1/products/billing/product.yaml +++ b/mmv1/products/billing/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +11,12 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -# "Billing" is already used by the Billing Budgets product, so we're -# forced to use a fake name and to specify `legacy_name` to have all -# resources in the `billing` namespace -name: CoreBilling -display_name: Cloud Billing -legacy_name: billing +--- +name: 'CoreBilling' +legacy_name: 'billing' +display_name: 'Cloud Billing' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudbilling.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://cloudbilling.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/billingbudget/Budget.yaml b/mmv1/products/billingbudget/Budget.yaml index 0ba4a2e3df58..54551074a0f0 100644 --- a/mmv1/products/billingbudget/Budget.yaml +++ b/mmv1/products/billingbudget/Budget.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,21 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Budget -base_url: billingAccounts/{{billing_account}}/budgets -self_link: 'billingAccounts/{{billing_account}}/budgets/{{name}}' -update_verb: :PATCH -update_mask: true +--- +name: 'Budget' description: | Budget configuration for a billing account. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Creating a budget': 'https://cloud.google.com/billing/docs/how-to/budgets' api: 'https://cloud.google.com/billing/docs/reference/budget/rest/v1/billingAccounts.budgets' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/billing_budget.erb -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true @@ -33,87 +27,91 @@ docs: !ruby/object:Provider::Terraform::Docs Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. id_format: 'billingAccounts/{{billing_account}}/budgets/{{name}}' +base_url: 'billingAccounts/{{billing_account}}/budgets' +self_link: 'billingAccounts/{{billing_account}}/budgets/{{name}}' +update_verb: 'PATCH' +update_mask: true import_format: - ['billingAccounts/{{billing_account}}/budgets/{{name}}', '{{name}}'] + - 'billingAccounts/{{billing_account}}/budgets/{{name}}' + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/billing_budget.tmpl' schema_version: 1 state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_basic' + - name: 'billing_budget_basic' primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_lastperiod' + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_lastperiod' primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_filter' + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_filter' primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_notify' + billing_acct: 'MASTER_BILLING_ACCT' + org_id: 'ORG_ID' + - name: 'billing_budget_notify' primary_resource_id: 'budget' vars: budget_name: 'Example Billing Budget' channel_name: 'Example Notification Channel' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_notify_project_recipient' + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_notify_project_recipient' primary_resource_id: 'budget' vars: budget_name: 'Example Billing Budget' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_customperiod' + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_customperiod' primary_resource_id: 'budget' vars: display_name: 'Example Billing Budget' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'billing_budget_optional' + billing_acct: 'MASTER_BILLING_ACCT' + - name: 'billing_budget_optional' primary_resource_id: 'budget' - skip_docs: true vars: display_name: 'Example Billing Budget' topic_name: 'example-topic' test_env_vars: - billing_acct: :MASTER_BILLING_ACCT + billing_acct: 'MASTER_BILLING_ACCT' + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: billingAccount + - name: 'billingAccount' + type: String description: | ID of the billing account to set a budget on. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | Resource name of the budget. The resource name implies the scope of a budget. Values are of the form billingAccounts/{billingAccountId}/budgets/{budgetId}. output: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: displayName + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'displayName' + type: String description: | User data for display name in UI. Must be <= 60 chars. - - !ruby/object:Api::Type::NestedObject - name: budgetFilter + - name: 'budgetFilter' + type: NestedObject description: | Filters that define which resources are used to compute the actual spend against the budget. @@ -129,17 +127,8 @@ properties: - 'budgetFilter.creditTypes' - 'budgetFilter.subaccounts' properties: - - !ruby/object:Api::Type::Array - name: projects - at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod + - name: 'projects' + type: Array description: | A set of projects of the form projects/{project_number}, specifying that usage from only this set of projects should be @@ -147,46 +136,57 @@ properties: all usage for the billing account, regardless of which project the usage occurred on. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: resourceAncestors at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'resourceAncestors' + type: Array description: | A set of folder and organization names of the form folders/{folderId} or organizations/{organizationId}, specifying that usage from only this set of folders and organizations should be included in the budget. If omitted, the budget includes all usage that the billing account pays for. If the folder or organization contains projects that are paid for by a different Cloud Billing account, the budget doesn't apply to those projects. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: creditTypesTreatment + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'creditTypesTreatment' + type: Enum description: | Specifies how credits should be treated when determining spend for threshold calculations. - default_value: :INCLUDE_ALL_CREDITS - values: - - :INCLUDE_ALL_CREDITS - - :EXCLUDE_ALL_CREDITS - - :INCLUDE_SPECIFIED_CREDITS at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod - - !ruby/object:Api::Type::Array - name: services + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + default_value: "INCLUDE_ALL_CREDITS" + enum_values: + - 'INCLUDE_ALL_CREDITS' + - 'EXCLUDE_ALL_CREDITS' + - 'INCLUDE_SPECIFIED_CREDITS' + - name: 'services' + type: Array description: | A set of services of the form services/{service_id}, specifying that usage from only this set of services should be @@ -194,38 +194,40 @@ properties: usage for all the services. The service names are available through the Catalog API: https://cloud.google.com/billing/v1/how-tos/catalog-api. - at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: creditTypes + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'creditTypes' + type: Array description: | Optional. If creditTypesTreatment is INCLUDE_SPECIFIED_CREDITS, this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See a list of acceptable credit type values. If creditTypesTreatment is not INCLUDE_SPECIFIED_CREDITS, this field must be empty. **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. - at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: subaccounts + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'subaccounts' + type: Array description: | A set of subaccounts of the form billingAccounts/{account_id}, specifying that usage from only this set of subaccounts should @@ -235,162 +237,161 @@ properties: account and all subaccounts, if they exist. **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. - at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + item_type: + type: String + - name: 'labels' + type: KeyValuePairs description: | A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget. - at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod default_from_api: true - custom_expand: 'templates/terraform/custom_expand/billing_budget_budget_filter_labels.erb' - custom_flatten: 'templates/terraform/custom_flatten/billing_budget_budget_filter_labels.erb' - - !ruby/object:Api::Type::Enum - name: calendarPeriod at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + custom_flatten: 'templates/terraform/custom_flatten/billing_budget_budget_filter_labels.tmpl' + custom_expand: 'templates/terraform/custom_expand/billing_budget_budget_filter_labels.tmpl' + - name: 'calendarPeriod' + type: Enum description: | A CalendarPeriod represents the abstract concept of a recurring time period that has a canonical start. Grammatically, "the start of the current CalendarPeriod". All calendar times begin at 12 AM US and Canadian Pacific Time (UTC-8). Exactly one of `calendar_period`, `custom_period` must be provided. - values: - - :MONTH - - :QUARTER - - :YEAR - - :CALENDAR_PERIOD_UNSPECIFIED - diff_suppress_func: - 'checkValAndDefaultStringSuppress("MONTH", - "budget_filter.0.custom_period.0.start_date")' - - !ruby/object:Api::Type::NestedObject - name: customPeriod at_least_one_of: - - budget_filter.0.projects - - budget_filter.0.resource_ancestors - - budget_filter.0.credit_types_treatment - - budget_filter.0.services - - budget_filter.0.subaccounts - - budget_filter.0.labels - - budget_filter.0.calendarPeriod - - budget_filter.0.customPeriod + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' + diff_suppress_func: 'checkValAndDefaultStringSuppress("MONTH", "budget_filter.0.custom_period.0.start_date")' + enum_values: + - 'MONTH' + - 'QUARTER' + - 'YEAR' + - 'CALENDAR_PERIOD_UNSPECIFIED' + - name: 'customPeriod' + type: NestedObject description: | Specifies to track usage from any start date (required) to any end date (optional). This time period is static, it does not recur. Exactly one of `calendar_period`, `custom_period` must be provided. + at_least_one_of: + - 'budget_filter.0.projects' + - 'budget_filter.0.resource_ancestors' + - 'budget_filter.0.credit_types_treatment' + - 'budget_filter.0.services' + - 'budget_filter.0.subaccounts' + - 'budget_filter.0.labels' + - 'budget_filter.0.calendarPeriod' + - 'budget_filter.0.customPeriod' properties: - - !ruby/object:Api::Type::NestedObject - name: startDate - required: true + - name: 'startDate' + type: NestedObject description: | A start date is required. The start date must be after January 1, 2017. + required: true properties: - - !ruby/object:Api::Type::Integer - name: year - required: true + - name: 'year' + type: Integer description: | Year of the date. Must be from 1 to 9999. - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntBetween(1,9999)' - - !ruby/object:Api::Type::Integer - name: month required: true + validation: + function: 'validation.IntBetween(1,9999)' + - name: 'month' + type: Integer description: | Month of a year. Must be from 1 to 12. - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntBetween(1,12)' - - !ruby/object:Api::Type::Integer - name: day required: true + validation: + function: 'validation.IntBetween(1,12)' + - name: 'day' + type: Integer description: | Day of a month. Must be from 1 to 31 and valid for the year and month. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: function: 'validation.IntBetween(1,31)' - - !ruby/object:Api::Type::NestedObject - name: endDate + - name: 'endDate' + type: NestedObject description: | Optional. The end date of the time period. Budgets with elapsed end date won't be processed. If unset, specifies to track all usage incurred since the startDate. properties: - - !ruby/object:Api::Type::Integer - name: year - required: true + - name: 'year' + type: Integer description: | Year of the date. Must be from 1 to 9999. - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntBetween(1,9999)' - - !ruby/object:Api::Type::Integer - name: month required: true + validation: + function: 'validation.IntBetween(1,9999)' + - name: 'month' + type: Integer description: | Month of a year. Must be from 1 to 12. - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntBetween(1,12)' - - !ruby/object:Api::Type::Integer - name: day required: true + validation: + function: 'validation.IntBetween(1,12)' + - name: 'day' + type: Integer description: | Day of a month. Must be from 1 to 31 and valid for the year and month. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: function: 'validation.IntBetween(1,31)' - - !ruby/object:Api::Type::NestedObject - name: amount - required: true + - name: 'amount' + type: NestedObject description: | The budgeted amount for each usage period. + required: true update_mask_fields: - 'amount.specifiedAmount.currencyCode' - 'amount.specifiedAmount.units' - 'amount.specifiedAmount.nanos' properties: - - !ruby/object:Api::Type::NestedObject - name: specifiedAmount - exactly_one_of: - - amount.0.specified_amount - - amount.0.last_period_amount + - name: 'specifiedAmount' + type: NestedObject description: | A specified amount to use as the budget. currencyCode is optional. If specified, it must match the currency of the billing account. The currencyCode is provided on output. + exactly_one_of: + - 'amount.0.specified_amount' + - 'amount.0.last_period_amount' properties: - - !ruby/object:Api::Type::String - name: currencyCode + - name: 'currencyCode' + type: String description: | The 3-letter currency code defined in ISO 4217. default_from_api: true - - !ruby/object:Api::Type::String - name: units + - name: 'units' + type: String description: | The whole units of the amount. For example if currencyCode is "USD", then 1 unit is one US dollar. - - !ruby/object:Api::Type::Integer - name: nanos + - name: 'nanos' + type: Integer description: | Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 @@ -399,49 +400,50 @@ properties: negative. If units is negative, nanos must be negative or zero. For example $-1.75 is represented as units=-1 and nanos=-750,000,000. - - !ruby/object:Api::Type::Boolean - name: 'lastPeriodAmount' - exactly_one_of: - - amount.0.specified_amount - - amount.0.last_period_amount + - name: 'lastPeriodAmount' + type: Boolean description: | Configures a budget amount that is automatically set to 100% of last period's spend. Boolean. Set value to true to use. Do not set to false, instead use the `specified_amount` block. - custom_expand: 'templates/terraform/custom_expand/bool_to_object.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/object_to_bool.go.erb' - - !ruby/object:Api::Type::Array - name: thresholdRules + exactly_one_of: + - 'amount.0.specified_amount' + - 'amount.0.last_period_amount' + custom_flatten: 'templates/terraform/custom_flatten/object_to_bool.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/bool_to_object.go.tmpl' + - name: 'thresholdRules' + type: Array description: | Rules that trigger alerts (notifications of thresholds being crossed) when spend exceeds the specified percentages of the budget. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Double - name: thresholdPercent - required: true + - name: 'thresholdPercent' + type: Double description: | Send an alert when this threshold is exceeded. This is a 1.0-based percentage, so 0.5 = 50%. Must be >= 0. + required: true send_empty_value: true - - !ruby/object:Api::Type::Enum - name: spendBasis + - name: 'spendBasis' + type: Enum description: | The type of basis used to determine if spend has passed the threshold. - default_value: :CURRENT_SPEND - values: - - :CURRENT_SPEND - - :FORECASTED_SPEND - - !ruby/object:Api::Type::NestedObject - name: allUpdatesRule - api_name: notificationsRule + default_value: "CURRENT_SPEND" + enum_values: + - 'CURRENT_SPEND' + - 'FORECASTED_SPEND' + - name: 'allUpdatesRule' + type: NestedObject description: | Defines notifications that are sent on every update to the billing account's spend, regardless of the thresholds defined using threshold rules. + api_name: notificationsRule update_mask_fields: - 'notificationsRule.pubsubTopic' - 'notificationsRule.schemaVersion' @@ -449,59 +451,60 @@ properties: - 'notificationsRule.disableDefaultIamRecipients' - 'notificationsRule.enableProjectLevelRecipients' properties: - - !ruby/object:Api::Type::String - name: pubsubTopic - at_least_one_of: - - all_updates_rule.0.pubsub_topic - - all_updates_rule.0.monitoring_notification_channels + - name: 'pubsubTopic' + type: String description: | The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form projects/{project_id}/topics/{topic_id}. Updates are sent at regular intervals to the topic. - - !ruby/object:Api::Type::String - name: schemaVersion - default_value: '1.0' + at_least_one_of: + - 'all_updates_rule.0.pubsub_topic' + - 'all_updates_rule.0.monitoring_notification_channels' + - name: 'schemaVersion' + type: String description: | The schema version of the notification. Only "1.0" is accepted. It represents the JSON schema as defined in https://cloud.google.com/billing/docs/how-to/budgets#notification_format. - custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb - - !ruby/object:Api::Type::Array - name: monitoringNotificationChannels - max_size: 5 - at_least_one_of: - - all_updates_rule.0.pubsub_topic - - all_updates_rule.0.monitoring_notification_channels + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "1.0" + - name: 'monitoringNotificationChannels' + type: Array description: | The full resource name of a monitoring notification channel in the form projects/{project_id}/notificationChannels/{channel_id}. A maximum of 5 channels are allowed. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: disableDefaultIamRecipients - default_value: false + at_least_one_of: + - 'all_updates_rule.0.pubsub_topic' + - 'all_updates_rule.0.monitoring_notification_channels' + item_type: + type: String + max_size: 5 + - name: 'disableDefaultIamRecipients' + type: Boolean description: | Boolean. When set to true, disables default notifications sent when a threshold is exceeded. Default recipients are those with Billing Account Administrators and Billing Account Users IAM roles for the target account. - - !ruby/object:Api::Type::Boolean - name: enableProjectLevelRecipients default_value: false + - name: 'enableProjectLevelRecipients' + type: Boolean description: | When set to true, and when the budget has a single project configured, notifications will be sent to project level recipients of that project. This field will be ignored if the budget has multiple or no project configured. Currently, project level recipients are the users with Owner role on a cloud project. - - !ruby/object:Api::Type::Enum - name: ownershipScope + default_value: false + - name: 'ownershipScope' + type: Enum description: | The ownership scope of the budget. The ownership scope and users' IAM permissions determine who has full access to the budget's data. - values: - - :OWNERSHIP_SCOPE_UNSPECIFIED - - :ALL_USERS - - :BILLING_ACCOUNT + enum_values: + - 'OWNERSHIP_SCOPE_UNSPECIFIED' + - 'ALL_USERS' + - 'BILLING_ACCOUNT' diff --git a/mmv1/products/billingbudget/go_Budget.yaml b/mmv1/products/billingbudget/go_Budget.yaml deleted file mode 100644 index f06b573de51e..000000000000 --- a/mmv1/products/billingbudget/go_Budget.yaml +++ /dev/null @@ -1,511 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Budget' -description: | - Budget configuration for a billing account. -references: - guides: - 'Creating a budget': 'https://cloud.google.com/billing/docs/how-to/budgets' - api: 'https://cloud.google.com/billing/docs/reference/budget/rest/v1/billingAccounts.budgets' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the Billing Budgets API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -id_format: 'billingAccounts/{{billing_account}}/budgets/{{name}}' -base_url: 'billingAccounts/{{billing_account}}/budgets' -self_link: 'billingAccounts/{{billing_account}}/budgets/{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'billingAccounts/{{billing_account}}/budgets/{{name}}' - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/billing_budget.tmpl' -schema_version: 1 -state_upgraders: true -examples: - - name: 'billing_budget_basic' - primary_resource_id: 'budget' - vars: - display_name: 'Example Billing Budget' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - - name: 'billing_budget_lastperiod' - primary_resource_id: 'budget' - vars: - display_name: 'Example Billing Budget' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - - name: 'billing_budget_filter' - primary_resource_id: 'budget' - vars: - display_name: 'Example Billing Budget' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - org_id: 'ORG_ID' - - name: 'billing_budget_notify' - primary_resource_id: 'budget' - vars: - budget_name: 'Example Billing Budget' - channel_name: 'Example Notification Channel' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - - name: 'billing_budget_notify_project_recipient' - primary_resource_id: 'budget' - vars: - budget_name: 'Example Billing Budget' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - - name: 'billing_budget_customperiod' - primary_resource_id: 'budget' - vars: - display_name: 'Example Billing Budget' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - - name: 'billing_budget_optional' - primary_resource_id: 'budget' - vars: - display_name: 'Example Billing Budget' - topic_name: 'example-topic' - test_env_vars: - billing_acct: 'MASTER_BILLING_ACCT' - skip_docs: true -parameters: - - name: 'billingAccount' - type: String - description: | - ID of the billing account to set a budget on. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Resource name of the budget. The resource name - implies the scope of a budget. Values are of the form - billingAccounts/{billingAccountId}/budgets/{budgetId}. - output: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'displayName' - type: String - description: | - User data for display name in UI. Must be <= 60 chars. - - name: 'budgetFilter' - type: NestedObject - description: | - Filters that define which resources are used to compute the actual - spend against the budget. - default_from_api: true - update_mask_fields: - - 'budgetFilter.projects' - - 'budgetFilter.resourceAncestors' - - 'budgetFilter.labels' - - 'budgetFilter.calendarPeriod' - - 'budgetFilter.customPeriod' - - 'budgetFilter.services' - - 'budgetFilter.creditTypesTreatment' - - 'budgetFilter.creditTypes' - - 'budgetFilter.subaccounts' - properties: - - name: 'projects' - type: Array - description: | - A set of projects of the form projects/{project_number}, - specifying that usage from only this set of projects should be - included in the budget. If omitted, the report will include - all usage for the billing account, regardless of which project - the usage occurred on. - is_set: true - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - item_type: - type: String - - name: 'resourceAncestors' - type: Array - description: | - A set of folder and organization names of the form folders/{folderId} or organizations/{organizationId}, - specifying that usage from only this set of folders and organizations should be included in the budget. - If omitted, the budget includes all usage that the billing account pays for. If the folder or organization - contains projects that are paid for by a different Cloud Billing account, the budget doesn't apply to those projects. - is_set: true - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - item_type: - type: String - - name: 'creditTypesTreatment' - type: Enum - description: | - Specifies how credits should be treated when determining spend - for threshold calculations. - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - default_value: "INCLUDE_ALL_CREDITS" - enum_values: - - 'INCLUDE_ALL_CREDITS' - - 'EXCLUDE_ALL_CREDITS' - - 'INCLUDE_SPECIFIED_CREDITS' - - name: 'services' - type: Array - description: | - A set of services of the form services/{service_id}, - specifying that usage from only this set of services should be - included in the budget. If omitted, the report will include - usage for all the services. The service names are available - through the Catalog API: - https://cloud.google.com/billing/v1/how-tos/catalog-api. - default_from_api: true - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - item_type: - type: String - - name: 'creditTypes' - type: Array - description: | - Optional. If creditTypesTreatment is INCLUDE_SPECIFIED_CREDITS, - this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See a list of acceptable credit type values. - If creditTypesTreatment is not INCLUDE_SPECIFIED_CREDITS, this field must be empty. - - **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. - default_from_api: true - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - item_type: - type: String - - name: 'subaccounts' - type: Array - description: | - A set of subaccounts of the form billingAccounts/{account_id}, - specifying that usage from only this set of subaccounts should - be included in the budget. If a subaccount is set to the name of - the parent account, usage from the parent account will be included. - If the field is omitted, the report will include usage from the parent - account and all subaccounts, if they exist. - - **Note:** If the field has a value in the config and needs to be removed, the field has to be an emtpy array in the config. - default_from_api: true - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - item_type: - type: String - - name: 'labels' - type: KeyValuePairs - description: | - A single label and value pair specifying that usage from only - this set of labeled resources should be included in the budget. - default_from_api: true - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - custom_flatten: 'templates/terraform/custom_flatten/go/billing_budget_budget_filter_labels.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/billing_budget_budget_filter_labels.tmpl' - - name: 'calendarPeriod' - type: Enum - description: | - A CalendarPeriod represents the abstract concept of a recurring time period that has a - canonical start. Grammatically, "the start of the current CalendarPeriod". - All calendar times begin at 12 AM US and Canadian Pacific Time (UTC-8). - - Exactly one of `calendar_period`, `custom_period` must be provided. - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - diff_suppress_func: 'checkValAndDefaultStringSuppress("MONTH", "budget_filter.0.custom_period.0.start_date")' - enum_values: - - 'MONTH' - - 'QUARTER' - - 'YEAR' - - 'CALENDAR_PERIOD_UNSPECIFIED' - - name: 'customPeriod' - type: NestedObject - description: | - Specifies to track usage from any start date (required) to any end date (optional). - This time period is static, it does not recur. - - Exactly one of `calendar_period`, `custom_period` must be provided. - at_least_one_of: - - 'budget_filter.0.projects' - - 'budget_filter.0.resource_ancestors' - - 'budget_filter.0.credit_types_treatment' - - 'budget_filter.0.services' - - 'budget_filter.0.subaccounts' - - 'budget_filter.0.labels' - - 'budget_filter.0.calendarPeriod' - - 'budget_filter.0.customPeriod' - properties: - - name: 'startDate' - type: NestedObject - description: | - A start date is required. The start date must be after January 1, 2017. - required: true - properties: - - name: 'year' - type: Integer - description: | - Year of the date. Must be from 1 to 9999. - required: true - validation: - function: 'validation.IntBetween(1,9999)' - - name: 'month' - type: Integer - description: | - Month of a year. Must be from 1 to 12. - required: true - validation: - function: 'validation.IntBetween(1,12)' - - name: 'day' - type: Integer - description: | - Day of a month. Must be from 1 to 31 and valid for the year and month. - required: true - validation: - function: 'validation.IntBetween(1,31)' - - name: 'endDate' - type: NestedObject - description: | - Optional. The end date of the time period. Budgets with elapsed end date won't be processed. - If unset, specifies to track all usage incurred since the startDate. - properties: - - name: 'year' - type: Integer - description: | - Year of the date. Must be from 1 to 9999. - required: true - validation: - function: 'validation.IntBetween(1,9999)' - - name: 'month' - type: Integer - description: | - Month of a year. Must be from 1 to 12. - required: true - validation: - function: 'validation.IntBetween(1,12)' - - name: 'day' - type: Integer - description: | - Day of a month. Must be from 1 to 31 and valid for the year and month. - required: true - validation: - function: 'validation.IntBetween(1,31)' - - name: 'amount' - type: NestedObject - description: | - The budgeted amount for each usage period. - required: true - update_mask_fields: - - 'amount.specifiedAmount.currencyCode' - - 'amount.specifiedAmount.units' - - 'amount.specifiedAmount.nanos' - properties: - - name: 'specifiedAmount' - type: NestedObject - description: | - A specified amount to use as the budget. currencyCode is - optional. If specified, it must match the currency of the - billing account. The currencyCode is provided on output. - exactly_one_of: - - 'amount.0.specified_amount' - - 'amount.0.last_period_amount' - properties: - - name: 'currencyCode' - type: String - description: | - The 3-letter currency code defined in ISO 4217. - default_from_api: true - - name: 'units' - type: String - description: | - The whole units of the amount. For example if currencyCode - is "USD", then 1 unit is one US dollar. - - name: 'nanos' - type: Integer - description: | - Number of nano (10^-9) units of the amount. - The value must be between -999,999,999 and +999,999,999 - inclusive. If units is positive, nanos must be positive or - zero. If units is zero, nanos can be positive, zero, or - negative. If units is negative, nanos must be negative or - zero. For example $-1.75 is represented as units=-1 and - nanos=-750,000,000. - - name: 'lastPeriodAmount' - type: Boolean - description: | - Configures a budget amount that is automatically set to 100% of - last period's spend. - Boolean. Set value to true to use. Do not set to false, instead - use the `specified_amount` block. - exactly_one_of: - - 'amount.0.specified_amount' - - 'amount.0.last_period_amount' - custom_flatten: 'templates/terraform/custom_flatten/go/object_to_bool.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/bool_to_object.go.tmpl' - - name: 'thresholdRules' - type: Array - description: | - Rules that trigger alerts (notifications of thresholds being - crossed) when spend exceeds the specified percentages of the - budget. - item_type: - type: NestedObject - properties: - - name: 'thresholdPercent' - type: Double - description: | - Send an alert when this threshold is exceeded. This is a - 1.0-based percentage, so 0.5 = 50%. Must be >= 0. - required: true - send_empty_value: true - - name: 'spendBasis' - type: Enum - description: | - The type of basis used to determine if spend has passed - the threshold. - default_value: "CURRENT_SPEND" - enum_values: - - 'CURRENT_SPEND' - - 'FORECASTED_SPEND' - - name: 'allUpdatesRule' - type: NestedObject - description: | - Defines notifications that are sent on every update to the - billing account's spend, regardless of the thresholds defined - using threshold rules. - api_name: notificationsRule - update_mask_fields: - - 'notificationsRule.pubsubTopic' - - 'notificationsRule.schemaVersion' - - 'notificationsRule.monitoringNotificationChannels' - - 'notificationsRule.disableDefaultIamRecipients' - - 'notificationsRule.enableProjectLevelRecipients' - properties: - - name: 'pubsubTopic' - type: String - description: | - The name of the Cloud Pub/Sub topic where budget related - messages will be published, in the form - projects/{project_id}/topics/{topic_id}. Updates are sent - at regular intervals to the topic. - at_least_one_of: - - 'all_updates_rule.0.pubsub_topic' - - 'all_updates_rule.0.monitoring_notification_channels' - - name: 'schemaVersion' - type: String - description: | - The schema version of the notification. Only "1.0" is - accepted. It represents the JSON schema as defined in - https://cloud.google.com/billing/docs/how-to/budgets#notification_format. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "1.0" - - name: 'monitoringNotificationChannels' - type: Array - description: | - The full resource name of a monitoring notification - channel in the form - projects/{project_id}/notificationChannels/{channel_id}. - A maximum of 5 channels are allowed. - at_least_one_of: - - 'all_updates_rule.0.pubsub_topic' - - 'all_updates_rule.0.monitoring_notification_channels' - item_type: - type: String - max_size: 5 - - name: 'disableDefaultIamRecipients' - type: Boolean - description: | - Boolean. When set to true, disables default notifications sent - when a threshold is exceeded. Default recipients are - those with Billing Account Administrators and Billing - Account Users IAM roles for the target account. - default_value: false - - name: 'enableProjectLevelRecipients' - type: Boolean - description: | - When set to true, and when the budget has a single project configured, - notifications will be sent to project level recipients of that project. - This field will be ignored if the budget has multiple or no project configured. - - Currently, project level recipients are the users with Owner role on a cloud project. - default_value: false - - name: 'ownershipScope' - type: Enum - description: | - The ownership scope of the budget. The ownership scope and users' - IAM permissions determine who has full access to the budget's data. - enum_values: - - 'OWNERSHIP_SCOPE_UNSPECIFIED' - - 'ALL_USERS' - - 'BILLING_ACCOUNT' diff --git a/mmv1/products/billingbudget/go_product.yaml b/mmv1/products/billingbudget/go_product.yaml deleted file mode 100644 index dd0e8fe2b43d..000000000000 --- a/mmv1/products/billingbudget/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Billing' -display_name: 'Cloud Billing' -versions: - - name: 'ga' - base_url: 'https://billingbudgets.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/billingbudget/product.yaml b/mmv1/products/billingbudget/product.yaml index 327c5b10e622..cc25e6f5ac4f 100644 --- a/mmv1/products/billingbudget/product.yaml +++ b/mmv1/products/billingbudget/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Billing -# Strictly speaking it should be Billing Budget but setting it to Cloud Billing will put in the same doc section as billing accounts. -display_name: Cloud Billing +--- +name: 'Billing' +display_name: 'Cloud Billing' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://billingbudgets.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://billingbudgets.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/binaryauthorization/Attestor.yaml b/mmv1/products/binaryauthorization/Attestor.yaml index 80cf3859e255..b5bc05f30bdb 100644 --- a/mmv1/products/binaryauthorization/Attestor.yaml +++ b/mmv1/products/binaryauthorization/Attestor.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,64 +11,68 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Attestor' -base_url: projects/{{project}}/attestors?attestorId={{name}} -self_link: projects/{{project}}/attestors/{{name}} description: | An attestor that attests to container image artifacts. -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'attestor' - method_name_separator: ':' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/binary-authorization/' api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' -import_format: ['projects/{{project}}/attestors/{{name}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/binaryauthorization_attestor.go.erb' +docs: +base_url: 'projects/{{project}}/attestors?attestorId={{name}}' +self_link: 'projects/{{project}}/attestors/{{name}}' +import_format: + - 'projects/{{project}}/attestors/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'attestor' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: + constants: 'templates/terraform/constants/binaryauthorization_attestor.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'binary_authorization_attestor_basic' + - name: 'binary_authorization_attestor_basic' primary_resource_id: 'attestor' - primary_resource_name: "fmt.Sprintf(\"tf-test-test-attestor%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-test-attestor%s", context["random_suffix"])' vars: attestor_name: 'test-attestor' note_name: 'test-attestor-note' - - !ruby/object:Provider::Terraform::Examples - name: 'binary_authorization_attestor_kms' + - name: 'binary_authorization_attestor_kms' primary_resource_id: 'attestor' - skip_test: true vars: attestor_name: 'test-attestor' note_name: 'test-attestor-note' key_name: 'test-attestor-key' keyring_name: 'test-attestor-key-ring' + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name. required: true immutable: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - - !ruby/object:Api::Type::String - name: description + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'description' + type: String description: | A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs. - - !ruby/object:Api::Type::NestedObject - name: attestationAuthorityNote - api_name: userOwnedGrafeasNote + - name: 'attestationAuthorityNote' + type: NestedObject description: | A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. + api_name: userOwnedGrafeasNote required: true properties: - - !ruby/object:Api::Type::String - name: noteReference + - name: 'noteReference' + type: String description: | The resource name of a ATTESTATION_AUTHORITY Note, created by the user. If the Note is in a different project from the Attestor, it @@ -79,10 +83,10 @@ properties: and that links to this Note. required: true immutable: true - custom_expand: 'templates/terraform/custom_expand/container_analysis_note.erb' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::Array - name: publicKeys + custom_expand: 'templates/terraform/custom_expand/container_analysis_note.tmpl' + - name: 'publicKeys' + type: Array description: | Public keys that verify attestations signed by this attestor. This field may be updated. @@ -91,14 +95,15 @@ properties: image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: comment + - name: 'comment' + type: String description: | A descriptive comment. This field may be updated. - - !ruby/object:Api::Type::String - name: id + - name: 'id' + type: String description: | The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to @@ -107,8 +112,8 @@ properties: be imposed based on which public key type is encapsulated. See the documentation on publicKey cases below for details. default_from_api: true - - !ruby/object:Api::Type::String - name: asciiArmoredPgpPublicKey + - name: 'asciiArmoredPgpPublicKey' + type: String # TODO (mbang): Exactly one of asciiArmoredPgpPublicKey or pkixPublicKey must be set description: | ASCII-armored representation of a PGP public key, as the @@ -120,8 +125,8 @@ properties: as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If id is provided by the caller, it will be overwritten by the API-calculated ID. - - !ruby/object:Api::Type::NestedObject - name: pkixPublicKey + - name: 'pkixPublicKey' + type: NestedObject # TODO (mbang): Exactly one of asciiArmoredPgpPublicKey or pkixPublicKey must be set description: | A raw PKIX SubjectPublicKeyInfo format public key. @@ -131,13 +136,13 @@ properties: blank, a default one will be computed based on the digest of the DER encoding of the public key. properties: - - !ruby/object:Api::Type::String - name: publicKeyPem + - name: 'publicKeyPem' + type: String description: | A PEM-encoded public key, as described in `https://tools.ietf.org/html/rfc7468#section-13` - - !ruby/object:Api::Type::String - name: signatureAlgorithm + - name: 'signatureAlgorithm' + type: String description: | The signature algorithm used to verify a message against a signature using this key. These signature algorithm must @@ -145,8 +150,8 @@ properties: publicKeyPem (i.e. this algorithm must match that of the public key). diff_suppress_func: 'CompareSignatureAlgorithm' - - !ruby/object:Api::Type::String - name: delegationServiceAccountEmail + - name: 'delegationServiceAccountEmail' + type: String description: | This field will contain the service account email address that this Attestor will use as the principal when querying Container diff --git a/mmv1/products/binaryauthorization/Policy.yaml b/mmv1/products/binaryauthorization/Policy.yaml index ef683478ba83..592dd3fcdafe 100644 --- a/mmv1/products/binaryauthorization/Policy.yaml +++ b/mmv1/products/binaryauthorization/Policy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,70 +11,76 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Policy' -base_url: projects/{{project}}/policy -self_link: projects/{{project}}/policy description: | A policy for container image binary authorization. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/binary-authorization/' api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' -create_verb: :PUT -delete_verb: :PUT +docs: id_format: 'projects/{{project}}' -import_format: ['projects/{{project}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/binaryauthorization_policy.erb' - pre_delete: 'templates/terraform/pre_delete/restore_default_binaryauthorization_policy.erb' +base_url: 'projects/{{project}}/policy' +self_link: 'projects/{{project}}/policy' +create_verb: 'PUT' +delete_verb: 'PUT' +import_format: + - 'projects/{{project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/binaryauthorization_policy.tmpl' + pre_delete: 'templates/terraform/pre_delete/restore_default_binaryauthorization_policy.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'binary_authorization_policy_basic' + - name: 'binary_authorization_policy_basic' primary_resource_id: 'policy' - skip_test: true vars: attestor_name: 'test-attestor' note_name: 'test-attestor-note' - - !ruby/object:Provider::Terraform::Examples - name: 'binary_authorization_policy_global_evaluation' + exclude_test: true + - name: 'binary_authorization_policy_global_evaluation' primary_resource_id: 'policy' - skip_test: true vars: attestor_name: 'test-attestor' note_name: 'test-attestor-note' + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: A descriptive comment. - - !ruby/object:Api::Type::Enum - name: globalPolicyEvaluationMode + - name: 'globalPolicyEvaluationMode' + type: Enum description: | Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. - values: - - :ENABLE - - :DISABLE default_from_api: true - - !ruby/object:Api::Type::Array - name: admissionWhitelistPatterns + enum_values: + - 'ENABLE' + - 'DISABLE' + - name: 'admissionWhitelistPatterns' + type: Array description: | A whitelist of image patterns to exclude from admission rules. If an image's name matches a whitelist pattern, the image's admission requests will always be permitted regardless of your admission rules. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: namePattern - required: true + - name: 'namePattern' + type: String description: | An image name pattern to whitelist, in the form `registry/path/to/image`. This supports a trailing * as a wildcard, but this is allowed only in text after the registry/ part. - - !ruby/object:Api::Type::Map - name: clusterAdmissionRules + required: true + - name: 'clusterAdmissionRules' + type: Map description: | Per-cluster admission rules. An admission rule specifies either that all container images used in a pod creation request must be attested @@ -86,7 +92,6 @@ properties: Identifier format: `{{location}}.{{clusterId}}`. A location is either a compute zone (e.g. `us-central1-a`) or a region (e.g. `us-central1`). - key_name: cluster is_set: true set_hash_func: |- func(v interface{}) int { @@ -112,19 +117,21 @@ properties: schema.SerializeResourceForHash(&buf, copy, ResourceBinaryAuthorizationPolicy().Schema["cluster_admission_rules"].Elem.(*schema.Resource)) return tpgresource.Hashcode(buf.String()) } - value_type: !ruby/object:Api::Type::NestedObject + key_name: 'cluster' + value_type: name: clusterAdmissionRule + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: evaluationMode - required: true + - name: 'evaluationMode' + type: Enum description: How this admission rule will be evaluated. - values: - - :ALWAYS_ALLOW - - :REQUIRE_ATTESTATION - - :ALWAYS_DENY - - !ruby/object:Api::Type::Array - name: requireAttestationsBy + required: true + enum_values: + - 'ALWAYS_ALLOW' + - 'REQUIRE_ATTESTATION' + - 'ALWAYS_DENY' + - name: 'requireAttestationsBy' + type: Array description: | The resource names of the attestors that must attest to a container image. If the attestor is in a different project from the @@ -136,35 +143,36 @@ properties: Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty. is_set: true - set_hash_func: tpgresource.SelfLinkNameHash - custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.erb' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: enforcementMode - required: true + set_hash_func: tpgresource.SelfLinkNameHash + custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.tmpl' + item_type: + type: String + - name: 'enforcementMode' + type: Enum description: | The action when a pod creation is denied by the admission rule. - values: - - :ENFORCED_BLOCK_AND_AUDIT_LOG - - :DRYRUN_AUDIT_LOG_ONLY - - !ruby/object:Api::Type::NestedObject - name: defaultAdmissionRule + required: true + enum_values: + - 'ENFORCED_BLOCK_AND_AUDIT_LOG' + - 'DRYRUN_AUDIT_LOG_ONLY' + - name: 'defaultAdmissionRule' + type: NestedObject description: | Default admission rule for a cluster without a per-cluster admission rule. required: true properties: - - !ruby/object:Api::Type::Enum - name: evaluationMode + - name: 'evaluationMode' + type: Enum description: How this admission rule will be evaluated. required: true - values: - - :ALWAYS_ALLOW - - :REQUIRE_ATTESTATION - - :ALWAYS_DENY - - !ruby/object:Api::Type::Array - name: requireAttestationsBy + enum_values: + - 'ALWAYS_ALLOW' + - 'REQUIRE_ATTESTATION' + - 'ALWAYS_DENY' + - name: 'requireAttestationsBy' + type: Array description: | The resource names of the attestors that must attest to a container image. If the attestor is in a different project from the @@ -176,15 +184,16 @@ properties: Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty. is_set: true - set_hash_func: tpgresource.SelfLinkNameHash - custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.erb' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: enforcementMode - required: true + set_hash_func: tpgresource.SelfLinkNameHash + custom_expand: 'templates/terraform/custom_expand/binaryauthorization_attestors.tmpl' + item_type: + type: String + - name: 'enforcementMode' + type: Enum description: | The action when a pod creation is denied by the admission rule. - values: - - :ENFORCED_BLOCK_AND_AUDIT_LOG - - :DRYRUN_AUDIT_LOG_ONLY + required: true + enum_values: + - 'ENFORCED_BLOCK_AND_AUDIT_LOG' + - 'DRYRUN_AUDIT_LOG_ONLY' diff --git a/mmv1/products/binaryauthorization/go_Attestor.yaml b/mmv1/products/binaryauthorization/go_Attestor.yaml deleted file mode 100644 index 6ebbeb770a0e..000000000000 --- a/mmv1/products/binaryauthorization/go_Attestor.yaml +++ /dev/null @@ -1,164 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Attestor' -description: | - An attestor that attests to container image artifacts. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/binary-authorization/' - api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' -docs: -base_url: 'projects/{{project}}/attestors?attestorId={{name}}' -self_link: 'projects/{{project}}/attestors/{{name}}' -import_format: - - 'projects/{{project}}/attestors/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'attestor' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: - constants: 'templates/terraform/constants/go/binaryauthorization_attestor.go.tmpl' -examples: - - name: 'binary_authorization_attestor_basic' - primary_resource_id: 'attestor' - primary_resource_name: 'fmt.Sprintf("tf-test-test-attestor%s", context["random_suffix"])' - vars: - attestor_name: 'test-attestor' - note_name: 'test-attestor-note' - - name: 'binary_authorization_attestor_kms' - primary_resource_id: 'attestor' - vars: - attestor_name: 'test-attestor' - note_name: 'test-attestor-note' - key_name: 'test-attestor-key' - keyring_name: 'test-attestor-key-ring' - skip_test: true -parameters: -properties: - - name: 'name' - type: String - description: | - The resource name. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'description' - type: String - description: | - A descriptive comment. This field may be updated. The field may be - displayed in chooser dialogs. - - name: 'attestationAuthorityNote' - type: NestedObject - description: | - A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. - api_name: userOwnedGrafeasNote - required: true - properties: - - name: 'noteReference' - type: String - description: | - The resource name of a ATTESTATION_AUTHORITY Note, created by the - user. If the Note is in a different project from the Attestor, it - should be specified in the format `projects/*/notes/*` (or the legacy - `providers/*/notes/*`). This field may not be updated. - An attestation by this attestor is stored as a Container Analysis - ATTESTATION_AUTHORITY Occurrence that names a container image - and that links to this Note. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/container_analysis_note.tmpl' - - name: 'publicKeys' - type: Array - description: | - Public keys that verify attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified public keys must - verify that an attestation was signed by this attestor for the - image specified in the admission request. - If this field is empty, this attestor always returns that no valid - attestations exist. - item_type: - type: NestedObject - properties: - - name: 'comment' - type: String - description: | - A descriptive comment. This field may be updated. - - name: 'id' - type: String - description: | - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can - be imposed based on which public key type is encapsulated. - See the documentation on publicKey cases below for details. - default_from_api: true - - name: 'asciiArmoredPgpPublicKey' - type: String - description: | - ASCII-armored representation of a PGP public key, as the - entire output by the command - `gpg --export --armor foo@example.com` (either LF or CRLF - line endings). When using this field, id should be left - blank. The BinAuthz API handlers will calculate the ID - and fill it in automatically. BinAuthz computes this ID - as the OpenPGP RFC4880 V4 fingerprint, represented as - upper-case hex. If id is provided by the caller, it will - be overwritten by the API-calculated ID. - - name: 'pkixPublicKey' - type: NestedObject - description: | - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: id may be explicitly provided by the caller when using this - type of public key, but it MUST be a valid RFC3986 URI. If id is left - blank, a default one will be computed based on the digest of the DER - encoding of the public key. - properties: - - name: 'publicKeyPem' - type: String - description: | - A PEM-encoded public key, as described in - `https://tools.ietf.org/html/rfc7468#section-13` - - name: 'signatureAlgorithm' - type: String - description: | - The signature algorithm used to verify a message against - a signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - publicKeyPem (i.e. this algorithm must match that of the - public key). - diff_suppress_func: 'CompareSignatureAlgorithm' - - name: 'delegationServiceAccountEmail' - type: String - description: | - This field will contain the service account email address that - this Attestor will use as the principal when querying Container - Analysis. Attestor administrators must grant this service account - the IAM role needed to read attestations from the noteReference in - Container Analysis (containeranalysis.notes.occurrences.viewer). - This email address is fixed for the lifetime of the Attestor, but - callers should not make any other assumptions about the service - account email; future versions may use an email based on a - different naming pattern. - output: true diff --git a/mmv1/products/binaryauthorization/go_Policy.yaml b/mmv1/products/binaryauthorization/go_Policy.yaml deleted file mode 100644 index c8a9530d02cd..000000000000 --- a/mmv1/products/binaryauthorization/go_Policy.yaml +++ /dev/null @@ -1,200 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Policy' -description: | - A policy for container image binary authorization. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/binary-authorization/' - api: 'https://cloud.google.com/binary-authorization/docs/reference/rest/' -docs: -id_format: 'projects/{{project}}' -base_url: 'projects/{{project}}/policy' -self_link: 'projects/{{project}}/policy' -create_verb: 'PUT' -delete_verb: 'PUT' -import_format: - - 'projects/{{project}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/binaryauthorization_policy.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/restore_default_binaryauthorization_policy.tmpl' -examples: - - name: 'binary_authorization_policy_basic' - primary_resource_id: 'policy' - vars: - attestor_name: 'test-attestor' - note_name: 'test-attestor-note' - skip_test: true - - name: 'binary_authorization_policy_global_evaluation' - primary_resource_id: 'policy' - vars: - attestor_name: 'test-attestor' - note_name: 'test-attestor-note' - skip_test: true -parameters: -properties: - - name: 'description' - type: String - description: A descriptive comment. - - name: 'globalPolicyEvaluationMode' - type: Enum - description: | - Controls the evaluation of a Google-maintained global admission policy - for common system-level images. Images not covered by the global - policy will be subject to the project admission policy. - default_from_api: true - enum_values: - - 'ENABLE' - - 'DISABLE' - - name: 'admissionWhitelistPatterns' - type: Array - description: | - A whitelist of image patterns to exclude from admission rules. If an - image's name matches a whitelist pattern, the image's admission - requests will always be permitted regardless of your admission rules. - item_type: - type: NestedObject - properties: - - name: 'namePattern' - type: String - description: | - An image name pattern to whitelist, in the form - `registry/path/to/image`. This supports a trailing * as a - wildcard, but this is allowed only in text after the registry/ - part. - required: true - - name: 'clusterAdmissionRules' - type: Map - description: | - Per-cluster admission rules. An admission rule specifies either that - all container images used in a pod creation request must be attested - to by one or more attestors, that all pod creations will be allowed, - or that all pod creations will be denied. There can be at most one - admission rule per cluster spec. - - - Identifier format: `{{location}}.{{clusterId}}`. - A location is either a compute zone (e.g. `us-central1-a`) or a region - (e.g. `us-central1`). - is_set: true - set_hash_func: |- - func(v interface{}) int { - // require_attestations_by is a set of strings that can have the format - // projects/{project}/attestors/{attestor} or {attestor}. We diffsuppress - // and hash that set on the name, but now we need to make sure that the - // overall hash here respects that so changing the attestor format doesn't - // change the hash code of cluster_admission_rules. - raw := v.(map[string]interface{}) - - // modifying raw actually modifies the values passed to the provider. - // Use a copy to avoid that. - copy := make((map[string]interface{})) - for key, value := range raw { - copy[key] = value - } - at := copy["require_attestations_by"].(*schema.Set) - if at != nil { - t := tpgresource.ConvertAndMapStringArr(at.List(), tpgresource.GetResourceNameFromSelfLink) - copy["require_attestations_by"] = schema.NewSet(tpgresource.SelfLinkNameHash, tpgresource.ConvertStringArrToInterface(t)) - } - var buf bytes.Buffer - schema.SerializeResourceForHash(&buf, copy, ResourceBinaryAuthorizationPolicy().Schema["cluster_admission_rules"].Elem.(*schema.Resource)) - return tpgresource.Hashcode(buf.String()) - } - key_name: 'cluster' - value_type: - name: clusterAdmissionRule - type: NestedObject - properties: - - name: 'evaluationMode' - type: Enum - description: How this admission rule will be evaluated. - required: true - enum_values: - - 'ALWAYS_ALLOW' - - 'REQUIRE_ATTESTATION' - - 'ALWAYS_DENY' - - name: 'requireAttestationsBy' - type: Array - description: | - The resource names of the attestors that must attest to a - container image. If the attestor is in a different project from the - policy, it should be specified in the format `projects/*/attestors/*`. - Each attestor must exist before a policy can reference it. To add an - attestor to a policy the principal issuing the policy change - request must be able to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode field - specifies REQUIRE_ATTESTATION, otherwise it must be empty. - is_set: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - set_hash_func: tpgresource.SelfLinkNameHash - custom_expand: 'templates/terraform/custom_expand/go/binaryauthorization_attestors.tmpl' - item_type: - type: String - - name: 'enforcementMode' - type: Enum - description: | - The action when a pod creation is denied by the admission rule. - required: true - enum_values: - - 'ENFORCED_BLOCK_AND_AUDIT_LOG' - - 'DRYRUN_AUDIT_LOG_ONLY' - - name: 'defaultAdmissionRule' - type: NestedObject - description: | - Default admission rule for a cluster without a per-cluster admission - rule. - required: true - properties: - - name: 'evaluationMode' - type: Enum - description: How this admission rule will be evaluated. - required: true - enum_values: - - 'ALWAYS_ALLOW' - - 'REQUIRE_ATTESTATION' - - 'ALWAYS_DENY' - - name: 'requireAttestationsBy' - type: Array - description: | - The resource names of the attestors that must attest to a - container image. If the attestor is in a different project from the - policy, it should be specified in the format `projects/*/attestors/*`. - Each attestor must exist before a policy can reference it. To add an - attestor to a policy the principal issuing the policy change - request must be able to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode field - specifies REQUIRE_ATTESTATION, otherwise it must be empty. - is_set: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - set_hash_func: tpgresource.SelfLinkNameHash - custom_expand: 'templates/terraform/custom_expand/go/binaryauthorization_attestors.tmpl' - item_type: - type: String - - name: 'enforcementMode' - type: Enum - description: | - The action when a pod creation is denied by the admission rule. - required: true - enum_values: - - 'ENFORCED_BLOCK_AND_AUDIT_LOG' - - 'DRYRUN_AUDIT_LOG_ONLY' diff --git a/mmv1/products/binaryauthorization/go_product.yaml b/mmv1/products/binaryauthorization/go_product.yaml deleted file mode 100644 index 42b186f46051..000000000000 --- a/mmv1/products/binaryauthorization/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BinaryAuthorization' -display_name: 'Binary Authorization' -versions: - - name: 'ga' - base_url: 'https://binaryauthorization.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/binaryauthorization/product.yaml b/mmv1/products/binaryauthorization/product.yaml index a28ef18b1fc8..39944b0f8be9 100644 --- a/mmv1/products/binaryauthorization/product.yaml +++ b/mmv1/products/binaryauthorization/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BinaryAuthorization -display_name: Binary Authorization +--- +name: 'BinaryAuthorization' +display_name: 'Binary Authorization' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://binaryauthorization.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://binaryauthorization.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml b/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml index 4e3efcfebc0f..02692648783f 100644 --- a/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml +++ b/mmv1/products/blockchainnodeengine/BlockchainNodes.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,211 +11,208 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BlockchainNodes' -base_url: projects/{{project}}/locations/{{location}}/blockchainNodes -self_link: 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' -import_format: ['projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}'] -create_url: projects/{{project}}/locations/{{location}}/blockchainNodes?blockchain_node_id={{blockchain_node_id}} description: | A representation of a blockchain node. -timeouts: !ruby/object:Api::Timeouts +references: + guides: + 'Official Documentation': 'https://cloud.google.com/blockchain-node-engine' + api: 'https://cloud.google.com/blockchain-node-engine/docs/reference/rest/v1/projects.locations.blockchainNodes' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/blockchainNodes' +self_link: 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/blockchainNodes?blockchain_node_id={{blockchain_node_id}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' +timeouts: insert_minutes: 45 + update_minutes: 20 delete_minutes: 35 - autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' - -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/blockchain-node-engine' - api: 'https://cloud.google.com/blockchain-node-engine/docs/reference/rest/v1/projects.locations.blockchainNodes' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'blockchain_nodes_basic' + - name: 'blockchain_nodes_basic' primary_resource_id: 'default_node' vars: blockchain_node_id: 'blockchain_basic_node' - - !ruby/object:Provider::Terraform::Examples - name: 'blockchain_nodes_geth_details' + - name: 'blockchain_nodes_geth_details' primary_resource_id: 'default_node_geth' vars: blockchain_node_id: 'blockchain_geth_node' parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: | Location of Blockchain Node being created. - immutable: true - required: true - url_param_only: true - - !ruby/object:Api::Type::String - name: blockchainNodeId url_param_only: true required: true + immutable: true + - name: 'blockchainNodeId' + type: String description: | ID of the requesting object. + url_param_only: true + required: true properties: - - !ruby/object:Api::Type::String - name: name - output: true + - name: 'name' + type: String description: | The fully qualified name of the blockchain node. e.g. projects/my-project/locations/us-central1/blockchainNodes/my-node. - - !ruby/object:Api::Type::String - name: createTime output: true + - name: 'createTime' + type: String description: | The timestamp at which the blockchain node was first created. - - !ruby/object:Api::Type::String - name: updateTime output: true + - name: 'updateTime' + type: String description: | The timestamp at which the blockchain node was last updated. - - !ruby/object:Api::Type::KeyValueLabels - name: labels + output: true + - name: 'labels' + type: KeyValueLabels description: | User-provided key-value pairs - - !ruby/object:Api::Type::NestedObject - name: connectionInfo - output: true + - name: 'connectionInfo' + type: NestedObject description: | The connection information through which to interact with a blockchain node. + output: true properties: - - !ruby/object:Api::Type::String - name: serviceAttachment - output: true + - name: 'serviceAttachment' + type: String description: | A service attachment that exposes a node, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name} - - !ruby/object:Api::Type::NestedObject - name: endpointInfo output: true + - name: 'endpointInfo' + type: NestedObject description: | The endpoint information through which to interact with a blockchain node. + output: true properties: - - !ruby/object:Api::Type::String - name: jsonRpcApiEndpoint - output: true + - name: 'jsonRpcApiEndpoint' + type: String description: | The assigned URL for the node JSON-RPC API endpoint. - - !ruby/object:Api::Type::String - name: websocketsApiEndpoint output: true + - name: 'websocketsApiEndpoint' + type: String description: | The assigned URL for the node WebSockets API endpoint. - - !ruby/object:Api::Type::NestedObject - name: ethereumDetails + output: true + - name: 'ethereumDetails' + type: NestedObject description: | User-provided key-value pairs properties: - - !ruby/object:Api::Type::NestedObject - name: validatorConfig + - name: 'validatorConfig' + type: NestedObject description: | Configuration for validator-related parameters on the beacon client, and for any managed validator client. properties: - - !ruby/object:Api::Type::Array - name: mevRelayUrls - item_type: Api::Type::String + - name: 'mevRelayUrls' + type: Array description: | URLs for MEV-relay services to use for block building. When set, a managed MEV-boost service is configured on the beacon client. - - !ruby/object:Api::Type::NestedObject - name: gethDetails + item_type: + type: String + - name: 'gethDetails' + type: NestedObject description: | User-provided key-value pairs properties: - - !ruby/object:Api::Type::Enum - name: garbageCollectionMode - immutable: true - values: - - :FULL - - :ARCHIVE + - name: 'garbageCollectionMode' + type: Enum description: | Blockchain garbage collection modes. Only applicable when NodeType is FULL or ARCHIVE. - - !ruby/object:Api::Type::NestedObject - name: additionalEndpoints - output: true + immutable: true + enum_values: + - 'FULL' + - 'ARCHIVE' + - name: 'additionalEndpoints' + type: NestedObject description: | User-provided key-value pairs + output: true properties: - - !ruby/object:Api::Type::String - name: beaconApiEndpoint - output: true + - name: 'beaconApiEndpoint' + type: String description: | The assigned URL for the node's Beacon API endpoint. - - !ruby/object:Api::Type::String - name: beaconPrometheusMetricsApiEndpoint output: true + - name: 'beaconPrometheusMetricsApiEndpoint' + type: String description: | The assigned URL for the node's Beacon Prometheus metrics endpoint. - - !ruby/object:Api::Type::String - name: executionClientPrometheusMetricsApiEndpoint output: true + - name: 'executionClientPrometheusMetricsApiEndpoint' + type: String description: | The assigned URL for the node's execution client's Prometheus metrics endpoint. - - !ruby/object:Api::Type::Enum - name: network - immutable: true - values: - - :MAINNET - - :TESTNET_GOERLI_PRATER - - :TESTNET_SEPOLIA + output: true + - name: 'network' + type: Enum description: | The Ethereum environment being accessed. - - !ruby/object:Api::Type::Enum - name: nodeType immutable: true - values: - - :LIGHT - - :FULL - - :ARCHIVE + enum_values: + - 'MAINNET' + - 'TESTNET_GOERLI_PRATER' + - 'TESTNET_SEPOLIA' + - name: 'nodeType' + type: Enum description: | The type of Ethereum node. - - !ruby/object:Api::Type::Enum - name: executionClient immutable: true - values: - - :EXECUTION_CLIENT_UNSPECIFIED - - :GETH - - :ERIGON + enum_values: + - 'LIGHT' + - 'FULL' + - 'ARCHIVE' + - name: 'executionClient' + type: Enum description: | The execution client - - !ruby/object:Api::Type::Enum - name: consensusClient immutable: true - values: - - :CONSENSUS_CLIENT_UNSPECIFIED - - :LIGHTHOUSE + enum_values: + - 'EXECUTION_CLIENT_UNSPECIFIED' + - 'GETH' + - 'ERIGON' + - name: 'consensusClient' + type: Enum description: | The consensus client - - !ruby/object:Api::Type::Boolean - name: apiEnableAdmin immutable: true + enum_values: + - 'CONSENSUS_CLIENT_UNSPECIFIED' + - 'LIGHTHOUSE' + - name: 'apiEnableAdmin' + type: Boolean description: | Enables JSON-RPC access to functions in the admin namespace. Defaults to false. - - !ruby/object:Api::Type::Boolean - name: apiEnableDebug immutable: true + - name: 'apiEnableDebug' + type: Boolean description: | Enables JSON-RPC access to functions in the debug namespace. Defaults to false. - - !ruby/object:Api::Type::Enum - name: blockchainType - immutable: true - values: - - :ETHEREUM + immutable: true + - name: 'blockchainType' + type: Enum description: | User-provided key-value pairs + immutable: true + enum_values: + - 'ETHEREUM' diff --git a/mmv1/products/blockchainnodeengine/go_BlockchainNodes.yaml b/mmv1/products/blockchainnodeengine/go_BlockchainNodes.yaml deleted file mode 100644 index 52a335f99759..000000000000 --- a/mmv1/products/blockchainnodeengine/go_BlockchainNodes.yaml +++ /dev/null @@ -1,219 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BlockchainNodes' -description: | - A representation of a blockchain node. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/blockchain-node-engine' - api: 'https://cloud.google.com/blockchain-node-engine/docs/reference/rest/v1/projects.locations.blockchainNodes' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/blockchainNodes' -self_link: 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/blockchainNodes?blockchain_node_id={{blockchain_node_id}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/blockchainNodes/{{blockchain_node_id}}' -timeouts: - insert_minutes: 45 - update_minutes: 20 - delete_minutes: 35 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'blockchain_nodes_basic' - primary_resource_id: 'default_node' - vars: - blockchain_node_id: 'blockchain_basic_node' - - name: 'blockchain_nodes_geth_details' - primary_resource_id: 'default_node_geth' - vars: - blockchain_node_id: 'blockchain_geth_node' -parameters: - - name: 'location' - type: String - description: | - Location of Blockchain Node being created. - url_param_only: true - required: true - immutable: true - - name: 'blockchainNodeId' - type: String - description: | - ID of the requesting object. - url_param_only: true - required: true -properties: - - name: 'name' - type: String - description: | - The fully qualified name of the blockchain node. e.g. projects/my-project/locations/us-central1/blockchainNodes/my-node. - output: true - - name: 'createTime' - type: String - description: | - The timestamp at which the blockchain node was first created. - output: true - - name: 'updateTime' - type: String - description: | - The timestamp at which the blockchain node was last updated. - output: true - - name: 'labels' - type: KeyValueLabels - description: | - User-provided key-value pairs - - name: 'connectionInfo' - type: NestedObject - description: | - The connection information through which to interact with a blockchain node. - output: true - properties: - - name: 'serviceAttachment' - type: String - description: | - A service attachment that exposes a node, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name} - output: true - - name: 'endpointInfo' - type: NestedObject - description: | - The endpoint information through which to interact with a blockchain node. - output: true - properties: - - name: 'jsonRpcApiEndpoint' - type: String - description: | - The assigned URL for the node JSON-RPC API endpoint. - output: true - - name: 'websocketsApiEndpoint' - type: String - description: | - The assigned URL for the node WebSockets API endpoint. - output: true - - name: 'ethereumDetails' - type: NestedObject - description: | - User-provided key-value pairs - properties: - - name: 'validatorConfig' - type: NestedObject - description: | - Configuration for validator-related parameters on the beacon client, and for any managed validator client. - properties: - - name: 'mevRelayUrls' - type: Array - description: | - URLs for MEV-relay services to use for block building. When set, a managed MEV-boost service is configured on the beacon client. - item_type: - type: String - - name: 'gethDetails' - type: NestedObject - description: | - User-provided key-value pairs - properties: - - name: 'garbageCollectionMode' - type: Enum - description: | - Blockchain garbage collection modes. Only applicable when NodeType is FULL or ARCHIVE. - immutable: true - enum_values: - - 'FULL' - - 'ARCHIVE' - - name: 'additionalEndpoints' - type: NestedObject - description: | - User-provided key-value pairs - output: true - properties: - - name: 'beaconApiEndpoint' - type: String - description: | - The assigned URL for the node's Beacon API endpoint. - output: true - - name: 'beaconPrometheusMetricsApiEndpoint' - type: String - description: | - The assigned URL for the node's Beacon Prometheus metrics endpoint. - output: true - - name: 'executionClientPrometheusMetricsApiEndpoint' - type: String - description: | - The assigned URL for the node's execution client's Prometheus metrics endpoint. - output: true - - name: 'network' - type: Enum - description: | - The Ethereum environment being accessed. - immutable: true - enum_values: - - 'MAINNET' - - 'TESTNET_GOERLI_PRATER' - - 'TESTNET_SEPOLIA' - - name: 'nodeType' - type: Enum - description: | - The type of Ethereum node. - immutable: true - enum_values: - - 'LIGHT' - - 'FULL' - - 'ARCHIVE' - - name: 'executionClient' - type: Enum - description: | - The execution client - immutable: true - enum_values: - - 'EXECUTION_CLIENT_UNSPECIFIED' - - 'GETH' - - 'ERIGON' - - name: 'consensusClient' - type: Enum - description: | - The consensus client - immutable: true - enum_values: - - 'CONSENSUS_CLIENT_UNSPECIFIED' - - 'LIGHTHOUSE' - - name: 'apiEnableAdmin' - type: Boolean - description: | - Enables JSON-RPC access to functions in the admin namespace. Defaults to false. - immutable: true - - name: 'apiEnableDebug' - type: Boolean - description: | - Enables JSON-RPC access to functions in the debug namespace. Defaults to false. - immutable: true - - name: 'blockchainType' - type: Enum - description: | - User-provided key-value pairs - immutable: true - enum_values: - - 'ETHEREUM' diff --git a/mmv1/products/blockchainnodeengine/go_product.yaml b/mmv1/products/blockchainnodeengine/go_product.yaml deleted file mode 100644 index 58a091264f55..000000000000 --- a/mmv1/products/blockchainnodeengine/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BlockchainNodeEngine' -display_name: 'Blockchain node engine' -versions: - - name: 'ga' - base_url: 'https://blockchainnodeengine.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/blockchainnodeengine/product.yaml b/mmv1/products/blockchainnodeengine/product.yaml index 44a2c027fe3f..da48df9a20cd 100644 --- a/mmv1/products/blockchainnodeengine/product.yaml +++ b/mmv1/products/blockchainnodeengine/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,11 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: BlockchainNodeEngine +--- +name: 'BlockchainNodeEngine' +display_name: 'Blockchain node engine' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://blockchainnodeengine.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://blockchainnodeengine.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/certificatemanager/Certificate.yaml b/mmv1/products/certificatemanager/Certificate.yaml index 8cc6cee712f6..9f78e181c7aa 100644 --- a/mmv1/products/certificatemanager/Certificate.yaml +++ b/mmv1/products/certificatemanager/Certificate.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,41 +11,43 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Certificate' +description: | + Certificate represents a HTTP-reachable backend for a Certificate. +docs: +id_format: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' base_url: 'projects/{{project}}/locations/{{location}}/certificates' -create_url: 'projects/{{project}}/locations/{{location}}/certificates?certificateId={{name}}' self_link: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' -update_verb: :PATCH +create_url: 'projects/{{project}}/locations/{{location}}/certificates?certificateId={{name}}' +update_verb: 'PATCH' update_mask: true -description: | - Certificate represents a HTTP-reachable backend for a Certificate. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs -autogen_async: true -import_format: - ['projects/{{project}}/locations/{{location}}/certificates/{{name}}'] -id_format: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' +custom_code: + constants: 'templates/terraform/constants/cert_manager.tmpl' schema_version: 1 state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_google_managed_certificate_dns' + - name: 'certificate_manager_google_managed_certificate_dns' primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' @@ -53,34 +55,29 @@ examples: dns_auth_name2: 'dns-auth2' dns_auth_subdomain2: 'subdomain2' cert_name: 'dns-cert' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_google_managed_certificate_issuance_config' + - name: 'certificate_manager_google_managed_certificate_issuance_config' primary_resource_id: 'default' vars: cert_name: 'issuance-config-cert' ca_name: 'ca-authority' pool_name: 'ca-pool' issuance_config_name: 'issuance-config' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_self_managed_certificate' + - name: 'certificate_manager_self_managed_certificate' primary_resource_id: 'default' vars: cert_name: 'self-managed-cert' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_self_managed_certificate_regional' + - name: 'certificate_manager_self_managed_certificate_regional' primary_resource_id: 'default' vars: cert_name: 'self-managed-cert' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_google_managed_certificate_issuance_config_all_regions' + - name: 'certificate_manager_google_managed_certificate_issuance_config_all_regions' primary_resource_id: 'default' vars: cert_name: 'issuance-config-cert' ca_name: 'ca-authority' pool_name: 'ca-pool' issuance_config_name: 'issuance-config' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_google_managed_certificate_dns_all_regions' + - name: 'certificate_manager_google_managed_certificate_dns_all_regions' primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' @@ -88,43 +85,39 @@ examples: dns_auth_name2: 'dns-auth2' dns_auth_subdomain2: 'subdomain2' cert_name: 'dns-cert' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_google_managed_regional_certificate_dns_auth' + - name: 'certificate_manager_google_managed_regional_certificate_dns_auth' primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' dns_auth_subdomain: 'subdomain' cert_name: 'dns-cert' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/cert_manager.erb parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true - url_param_only: true + - name: 'name' + type: String description: | A user-defined name of the certificate. Certificate names must be unique The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. - - !ruby/object:Api::Type::String - name: 'location' + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String description: | The Certificate Manager location. If not specified, "global" is used. - default_value: global - immutable: true url_param_only: true + immutable: true + default_value: "global" properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A human-readable description of the resource. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: 'Set of label tags associated with the Certificate resource.' - - !ruby/object:Api::Type::String - name: scope - immutable: true + - name: 'scope' + type: String description: | The scope of the certificate. @@ -136,156 +129,159 @@ properties: ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs). See https://cloud.google.com/compute/docs/regions-zones - default_value: DEFAULT + immutable: true diff_suppress_func: 'certManagerDefaultScopeDiffSuppress' - - !ruby/object:Api::Type::Array - name: sanDnsnames - output: true + default_value: "DEFAULT" + - name: 'sanDnsnames' + type: Array description: | The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6) - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: selfManaged - immutable: true - exactly_one_of: - - self_managed - - managed + output: true + item_type: + type: String + - name: 'selfManaged' + type: NestedObject description: | Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility. + immutable: true ignore_read: true + exactly_one_of: + - 'self_managed' + - 'managed' properties: - - !ruby/object:Api::Type::String - name: certificatePem - immutable: true - exactly_one_of: - - self_managed.0.certificate_pem - - self_managed.0.pem_certificate - deprecation_message: >- - `certificate_pem` is deprecated and will be removed in a future major release. Use `pem_certificate` instead. + - name: 'certificatePem' + type: String description: | The certificate chain in PEM-encoded form. Leaf certificate comes first, followed by intermediate ones if any. - sensitive: true - - !ruby/object:Api::Type::String - name: privateKeyPem immutable: true + sensitive: true exactly_one_of: - - self_managed.0.private_key_pem - - self_managed.0.pem_private_key - deprecation_message: >- - `private_key_pem` is deprecated and will be removed in a future major release. Use `pem_private_key` instead. + - 'self_managed.0.certificate_pem' + - 'self_managed.0.pem_certificate' + deprecation_message: '`certificate_pem` is deprecated and will be removed in a future major release. Use `pem_certificate` instead.' + - name: 'privateKeyPem' + type: String description: | The private key of the leaf certificate in PEM-encoded form. - sensitive: true - - !ruby/object:Api::Type::String - name: pemCertificate immutable: true + sensitive: true exactly_one_of: - - self_managed.0.certificate_pem - - self_managed.0.pem_certificate + - 'self_managed.0.private_key_pem' + - 'self_managed.0.pem_private_key' + deprecation_message: '`private_key_pem` is deprecated and will be removed in a future major release. Use `pem_private_key` instead.' + - name: 'pemCertificate' + type: String description: | The certificate chain in PEM-encoded form. Leaf certificate comes first, followed by intermediate ones if any. - - !ruby/object:Api::Type::String - name: pemPrivateKey immutable: true exactly_one_of: - - self_managed.0.private_key_pem - - self_managed.0.pem_private_key + - 'self_managed.0.certificate_pem' + - 'self_managed.0.pem_certificate' + - name: 'pemPrivateKey' + type: String description: | The private key of the leaf certificate in PEM-encoded form. + immutable: true sensitive: true - - !ruby/object:Api::Type::NestedObject - name: managed - immutable: true - exactly_one_of: - - self_managed - - managed + exactly_one_of: + - 'self_managed.0.private_key_pem' + - 'self_managed.0.pem_private_key' + - name: 'managed' + type: NestedObject description: | Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so. + immutable: true + exactly_one_of: + - 'self_managed' + - 'managed' properties: - - !ruby/object:Api::Type::Array - name: domains - immutable: true + - name: 'domains' + type: Array description: | The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: dnsAuthorizations immutable: true + item_type: + type: String + - name: 'dnsAuthorizations' + type: Array description: | Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: issuanceConfig immutable: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + item_type: + type: String + - name: 'issuanceConfig' + type: String description: | The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + immutable: true # when the certificate is created with issuanceConfig in the format "projects/{{project_id}}/locations/global/certificateIssuanceConfigs/{{CICName}}", the # format changes in the response message to "projects/{{project_number}}/locations/global/certificateIssuanceConfigs/{{CICName}}". That causes the tests to fail # that's why "tpgresource.CompareResourceNames" is needed. diff_suppress_func: 'tpgresource.CompareResourceNames' - - !ruby/object:Api::Type::String - name: 'state' - output: true + - name: 'state' + type: String description: | A state of this Managed Certificate. - - !ruby/object:Api::Type::NestedObject - name: 'provisioningIssue' output: true + - name: 'provisioningIssue' + type: NestedObject description: | Information about issues with provisioning this Managed Certificate. + output: true properties: - - !ruby/object:Api::Type::String - name: 'reason' - output: true + - name: 'reason' + type: String description: | Reason for provisioning failures. - - !ruby/object:Api::Type::String - name: details output: true + - name: 'details' + type: String description: | Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use `reason` field. - - !ruby/object:Api::Type::Array - name: 'authorizationAttemptInfo' - output: true + output: true + - name: 'authorizationAttemptInfo' + type: Array description: | Detailed state of the latest authorization attempt for each domain specified for this Managed Certificate. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: domain - output: true + - name: 'domain' + type: String description: | Domain name of the authorization attempt. - - !ruby/object:Api::Type::String - name: 'state' output: true + - name: 'state' + type: String description: | State of the domain for managed certificate issuance. - - !ruby/object:Api::Type::String - name: 'failureReason' output: true + - name: 'failureReason' + type: String description: | Reason for failure of the authorization attempt for the domain. - - !ruby/object:Api::Type::String - name: details output: true + - name: 'details' + type: String description: | Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use `failure_reason` field. + output: true diff --git a/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml b/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml index 4991e6493662..31c8f35909c9 100644 --- a/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml +++ b/mmv1/products/certificatemanager/CertificateIssuanceConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,126 +11,124 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'CertificateIssuanceConfig' -base_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs' -create_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs?certificateIssuanceConfigId={{name}}' -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + Certificate represents a HTTP-reachable backend for a Certificate. +references: guides: 'Manage certificate issuance configs': 'https://cloud.google.com/certificate-manager/docs/issuance-configs' api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificateIssuanceConfigs' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs' +create_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs?certificateIssuanceConfigId={{name}}' immutable: true -schema_version: 1 -state_upgraders: true -description: | - Certificate represents a HTTP-reachable backend for a Certificate. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs -autogen_async: true -import_format: - [ - 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}', - ] +custom_code: +schema_version: 1 +state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_certificate_issuance_config' + - name: 'certificate_manager_certificate_issuance_config' primary_resource_id: 'default' vars: ca_name: 'ca-authority' pool_name: 'ca-pool' issuance_config_name: 'issuance-config' - parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally. url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + required: true + - name: 'location' + type: String description: | The Certificate Manager location. If not specified, "global" is used. - default_value: global - immutable: true url_param_only: true + immutable: true + default_value: "global" properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | One or more paragraphs of text description of a CertificateIssuanceConfig. - - !ruby/object:Api::Type::Integer - name: 'rotationWindowPercentage' + - name: 'rotationWindowPercentage' + type: Integer description: | It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive. You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after the certificate has been issued and at least 7 days before it expires. required: true - - !ruby/object:Api::Type::Enum - name: keyAlgorithm + - name: 'keyAlgorithm' + type: Enum description: | Key algorithm to use when generating the private key. - values: - - :RSA_2048 - - :ECDSA_P256 required: true - - !ruby/object:Api::Type::String - name: 'lifetime' + enum_values: + - 'RSA_2048' + - 'ECDSA_P256' + - name: 'lifetime' + type: String description: | Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s) required: true - - !ruby/object:Api::Type::String - name: 'createTime' + - name: 'createTime' + type: String description: | The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | 'Set of label tags associated with the CertificateIssuanceConfig resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. - - !ruby/object:Api::Type::NestedObject - name: 'certificateAuthorityConfig' + - name: 'certificateAuthorityConfig' + type: NestedObject description: | The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. required: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'certificateAuthorityServiceConfig' + - name: 'certificateAuthorityServiceConfig' + type: NestedObject description: Defines a CertificateAuthorityServiceConfig. properties: - - !ruby/object:Api::Type::String - name: 'caPool' - required: true + - name: 'caPool' + type: String description: | A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{caPool}". + required: true diff_suppress_func: 'tpgresource.CompareResourceNames' diff --git a/mmv1/products/certificatemanager/CertificateMap.yaml b/mmv1/products/certificatemanager/CertificateMap.yaml index b6c051317849..05b8281082f3 100644 --- a/mmv1/products/certificatemanager/CertificateMap.yaml +++ b/mmv1/products/certificatemanager/CertificateMap.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,104 +11,108 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'CertificateMap' -base_url: 'projects/{{project}}/locations/global/certificateMaps' -create_url: 'projects/{{project}}/locations/global/certificateMaps?certificateMapId={{name}}' -self_link: 'projects/{{project}}/locations/global/certificateMaps/{{name}}' -update_verb: :PATCH -update_mask: true description: | CertificateMap defines a collection of certificate configurations, which are usable by any associated target proxies -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +base_url: 'projects/{{project}}/locations/global/certificateMaps' +self_link: 'projects/{{project}}/locations/global/certificateMaps/{{name}}' +create_url: 'projects/{{project}}/locations/global/certificateMaps?certificateMapId={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/global/certificateMaps/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs -autogen_async: true -import_format: - ['projects/{{project}}/locations/global/certificateMaps/{{name}}'] +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_certificate_map_basic' + - name: 'certificate_manager_certificate_map_basic' primary_resource_id: 'default' vars: cert_map_name: 'cert-map' parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true - url_param_only: true + - name: 'name' + type: String description: | A user-defined name of the Certificate Map. Certificate Map names must be unique globally and match the pattern `projects/*/locations/*/certificateMaps/*`. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A human-readable description of the resource. - - !ruby/object:Api::Type::String - name: 'createTime' - output: true + - name: 'createTime' + type: String description: | Creation timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Time - name: 'updateTime' + output: true + - name: 'updateTime' + type: Time description: | Update timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, accurate to nanoseconds with up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Set of labels associated with a Certificate Map resource. - - !ruby/object:Api::Type::Array - name: 'gclbTargets' + - name: 'gclbTargets' + type: Array description: | A list of target proxies that use this Certificate Map output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'ipConfigs' + - name: 'ipConfigs' + type: Array description: | An IP configuration where this Certificate Map is serving - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'ipAddress' + - name: 'ipAddress' + type: String description: | An external IP address - - !ruby/object:Api::Type::Array - name: 'ports' + - name: 'ports' + type: Array description: | A list of ports - item_type: Api::Type::Integer - - !ruby/object:Api::Type::String - name: 'targetHttpsProxy' + item_type: + type: Integer + - name: 'targetHttpsProxy' + type: String description: | Proxy name must be in the format projects/*/locations/*/targetHttpsProxies/*. This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or `targetSslProxy` may be set. - - !ruby/object:Api::Type::String - name: 'targetSslProxy' + - name: 'targetSslProxy' + type: String description: | Proxy name must be in the format projects/*/locations/*/targetSslProxies/*. This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or diff --git a/mmv1/products/certificatemanager/CertificateMapEntry.yaml b/mmv1/products/certificatemanager/CertificateMapEntry.yaml index aa1ac5d57570..aaa6e9f12a96 100644 --- a/mmv1/products/certificatemanager/CertificateMapEntry.yaml +++ b/mmv1/products/certificatemanager/CertificateMapEntry.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,37 +11,38 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'CertificateMapEntry' -base_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries' -create_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries?certificateMapEntryId={{name}}' -self_link: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}' -update_verb: :PATCH -update_mask: true description: | CertificateMapEntry is a list of certificate configurations, that have been issued for a particular hostname -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +base_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries' +self_link: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}' +create_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries?certificateMapEntryId={{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'state' - complete: 'ACTIVE' - allowed: - - 'PENDING' - - 'ACTIVE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs -autogen_async: true +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_certificate_map_entry_full' + - name: 'certificate_manager_certificate_map_entry_full' primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' @@ -50,83 +51,83 @@ examples: dns_auth_subdomain2: 'subdomain2' cert_map_entry_name: 'cert-map-entry' parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: - true + - name: 'name' + type: String # url_param_only: true description: | A user-defined name of the Certificate Map Entry. Certificate Map Entry names must be unique globally and match pattern 'projects/*/locations/*/certificateMaps/*/certificateMapEntries/*' - custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::ResourceRef - name: 'map' required: true immutable: true - url_param_only: true - imports: 'name' - resource: 'CertificateMap' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + - name: 'map' + type: ResourceRef description: | A map entry that is inputted into the cetrificate map - custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb + url_param_only: true + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + resource: 'CertificateMap' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A human-readable description of the resource. - - !ruby/object:Api::Type::String - name: 'createTime' - output: true + - name: 'createTime' + type: String description: | Creation timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Time - name: 'updateTime' + output: true + - name: 'updateTime' + type: Time description: | Update timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Set of labels associated with a Certificate Map Entry. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::Array - name: 'certificates' - required: true + - name: 'certificates' + type: Array description: | A set of Certificates defines for the given hostname. There can be defined up to fifteen certificates in each Certificate Map Entry. Each certificate must match pattern projects/*/locations/*/certificates/*. - diff_suppress_func: tpgresource.ProjectNumberDiffSuppress - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'state' - output: true + required: true + diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' + item_type: + type: String + - name: 'state' + type: String description: | A serving state of this Certificate Map Entry. - - !ruby/object:Api::Type::String - name: 'hostname' - immutable: true + output: true + - name: 'hostname' + type: String description: | A Hostname (FQDN, e.g. example.com) or a wildcard hostname expression (*.example.com) for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for selecting a proper certificate. - exactly_one_of: - - hostname - - matcher - - !ruby/object:Api::Type::String - name: 'matcher' immutable: true exactly_one_of: - - hostname - - matcher + - 'hostname' + - 'matcher' + - name: 'matcher' + type: String description: | A predefined matcher for particular cases, other than SNI selection + immutable: true + exactly_one_of: + - 'hostname' + - 'matcher' diff --git a/mmv1/products/certificatemanager/DnsAuthorization.yaml b/mmv1/products/certificatemanager/DnsAuthorization.yaml index 92e1acdd3494..5c0cd5a83485 100644 --- a/mmv1/products/certificatemanager/DnsAuthorization.yaml +++ b/mmv1/products/certificatemanager/DnsAuthorization.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,88 +11,88 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DnsAuthorization' +description: | + DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. +docs: base_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations' -create_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations?dnsAuthorizationId={{name}}' self_link: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' -update_verb: :PATCH +create_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations?dnsAuthorizationId={{name}}' +update_verb: 'PATCH' update_mask: true -description: | - DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs -autogen_async: true -import_format: - ['projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}'] +custom_code: schema_version: 1 state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_dns_authorization_basic' + - name: 'certificate_manager_dns_authorization_basic' primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' zone_name: 'my-zone' subdomain: 'subdomain' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_dns_authorization_regional' + - name: 'certificate_manager_dns_authorization_regional' primary_resource_id: 'default' vars: dns_auth_name: 'dns-auth' zone_name: 'my-zone' subdomain: 'subdomain' parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true - url_param_only: true + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. - - !ruby/object:Api::Type::String - name: 'location' + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String description: | The Certificate Manager location. If not specified, "global" is used. - default_value: global - immutable: true url_param_only: true + immutable: true + default_value: "global" properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A human-readable description of the resource. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: 'Set of label tags associated with the DNS Authorization resource.' - - !ruby/object:Api::Type::String - name: 'domain' - immutable: true - required: true + - name: 'domain' + type: String description: | A domain which is being authorized. A DnsAuthorization resource covers a single domain and its wildcard, e.g. authorization for "example.com" can be used to issue certificates for "example.com" and "*.example.com". - - !ruby/object:Api::Type::Enum - name: type + required: true + immutable: true + - name: 'type' + type: Enum description: | type of DNS authorization. If unset during the resource creation, FIXED_RECORD will be used for global resources, and PER_PROJECT_RECORD will be used for other locations. @@ -103,31 +103,31 @@ properties: of Google-managed certificates with DNS authorization across multiple projects. immutable: true - values: - - :FIXED_RECORD - - :PER_PROJECT_RECORD default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'dnsResourceRecord' - output: true + enum_values: + - 'FIXED_RECORD' + - 'PER_PROJECT_RECORD' + - name: 'dnsResourceRecord' + type: NestedObject description: | The structure describing the DNS Resource Record that needs to be added to DNS configuration for the authorization to be usable by certificate. + output: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Fully qualified name of the DNS Resource Record. E.g. `_acme-challenge.example.com`. - - !ruby/object:Api::Type::String - name: 'type' output: true + - name: 'type' + type: String description: | Type of the DNS Resource Record. - - !ruby/object:Api::Type::String - name: 'data' output: true + - name: 'data' + type: String description: | Data of the DNS Resource Record. + output: true diff --git a/mmv1/products/certificatemanager/TrustConfig.yaml b/mmv1/products/certificatemanager/TrustConfig.yaml index 414c639bf9da..de5776b10f4e 100644 --- a/mmv1/products/certificatemanager/TrustConfig.yaml +++ b/mmv1/products/certificatemanager/TrustConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,130 +11,134 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TrustConfig' -base_url: 'projects/{{project}}/locations/{{location}}/trustConfigs' -create_url: 'projects/{{project}}/locations/{{location}}/trustConfigs?trustConfigId={{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' -update_verb: :PATCH description: | TrustConfig represents a resource that represents your Public Key Infrastructure (PKI) configuration in Certificate Manager for use in mutual TLS authentication scenarios. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/certificate-manager/docs' api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.trustConfigs/create' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/trustConfigs' +self_link: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/trustConfigs?trustConfigId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs -autogen_async: true -import_format: - ['projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}'] -id_format: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_trust_config' + - name: 'certificate_manager_trust_config' primary_resource_id: 'default' vars: trust_config_name: 'trust-config' - - !ruby/object:Provider::Terraform::Examples - name: 'certificate_manager_trust_config_allowlisted_certificates' + - name: 'certificate_manager_trust_config_allowlisted_certificates' primary_resource_id: 'default' vars: trust_config_name: 'trust-config' parameters: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true - url_param_only: true + - name: 'name' + type: String description: | A user-defined name of the trust config. Trust config names must be unique globally. - - !ruby/object:Api::Type::String - name: 'location' + url_param_only: true required: true + immutable: true + - name: 'location' + type: String description: | The trust config location. - immutable: true url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::Time - name: 'createTime' + - name: 'createTime' + type: Time description: | The creation timestamp of a TrustConfig. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::Time - name: 'updateTime' + - name: 'updateTime' + type: Time description: | The last update timestamp of a TrustConfig. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: 'Set of label tags associated with the trust config.' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | One or more paragraphs of text description of a trust config. - - !ruby/object:Api::Type::Array - name: trustStores + - name: 'trustStores' + type: Array description: | Set of trust stores to perform validation against. This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: trustAnchors + - name: 'trustAnchors' + type: Array description: | List of Trust Anchors to be used while performing validation against a given TrustStore. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'pemCertificate' + - name: 'pemCertificate' + type: String description: | PEM root certificate of the PKI used for validation. Each certificate provided in PEM format may occupy up to 5kB. sensitive: true - - !ruby/object:Api::Type::Array - name: intermediateCas + - name: 'intermediateCas' + type: Array description: | Set of intermediate CA certificates used for the path building phase of chain validation. The field is currently not supported if trust config is used for the workload certificate feature. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'pemCertificate' + - name: 'pemCertificate' + type: String description: | PEM intermediate certificate used for building up paths for validation. Each certificate provided in PEM format may occupy up to 5kB. sensitive: true - - !ruby/object:Api::Type::Array - name: allowlistedCertificates + - name: 'allowlistedCertificates' + type: Array description: | Allowlisted PEM-encoded certificates. A certificate matching an allowlisted certificate is always considered valid as long as the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'pemCertificate' + - name: 'pemCertificate' + type: String description: | PEM certificate that is allowlisted. The certificate can be up to 5k bytes, and must be a parseable X.509 certificate. required: true diff --git a/mmv1/products/certificatemanager/go_Certificate.yaml b/mmv1/products/certificatemanager/go_Certificate.yaml deleted file mode 100644 index 1dab11d18490..000000000000 --- a/mmv1/products/certificatemanager/go_Certificate.yaml +++ /dev/null @@ -1,288 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Certificate' -description: | - Certificate represents a HTTP-reachable backend for a Certificate. -docs: -id_format: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/certificates' -self_link: 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/certificates?certificateId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/certificates/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/cert_manager.tmpl' -schema_version: 1 -state_upgraders: true -examples: - - name: 'certificate_manager_google_managed_certificate_dns' - primary_resource_id: 'default' - vars: - dns_auth_name: 'dns-auth' - dns_auth_subdomain: 'subdomain' - dns_auth_name2: 'dns-auth2' - dns_auth_subdomain2: 'subdomain2' - cert_name: 'dns-cert' - - name: 'certificate_manager_google_managed_certificate_issuance_config' - primary_resource_id: 'default' - vars: - cert_name: 'issuance-config-cert' - ca_name: 'ca-authority' - pool_name: 'ca-pool' - issuance_config_name: 'issuance-config' - - name: 'certificate_manager_self_managed_certificate' - primary_resource_id: 'default' - vars: - cert_name: 'self-managed-cert' - - name: 'certificate_manager_self_managed_certificate_regional' - primary_resource_id: 'default' - vars: - cert_name: 'self-managed-cert' - - name: 'certificate_manager_google_managed_certificate_issuance_config_all_regions' - primary_resource_id: 'default' - vars: - cert_name: 'issuance-config-cert' - ca_name: 'ca-authority' - pool_name: 'ca-pool' - issuance_config_name: 'issuance-config' - - name: 'certificate_manager_google_managed_certificate_dns_all_regions' - primary_resource_id: 'default' - vars: - dns_auth_name: 'dns-auth' - dns_auth_subdomain: 'subdomain' - dns_auth_name2: 'dns-auth2' - dns_auth_subdomain2: 'subdomain2' - cert_name: 'dns-cert' - - name: 'certificate_manager_google_managed_regional_certificate_dns_auth' - primary_resource_id: 'default' - vars: - dns_auth_name: 'dns-auth' - dns_auth_subdomain: 'subdomain' - cert_name: 'dns-cert' -parameters: - - name: 'name' - type: String - description: | - A user-defined name of the certificate. Certificate names must be unique - The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, - and all following characters must be a dash, underscore, letter or digit. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The Certificate Manager location. If not specified, "global" is used. - url_param_only: true - immutable: true - default_value: "global" -properties: - - name: 'description' - type: String - description: | - A human-readable description of the resource. - - name: 'labels' - type: KeyValueLabels - description: 'Set of label tags associated with the Certificate resource.' - - name: 'scope' - type: String - description: | - The scope of the certificate. - - DEFAULT: Certificates with default scope are served from core Google data centers. - If unsure, choose this option. - - EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence. - See https://cloud.google.com/vpc/docs/edge-locations. - - ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs). - See https://cloud.google.com/compute/docs/regions-zones - immutable: true - diff_suppress_func: 'certManagerDefaultScopeDiffSuppress' - default_value: "DEFAULT" - - name: 'sanDnsnames' - type: Array - description: | - The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6) - output: true - item_type: - type: String - - name: 'selfManaged' - type: NestedObject - description: | - Certificate data for a SelfManaged Certificate. - SelfManaged Certificates are uploaded by the user. Updating such - certificates before they expire remains the user's responsibility. - immutable: true - ignore_read: true - exactly_one_of: - - 'self_managed' - - 'managed' - properties: - - name: 'certificatePem' - type: String - description: | - The certificate chain in PEM-encoded form. - - Leaf certificate comes first, followed by intermediate ones if any. - immutable: true - sensitive: true - exactly_one_of: - - 'self_managed.0.certificate_pem' - - 'self_managed.0.pem_certificate' - deprecation_message: '`certificate_pem` is deprecated and will be removed in a future major release. Use `pem_certificate` instead.' - - name: 'privateKeyPem' - type: String - description: | - The private key of the leaf certificate in PEM-encoded form. - immutable: true - sensitive: true - exactly_one_of: - - 'self_managed.0.private_key_pem' - - 'self_managed.0.pem_private_key' - deprecation_message: '`private_key_pem` is deprecated and will be removed in a future major release. Use `pem_private_key` instead.' - - name: 'pemCertificate' - type: String - description: | - The certificate chain in PEM-encoded form. - - Leaf certificate comes first, followed by intermediate ones if any. - immutable: true - exactly_one_of: - - 'self_managed.0.certificate_pem' - - 'self_managed.0.pem_certificate' - - name: 'pemPrivateKey' - type: String - description: | - The private key of the leaf certificate in PEM-encoded form. - immutable: true - sensitive: true - exactly_one_of: - - 'self_managed.0.private_key_pem' - - 'self_managed.0.pem_private_key' - - name: 'managed' - type: NestedObject - description: | - Configuration and state of a Managed Certificate. - Certificate Manager provisions and renews Managed Certificates - automatically, for as long as it's authorized to do so. - immutable: true - exactly_one_of: - - 'self_managed' - - 'managed' - properties: - - name: 'domains' - type: Array - description: | - The domains for which a managed SSL certificate will be generated. - Wildcard domains are only supported with DNS challenge resolution - immutable: true - item_type: - type: String - - name: 'dnsAuthorizations' - type: Array - description: | - Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - item_type: - type: String - - name: 'issuanceConfig' - type: String - description: | - The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. - If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. - Either issuanceConfig or dnsAuthorizations should be specificed, but not both. - - # when the certificate is created with issuanceConfig in the format "projects/{{project_id}}/locations/global/certificateIssuanceConfigs/{{CICName}}", the - # format changes in the response message to "projects/{{project_number}}/locations/global/certificateIssuanceConfigs/{{CICName}}". That causes the tests to fail - # that's why "tpgresource.CompareResourceNames" is needed. - immutable: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - - name: 'state' - type: String - description: | - A state of this Managed Certificate. - output: true - - name: 'provisioningIssue' - type: NestedObject - description: | - Information about issues with provisioning this Managed Certificate. - output: true - properties: - - name: 'reason' - type: String - description: | - Reason for provisioning failures. - output: true - - name: 'details' - type: String - description: | - Human readable explanation about the issue. Provided to help address - the configuration issues. - Not guaranteed to be stable. For programmatic access use `reason` field. - output: true - - name: 'authorizationAttemptInfo' - type: Array - description: | - Detailed state of the latest authorization attempt for each domain - specified for this Managed Certificate. - output: true - item_type: - type: NestedObject - properties: - - name: 'domain' - type: String - description: | - Domain name of the authorization attempt. - output: true - - name: 'state' - type: String - description: | - State of the domain for managed certificate issuance. - output: true - - name: 'failureReason' - type: String - description: | - Reason for failure of the authorization attempt for the domain. - output: true - - name: 'details' - type: String - description: | - Human readable explanation for reaching the state. Provided to help - address the configuration issues. - Not guaranteed to be stable. For programmatic access use `failure_reason` field. - output: true diff --git a/mmv1/products/certificatemanager/go_CertificateIssuanceConfig.yaml b/mmv1/products/certificatemanager/go_CertificateIssuanceConfig.yaml deleted file mode 100644 index db1ec306dab8..000000000000 --- a/mmv1/products/certificatemanager/go_CertificateIssuanceConfig.yaml +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CertificateIssuanceConfig' -description: | - Certificate represents a HTTP-reachable backend for a Certificate. -references: - guides: - 'Manage certificate issuance configs': 'https://cloud.google.com/certificate-manager/docs/issuance-configs' - api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificateIssuanceConfigs' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs' -create_url: 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs?certificateIssuanceConfigId={{name}}' -immutable: true -import_format: - - 'projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -schema_version: 1 -state_upgraders: true -examples: - - name: 'certificate_manager_certificate_issuance_config' - primary_resource_id: 'default' - vars: - ca_name: 'ca-authority' - pool_name: 'ca-pool' - issuance_config_name: 'issuance-config' -parameters: - - name: 'name' - type: String - description: | - A user-defined name of the certificate issuance config. - CertificateIssuanceConfig names must be unique globally. - url_param_only: true - required: true - - name: 'location' - type: String - description: | - The Certificate Manager location. If not specified, "global" is used. - url_param_only: true - immutable: true - default_value: "global" -properties: - - name: 'description' - type: String - description: | - One or more paragraphs of text description of a CertificateIssuanceConfig. - - name: 'rotationWindowPercentage' - type: Integer - description: | - It specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. - Must be a number between 1-99, inclusive. - You must set the rotation window percentage in relation to the certificate lifetime so that certificate renewal occurs at least 7 days after - the certificate has been issued and at least 7 days before it expires. - required: true - - name: 'keyAlgorithm' - type: Enum - description: | - Key algorithm to use when generating the private key. - required: true - enum_values: - - 'RSA_2048' - - 'ECDSA_P256' - - name: 'lifetime' - type: String - description: | - Lifetime of issued certificates. A duration in seconds with up to nine fractional digits, ending with 's'. - Example: "1814400s". Valid values are from 21 days (1814400s) to 30 days (2592000s) - required: true - - name: 'createTime' - type: String - description: | - The creation timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, - accurate to nanoseconds with up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: Time - description: | - The last update timestamp of a CertificateIssuanceConfig. Timestamp is in RFC3339 UTC "Zulu" format, - accurate to nanoseconds with up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'labels' - type: KeyValueLabels - description: | - 'Set of label tags associated with the CertificateIssuanceConfig resource. - An object containing a list of "key": value pairs. Example: { "name": "wrench", "count": "3" }. - - name: 'certificateAuthorityConfig' - type: NestedObject - description: | - The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc. - required: true - properties: - - name: 'certificateAuthorityServiceConfig' - type: NestedObject - description: Defines a CertificateAuthorityServiceConfig. - properties: - - name: 'caPool' - type: String - description: | - A CA pool resource used to issue a certificate. - The CA pool string has a relative resource path following the form - "projects/{project}/locations/{location}/caPools/{caPool}". - required: true - diff_suppress_func: 'tpgresource.CompareResourceNames' diff --git a/mmv1/products/certificatemanager/go_CertificateMap.yaml b/mmv1/products/certificatemanager/go_CertificateMap.yaml deleted file mode 100644 index 48d4ac7d859b..000000000000 --- a/mmv1/products/certificatemanager/go_CertificateMap.yaml +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CertificateMap' -description: | - CertificateMap defines a collection of certificate configurations, - which are usable by any associated target proxies -docs: -base_url: 'projects/{{project}}/locations/global/certificateMaps' -self_link: 'projects/{{project}}/locations/global/certificateMaps/{{name}}' -create_url: 'projects/{{project}}/locations/global/certificateMaps?certificateMapId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/global/certificateMaps/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'certificate_manager_certificate_map_basic' - primary_resource_id: 'default' - vars: - cert_map_name: 'cert-map' -parameters: - - name: 'name' - type: String - description: | - A user-defined name of the Certificate Map. Certificate Map names must be unique - globally and match the pattern `projects/*/locations/*/certificateMaps/*`. - url_param_only: true - required: true - immutable: true -properties: - - name: 'description' - type: String - description: | - A human-readable description of the resource. - - name: 'createTime' - type: String - description: | - Creation timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, - accurate to nanoseconds with up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: Time - description: | - Update timestamp of a Certificate Map. Timestamp is in RFC3339 UTC "Zulu" format, - accurate to nanoseconds with up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Set of labels associated with a Certificate Map resource. - - name: 'gclbTargets' - type: Array - description: | - A list of target proxies that use this Certificate Map - output: true - item_type: - type: NestedObject - properties: - - name: 'ipConfigs' - type: Array - description: | - An IP configuration where this Certificate Map is serving - item_type: - type: NestedObject - properties: - - name: 'ipAddress' - type: String - description: | - An external IP address - - name: 'ports' - type: Array - description: | - A list of ports - item_type: - type: Integer - - name: 'targetHttpsProxy' - type: String - description: | - Proxy name must be in the format projects/*/locations/*/targetHttpsProxies/*. - This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or - `targetSslProxy` may be set. - - name: 'targetSslProxy' - type: String - description: | - Proxy name must be in the format projects/*/locations/*/targetSslProxies/*. - This field is part of a union field `target_proxy`: Only one of `targetHttpsProxy` or - `targetSslProxy` may be set. diff --git a/mmv1/products/certificatemanager/go_CertificateMapEntry.yaml b/mmv1/products/certificatemanager/go_CertificateMapEntry.yaml deleted file mode 100644 index 94217838ffd0..000000000000 --- a/mmv1/products/certificatemanager/go_CertificateMapEntry.yaml +++ /dev/null @@ -1,133 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CertificateMapEntry' -description: | - CertificateMapEntry is a list of certificate configurations, - that have been issued for a particular hostname -docs: -base_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries' -self_link: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}' -create_url: 'projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries?certificateMapEntryId={{name}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'certificate_manager_certificate_map_entry_full' - primary_resource_id: 'default' - vars: - dns_auth_name: 'dns-auth' - dns_auth_subdomain: 'subdomain' - dns_auth_name2: 'dns-auth2' - dns_auth_subdomain2: 'subdomain2' - cert_map_entry_name: 'cert-map-entry' -parameters: - - name: 'name' - type: String - description: | - A user-defined name of the Certificate Map Entry. Certificate Map Entry - names must be unique globally and match pattern - 'projects/*/locations/*/certificateMaps/*/certificateMapEntries/*' - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - - name: 'map' - type: ResourceRef - description: | - A map entry that is inputted into the cetrificate map - url_param_only: true - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - resource: 'CertificateMap' - imports: 'name' -properties: - - name: 'description' - type: String - description: | - A human-readable description of the resource. - - name: 'createTime' - type: String - description: | - Creation timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, - with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: Time - description: | - Update timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format, - with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Set of labels associated with a Certificate Map Entry. - An object containing a list of "key": value pairs. - Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - name: 'certificates' - type: Array - description: | - A set of Certificates defines for the given hostname. - There can be defined up to fifteen certificates in each Certificate Map Entry. - Each certificate must match pattern projects/*/locations/*/certificates/*. - required: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - item_type: - type: String - - name: 'state' - type: String - description: | - A serving state of this Certificate Map Entry. - output: true - - name: 'hostname' - type: String - description: | - A Hostname (FQDN, e.g. example.com) or a wildcard hostname expression (*.example.com) - for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for - selecting a proper certificate. - immutable: true - exactly_one_of: - - 'hostname' - - 'matcher' - - name: 'matcher' - type: String - description: | - A predefined matcher for particular cases, other than SNI selection - immutable: true - exactly_one_of: - - 'hostname' - - 'matcher' diff --git a/mmv1/products/certificatemanager/go_DnsAuthorization.yaml b/mmv1/products/certificatemanager/go_DnsAuthorization.yaml deleted file mode 100644 index 8923a5e2ed55..000000000000 --- a/mmv1/products/certificatemanager/go_DnsAuthorization.yaml +++ /dev/null @@ -1,134 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DnsAuthorization' -description: | - DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. -docs: -base_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations' -self_link: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/dnsAuthorizations?dnsAuthorizationId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -schema_version: 1 -state_upgraders: true -examples: - - name: 'certificate_manager_dns_authorization_basic' - primary_resource_id: 'default' - vars: - dns_auth_name: 'dns-auth' - zone_name: 'my-zone' - subdomain: 'subdomain' - - name: 'certificate_manager_dns_authorization_regional' - primary_resource_id: 'default' - vars: - dns_auth_name: 'dns-auth' - zone_name: 'my-zone' - subdomain: 'subdomain' -parameters: - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is created. - The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, - and all following characters must be a dash, underscore, letter or digit. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The Certificate Manager location. If not specified, "global" is used. - url_param_only: true - immutable: true - default_value: "global" -properties: - - name: 'description' - type: String - description: | - A human-readable description of the resource. - - name: 'labels' - type: KeyValueLabels - description: - 'Set of label tags associated with the DNS Authorization resource.' - - name: 'domain' - type: String - description: | - A domain which is being authorized. A DnsAuthorization resource covers a - single domain and its wildcard, e.g. authorization for "example.com" can - be used to issue certificates for "example.com" and "*.example.com". - required: true - immutable: true - - name: 'type' - type: Enum - description: | - type of DNS authorization. If unset during the resource creation, FIXED_RECORD will - be used for global resources, and PER_PROJECT_RECORD will be used for other locations. - - FIXED_RECORD DNS authorization uses DNS-01 validation method - - PER_PROJECT_RECORD DNS authorization allows for independent management - of Google-managed certificates with DNS authorization across multiple - projects. - immutable: true - default_from_api: true - enum_values: - - 'FIXED_RECORD' - - 'PER_PROJECT_RECORD' - - name: 'dnsResourceRecord' - type: NestedObject - description: | - The structure describing the DNS Resource Record that needs to be added - to DNS configuration for the authorization to be usable by - certificate. - output: true - properties: - - name: 'name' - type: String - description: | - Fully qualified name of the DNS Resource Record. - E.g. `_acme-challenge.example.com`. - output: true - - name: 'type' - type: String - description: | - Type of the DNS Resource Record. - output: true - - name: 'data' - type: String - description: | - Data of the DNS Resource Record. - output: true diff --git a/mmv1/products/certificatemanager/go_TrustConfig.yaml b/mmv1/products/certificatemanager/go_TrustConfig.yaml deleted file mode 100644 index f811963ba005..000000000000 --- a/mmv1/products/certificatemanager/go_TrustConfig.yaml +++ /dev/null @@ -1,145 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TrustConfig' -description: | - TrustConfig represents a resource that represents your Public Key Infrastructure (PKI) configuration in Certificate Manager for use in mutual TLS authentication scenarios. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/certificate-manager/docs' - api: 'https://cloud.google.com/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.trustConfigs/create' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/trustConfigs' -self_link: 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/trustConfigs?trustConfigId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{location}}/trustConfigs/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'certificate_manager_trust_config' - primary_resource_id: 'default' - vars: - trust_config_name: 'trust-config' - - name: 'certificate_manager_trust_config_allowlisted_certificates' - primary_resource_id: 'default' - vars: - trust_config_name: 'trust-config' -parameters: - - name: 'name' - type: String - description: | - A user-defined name of the trust config. Trust config names must be unique globally. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The trust config location. - url_param_only: true - required: true - immutable: true -properties: - - name: 'createTime' - type: Time - description: | - The creation timestamp of a TrustConfig. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'updateTime' - type: Time - description: | - The last update timestamp of a TrustConfig. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'labels' - type: KeyValueLabels - description: 'Set of label tags associated with the trust config.' - - name: 'description' - type: String - description: | - One or more paragraphs of text description of a trust config. - - name: 'trustStores' - type: Array - description: | - Set of trust stores to perform validation against. - This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. - item_type: - type: NestedObject - properties: - - name: 'trustAnchors' - type: Array - description: | - List of Trust Anchors to be used while performing validation against a given TrustStore. - item_type: - type: NestedObject - properties: - - name: 'pemCertificate' - type: String - description: | - PEM root certificate of the PKI used for validation. - Each certificate provided in PEM format may occupy up to 5kB. - sensitive: true - - name: 'intermediateCas' - type: Array - description: | - Set of intermediate CA certificates used for the path building phase of chain validation. - The field is currently not supported if trust config is used for the workload certificate feature. - item_type: - type: NestedObject - properties: - - name: 'pemCertificate' - type: String - description: | - PEM intermediate certificate used for building up paths for validation. - Each certificate provided in PEM format may occupy up to 5kB. - sensitive: true - - name: 'allowlistedCertificates' - type: Array - description: | - Allowlisted PEM-encoded certificates. A certificate matching an allowlisted certificate is always considered valid as long as - the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met. - item_type: - type: NestedObject - properties: - - name: 'pemCertificate' - type: String - description: | - PEM certificate that is allowlisted. The certificate can be up to 5k bytes, and must be a parseable X.509 certificate. - required: true diff --git a/mmv1/products/certificatemanager/go_product.yaml b/mmv1/products/certificatemanager/go_product.yaml deleted file mode 100644 index 0644d2acd76a..000000000000 --- a/mmv1/products/certificatemanager/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CertificateManager' -display_name: 'Certificate manager' -versions: - - name: 'beta' - base_url: 'https://certificatemanager.googleapis.com/v1/' - - name: 'ga' - base_url: 'https://certificatemanager.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/certificatemanager/product.yaml b/mmv1/products/certificatemanager/product.yaml index f147b0e1a1a7..2c0d7838a7bd 100644 --- a/mmv1/products/certificatemanager/product.yaml +++ b/mmv1/products/certificatemanager/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2021 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CertificateManager +--- +name: 'CertificateManager' +display_name: 'Certificate manager' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://certificatemanager.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://certificatemanager.googleapis.com/v1/ + - name: 'beta' + base_url: 'https://certificatemanager.googleapis.com/v1/' + - name: 'ga' + base_url: 'https://certificatemanager.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-identity + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/cloudasset/FolderFeed.yaml b/mmv1/products/cloudasset/FolderFeed.yaml index f3d374771518..6e544f09493e 100644 --- a/mmv1/products/cloudasset/FolderFeed.yaml +++ b/mmv1/products/cloudasset/FolderFeed.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,119 +11,125 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: FolderFeed -base_url: folders/{{folder_id}}/feeds -create_url: folders/{{folder_id}}/feeds?feedId={{feed_id}} -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true -collection_url_key: 'feeds' +--- +name: 'FolderFeed' description: | Describes a Cloud Asset Inventory feed used to to listen to asset updates. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +docs: +base_url: 'folders/{{folder_id}}/feeds' +self_link: '{{name}}' +create_url: 'folders/{{folder_id}}/feeds?feedId={{feed_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'feeds' +custom_code: + encoder: 'templates/terraform/encoders/cloud_asset_feed.go.tmpl' + pre_create: 'templates/terraform/pre_create/cloud_asset_feed.go.tmpl' + post_create: 'templates/terraform/post_create/cloud_asset_feed.go.tmpl' + custom_import: 'templates/terraform/custom_import/cloud_asset_feed.go.tmpl' supports_indirect_user_project_override: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/cloud_asset_feed.go.erb - post_create: templates/terraform/post_create/cloud_asset_feed.go.erb - custom_import: templates/terraform/custom_import/cloud_asset_feed.go.erb - encoder: templates/terraform/encoders/cloud_asset_feed.go.erb examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_asset_folder_feed' + - name: 'cloud_asset_folder_feed' primary_resource_id: 'folder_feed' vars: feed_id: 'network-updates' folder_name: 'Networking' test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID + project: 'PROJECT_NAME' + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::String - name: folder - required: true - immutable: true - url_param_only: true + - name: 'folder' + type: String description: | The folder this feed should be created in. -properties: - - !ruby/object:Api::Type::String - name: billing_project + url_param_only: true required: true immutable: true - url_param_only: true +properties: + - name: 'billing_project' + type: String description: | The project whose identity will be used when sending messages to the destination pubsub topic. It also specifies the project for API enablement check, quota, and billing. - - !ruby/object:Api::Type::String - name: folder_id - output: true + url_param_only: true + required: true + immutable: true + - name: 'folder_id' + type: String description: | The ID of the folder where this feed has been created. Both [FOLDER_NUMBER] and folders/[FOLDER_NUMBER] are accepted. - - !ruby/object:Api::Type::String - name: name output: true + - name: 'name' + type: String description: | The format will be folders/{folder_number}/feeds/{client-assigned_feed_identifier}. - - !ruby/object:Api::Type::String - name: feedId + output: true + - name: 'feedId' + type: String description: | This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Array - name: assetNames - item_type: Api::Type::String + - name: 'assetNames' + type: Array description: | A list of the full names of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. - - !ruby/object:Api::Type::Array - name: assetTypes - item_type: Api::Type::String + item_type: + type: String + - name: 'assetTypes' + type: Array description: | A list of types of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: "compute.googleapis.com/Disk" See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all supported asset types. - - !ruby/object:Api::Type::Enum - name: contentType + item_type: + type: String + - name: 'contentType' + type: Enum description: | Asset content type. If not specified, no content but the asset name and type will be returned. - values: - - :CONTENT_TYPE_UNSPECIFIED - - :RESOURCE - - :IAM_POLICY - - :ORG_POLICY - - :OS_INVENTORY - - :ACCESS_POLICY - - !ruby/object:Api::Type::NestedObject - name: feedOutputConfig - required: true + enum_values: + - 'CONTENT_TYPE_UNSPECIFIED' + - 'RESOURCE' + - 'IAM_POLICY' + - 'ORG_POLICY' + - 'OS_INVENTORY' + - 'ACCESS_POLICY' + - name: 'feedOutputConfig' + type: NestedObject description: | Output configuration for asset feed destination. + required: true properties: - - !ruby/object:Api::Type::NestedObject - name: pubsubDestination - required: true + - name: 'pubsubDestination' + type: NestedObject description: | Destination on Cloud Pubsub. + required: true properties: - - !ruby/object:Api::Type::String - name: topic - required: true + - name: 'topic' + type: String description: | Destination on Cloud Pubsub topic. - - !ruby/object:Api::Type::NestedObject - name: condition + required: true + - name: 'condition' + type: NestedObject description: | A condition which determines whether an asset update should be published. If specified, an asset will be returned only when the expression evaluates to true. When set, expression field @@ -131,23 +137,23 @@ properties: expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of condition are optional. properties: - - !ruby/object:Api::Type::String - name: expression - required: true + - name: 'expression' + type: String description: | Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: title + required: true + - name: 'title' + type: String description: | Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. diff --git a/mmv1/products/cloudasset/OrganizationFeed.yaml b/mmv1/products/cloudasset/OrganizationFeed.yaml index 3d810e0c9618..611b22c4287e 100644 --- a/mmv1/products/cloudasset/OrganizationFeed.yaml +++ b/mmv1/products/cloudasset/OrganizationFeed.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,112 +11,118 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: OrganizationFeed -base_url: 'organizations/{{org_id}}/feeds' -create_url: 'organizations/{{org_id}}/feeds?feedId={{feed_id}}' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true -collection_url_key: 'feeds' +--- +name: 'OrganizationFeed' description: | Describes a Cloud Asset Inventory feed used to to listen to asset updates. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' +docs: +base_url: 'organizations/{{org_id}}/feeds' +self_link: '{{name}}' +create_url: 'organizations/{{org_id}}/feeds?feedId={{feed_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'feeds' +custom_code: + encoder: 'templates/terraform/encoders/cloud_asset_feed.go.tmpl' + pre_create: 'templates/terraform/pre_create/cloud_asset_feed.go.tmpl' + post_create: 'templates/terraform/post_create/cloud_asset_feed.go.tmpl' + custom_import: 'templates/terraform/custom_import/cloud_asset_feed.go.tmpl' supports_indirect_user_project_override: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/cloud_asset_feed.go.erb - post_create: templates/terraform/post_create/cloud_asset_feed.go.erb - custom_import: templates/terraform/custom_import/cloud_asset_feed.go.erb - encoder: templates/terraform/encoders/cloud_asset_feed.go.erb examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_asset_organization_feed' + - name: 'cloud_asset_organization_feed' primary_resource_id: 'organization_feed' vars: feed_id: 'network-updates' test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID + project: 'PROJECT_NAME' + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::String - name: org_id - required: true - immutable: true - url_param_only: true + - name: 'org_id' + type: String description: | The organization this feed should be created in. -properties: - - !ruby/object:Api::Type::String - name: billing_project + url_param_only: true required: true immutable: true - url_param_only: true +properties: + - name: 'billing_project' + type: String description: | The project whose identity will be used when sending messages to the destination pubsub topic. It also specifies the project for API enablement check, quota, and billing. - - !ruby/object:Api::Type::String - name: name - output: true + url_param_only: true + required: true + immutable: true + - name: 'name' + type: String description: | The format will be organizations/{organization_number}/feeds/{client-assigned_feed_identifier}. - - !ruby/object:Api::Type::String - name: feedId + output: true + - name: 'feedId' + type: String description: | This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Array - name: assetNames - item_type: Api::Type::String + - name: 'assetNames' + type: Array description: | A list of the full names of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. - - !ruby/object:Api::Type::Array - name: assetTypes - item_type: Api::Type::String + item_type: + type: String + - name: 'assetTypes' + type: Array description: | A list of types of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: "compute.googleapis.com/Disk" See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all supported asset types. - - !ruby/object:Api::Type::Enum - name: contentType + item_type: + type: String + - name: 'contentType' + type: Enum description: | Asset content type. If not specified, no content but the asset name and type will be returned. - values: - - :CONTENT_TYPE_UNSPECIFIED - - :RESOURCE - - :IAM_POLICY - - :ORG_POLICY - - :OS_INVENTORY - - :ACCESS_POLICY - - !ruby/object:Api::Type::NestedObject - name: feedOutputConfig - required: true + enum_values: + - 'CONTENT_TYPE_UNSPECIFIED' + - 'RESOURCE' + - 'IAM_POLICY' + - 'ORG_POLICY' + - 'OS_INVENTORY' + - 'ACCESS_POLICY' + - name: 'feedOutputConfig' + type: NestedObject description: | Output configuration for asset feed destination. + required: true properties: - - !ruby/object:Api::Type::NestedObject - name: pubsubDestination - required: true + - name: 'pubsubDestination' + type: NestedObject description: | Destination on Cloud Pubsub. + required: true properties: - - !ruby/object:Api::Type::String - name: topic - required: true + - name: 'topic' + type: String description: | Destination on Cloud Pubsub topic. - - !ruby/object:Api::Type::NestedObject - name: condition + required: true + - name: 'condition' + type: NestedObject description: | A condition which determines whether an asset update should be published. If specified, an asset will be returned only when the expression evaluates to true. When set, expression field @@ -124,23 +130,23 @@ properties: expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of condition are optional. properties: - - !ruby/object:Api::Type::String - name: expression - required: true + - name: 'expression' + type: String description: | Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: title + required: true + - name: 'title' + type: String description: | Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. diff --git a/mmv1/products/cloudasset/ProjectFeed.yaml b/mmv1/products/cloudasset/ProjectFeed.yaml index 415898be8d58..33c1362a14d1 100644 --- a/mmv1/products/cloudasset/ProjectFeed.yaml +++ b/mmv1/products/cloudasset/ProjectFeed.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,102 +11,109 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: ProjectFeed -base_url: projects/{{project}}/feeds -create_url: projects/{{project}}/feeds?feedId={{feed_id}} -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true -collection_url_key: 'feeds' +--- +name: 'ProjectFeed' description: | Describes a Cloud Asset Inventory feed used to to listen to asset updates. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/cloud_asset_feed.go.erb - post_create: templates/terraform/post_create/cloud_asset_feed.go.erb - custom_import: templates/terraform/custom_import/cloud_asset_feed.go.erb - encoder: templates/terraform/encoders/cloud_asset_feed.go.erb +docs: +base_url: 'projects/{{project}}/feeds' +self_link: '{{name}}' +create_url: 'projects/{{project}}/feeds?feedId={{feed_id}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'feeds' +custom_code: + encoder: 'templates/terraform/encoders/cloud_asset_feed.go.tmpl' + pre_create: 'templates/terraform/pre_create/cloud_asset_feed.go.tmpl' + post_create: 'templates/terraform/post_create/cloud_asset_feed.go.tmpl' + custom_import: 'templates/terraform/custom_import/cloud_asset_feed.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_asset_project_feed' + - name: 'cloud_asset_project_feed' primary_resource_id: 'project_feed' vars: feed_id: 'network-updates' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' +parameters: properties: - - !ruby/object:Api::Type::String - name: billing_project - url_param_only: true - immutable: true + - name: 'billing_project' + type: String description: | The project whose identity will be used when sending messages to the destination pubsub topic. It also specifies the project for API enablement check, quota, and billing. If not specified, the resource's project will be used. - - !ruby/object:Api::Type::String - name: name - output: true + url_param_only: true + immutable: true + - name: 'name' + type: String description: | The format will be projects/{projectNumber}/feeds/{client-assigned_feed_identifier}. - - !ruby/object:Api::Type::String - name: feedId + output: true + - name: 'feedId' + type: String description: | This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Array - name: assetNames - item_type: Api::Type::String + - name: 'assetNames' + type: Array description: | A list of the full names of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. - - !ruby/object:Api::Type::Array - name: assetTypes - item_type: Api::Type::String + item_type: + type: String + - name: 'assetTypes' + type: Array description: | A list of types of the assets to receive updates. You must specify either or both of assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to the feed. For example: "compute.googleapis.com/Disk" See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all supported asset types. - - !ruby/object:Api::Type::Enum - name: contentType + item_type: + type: String + - name: 'contentType' + type: Enum description: | Asset content type. If not specified, no content but the asset name and type will be returned. - values: - - :CONTENT_TYPE_UNSPECIFIED - - :RESOURCE - - :IAM_POLICY - - :ORG_POLICY - - :OS_INVENTORY - - :ACCESS_POLICY - - !ruby/object:Api::Type::NestedObject - name: feedOutputConfig - required: true + enum_values: + - 'CONTENT_TYPE_UNSPECIFIED' + - 'RESOURCE' + - 'IAM_POLICY' + - 'ORG_POLICY' + - 'OS_INVENTORY' + - 'ACCESS_POLICY' + - name: 'feedOutputConfig' + type: NestedObject description: | Output configuration for asset feed destination. + required: true properties: - - !ruby/object:Api::Type::NestedObject - name: pubsubDestination - required: true + - name: 'pubsubDestination' + type: NestedObject description: | Destination on Cloud Pubsub. + required: true properties: - - !ruby/object:Api::Type::String - name: topic - required: true + - name: 'topic' + type: String description: | Destination on Cloud Pubsub topic. - - !ruby/object:Api::Type::NestedObject - name: condition + required: true + - name: 'condition' + type: NestedObject description: | A condition which determines whether an asset update should be published. If specified, an asset will be returned only when the expression evaluates to true. When set, expression field @@ -114,23 +121,23 @@ properties: expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of condition are optional. properties: - - !ruby/object:Api::Type::String - name: expression - required: true + - name: 'expression' + type: String description: | Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: title + required: true + - name: 'title' + type: String description: | Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. diff --git a/mmv1/products/cloudasset/go_FolderFeed.yaml b/mmv1/products/cloudasset/go_FolderFeed.yaml deleted file mode 100644 index e5d6b0af1240..000000000000 --- a/mmv1/products/cloudasset/go_FolderFeed.yaml +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'FolderFeed' -description: | - Describes a Cloud Asset Inventory feed used to to listen to asset updates. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' - api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' -docs: -base_url: 'folders/{{folder_id}}/feeds' -self_link: '{{name}}' -create_url: 'folders/{{folder_id}}/feeds?feedId={{feed_id}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'feeds' -custom_code: - encoder: 'templates/terraform/encoders/go/cloud_asset_feed.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/cloud_asset_feed.go.tmpl' - post_create: 'templates/terraform/post_create/go/cloud_asset_feed.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/cloud_asset_feed.go.tmpl' -supports_indirect_user_project_override: true -examples: - - name: 'cloud_asset_folder_feed' - primary_resource_id: 'folder_feed' - vars: - feed_id: 'network-updates' - folder_name: 'Networking' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' -parameters: - - name: 'folder' - type: String - description: | - The folder this feed should be created in. - url_param_only: true - required: true - immutable: true -properties: - - name: 'billing_project' - type: String - description: | - The project whose identity will be used when sending messages to the - destination pubsub topic. It also specifies the project for API - enablement check, quota, and billing. - url_param_only: true - required: true - immutable: true - - name: 'folder_id' - type: String - description: | - The ID of the folder where this feed has been created. Both [FOLDER_NUMBER] - and folders/[FOLDER_NUMBER] are accepted. - output: true - - name: 'name' - type: String - description: | - The format will be folders/{folder_number}/feeds/{client-assigned_feed_identifier}. - output: true - - name: 'feedId' - type: String - description: | - This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. - url_param_only: true - required: true - immutable: true - - name: 'assetNames' - type: Array - description: | - A list of the full names of the assets to receive updates. You must specify either or both of - assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are - exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. - See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. - item_type: - type: String - - name: 'assetTypes' - type: Array - description: | - A list of types of the assets to receive updates. You must specify either or both of assetNames - and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to - the feed. For example: "compute.googleapis.com/Disk" - See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all - supported asset types. - item_type: - type: String - - name: 'contentType' - type: Enum - description: | - Asset content type. If not specified, no content but the asset name and type will be returned. - enum_values: - - 'CONTENT_TYPE_UNSPECIFIED' - - 'RESOURCE' - - 'IAM_POLICY' - - 'ORG_POLICY' - - 'OS_INVENTORY' - - 'ACCESS_POLICY' - - name: 'feedOutputConfig' - type: NestedObject - description: | - Output configuration for asset feed destination. - required: true - properties: - - name: 'pubsubDestination' - type: NestedObject - description: | - Destination on Cloud Pubsub. - required: true - properties: - - name: 'topic' - type: String - description: | - Destination on Cloud Pubsub topic. - required: true - - name: 'condition' - type: NestedObject - description: | - A condition which determines whether an asset update should be published. If specified, an asset - will be returned only when the expression evaluates to true. When set, expression field - must be a valid CEL expression on a TemporalAsset with name temporal_asset. Example: a Feed with - expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of - condition are optional. - properties: - - name: 'expression' - type: String - description: | - Textual representation of an expression in Common Expression Language syntax. - required: true - - name: 'title' - type: String - description: | - Title for the expression, i.e. a short string describing its purpose. - This can be used e.g. in UIs which allow to enter the expression. - - name: 'description' - type: String - description: | - Description of the expression. This is a longer text which describes the expression, - e.g. when hovered over it in a UI. - - name: 'location' - type: String - description: | - String indicating the location of the expression for error reporting, e.g. a file - name and a position in the file. diff --git a/mmv1/products/cloudasset/go_OrganizationFeed.yaml b/mmv1/products/cloudasset/go_OrganizationFeed.yaml deleted file mode 100644 index 0fa98ea528ab..000000000000 --- a/mmv1/products/cloudasset/go_OrganizationFeed.yaml +++ /dev/null @@ -1,153 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'OrganizationFeed' -description: | - Describes a Cloud Asset Inventory feed used to to listen to asset updates. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' - api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' -docs: -base_url: 'organizations/{{org_id}}/feeds' -self_link: '{{name}}' -create_url: 'organizations/{{org_id}}/feeds?feedId={{feed_id}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'feeds' -custom_code: - encoder: 'templates/terraform/encoders/go/cloud_asset_feed.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/cloud_asset_feed.go.tmpl' - post_create: 'templates/terraform/post_create/go/cloud_asset_feed.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/cloud_asset_feed.go.tmpl' -supports_indirect_user_project_override: true -examples: - - name: 'cloud_asset_organization_feed' - primary_resource_id: 'organization_feed' - vars: - feed_id: 'network-updates' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' -parameters: - - name: 'org_id' - type: String - description: | - The organization this feed should be created in. - url_param_only: true - required: true - immutable: true -properties: - - name: 'billing_project' - type: String - description: | - The project whose identity will be used when sending messages to the - destination pubsub topic. It also specifies the project for API - enablement check, quota, and billing. - url_param_only: true - required: true - immutable: true - - name: 'name' - type: String - description: | - The format will be organizations/{organization_number}/feeds/{client-assigned_feed_identifier}. - output: true - - name: 'feedId' - type: String - description: | - This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. - url_param_only: true - required: true - immutable: true - - name: 'assetNames' - type: Array - description: | - A list of the full names of the assets to receive updates. You must specify either or both of - assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are - exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. - See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. - item_type: - type: String - - name: 'assetTypes' - type: Array - description: | - A list of types of the assets to receive updates. You must specify either or both of assetNames - and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to - the feed. For example: "compute.googleapis.com/Disk" - See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all - supported asset types. - item_type: - type: String - - name: 'contentType' - type: Enum - description: | - Asset content type. If not specified, no content but the asset name and type will be returned. - enum_values: - - 'CONTENT_TYPE_UNSPECIFIED' - - 'RESOURCE' - - 'IAM_POLICY' - - 'ORG_POLICY' - - 'OS_INVENTORY' - - 'ACCESS_POLICY' - - name: 'feedOutputConfig' - type: NestedObject - description: | - Output configuration for asset feed destination. - required: true - properties: - - name: 'pubsubDestination' - type: NestedObject - description: | - Destination on Cloud Pubsub. - required: true - properties: - - name: 'topic' - type: String - description: | - Destination on Cloud Pubsub topic. - required: true - - name: 'condition' - type: NestedObject - description: | - A condition which determines whether an asset update should be published. If specified, an asset - will be returned only when the expression evaluates to true. When set, expression field - must be a valid CEL expression on a TemporalAsset with name temporal_asset. Example: a Feed with - expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of - condition are optional. - properties: - - name: 'expression' - type: String - description: | - Textual representation of an expression in Common Expression Language syntax. - required: true - - name: 'title' - type: String - description: | - Title for the expression, i.e. a short string describing its purpose. - This can be used e.g. in UIs which allow to enter the expression. - - name: 'description' - type: String - description: | - Description of the expression. This is a longer text which describes the expression, - e.g. when hovered over it in a UI. - - name: 'location' - type: String - description: | - String indicating the location of the expression for error reporting, e.g. a file - name and a position in the file. diff --git a/mmv1/products/cloudasset/go_ProjectFeed.yaml b/mmv1/products/cloudasset/go_ProjectFeed.yaml deleted file mode 100644 index 8880b642a71e..000000000000 --- a/mmv1/products/cloudasset/go_ProjectFeed.yaml +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ProjectFeed' -description: | - Describes a Cloud Asset Inventory feed used to to listen to asset updates. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/asset-inventory/docs' - api: 'https://cloud.google.com/asset-inventory/docs/reference/rest/' -docs: -base_url: 'projects/{{project}}/feeds' -self_link: '{{name}}' -create_url: 'projects/{{project}}/feeds?feedId={{feed_id}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'feeds' -custom_code: - encoder: 'templates/terraform/encoders/go/cloud_asset_feed.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/cloud_asset_feed.go.tmpl' - post_create: 'templates/terraform/post_create/go/cloud_asset_feed.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/cloud_asset_feed.go.tmpl' -examples: - - name: 'cloud_asset_project_feed' - primary_resource_id: 'project_feed' - vars: - feed_id: 'network-updates' - test_env_vars: - project: 'PROJECT_NAME' -parameters: -properties: - - name: 'billing_project' - type: String - description: | - The project whose identity will be used when sending messages to the - destination pubsub topic. It also specifies the project for API - enablement check, quota, and billing. If not specified, the resource's - project will be used. - url_param_only: true - immutable: true - - name: 'name' - type: String - description: | - The format will be projects/{projectNumber}/feeds/{client-assigned_feed_identifier}. - output: true - - name: 'feedId' - type: String - description: | - This is the client-assigned asset feed identifier and it needs to be unique under a specific parent. - url_param_only: true - required: true - immutable: true - - name: 'assetNames' - type: Array - description: | - A list of the full names of the assets to receive updates. You must specify either or both of - assetNames and assetTypes. Only asset updates matching specified assetNames and assetTypes are - exported to the feed. For example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. - See https://cloud.google.com/apis/design/resourceNames#fullResourceName for more info. - item_type: - type: String - - name: 'assetTypes' - type: Array - description: | - A list of types of the assets to receive updates. You must specify either or both of assetNames - and assetTypes. Only asset updates matching specified assetNames and assetTypes are exported to - the feed. For example: "compute.googleapis.com/Disk" - See https://cloud.google.com/asset-inventory/docs/supported-asset-types for a list of all - supported asset types. - item_type: - type: String - - name: 'contentType' - type: Enum - description: | - Asset content type. If not specified, no content but the asset name and type will be returned. - enum_values: - - 'CONTENT_TYPE_UNSPECIFIED' - - 'RESOURCE' - - 'IAM_POLICY' - - 'ORG_POLICY' - - 'OS_INVENTORY' - - 'ACCESS_POLICY' - - name: 'feedOutputConfig' - type: NestedObject - description: | - Output configuration for asset feed destination. - required: true - properties: - - name: 'pubsubDestination' - type: NestedObject - description: | - Destination on Cloud Pubsub. - required: true - properties: - - name: 'topic' - type: String - description: | - Destination on Cloud Pubsub topic. - required: true - - name: 'condition' - type: NestedObject - description: | - A condition which determines whether an asset update should be published. If specified, an asset - will be returned only when the expression evaluates to true. When set, expression field - must be a valid CEL expression on a TemporalAsset with name temporal_asset. Example: a Feed with - expression "temporal_asset.deleted == true" will only publish Asset deletions. Other fields of - condition are optional. - properties: - - name: 'expression' - type: String - description: | - Textual representation of an expression in Common Expression Language syntax. - required: true - - name: 'title' - type: String - description: | - Title for the expression, i.e. a short string describing its purpose. - This can be used e.g. in UIs which allow to enter the expression. - - name: 'description' - type: String - description: | - Description of the expression. This is a longer text which describes the expression, - e.g. when hovered over it in a UI. - - name: 'location' - type: String - description: | - String indicating the location of the expression for error reporting, e.g. a file - name and a position in the file. diff --git a/mmv1/products/cloudasset/go_product.yaml b/mmv1/products/cloudasset/go_product.yaml deleted file mode 100644 index 881677daefb0..000000000000 --- a/mmv1/products/cloudasset/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudAsset' -display_name: 'Cloud Asset Inventory' -versions: - - name: 'ga' - base_url: 'https://cloudasset.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudasset/product.yaml b/mmv1/products/cloudasset/product.yaml index 02ac179c5306..1c38a02751dc 100644 --- a/mmv1/products/cloudasset/product.yaml +++ b/mmv1/products/cloudasset/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,12 +10,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudAsset -display_name: Cloud Asset Inventory + +--- +name: 'CloudAsset' +display_name: 'Cloud Asset Inventory' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudasset.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://cloudasset.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudbuild/BitbucketServerConfig.yaml b/mmv1/products/cloudbuild/BitbucketServerConfig.yaml index bd8bdd316f70..7dc1b77f1d52 100644 --- a/mmv1/products/cloudbuild/BitbucketServerConfig.yaml +++ b/mmv1/products/cloudbuild/BitbucketServerConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,156 +11,155 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BitbucketServerConfig' -base_url: projects/{{project}}/locations/{{location}}/bitbucketServerConfigs -self_link: projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}} -create_url: projects/{{project}}/locations/{{location}}/bitbucketServerConfigs?bitbucketServerConfigId={{config_id}} -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + BitbucketServerConfig represents the configuration for a Bitbucket Server. +references: guides: 'Connect to a Bitbucket Server host': 'https://cloud.google.com/build/docs/automating-builds/bitbucket/connect-host-bitbucket-server' api: 'https://cloud.google.com/build/docs/api/reference/rest/v1/projects.locations.bitbucketServerConfigs' -description: | - BitbucketServerConfig represents the configuration for a Bitbucket Server. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs' +self_link: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs?bitbucketServerConfigId={{config_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -autogen_async: true -import_format: - - 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' -id_format: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' +custom_code: + encoder: 'templates/terraform/encoders/cloudbuild_bitbucketserver_config.go.tmpl' + post_create: 'templates/terraform/post_create/cloudbuild_bitbucketserver_config.go.tmpl' + pre_update: 'templates/terraform/pre_update/cloudbuild_bitbucketserver_config.go.tmpl' + post_update: 'templates/terraform/post_update/cloudbuild_bitbucketserver_config.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_bitbucket_server_config' + - name: 'cloudbuild_bitbucket_server_config' primary_resource_id: 'bbs-config' vars: config_id: 'bbs-config' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_bitbucket_server_config_repositories' + - name: 'cloudbuild_bitbucket_server_config_repositories' primary_resource_id: 'bbs-config-with-repos' vars: config_id: 'bbs-config' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_bitbucket_server_config_peered_network' + exclude_test: true + - name: 'cloudbuild_bitbucket_server_config_peered_network' primary_resource_id: 'bbs-config-with-peered-network' vars: config_id: 'bbs-config' network_name: 'vpc-network' global_address_name: 'private-ip-alloc' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/cloudbuild_bitbucketserver_config.go.erb - post_create: templates/terraform/post_create/cloudbuild_bitbucketserver_config.go.erb - pre_update: templates/terraform/pre_update/cloudbuild_bitbucketserver_config.go.erb - post_update: templates/terraform/post_update/cloudbuild_bitbucketserver_config.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'config_id' - required: true - url_param_only: true - immutable: true + - name: 'config_id' + type: String description: | The ID to use for the BitbucketServerConfig, which will become the final component of the BitbucketServerConfig's resource name. - - !ruby/object:Api::Type::String - name: 'location' url_param_only: true - immutable: true required: true + immutable: true + - name: 'location' + type: String description: | The location of this bitbucket server config. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The resource name for the config. - - !ruby/object:Api::Type::String - name: 'hostUri' - required: true + output: true + - name: 'hostUri' + type: String description: | Immutable. The URI of the Bitbucket Server host. Once this field has been set, it cannot be changed. If you need to change it, please create another BitbucketServerConfig. - - !ruby/object:Api::Type::NestedObject - name: 'secrets' required: true + - name: 'secrets' + type: NestedObject description: | Secret Manager secrets needed by the config. + required: true properties: - - !ruby/object:Api::Type::String - name: 'adminAccessTokenVersionName' - required: true + - name: 'adminAccessTokenVersionName' + type: String description: | The resource name for the admin access token's secret version. - - !ruby/object:Api::Type::String - name: 'readAccessTokenVersionName' required: true + - name: 'readAccessTokenVersionName' + type: String description: | The resource name for the read access token's secret version. - - !ruby/object:Api::Type::String - name: 'webhookSecretVersionName' required: true - immutable: true + - name: 'webhookSecretVersionName' + type: String description: | Immutable. The resource name for the webhook secret's secret version. Once this field has been set, it cannot be changed. Changing this field will result in deleting/ recreating the resource. - - !ruby/object:Api::Type::String - name: 'username' - required: true + required: true + immutable: true + - name: 'username' + type: String description: | Username of the account Cloud Build will use on Bitbucket Server. - - !ruby/object:Api::Type::String - name: 'webhookKey' - output: true + required: true + - name: 'webhookKey' + type: String description: | Output only. UUID included in webhook requests. The UUID is used to look up the corresponding config. - - !ruby/object:Api::Type::String - name: 'apiKey' - required: true - immutable: true + output: true + - name: 'apiKey' + type: String description: | Immutable. API Key that will be attached to webhook. Once this field has been set, it cannot be changed. Changing this field will result in deleting/ recreating the resource. - - !ruby/object:Api::Type::Array - name: 'connectedRepositories' + required: true + immutable: true + - name: 'connectedRepositories' + type: Array description: | Connected Bitbucket Server repositories for this config. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'projectKey' - required: true + - name: 'projectKey' + type: String description: | Identifier for the project storing the repository. - - !ruby/object:Api::Type::String - name: 'repoSlug' required: true + - name: 'repoSlug' + type: String description: | Identifier for the repository. - - !ruby/object:Api::Type::String - name: 'peeredNetwork' + required: true + - name: 'peeredNetwork' + type: String description: | The network to be used when reaching out to the Bitbucket Server instance. The VPC network must be enabled for private service connection. This should be set if the Bitbucket Server instance is hosted on-premises and not reachable by public internet. If this field is left empty, no network peering will occur and calls to the Bitbucket Server instance will be made over the public internet. Must be in the format projects/{project}/global/networks/{network}, where {project} is a project number or id and {network} is the name of a VPC network in the project. - - !ruby/object:Api::Type::String - name: 'sslCa' + - name: 'sslCa' + type: String description: | SSL certificate to use for requests to Bitbucket Server. The format should be PEM format but the extension can be one of .pem, .cer, or .crt. diff --git a/mmv1/products/cloudbuild/Trigger.yaml b/mmv1/products/cloudbuild/Trigger.yaml index a5690563b5db..9297f0831d34 100644 --- a/mmv1/products/cloudbuild/Trigger.yaml +++ b/mmv1/products/cloudbuild/Trigger.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,179 +11,166 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Trigger' -base_url: projects/{{project}}/locations/{{location}}/triggers -self_link: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' -update_verb: :PATCH -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + Configuration for an automated build in response to source repository changes. +references: guides: 'Automating builds using build triggers': 'https://cloud.google.com/cloud-build/docs/running-builds/automate-builds' api: 'https://cloud.google.com/cloud-build/docs/api/reference/rest/v1/projects.triggers' -description: | - Configuration for an automated build in response to source repository changes. -docs: !ruby/object:Provider::Terraform::Docs +docs: note: | You can retrieve the email of the Cloud Build Service Account used in jobs by using the `google_project_service_identity` resource. +# For global triggers, the id format is changed to projects/{{project}}/triggers/{{trigger_id}} via code overrides. +id_format: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/triggers' +self_link: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +update_verb: 'PATCH' # import by default only works with old-style self links ending in a name import_format: - 'projects/{{project}}/triggers/{{trigger_id}}' - 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' -# For global triggers, the id format is changed to projects/{{project}}/triggers/{{trigger_id}} via code overrides. -id_format: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/cloudbuild_trigger.tmpl' + post_create: 'templates/terraform/post_create/cloudbuild_trigger_id.go.tmpl' + pre_read: 'templates/terraform/pre_read/cloudbuild_trigger.go.tmpl' + pre_update: 'templates/terraform/pre_update/cloudbuild_trigger.go.tmpl' + post_import: 'templates/terraform/post_import/cloudbuild_trigger.go.tmpl' +custom_diff: + - 'stepTimeoutCustomizeDiff' schema_version: 2 state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_filename' + - name: 'cloudbuild_trigger_filename' primary_resource_id: 'filename-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_build' + - name: 'cloudbuild_trigger_build' primary_resource_id: 'build-trigger' vars: cloudbuild_trigger_name: 'my-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_service_account' + - name: 'cloudbuild_trigger_service_account' primary_resource_id: 'service-account-trigger' vars: sa_name: 'cloud-sa' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_include_build_logs' + - name: 'cloudbuild_trigger_include_build_logs' primary_resource_id: 'include-build-logs-trigger' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_pubsub_config' + exclude_test: true + - name: 'cloudbuild_trigger_pubsub_config' primary_resource_id: 'pubsub-config-trigger' vars: pubsub_topic_name: 'my-topic' cloudbuild_trigger_name: 'pubsub-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_webhook_config' + - name: 'cloudbuild_trigger_webhook_config' primary_resource_id: 'webhook-config-trigger' vars: cloudbuild_trigger_name: 'webhook-trigger' - secret_id: "webhook-trigger-secret-key" - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_manual' + secret_id: 'webhook-trigger-secret-key' + - name: 'cloudbuild_trigger_manual' primary_resource_id: 'manual-trigger' vars: cloudbuild_trigger_name: 'manual-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_manual_github_enterprise' + - name: 'cloudbuild_trigger_manual_github_enterprise' primary_resource_id: 'manual-ghe-trigger' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_manual_bitbucket_server' + exclude_test: true + - name: 'cloudbuild_trigger_manual_bitbucket_server' primary_resource_id: 'manual-bitbucket-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_repo' + - name: 'cloudbuild_trigger_repo' primary_resource_id: 'repo-trigger' vars: installation_id: '123123' pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' repo_uri: 'https://github.com/myuser/my-repo.git' - cloudbuildv2_connection_name: "my-connection" - cloudbuildv2_repo_name: "my-repo" + cloudbuildv2_connection_name: 'my-connection' + cloudbuildv2_repo_name: 'my-repo' test_vars_overrides: - installation_id: 31300675 - pat_secret: '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' - repo_uri: '"https://github.com/gcb-repos-robot/tf-demo.git"' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_bitbucket_server_push' + 'installation_id': '31300675' + 'pat_secret': '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' + 'repo_uri': '"https://github.com/gcb-repos-robot/tf-demo.git"' + - name: 'cloudbuild_trigger_bitbucket_server_push' primary_resource_id: 'bbs-push-trigger' vars: cloudbuild_trigger_name: 'bbs-push-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_bitbucket_server_pull_request' + - name: 'cloudbuild_trigger_bitbucket_server_pull_request' primary_resource_id: 'bbs-pull-request-trigger' vars: cloudbuild_trigger_name: 'ghe-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_github_enterprise' + - name: 'cloudbuild_trigger_github_enterprise' primary_resource_id: 'ghe-trigger' vars: cloudbuild_trigger_name: 'ghe-trigger' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_allow_failure' + exclude_test: true + - name: 'cloudbuild_trigger_allow_failure' primary_resource_id: 'allow-failure-trigger' vars: cloudbuild_trigger_name: 'my-trigger' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuild_trigger_allow_exit_codes' + - name: 'cloudbuild_trigger_allow_exit_codes' primary_resource_id: 'allow-exit-codes-trigger' vars: cloudbuild_trigger_name: 'my-trigger' - - !ruby/object:Provider::Terraform::Examples - name: "cloudbuild_trigger_pubsub_with_repo" - primary_resource_id: "pubsub-with-repo-trigger" + - name: 'cloudbuild_trigger_pubsub_with_repo' + primary_resource_id: 'pubsub-with-repo-trigger' vars: - installation_id: "123123" - pat_secret: "projects/my-project/secrets/github-pat-secret/versions/latest" - repo_uri: "https://github.com/myuser/my-repo.git" - cloudbuildv2_connection_name: "my-connection" - cloudbuildv2_repo_name: "my-repo" - pubsub_topic_name: "my-topic" - cloudbuild_trigger_name: "pubsub-with-repo-trigger" + installation_id: '123123' + pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' + repo_uri: 'https://github.com/myuser/my-repo.git' + cloudbuildv2_connection_name: 'my-connection' + cloudbuildv2_repo_name: 'my-repo' + pubsub_topic_name: 'my-topic' + cloudbuild_trigger_name: 'pubsub-with-repo-trigger' test_vars_overrides: - installation_id: 31300675 - pat_secret: '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' - repo_uri: '"https://github.com/gcb-repos-robot/tf-demo.git"' - -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_read: templates/terraform/pre_read/cloudbuild_trigger.go.erb - post_create: templates/terraform/post_create/cloudbuild_trigger_id.go.erb - post_import: templates/terraform/post_import/cloudbuild_trigger.go.erb - pre_update: templates/terraform/pre_update/cloudbuild_trigger.go.erb - constants: templates/terraform/constants/cloudbuild_trigger.erb -custom_diff: [ - 'stepTimeoutCustomizeDiff', -] + 'installation_id': '31300675' + 'pat_secret': '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' + 'repo_uri': '"https://github.com/gcb-repos-robot/tf-demo.git"' parameters: - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The [Cloud Build location](https://cloud.google.com/build/docs/locations) for the trigger. If not specified, "global" is used. - default_value: global - immutable: true url_param_only: true + immutable: true + default_value: "global" properties: - - !ruby/object:Api::Type::String - name: 'trigger_id' - api_name: 'id' + - name: 'trigger_id' + type: String description: | The unique identifier for the trigger. + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the trigger. Must be unique within the project. default_from_api: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Human-readable description of the trigger. - - !ruby/object:Api::Type::Array - name: 'tags' - item_type: Api::Type::String + - name: 'tags' + type: Array description: | Tags for annotation of a BuildTrigger - - !ruby/object:Api::Type::Boolean - name: 'disabled' + item_type: + type: String + - name: 'disabled' + type: Boolean description: | Whether the trigger is disabled or not. If true, the trigger will never result in a build. - - !ruby/object:Api::Type::Time - name: 'createTime' - output: true + - name: 'createTime' + type: Time description: | Time when the trigger was created. - - !ruby/object:Api::Type::KeyValuePairs - name: 'substitutions' + output: true + - name: 'substitutions' + type: KeyValuePairs description: | Substitutions data for Build resource. - - !ruby/object:Api::Type::String - name: 'serviceAccount' + - name: 'serviceAccount' + type: String description: | The service account used for all user-controlled operations including triggers.patch, triggers.run, builds.create, and builds.cancel. @@ -192,160 +179,160 @@ properties: ([PROJECT_NUM]@system.gserviceaccount.com) will be used instead. Format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_ID_OR_EMAIL} - - !ruby/object:Api::Type::Enum - name: 'includeBuildLogs' - values: - - :INCLUDE_BUILD_LOGS_UNSPECIFIED - - :INCLUDE_BUILD_LOGS_WITH_STATUS + - name: 'includeBuildLogs' + type: Enum description: | Build logs will be sent back to GitHub as part of the checkrun result. Values can be INCLUDE_BUILD_LOGS_UNSPECIFIED or INCLUDE_BUILD_LOGS_WITH_STATUS - - !ruby/object:Api::Type::String - name: 'filename' - exactly_one_of: - - filename - - build - - git_file_source + enum_values: + - 'INCLUDE_BUILD_LOGS_UNSPECIFIED' + - 'INCLUDE_BUILD_LOGS_WITH_STATUS' + - name: 'filename' + type: String description: | Path, from the source root, to a file whose contents is used for the template. Either a filename or build template must be provided. Set this only when using trigger_template or github. When using Pub/Sub, Webhook or Manual set the file name using git_file_source instead. - - !ruby/object:Api::Type::String - name: 'filter' + exactly_one_of: + - 'filename' + - 'build' + - 'git_file_source' + - name: 'filter' + type: String description: | A Common Expression Language string. Used only with Pub/Sub and Webhook. - - !ruby/object:Api::Type::NestedObject - name: 'gitFileSource' - exactly_one_of: - - filename - - git_file_source - - build + - name: 'gitFileSource' + type: NestedObject description: | The file source describing the local or remote Build template. + exactly_one_of: + - 'filename' + - 'git_file_source' + - 'build' properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true + - name: 'path' + type: String description: | The path of the file, with the repo root as the root of the path. - - !ruby/object:Api::Type::String - name: 'uri' + required: true + - name: 'uri' + type: String description: | The URI of the repo (optional). If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path. - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | The fully qualified resource name of the Repo API repository. The fully qualified resource name of the Repo API repository. If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path. - - !ruby/object:Api::Type::Enum - name: 'repoType' - required: true + - name: 'repoType' + type: Enum description: | The type of the repo, since it may not be explicit from the repo field (e.g from a URL). Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER - values: - - :UNKNOWN - - :CLOUD_SOURCE_REPOSITORIES - - :GITHUB - - :BITBUCKET_SERVER - - !ruby/object:Api::Type::String - name: 'revision' + required: true + enum_values: + - 'UNKNOWN' + - 'CLOUD_SOURCE_REPOSITORIES' + - 'GITHUB' + - 'BITBUCKET_SERVER' + - name: 'revision' + type: String description: | The branch, tag, arbitrary ref, or SHA version of the repo to use when resolving the filename (optional). This field respects the same syntax/resolution as described here: https://git-scm.com/docs/gitrevisions If unspecified, the revision from which the trigger invocation originated is assumed to be the revision from which to read the specified path. - - !ruby/object:Api::Type::String - name: 'githubEnterpriseConfig' + - name: 'githubEnterpriseConfig' + type: String description: | The full resource name of the github enterprise config. Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. - - !ruby/object:Api::Type::String - name: 'bitbucketServerConfig' + - name: 'bitbucketServerConfig' + type: String description: | The full resource name of the bitbucket server config. Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. - - !ruby/object:Api::Type::NestedObject - name: 'repositoryEventConfig' + - name: 'repositoryEventConfig' + type: NestedObject description: | The configuration of a trigger that creates a build whenever an event from Repo API is received. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | The resource name of the Repo API resource. - - !ruby/object:Api::Type::NestedObject - name: 'pullRequest' + - name: 'pullRequest' + type: NestedObject description: | Contains filter properties for matching Pull Requests. exactly_one_of: - - pull_request - - push + - 'pull_request' + - 'push' properties: - - !ruby/object:Api::Type::String - name: 'branch' + - name: 'branch' + type: String description: | Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: - - branch - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - 'branch' + - name: 'invertRegex' + type: Boolean description: | If true, branches that do NOT match the git_ref will trigger a build. - - !ruby/object:Api::Type::Enum - name: 'commentControl' + - name: 'commentControl' + type: Enum description: | Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`. - values: - - :COMMENTS_DISABLED - - :COMMENTS_ENABLED - - :COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY - - !ruby/object:Api::Type::NestedObject - name: 'push' + enum_values: + - 'COMMENTS_DISABLED' + - 'COMMENTS_ENABLED' + - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' + - name: 'push' + type: NestedObject description: | Contains filter properties for matching git pushes. exactly_one_of: - - pull_request - - push + - 'pull_request' + - 'push' properties: - - !ruby/object:Api::Type::String - name: 'branch' + - name: 'branch' + type: String description: | Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: - - branch - - tag - - !ruby/object:Api::Type::String - name: 'tag' + - 'branch' + - 'tag' + - name: 'tag' + type: String description: | Regex of tags to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: - - branch - - tag - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - 'branch' + - 'tag' + - name: 'invertRegex' + type: Boolean description: | If true, only trigger a build if the revision regex does NOT match the git_ref regex. - - !ruby/object:Api::Type::NestedObject - name: 'sourceToBuild' + - name: 'sourceToBuild' + type: NestedObject description: | The repo and ref of the repository from which to build. This field is used only for those triggers that do not respond to SCM events. @@ -354,52 +341,51 @@ properties: One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: | The URI of the repo. - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | The qualified resource name of the Repo API repository. Either uri or repository can be specified and is required. - - !ruby/object:Api::Type::String - name: 'ref' - required: true + - name: 'ref' + type: String description: | The branch or tag to use. Must start with "refs/" (required). - - !ruby/object:Api::Type::Enum - name: 'repoType' required: true + - name: 'repoType' + type: Enum description: | The type of the repo, since it may not be explicit from the repo field (e.g from a URL). Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER - values: - - :UNKNOWN - - :CLOUD_SOURCE_REPOSITORIES - - :GITHUB - - :BITBUCKET_SERVER - - !ruby/object:Api::Type::String - name: 'githubEnterpriseConfig' + required: true + enum_values: + - 'UNKNOWN' + - 'CLOUD_SOURCE_REPOSITORIES' + - 'GITHUB' + - 'BITBUCKET_SERVER' + - name: 'githubEnterpriseConfig' + type: String description: | The full resource name of the github enterprise config. Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. - - !ruby/object:Api::Type::String - name: 'bitbucketServerConfig' + - name: 'bitbucketServerConfig' + type: String description: | The full resource name of the bitbucket server config. Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. - - !ruby/object:Api::Type::Array - name: 'ignoredFiles' - item_type: Api::Type::String + - name: 'ignoredFiles' + type: Array description: | ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match extended with support for `**`. @@ -410,9 +396,10 @@ properties: If ignoredFiles is not empty, then we ignore any files that match any of the ignored_file globs. If the change has no files that are outside of the ignoredFiles globs, then we do not trigger a build. - - !ruby/object:Api::Type::Array - name: 'includedFiles' - item_type: Api::Type::String + item_type: + type: String + - name: 'includedFiles' + type: Array description: | ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match extended with support for `**`. @@ -425,8 +412,10 @@ properties: and includedFiles is not empty, then we make sure that at least one of those files matches a includedFiles glob. If not, then we do not trigger a build. - - !ruby/object:Api::Type::NestedObject - name: 'triggerTemplate' + item_type: + type: String + - name: 'triggerTemplate' + type: NestedObject description: | Template describing the types of source changes to trigger a build. @@ -436,27 +425,27 @@ properties: One of `trigger_template`, `github`, `pubsub_config`, `webhook_config` or `source_to_build` must be provided. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. default_from_api: true - - !ruby/object:Api::Type::String - name: 'repoName' - default_value: 'default' + - name: 'repoName' + type: String description: | Name of the Cloud Source Repository. If omitted, the name "default" is assumed. - - !ruby/object:Api::Type::String - name: 'dir' + default_value: "default" + - name: 'dir' + type: String description: | Directory, relative to the source root, in which to run the build. @@ -464,462 +453,466 @@ properties: is an absolute path, this value is ignored for that step's execution. - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - name: 'invertRegex' + type: Boolean description: | Only trigger a build if the revision regex does NOT match the revision regex. - - !ruby/object:Api::Type::String - name: 'branchName' + - name: 'branchName' + type: String description: | Name of the branch to build. Exactly one a of branch name, tag, or commit SHA must be provided. This field is a regular expression. exactly_one_of: - - trigger_template.0.branch_name - - trigger_template.0.tag_name - - trigger_template.0.commit_sha - - !ruby/object:Api::Type::String - name: 'tagName' + - 'trigger_template.0.branch_name' + - 'trigger_template.0.tag_name' + - 'trigger_template.0.commit_sha' + - name: 'tagName' + type: String description: | Name of the tag to build. Exactly one of a branch name, tag, or commit SHA must be provided. This field is a regular expression. exactly_one_of: - - trigger_template.0.branch_name - - trigger_template.0.tag_name - - trigger_template.0.commit_sha - - !ruby/object:Api::Type::String - name: 'commitSha' + - 'trigger_template.0.branch_name' + - 'trigger_template.0.tag_name' + - 'trigger_template.0.commit_sha' + - name: 'commitSha' + type: String description: | Explicit commit SHA to build. Exactly one of a branch name, tag, or commit SHA must be provided. exactly_one_of: - - trigger_template.0.branch_name - - trigger_template.0.tag_name - - trigger_template.0.commit_sha - - !ruby/object:Api::Type::NestedObject - name: 'github' + - 'trigger_template.0.branch_name' + - 'trigger_template.0.tag_name' + - 'trigger_template.0.commit_sha' + - name: 'github' + type: NestedObject description: | Describes the configuration of a trigger that creates a build whenever a GitHub event is received. One of `trigger_template`, `github`, `pubsub_config` or `webhook_config` must be provided. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'owner' + - name: 'owner' + type: String description: | Owner of the repository. For example: The owner for https://github.com/googlecloudplatform/cloud-builders is "googlecloudplatform". - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the repository. For example: The name for https://github.com/googlecloudplatform/cloud-builders is "cloud-builders". - - !ruby/object:Api::Type::NestedObject - name: 'pullRequest' + - name: 'pullRequest' + type: NestedObject description: | filter to match changes in pull requests. Specify only one of `pull_request` or `push`. exactly_one_of: - - github.0.pull_request - - github.0.push + - 'github.0.pull_request' + - 'github.0.push' properties: - - !ruby/object:Api::Type::String - name: 'branch' - required: true + - name: 'branch' + type: String description: | Regex of branches to match. - - !ruby/object:Api::Type::Enum - name: 'commentControl' + required: true + - name: 'commentControl' + type: Enum description: | Whether to block builds on a "/gcbrun" comment from a repository owner or collaborator. - values: - - :COMMENTS_DISABLED - - :COMMENTS_ENABLED - - :COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + enum_values: + - 'COMMENTS_DISABLED' + - 'COMMENTS_ENABLED' + - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' + - name: 'invertRegex' + type: Boolean description: | If true, branches that do NOT match the git_ref will trigger a build. - - !ruby/object:Api::Type::NestedObject - name: 'push' + - name: 'push' + type: NestedObject description: | filter to match changes in refs, like branches or tags. Specify only one of `pull_request` or `push`. exactly_one_of: - - github.0.pull_request - - github.0.push + - 'github.0.pull_request' + - 'github.0.push' properties: - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - name: 'invertRegex' + type: Boolean description: | When true, only trigger a build if the revision regex does NOT match the git_ref regex. - - !ruby/object:Api::Type::String - name: 'branch' + - name: 'branch' + type: String description: | Regex of branches to match. Specify only one of branch or tag. exactly_one_of: - - github.0.push.0.branch - - github.0.push.0.tag - - !ruby/object:Api::Type::String - name: 'tag' + - 'github.0.push.0.branch' + - 'github.0.push.0.tag' + - name: 'tag' + type: String description: | Regex of tags to match. Specify only one of branch or tag. exactly_one_of: - - github.0.push.0.branch - - github.0.push.0.tag - - !ruby/object:Api::Type::String - name: 'enterpriseConfigResourceName' + - 'github.0.push.0.branch' + - 'github.0.push.0.tag' + - name: 'enterpriseConfigResourceName' + type: String description: | The resource name of the github enterprise config that should be applied to this installation. For example: "projects/{$projectId}/locations/{$locationId}/githubEnterpriseConfigs/{$configId}" - - !ruby/object:Api::Type::NestedObject - name: 'bitbucketServerTriggerConfig' + - name: 'bitbucketServerTriggerConfig' + type: NestedObject description: | BitbucketServerTriggerConfig describes the configuration of a trigger that creates a build whenever a Bitbucket Server event is received. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'repoSlug' - required: true + - name: 'repoSlug' + type: String description: | Slug of the repository. A repository slug is a URL-friendly version of a repository name, automatically generated by Bitbucket for use in the URL. For example, if the repository name is 'test repo', in the URL it would become 'test-repo' as in https://mybitbucket.server/projects/TEST/repos/test-repo. - - !ruby/object:Api::Type::String - name: 'projectKey' required: true + - name: 'projectKey' + type: String description: | Key of the project that the repo is in. For example: The key for https://mybitbucket.server/projects/TEST/repos/test-repo is "TEST". - - !ruby/object:Api::Type::String - name: 'bitbucketServerConfigResource' required: true + - name: 'bitbucketServerConfigResource' + type: String description: | The Bitbucket server config resource that this trigger config maps to. - - !ruby/object:Api::Type::NestedObject - name: 'pullRequest' + required: true + - name: 'pullRequest' + type: NestedObject description: | Filter to match changes in pull requests. exactly_one_of: - - bitbucket_server_trigger_config.0.pull_request - - bitbucket_server_trigger_config.0.push + - 'bitbucket_server_trigger_config.0.pull_request' + - 'bitbucket_server_trigger_config.0.push' properties: - - !ruby/object:Api::Type::String - name: 'branch' - required: true + - name: 'branch' + type: String description: | Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax - - !ruby/object:Api::Type::Enum - name: 'commentControl' + required: true + - name: 'commentControl' + type: Enum description: | Configure builds to run whether a repository owner or collaborator need to comment /gcbrun. - values: - - :COMMENTS_DISABLED - - :COMMENTS_ENABLED - - :COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + enum_values: + - 'COMMENTS_DISABLED' + - 'COMMENTS_ENABLED' + - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' + - name: 'invertRegex' + type: Boolean description: | If true, branches that do NOT match the git_ref will trigger a build. - - !ruby/object:Api::Type::NestedObject - name: 'push' + - name: 'push' + type: NestedObject description: | Filter to match changes in refs like branches, tags. exactly_one_of: - - bitbucket_server_trigger_config.0.pull_request - - bitbucket_server_trigger_config.0.push + - 'bitbucket_server_trigger_config.0.pull_request' + - 'bitbucket_server_trigger_config.0.push' properties: - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - name: 'invertRegex' + type: Boolean description: | When true, only trigger a build if the revision regex does NOT match the gitRef regex. - - !ruby/object:Api::Type::String - name: 'branch' + - name: 'branch' + type: String description: | Regex of branches to match. Specify only one of branch or tag. exactly_one_of: - - bitbucket_server_trigger_config.0.push.0.branch - - bitbucket_server_trigger_config.0.push.0.tag - - !ruby/object:Api::Type::String - name: 'tag' + - 'bitbucket_server_trigger_config.0.push.0.branch' + - 'bitbucket_server_trigger_config.0.push.0.tag' + - name: 'tag' + type: String description: | Regex of tags to match. Specify only one of branch or tag. exactly_one_of: - - bitbucket_server_trigger_config.0.push.0.branch - - bitbucket_server_trigger_config.0.push.0.tag - - !ruby/object:Api::Type::NestedObject - name: 'pubsubConfig' + - 'bitbucket_server_trigger_config.0.push.0.branch' + - 'bitbucket_server_trigger_config.0.push.0.tag' + - name: 'pubsubConfig' + type: NestedObject description: | PubsubConfig describes the configuration of a trigger that creates a build whenever a Pub/Sub message is published. One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'subscription' + - name: 'subscription' + type: String description: | Output only. Name of the subscription. output: true - - !ruby/object:Api::Type::String - name: 'topic' - required: true + - name: 'topic' + type: String description: | The name of the topic from which this subscription is receiving messages. - - !ruby/object:Api::Type::String - name: 'service_account_email' + required: true + - name: 'service_account_email' + type: String description: | Service account that will make the push request. - - !ruby/object:Api::Type::String - name: 'state' - output: true + - name: 'state' + type: String description: | Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests. - - !ruby/object:Api::Type::NestedObject - name: 'webhookConfig' + output: true + - name: 'webhookConfig' + type: NestedObject description: | WebhookConfig describes the configuration of a trigger that creates a build whenever a webhook is sent to a trigger's webhook URL. One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. at_least_one_of: - - trigger_template - - github - - bitbucket_server_trigger_config - - pubsub_config - - webhook_config - - source_to_build - - repository_event_config + - 'trigger_template' + - 'github' + - 'bitbucket_server_trigger_config' + - 'pubsub_config' + - 'webhook_config' + - 'source_to_build' + - 'repository_event_config' properties: - - !ruby/object:Api::Type::String - name: 'secret' - required: true + - name: 'secret' + type: String description: | Resource name for the secret required as a URL parameter. - - !ruby/object:Api::Type::String - name: 'state' - output: true + required: true + - name: 'state' + type: String description: | Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests. - - !ruby/object:Api::Type::NestedObject - name: 'approvalConfig' + output: true + - name: 'approvalConfig' + type: NestedObject description: | Configuration for manual approval to start a build invocation of this BuildTrigger. Builds created by this trigger will require approval before they execute. Any user with a Cloud Build Approver role for the project can approve a build. default_from_api: true - custom_flatten: templates/terraform/custom_flatten/cloudbuild_approval_required.go.erb + custom_flatten: 'templates/terraform/custom_flatten/cloudbuild_approval_required.go.tmpl' properties: - - !ruby/object:Api::Type::Boolean - name: 'approvalRequired' - default_value: false + - name: 'approvalRequired' + type: Boolean description: | Whether or not approval is needed. If this is set on a build, it will become pending when run, and will need to be explicitly approved to start. - - !ruby/object:Api::Type::NestedObject - name: 'build' - exactly_one_of: - - filename - - build - - git_file_source + default_value: false + - name: 'build' + type: NestedObject description: | Contents of the build template. Either a filename or build template must be provided. + exactly_one_of: + - 'filename' + - 'build' + - 'git_file_source' properties: - - !ruby/object:Api::Type::NestedObject - name: 'source' + - name: 'source' + type: NestedObject description: | The location of the source files to build. One of `storageSource` or `repoSource` must be provided. properties: - - !ruby/object:Api::Type::NestedObject - name: 'storageSource' + - name: 'storageSource' + type: NestedObject description: | Location of the source in an archive file in Google Cloud Storage. properties: - - !ruby/object:Api::Type::String - name: 'bucket' - required: true + - name: 'bucket' + type: String description: | Google Cloud Storage bucket containing the source. - - !ruby/object:Api::Type::String - name: 'object' required: true + - name: 'object' + type: String description: | Google Cloud Storage object containing the source. This object must be a gzipped archive file (.tar.gz) containing source to build. - - !ruby/object:Api::Type::String - name: 'generation' + required: true + - name: 'generation' + type: String description: | Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used - - !ruby/object:Api::Type::NestedObject - name: 'repoSource' + - name: 'repoSource' + type: NestedObject description: | Location of the source in a Google Cloud Source Repository. properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. - - !ruby/object:Api::Type::String - name: 'repoName' - required: true + - name: 'repoName' + type: String description: | Name of the Cloud Source Repository. - - !ruby/object:Api::Type::String - name: 'dir' + required: true + - name: 'dir' + type: String description: | Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's dir is specified and is an absolute path, this value is ignored for that step's execution. - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - name: 'invertRegex' + type: Boolean description: | Only trigger a build if the revision regex does NOT match the revision regex. - - !ruby/object:Api::Type::KeyValuePairs - name: 'substitutions' + - name: 'substitutions' + type: KeyValuePairs description: | Substitutions to use in a triggered build. Should only be used with triggers.run - - !ruby/object:Api::Type::String - name: 'branchName' + - name: 'branchName' + type: String description: | Regex matching branches to build. Exactly one a of branch name, tag, or commit SHA must be provided. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: - - build.0.source.0.repo_source.0.branch_name - - build.0.source.0.repo_source.0.commit_sha - - build.0.source.0.repo_source.0.tag_name - - !ruby/object:Api::Type::String - name: 'tagName' + - 'build.0.source.0.repo_source.0.branch_name' + - 'build.0.source.0.repo_source.0.commit_sha' + - 'build.0.source.0.repo_source.0.tag_name' + - name: 'tagName' + type: String description: | Regex matching tags to build. Exactly one a of branch name, tag, or commit SHA must be provided. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax exactly_one_of: - - build.0.source.0.repo_source.0.branch_name - - build.0.source.0.repo_source.0.commit_sha - - build.0.source.0.repo_source.0.tag_name - - !ruby/object:Api::Type::String - name: 'commitSha' + - 'build.0.source.0.repo_source.0.branch_name' + - 'build.0.source.0.repo_source.0.commit_sha' + - 'build.0.source.0.repo_source.0.tag_name' + - name: 'commitSha' + type: String description: | Explicit commit SHA to build. Exactly one a of branch name, tag, or commit SHA must be provided. exactly_one_of: - - build.0.source.0.repo_source.0.branch_name - - build.0.source.0.repo_source.0.commit_sha - - build.0.source.0.repo_source.0.tag_name - - !ruby/object:Api::Type::Array - name: 'tags' - item_type: Api::Type::String + - 'build.0.source.0.repo_source.0.branch_name' + - 'build.0.source.0.repo_source.0.commit_sha' + - 'build.0.source.0.repo_source.0.tag_name' + - name: 'tags' + type: Array description: | Tags for annotation of a Build. These are not docker tags. - - !ruby/object:Api::Type::Array - name: 'images' - item_type: Api::Type::String + item_type: + type: String + - name: 'images' + type: Array description: | A list of images to be pushed upon the successful completion of all build steps. The images are pushed using the builder service account's credentials. The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build status is marked FAILURE. - - !ruby/object:Api::Type::KeyValuePairs - name: 'substitutions' + item_type: + type: String + - name: 'substitutions' + type: KeyValuePairs description: | Substitutions data for Build resource. - - !ruby/object:Api::Type::String - name: 'queueTtl' + - name: 'queueTtl' + type: String description: | TTL in queue for this build. If provided and the build is enqueued longer than this value, the build will expire and the build status will be EXPIRED. The TTL starts ticking from createTime. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - !ruby/object:Api::Type::String - name: 'logsBucket' + - name: 'logsBucket' + type: String description: | Google Cloud Storage bucket where logs should be written. Logs file names will be of the format ${logsBucket}/log-${build_id}.txt. - - !ruby/object:Api::Type::String - name: 'timeout' + - name: 'timeout' + type: String description: | Amount of time that this build should be allowed to run, to second granularity. If this amount of time elapses, work on the build will cease and the build status will be TIMEOUT. This timeout must be equal to or greater than the sum of the timeouts for build steps within the build. The expected format is the number of seconds followed by s. Default time is ten minutes (600s). - default_value: '600s' - - !ruby/object:Api::Type::Array - name: 'secret' - api_name: 'secrets' + default_value: "600s" + - name: 'secret' + type: Array description: | Secrets to decrypt using Cloud Key Management Service. - item_type: !ruby/object:Api::Type::NestedObject + api_name: secrets + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'kmsKeyName' - required: true + - name: 'kmsKeyName' + type: String description: | Cloud KMS key name to use to decrypt these envs. - - !ruby/object:Api::Type::KeyValuePairs - name: 'secretEnv' + required: true + - name: 'secretEnv' + type: KeyValuePairs description: | Map of environment variable name to its encrypted value. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. Values can be at most 64 KB in size. There can be at most 100 secret values across all of a build's secrets. - - !ruby/object:Api::Type::NestedObject - name: 'availableSecrets' + - name: 'availableSecrets' + type: NestedObject description: | Secrets and secret environment variables. properties: - - !ruby/object:Api::Type::Array - name: 'secretManager' - required: true + - name: 'secretManager' + type: Array description: | Pairs a secret environment variable with a SecretVersion in Secret Manager. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'versionName' - required: true + - name: 'versionName' + type: String description: | Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/* - - !ruby/object:Api::Type::String - name: 'env' required: true + - name: 'env' + type: String description: | Environment variable name to associate with the secret. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. - - !ruby/object:Api::Type::Array - name: 'step' - api_name: 'steps' - required: true + required: true + - name: 'step' + type: Array description: | The operations to be performed on the workspace. - item_type: !ruby/object:Api::Type::NestedObject + api_name: steps + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | The name of the container image that will run this particular build step. @@ -937,9 +930,9 @@ properties: If you built an image in a previous build step, it will be stored in the host's Docker daemon's cache and is available to use as the name for a later build step. - - !ruby/object:Api::Type::Array - name: 'args' - item_type: Api::Type::String + required: true + - name: 'args' + type: Array description: | A list of arguments that will be presented to the step when it is started. @@ -947,28 +940,31 @@ properties: are used as arguments to that entrypoint. If the image does not define an entrypoint, the first element in args is used as the entrypoint, and the remainder will be used as arguments. - - !ruby/object:Api::Type::Array - name: 'env' - item_type: Api::Type::String + item_type: + type: String + - name: 'env' + type: Array description: | A list of environment variable definitions to be used when running a step. The elements are of the form "KEY=VALUE" for the environment variable "KEY" being given the value "VALUE". - - !ruby/object:Api::Type::String - name: 'id' + item_type: + type: String + - name: 'id' + type: String description: | Unique identifier for this build step, used in `wait_for` to reference this build step as a dependency. - - !ruby/object:Api::Type::String - name: 'entrypoint' + - name: 'entrypoint' + type: String description: | Entrypoint to be used instead of the build step image's default entrypoint. If unset, the image's default entrypoint is used - - !ruby/object:Api::Type::String - name: 'dir' + - name: 'dir' + type: String description: | Working directory to use when running this step's container. @@ -981,29 +977,30 @@ properties: `dir`, which specifies an absolute path, the `RepoSource` `dir` is ignored for the step's execution. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'secretEnv' + - name: 'secretEnv' + type: Array description: | A list of environment variables which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`. - - !ruby/object:Api::Type::String - name: 'timeout' + item_type: + type: String + - name: 'timeout' + type: String description: | Time limit for executing this build step. If not defined, the step has no time limit and will be allowed to continue to run until either it completes or the build itself times out. - - !ruby/object:Api::Type::String - name: 'timing' - immutable: false + - name: 'timing' + type: String description: | Output only. Stores timing information for executing this build step. - - !ruby/object:Api::Type::Array - name: 'volumes' + immutable: false + - name: 'volumes' + type: Array description: | List of volumes to mount into the build step. @@ -1013,27 +1010,27 @@ properties: Using a named volume in only one step is not valid as it is indicative of a build request with an incorrect configuration. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Name of the volume to mount. Volume names must be unique per build step and must be valid names for Docker volumes. Each named volume must be used by at least two build steps. - - !ruby/object:Api::Type::String - name: 'path' required: true + - name: 'path' + type: String description: | Path at which to mount the volume. Paths must be absolute and cannot conflict with other volume paths on the same build step or with certain reserved volume paths. - - !ruby/object:Api::Type::Array - name: 'waitFor' - item_type: Api::Type::String + required: true + - name: 'waitFor' + type: Array description: | The ID(s) of the step(s) that this build step depends on. @@ -1041,13 +1038,15 @@ properties: have completed successfully. If `wait_for` is empty, this build step will start when all previous build steps in the `Build.Steps` list have completed successfully. - - !ruby/object:Api::Type::String - name: 'script' + item_type: + type: String + - name: 'script' + type: String description: | A shell script to be executed in the step. When script is provided, the user cannot specify the entrypoint or args. - - !ruby/object:Api::Type::Boolean - name: 'allowFailure' + - name: 'allowFailure' + type: Boolean description: | Allow this build step to fail without failing the entire build. If false, the entire build will fail if this step fails. Otherwise, the @@ -1055,22 +1054,22 @@ properties: Error information will be reported in the `failureDetail` field. `allowExitCodes` takes precedence over this field. - - !ruby/object:Api::Type::Array - name: 'allowExitCodes' - item_type: Api::Type::Integer + - name: 'allowExitCodes' + type: Array description: | Allow this build step to fail without failing the entire build if and only if the exit code is one of the specified codes. If `allowFailure` is also specified, this field will take precedence. - - !ruby/object:Api::Type::NestedObject - name: 'artifacts' + item_type: + type: Integer + - name: 'artifacts' + type: NestedObject description: | Artifacts produced by the build that should be uploaded upon successful completion of all build steps. properties: - - !ruby/object:Api::Type::Array - name: 'images' - item_type: Api::Type::String + - name: 'images' + type: Array description: | A list of images to be pushed upon the successful completion of all build steps. @@ -1079,8 +1078,10 @@ properties: The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build is marked FAILURE. - - !ruby/object:Api::Type::NestedObject - name: 'objects' + item_type: + type: String + - name: 'objects' + type: NestedObject description: | A list of objects to be uploaded to Cloud Storage upon successful completion of all build steps. @@ -1091,207 +1092,214 @@ properties: If any objects fail to be pushed, the build is marked FAILURE. properties: - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | Cloud Storage bucket and optional object path, in the form "gs://bucket/path/to/somewhere/". Files in the workspace matching any path pattern will be uploaded to Cloud Storage with this location as a prefix. - - !ruby/object:Api::Type::Array - name: 'paths' - item_type: Api::Type::String + - name: 'paths' + type: Array description: | Path globs used to match files in the build's workspace. - - !ruby/object:Api::Type::NestedObject - name: 'timing' + item_type: + type: String + - name: 'timing' + type: NestedObject description: | Output only. Stores timing information for pushing all artifact objects. output: true properties: - - !ruby/object:Api::Type::String - name: 'startTime' + - name: 'startTime' + type: String description: | Start of time span. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::String - name: 'endTime' + - name: 'endTime' + type: String description: | End of time span. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Array - name: 'mavenArtifacts' + - name: 'mavenArtifacts' + type: Array description: | A Maven artifact to upload to Artifact Registry upon successful completion of all build steps. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | Artifact Registry repository, in the form "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" Artifact in the workspace specified by path will be uploaded to Artifact Registry with this location as a prefix. - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: | Path to an artifact in the build's workspace to be uploaded to Artifact Registry. This can be either an absolute path, e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. - - !ruby/object:Api::Type::String - name: 'artifactId' + - name: 'artifactId' + type: String description: | Maven artifactId value used when uploading the artifact to Artifact Registry. - - !ruby/object:Api::Type::String - name: 'groupId' + - name: 'groupId' + type: String description: | Maven groupId value used when uploading the artifact to Artifact Registry. - - !ruby/object:Api::Type::String - name: 'version' + - name: 'version' + type: String description: | Maven version value used when uploading the artifact to Artifact Registry. - - !ruby/object:Api::Type::Array - name: 'pythonPackages' + - name: 'pythonPackages' + type: Array description: | Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | Artifact Registry repository, in the form "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" Files in the workspace matching any path pattern will be uploaded to Artifact Registry with this location as a prefix. - - !ruby/object:Api::Type::Array - name: 'paths' - item_type: Api::Type::String + - name: 'paths' + type: Array description: | Path globs used to match files in the build's workspace. For Python/ Twine, this is usually dist/*, and sometimes additionally an .asc file. - - !ruby/object:Api::Type::Array - name: 'npmPackages' + item_type: + type: String + - name: 'npmPackages' + type: Array description: | Npm package to upload to Artifact Registry upon successful completion of all build steps. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'repository' + - name: 'repository' + type: String description: | Artifact Registry repository, in the form "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" Npm package in the workspace specified by path will be zipped and uploaded to Artifact Registry with this location as a prefix. - - !ruby/object:Api::Type::String - name: 'packagePath' + - name: 'packagePath' + type: String description: | Path to the package.json. e.g. workspace/path/to/package - - !ruby/object:Api::Type::NestedObject - name: 'options' + - name: 'options' + type: NestedObject description: | Special options for this build. properties: - - !ruby/object:Api::Type::Array - name: 'sourceProvenanceHash' + - name: 'sourceProvenanceHash' + type: Array description: | Requested hash for SourceProvenance. - item_type: !ruby/object:Api::Type::Enum - name: 'hashType' + item_type: + type: Enum description: | Specifies the hash algorithm, if any. - values: - - :NONE - - :SHA256 - - :MD5 - - !ruby/object:Api::Type::Enum - name: 'requestedVerifyOption' + enum_values: + - 'NONE' + - 'SHA256' + - 'MD5' + - name: 'requestedVerifyOption' + type: Enum description: | Requested verifiability options. - values: - - :NOT_VERIFIED - - :VERIFIED - - !ruby/object:Api::Type::String - name: 'machineType' + enum_values: + - 'NOT_VERIFIED' + - 'VERIFIED' + - name: 'machineType' + type: String description: | Compute Engine machine type on which to run the build. - - !ruby/object:Api::Type::Integer - name: 'diskSizeGb' + - name: 'diskSizeGb' + type: Integer description: | Requested disk size for the VM that runs the build. Note that this is NOT "disk free"; some of the space will be used by the operating system and build utilities. Also note that this is the minimum disk size that will be allocated for the build -- the build may run with a larger disk than requested. At present, the maximum disk size is 1000GB; builds that request more than the maximum are rejected with an error. - - !ruby/object:Api::Type::Enum - name: 'substitutionOption' + - name: 'substitutionOption' + type: Enum description: | Option to specify behavior when there is an error in the substitution checks. NOTE this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden in the build configuration file. - values: - - :MUST_MATCH - - :ALLOW_LOOSE - - !ruby/object:Api::Type::Boolean - name: 'dynamicSubstitutions' - send_empty_value: true + enum_values: + - 'MUST_MATCH' + - 'ALLOW_LOOSE' + - name: 'dynamicSubstitutions' + type: Boolean description: | Option to specify whether or not to apply bash style string operations to the substitutions. NOTE this is always enabled for triggered builds and cannot be overridden in the build configuration file. - - !ruby/object:Api::Type::Enum - name: 'logStreamingOption' + send_empty_value: true + - name: 'logStreamingOption' + type: Enum description: | Option to define build log streaming behavior to Google Cloud Storage. - values: - - :STREAM_DEFAULT - - :STREAM_ON - - :STREAM_OFF - - !ruby/object:Api::Type::String - name: 'workerPool' + enum_values: + - 'STREAM_DEFAULT' + - 'STREAM_ON' + - 'STREAM_OFF' + - name: 'workerPool' + type: String description: | Option to specify a WorkerPool for the build. Format projects/{project}/workerPools/{workerPool} This field is experimental. - - !ruby/object:Api::Type::Enum - name: 'logging' + - name: 'logging' + type: Enum description: | Option to specify the logging mode, which determines if and where build logs are stored. - values: - - :LOGGING_UNSPECIFIED - - :LEGACY - - :GCS_ONLY - - :STACKDRIVER_ONLY - - :CLOUD_LOGGING_ONLY - - :NONE - - !ruby/object:Api::Type::Array - name: 'env' - item_type: Api::Type::String + enum_values: + - 'LOGGING_UNSPECIFIED' + - 'LEGACY' + - 'GCS_ONLY' + - 'STACKDRIVER_ONLY' + - 'CLOUD_LOGGING_ONLY' + - 'NONE' + - name: 'env' + type: Array description: | A list of global environment variable definitions that will exist for all build steps in this build. If a variable is defined in both globally and in a build step, the variable will use the build step value. The elements are of the form "KEY=VALUE" for the environment variable "KEY" being given the value "VALUE". - - !ruby/object:Api::Type::Array - name: 'secretEnv' - item_type: Api::Type::String + item_type: + type: String + - name: 'secretEnv' + type: Array description: | A list of global environment variables, which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's Secret. These variables will be available to all build steps in this build. - - !ruby/object:Api::Type::Array - name: 'volumes' + item_type: + type: String + - name: 'volumes' + type: Array description: | Global list of volumes to mount for ALL build steps @@ -1301,17 +1309,18 @@ properties: Using a global volume in a build with only one step is not valid as it is indicative of a build request with an incorrect configuration. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the volume to mount. Volume names must be unique per build step and must be valid names for Docker volumes. Each named volume must be used by at least two build steps. - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: | Path at which to mount the volume. diff --git a/mmv1/products/cloudbuild/go_BitbucketServerConfig.yaml b/mmv1/products/cloudbuild/go_BitbucketServerConfig.yaml deleted file mode 100644 index 57cfd7db6aa1..000000000000 --- a/mmv1/products/cloudbuild/go_BitbucketServerConfig.yaml +++ /dev/null @@ -1,166 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BitbucketServerConfig' -description: | - BitbucketServerConfig represents the configuration for a Bitbucket Server. -references: - guides: - 'Connect to a Bitbucket Server host': 'https://cloud.google.com/build/docs/automating-builds/bitbucket/connect-host-bitbucket-server' - api: 'https://cloud.google.com/build/docs/api/reference/rest/v1/projects.locations.bitbucketServerConfigs' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs' -self_link: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs?bitbucketServerConfigId={{config_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/bitbucketServerConfigs/{{config_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - encoder: 'templates/terraform/encoders/go/cloudbuild_bitbucketserver_config.go.tmpl' - post_create: 'templates/terraform/post_create/go/cloudbuild_bitbucketserver_config.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/cloudbuild_bitbucketserver_config.go.tmpl' - post_update: 'templates/terraform/post_update/go/cloudbuild_bitbucketserver_config.go.tmpl' -examples: - - name: 'cloudbuild_bitbucket_server_config' - primary_resource_id: 'bbs-config' - vars: - config_id: 'bbs-config' - - name: 'cloudbuild_bitbucket_server_config_repositories' - primary_resource_id: 'bbs-config-with-repos' - vars: - config_id: 'bbs-config' - skip_test: true - - name: 'cloudbuild_bitbucket_server_config_peered_network' - primary_resource_id: 'bbs-config-with-peered-network' - vars: - config_id: 'bbs-config' - network_name: 'vpc-network' - global_address_name: 'private-ip-alloc' -parameters: - - name: 'config_id' - type: String - description: | - The ID to use for the BitbucketServerConfig, which will become the final component of the BitbucketServerConfig's resource name. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The location of this bitbucket server config. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name for the config. - output: true - - name: 'hostUri' - type: String - description: | - Immutable. The URI of the Bitbucket Server host. Once this field has been set, it cannot be changed. - If you need to change it, please create another BitbucketServerConfig. - required: true - - name: 'secrets' - type: NestedObject - description: | - Secret Manager secrets needed by the config. - required: true - properties: - - name: 'adminAccessTokenVersionName' - type: String - description: | - The resource name for the admin access token's secret version. - required: true - - name: 'readAccessTokenVersionName' - type: String - description: | - The resource name for the read access token's secret version. - required: true - - name: 'webhookSecretVersionName' - type: String - description: | - Immutable. The resource name for the webhook secret's secret version. Once this field has been set, it cannot be changed. - Changing this field will result in deleting/ recreating the resource. - required: true - immutable: true - - name: 'username' - type: String - description: | - Username of the account Cloud Build will use on Bitbucket Server. - required: true - - name: 'webhookKey' - type: String - description: | - Output only. UUID included in webhook requests. The UUID is used to look up the corresponding config. - output: true - - name: 'apiKey' - type: String - description: | - Immutable. API Key that will be attached to webhook. Once this field has been set, it cannot be changed. - Changing this field will result in deleting/ recreating the resource. - required: true - immutable: true - - name: 'connectedRepositories' - type: Array - description: | - Connected Bitbucket Server repositories for this config. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'projectKey' - type: String - description: | - Identifier for the project storing the repository. - required: true - - name: 'repoSlug' - type: String - description: | - Identifier for the repository. - required: true - - name: 'peeredNetwork' - type: String - description: | - The network to be used when reaching out to the Bitbucket Server instance. The VPC network must be enabled for private service connection. - This should be set if the Bitbucket Server instance is hosted on-premises and not reachable by public internet. If this field is left empty, - no network peering will occur and calls to the Bitbucket Server instance will be made over the public internet. Must be in the format - projects/{project}/global/networks/{network}, where {project} is a project number or id and {network} is the name of a VPC network in the project. - - name: 'sslCa' - type: String - description: | - SSL certificate to use for requests to Bitbucket Server. The format should be PEM format but the extension can be one of .pem, .cer, or .crt. diff --git a/mmv1/products/cloudbuild/go_Trigger.yaml b/mmv1/products/cloudbuild/go_Trigger.yaml deleted file mode 100644 index eda4c0ee9b7b..000000000000 --- a/mmv1/products/cloudbuild/go_Trigger.yaml +++ /dev/null @@ -1,1328 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Trigger' -description: | - Configuration for an automated build in response to source repository changes. -references: - guides: - 'Automating builds using build triggers': 'https://cloud.google.com/cloud-build/docs/running-builds/automate-builds' - api: 'https://cloud.google.com/cloud-build/docs/api/reference/rest/v1/projects.triggers' -docs: - note: | - You can retrieve the email of the Cloud Build Service Account used in jobs by using the `google_project_service_identity` resource. - # import by default only works with old-style self links ending in a name -id_format: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/triggers' -self_link: 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/triggers/{{trigger_id}}' - - 'projects/{{project}}/locations/{{location}}/triggers/{{trigger_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/cloudbuild_trigger.tmpl' - post_create: 'templates/terraform/post_create/go/cloudbuild_trigger_id.go.tmpl' - pre_read: 'templates/terraform/pre_read/go/cloudbuild_trigger.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/cloudbuild_trigger.go.tmpl' - post_import: 'templates/terraform/post_import/go/cloudbuild_trigger.go.tmpl' -custom_diff: - - 'stepTimeoutCustomizeDiff' -schema_version: 2 -state_upgraders: true -examples: - - name: 'cloudbuild_trigger_filename' - primary_resource_id: 'filename-trigger' - - name: 'cloudbuild_trigger_build' - primary_resource_id: 'build-trigger' - vars: - cloudbuild_trigger_name: 'my-trigger' - - name: 'cloudbuild_trigger_service_account' - primary_resource_id: 'service-account-trigger' - vars: - sa_name: 'cloud-sa' - - name: 'cloudbuild_trigger_include_build_logs' - primary_resource_id: 'include-build-logs-trigger' - skip_test: true - - name: 'cloudbuild_trigger_pubsub_config' - primary_resource_id: 'pubsub-config-trigger' - vars: - pubsub_topic_name: 'my-topic' - cloudbuild_trigger_name: 'pubsub-trigger' - - name: 'cloudbuild_trigger_webhook_config' - primary_resource_id: 'webhook-config-trigger' - vars: - cloudbuild_trigger_name: 'webhook-trigger' - secret_id: 'webhook-trigger-secret-key' - - name: 'cloudbuild_trigger_manual' - primary_resource_id: 'manual-trigger' - vars: - cloudbuild_trigger_name: 'manual-trigger' - - name: 'cloudbuild_trigger_manual_github_enterprise' - primary_resource_id: 'manual-ghe-trigger' - skip_test: true - - name: 'cloudbuild_trigger_manual_bitbucket_server' - primary_resource_id: 'manual-bitbucket-trigger' - - name: 'cloudbuild_trigger_repo' - primary_resource_id: 'repo-trigger' - vars: - installation_id: '123123' - pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' - repo_uri: 'https://github.com/myuser/my-repo.git' - cloudbuildv2_connection_name: 'my-connection' - cloudbuildv2_repo_name: 'my-repo' - test_vars_overrides: - 'installation_id': '31300675' - 'pat_secret': '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' - 'repo_uri': '"https://github.com/gcb-repos-robot/tf-demo.git"' - - name: 'cloudbuild_trigger_bitbucket_server_push' - primary_resource_id: 'bbs-push-trigger' - vars: - cloudbuild_trigger_name: 'bbs-push-trigger' - - name: 'cloudbuild_trigger_bitbucket_server_pull_request' - primary_resource_id: 'bbs-pull-request-trigger' - vars: - cloudbuild_trigger_name: 'ghe-trigger' - - name: 'cloudbuild_trigger_github_enterprise' - primary_resource_id: 'ghe-trigger' - vars: - cloudbuild_trigger_name: 'ghe-trigger' - skip_test: true - - name: 'cloudbuild_trigger_allow_failure' - primary_resource_id: 'allow-failure-trigger' - vars: - cloudbuild_trigger_name: 'my-trigger' - - name: 'cloudbuild_trigger_allow_exit_codes' - primary_resource_id: 'allow-exit-codes-trigger' - vars: - cloudbuild_trigger_name: 'my-trigger' - - name: 'cloudbuild_trigger_pubsub_with_repo' - primary_resource_id: 'pubsub-with-repo-trigger' - vars: - installation_id: '123123' - pat_secret: 'projects/my-project/secrets/github-pat-secret/versions/latest' - repo_uri: 'https://github.com/myuser/my-repo.git' - cloudbuildv2_connection_name: 'my-connection' - cloudbuildv2_repo_name: 'my-repo' - pubsub_topic_name: 'my-topic' - cloudbuild_trigger_name: 'pubsub-with-repo-trigger' - test_vars_overrides: - 'installation_id': '31300675' - 'pat_secret': '"projects/gcb-terraform-creds/secrets/github-pat/versions/latest"' - 'repo_uri': '"https://github.com/gcb-repos-robot/tf-demo.git"' -parameters: - - name: 'location' - type: String - description: | - The [Cloud Build location](https://cloud.google.com/build/docs/locations) for the trigger. - If not specified, "global" is used. - url_param_only: true - immutable: true - default_value: "global" -properties: - - name: 'trigger_id' - type: String - description: | - The unique identifier for the trigger. - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the trigger. Must be unique within the project. - default_from_api: true - - name: 'description' - type: String - description: | - Human-readable description of the trigger. - - name: 'tags' - type: Array - description: | - Tags for annotation of a BuildTrigger - item_type: - type: String - - name: 'disabled' - type: Boolean - description: | - Whether the trigger is disabled or not. If true, the trigger will never result in a build. - - name: 'createTime' - type: Time - description: | - Time when the trigger was created. - output: true - - name: 'substitutions' - type: KeyValuePairs - description: | - Substitutions data for Build resource. - - name: 'serviceAccount' - type: String - description: | - The service account used for all user-controlled operations including - triggers.patch, triggers.run, builds.create, and builds.cancel. - - If no service account is set, then the standard Cloud Build service account - ([PROJECT_NUM]@system.gserviceaccount.com) will be used instead. - - Format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_ID_OR_EMAIL} - - name: 'includeBuildLogs' - type: Enum - description: | - Build logs will be sent back to GitHub as part of the checkrun - result. Values can be INCLUDE_BUILD_LOGS_UNSPECIFIED or - INCLUDE_BUILD_LOGS_WITH_STATUS - enum_values: - - 'INCLUDE_BUILD_LOGS_UNSPECIFIED' - - 'INCLUDE_BUILD_LOGS_WITH_STATUS' - - name: 'filename' - type: String - description: | - Path, from the source root, to a file whose contents is used for the template. - Either a filename or build template must be provided. Set this only when using trigger_template or github. - When using Pub/Sub, Webhook or Manual set the file name using git_file_source instead. - exactly_one_of: - - 'filename' - - 'build' - - 'git_file_source' - - name: 'filter' - type: String - description: | - A Common Expression Language string. Used only with Pub/Sub and Webhook. - - name: 'gitFileSource' - type: NestedObject - description: | - The file source describing the local or remote Build template. - exactly_one_of: - - 'filename' - - 'git_file_source' - - 'build' - properties: - - name: 'path' - type: String - description: | - The path of the file, with the repo root as the root of the path. - required: true - - name: 'uri' - type: String - description: | - The URI of the repo (optional). If unspecified, the repo from which the trigger - invocation originated is assumed to be the repo from which to read the specified path. - - name: 'repository' - type: String - description: | - The fully qualified resource name of the Repo API repository. The fully qualified resource name of the Repo API repository. - If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path. - - name: 'repoType' - type: Enum - description: | - The type of the repo, since it may not be explicit from the repo field (e.g from a URL). - Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER - required: true - enum_values: - - 'UNKNOWN' - - 'CLOUD_SOURCE_REPOSITORIES' - - 'GITHUB' - - 'BITBUCKET_SERVER' - - name: 'revision' - type: String - description: | - The branch, tag, arbitrary ref, or SHA version of the repo to use when resolving the - filename (optional). This field respects the same syntax/resolution as described here: https://git-scm.com/docs/gitrevisions - If unspecified, the revision from which the trigger invocation originated is assumed to be the revision from which to read the specified path. - - name: 'githubEnterpriseConfig' - type: String - description: | - The full resource name of the github enterprise config. - Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. - - name: 'bitbucketServerConfig' - type: String - description: | - The full resource name of the bitbucket server config. - Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. - - name: 'repositoryEventConfig' - type: NestedObject - description: | - The configuration of a trigger that creates a build whenever an event from Repo API is received. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'repository' - type: String - description: | - The resource name of the Repo API resource. - - name: 'pullRequest' - type: NestedObject - description: | - Contains filter properties for matching Pull Requests. - exactly_one_of: - - 'pull_request' - - 'push' - properties: - - name: 'branch' - type: String - description: | - Regex of branches to match. - - The syntax of the regular expressions accepted is the syntax accepted by - RE2 and described at https://github.com/google/re2/wiki/Syntax - exactly_one_of: - - 'branch' - - name: 'invertRegex' - type: Boolean - description: | - If true, branches that do NOT match the git_ref will trigger a build. - - name: 'commentControl' - type: Enum - description: | - Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`. - enum_values: - - 'COMMENTS_DISABLED' - - 'COMMENTS_ENABLED' - - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' - - name: 'push' - type: NestedObject - description: | - Contains filter properties for matching git pushes. - exactly_one_of: - - 'pull_request' - - 'push' - properties: - - name: 'branch' - type: String - description: | - Regex of branches to match. - - The syntax of the regular expressions accepted is the syntax accepted by - RE2 and described at https://github.com/google/re2/wiki/Syntax - exactly_one_of: - - 'branch' - - 'tag' - - name: 'tag' - type: String - description: | - Regex of tags to match. - - The syntax of the regular expressions accepted is the syntax accepted by - RE2 and described at https://github.com/google/re2/wiki/Syntax - exactly_one_of: - - 'branch' - - 'tag' - - name: 'invertRegex' - type: Boolean - description: | - If true, only trigger a build if the revision regex does NOT match the git_ref regex. - - name: 'sourceToBuild' - type: NestedObject - description: | - The repo and ref of the repository from which to build. - This field is used only for those triggers that do not respond to SCM events. - Triggers that respond to such events build source at whatever commit caused the event. - This field is currently only used by Webhook, Pub/Sub, Manual, and Cron triggers. - - One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'uri' - type: String - description: | - The URI of the repo. - - name: 'repository' - type: String - description: | - The qualified resource name of the Repo API repository. - Either uri or repository can be specified and is required. - - name: 'ref' - type: String - description: | - The branch or tag to use. Must start with "refs/" (required). - required: true - - name: 'repoType' - type: Enum - description: | - The type of the repo, since it may not be explicit from the repo field (e.g from a URL). - Values can be UNKNOWN, CLOUD_SOURCE_REPOSITORIES, GITHUB, BITBUCKET_SERVER - required: true - enum_values: - - 'UNKNOWN' - - 'CLOUD_SOURCE_REPOSITORIES' - - 'GITHUB' - - 'BITBUCKET_SERVER' - - name: 'githubEnterpriseConfig' - type: String - description: | - The full resource name of the github enterprise config. - Format: projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}. projects/{project}/githubEnterpriseConfigs/{id}. - - name: 'bitbucketServerConfig' - type: String - description: | - The full resource name of the bitbucket server config. - Format: projects/{project}/locations/{location}/bitbucketServerConfigs/{id}. - - name: 'ignoredFiles' - type: Array - description: | - ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match - extended with support for `**`. - - If ignoredFiles and changed files are both empty, then they are not - used to determine whether or not to trigger a build. - - If ignoredFiles is not empty, then we ignore any files that match any - of the ignored_file globs. If the change has no files that are outside - of the ignoredFiles globs, then we do not trigger a build. - item_type: - type: String - - name: 'includedFiles' - type: Array - description: | - ignoredFiles and includedFiles are file glob matches using https://golang.org/pkg/path/filepath/#Match - extended with support for `**`. - - If any of the files altered in the commit pass the ignoredFiles filter - and includedFiles is empty, then as far as this filter is concerned, we - should trigger the build. - - If any of the files altered in the commit pass the ignoredFiles filter - and includedFiles is not empty, then we make sure that at least one of - those files matches a includedFiles glob. If not, then we do not trigger - a build. - item_type: - type: String - - name: 'triggerTemplate' - type: NestedObject - description: | - Template describing the types of source changes to trigger a build. - - Branch and tag names in trigger templates are interpreted as regular - expressions. Any branch or tag change that matches that regular - expression will trigger a build. - - One of `trigger_template`, `github`, `pubsub_config`, `webhook_config` or `source_to_build` must be provided. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'projectId' - type: String - description: | - ID of the project that owns the Cloud Source Repository. If - omitted, the project ID requesting the build is assumed. - default_from_api: true - - name: 'repoName' - type: String - description: | - Name of the Cloud Source Repository. If omitted, the name "default" is assumed. - default_value: "default" - - name: 'dir' - type: String - description: | - Directory, relative to the source root, in which to run the build. - - This must be a relative path. If a step's dir is specified and - is an absolute path, this value is ignored for that step's - execution. - - - name: 'invertRegex' - type: Boolean - description: | - Only trigger a build if the revision regex does NOT match the revision regex. - - name: 'branchName' - type: String - description: | - Name of the branch to build. Exactly one a of branch name, tag, or commit SHA must be provided. - This field is a regular expression. - exactly_one_of: - - 'trigger_template.0.branch_name' - - 'trigger_template.0.tag_name' - - 'trigger_template.0.commit_sha' - - name: 'tagName' - type: String - description: | - Name of the tag to build. Exactly one of a branch name, tag, or commit SHA must be provided. - This field is a regular expression. - exactly_one_of: - - 'trigger_template.0.branch_name' - - 'trigger_template.0.tag_name' - - 'trigger_template.0.commit_sha' - - name: 'commitSha' - type: String - description: | - Explicit commit SHA to build. Exactly one of a branch name, tag, or commit SHA must be provided. - exactly_one_of: - - 'trigger_template.0.branch_name' - - 'trigger_template.0.tag_name' - - 'trigger_template.0.commit_sha' - - name: 'github' - type: NestedObject - description: | - Describes the configuration of a trigger that creates a build whenever a GitHub event is received. - - One of `trigger_template`, `github`, `pubsub_config` or `webhook_config` must be provided. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'owner' - type: String - description: | - Owner of the repository. For example: The owner for - https://github.com/googlecloudplatform/cloud-builders is "googlecloudplatform". - - name: 'name' - type: String - description: | - Name of the repository. For example: The name for - https://github.com/googlecloudplatform/cloud-builders is "cloud-builders". - - name: 'pullRequest' - type: NestedObject - description: | - filter to match changes in pull requests. Specify only one of `pull_request` or `push`. - exactly_one_of: - - 'github.0.pull_request' - - 'github.0.push' - properties: - - name: 'branch' - type: String - description: | - Regex of branches to match. - required: true - - name: 'commentControl' - type: Enum - description: | - Whether to block builds on a "/gcbrun" comment from a repository owner or collaborator. - enum_values: - - 'COMMENTS_DISABLED' - - 'COMMENTS_ENABLED' - - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' - - name: 'invertRegex' - type: Boolean - description: | - If true, branches that do NOT match the git_ref will trigger a build. - - name: 'push' - type: NestedObject - description: | - filter to match changes in refs, like branches or tags. Specify only one of `pull_request` or `push`. - exactly_one_of: - - 'github.0.pull_request' - - 'github.0.push' - properties: - - name: 'invertRegex' - type: Boolean - description: | - When true, only trigger a build if the revision regex does NOT match the git_ref regex. - - name: 'branch' - type: String - description: | - Regex of branches to match. Specify only one of branch or tag. - exactly_one_of: - - 'github.0.push.0.branch' - - 'github.0.push.0.tag' - - name: 'tag' - type: String - description: | - Regex of tags to match. Specify only one of branch or tag. - exactly_one_of: - - 'github.0.push.0.branch' - - 'github.0.push.0.tag' - - name: 'enterpriseConfigResourceName' - type: String - description: | - The resource name of the github enterprise config that should be applied to this installation. - For example: "projects/{$projectId}/locations/{$locationId}/githubEnterpriseConfigs/{$configId}" - - name: 'bitbucketServerTriggerConfig' - type: NestedObject - description: | - BitbucketServerTriggerConfig describes the configuration of a trigger that creates a build whenever a Bitbucket Server event is received. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'repoSlug' - type: String - description: | - Slug of the repository. A repository slug is a URL-friendly version of a repository name, automatically generated by Bitbucket for use in the URL. - For example, if the repository name is 'test repo', in the URL it would become 'test-repo' as in https://mybitbucket.server/projects/TEST/repos/test-repo. - required: true - - name: 'projectKey' - type: String - description: | - Key of the project that the repo is in. For example: The key for https://mybitbucket.server/projects/TEST/repos/test-repo is "TEST". - required: true - - name: 'bitbucketServerConfigResource' - type: String - description: | - The Bitbucket server config resource that this trigger config maps to. - required: true - - name: 'pullRequest' - type: NestedObject - description: | - Filter to match changes in pull requests. - exactly_one_of: - - 'bitbucket_server_trigger_config.0.pull_request' - - 'bitbucket_server_trigger_config.0.push' - properties: - - name: 'branch' - type: String - description: | - Regex of branches to match. - The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax - required: true - - name: 'commentControl' - type: Enum - description: | - Configure builds to run whether a repository owner or collaborator need to comment /gcbrun. - enum_values: - - 'COMMENTS_DISABLED' - - 'COMMENTS_ENABLED' - - 'COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY' - - name: 'invertRegex' - type: Boolean - description: | - If true, branches that do NOT match the git_ref will trigger a build. - - name: 'push' - type: NestedObject - description: | - Filter to match changes in refs like branches, tags. - exactly_one_of: - - 'bitbucket_server_trigger_config.0.pull_request' - - 'bitbucket_server_trigger_config.0.push' - properties: - - name: 'invertRegex' - type: Boolean - description: | - When true, only trigger a build if the revision regex does NOT match the gitRef regex. - - name: 'branch' - type: String - description: | - Regex of branches to match. Specify only one of branch or tag. - exactly_one_of: - - 'bitbucket_server_trigger_config.0.push.0.branch' - - 'bitbucket_server_trigger_config.0.push.0.tag' - - name: 'tag' - type: String - description: | - Regex of tags to match. Specify only one of branch or tag. - exactly_one_of: - - 'bitbucket_server_trigger_config.0.push.0.branch' - - 'bitbucket_server_trigger_config.0.push.0.tag' - - name: 'pubsubConfig' - type: NestedObject - description: | - PubsubConfig describes the configuration of a trigger that creates - a build whenever a Pub/Sub message is published. - - One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'subscription' - type: String - description: | - Output only. Name of the subscription. - output: true - - name: 'topic' - type: String - description: | - The name of the topic from which this subscription is receiving messages. - required: true - - name: 'service_account_email' - type: String - description: | - Service account that will make the push request. - - name: 'state' - type: String - description: | - Potential issues with the underlying Pub/Sub subscription configuration. - Only populated on get requests. - output: true - - name: 'webhookConfig' - type: NestedObject - description: | - WebhookConfig describes the configuration of a trigger that creates - a build whenever a webhook is sent to a trigger's webhook URL. - - One of `trigger_template`, `github`, `pubsub_config` `webhook_config` or `source_to_build` must be provided. - at_least_one_of: - - 'trigger_template' - - 'github' - - 'bitbucket_server_trigger_config' - - 'pubsub_config' - - 'webhook_config' - - 'source_to_build' - - 'repository_event_config' - properties: - - name: 'secret' - type: String - description: | - Resource name for the secret required as a URL parameter. - required: true - - name: 'state' - type: String - description: | - Potential issues with the underlying Pub/Sub subscription configuration. - Only populated on get requests. - output: true - - name: 'approvalConfig' - type: NestedObject - description: | - Configuration for manual approval to start a build invocation of this BuildTrigger. - Builds created by this trigger will require approval before they execute. - Any user with a Cloud Build Approver role for the project can approve a build. - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/cloudbuild_approval_required.go.tmpl' - properties: - - name: 'approvalRequired' - type: Boolean - description: | - Whether or not approval is needed. If this is set on a build, it will become pending when run, - and will need to be explicitly approved to start. - default_value: false - - name: 'build' - type: NestedObject - description: | - Contents of the build template. Either a filename or build template must be provided. - exactly_one_of: - - 'filename' - - 'build' - - 'git_file_source' - properties: - - name: 'source' - type: NestedObject - description: | - The location of the source files to build. - - One of `storageSource` or `repoSource` must be provided. - properties: - - name: 'storageSource' - type: NestedObject - description: | - Location of the source in an archive file in Google Cloud Storage. - properties: - - name: 'bucket' - type: String - description: | - Google Cloud Storage bucket containing the source. - required: true - - name: 'object' - type: String - description: | - Google Cloud Storage object containing the source. - This object must be a gzipped archive file (.tar.gz) containing source to build. - required: true - - name: 'generation' - type: String - description: | - Google Cloud Storage generation for the object. - If the generation is omitted, the latest generation will be used - - name: 'repoSource' - type: NestedObject - description: | - Location of the source in a Google Cloud Source Repository. - properties: - - name: 'projectId' - type: String - description: | - ID of the project that owns the Cloud Source Repository. - If omitted, the project ID requesting the build is assumed. - - name: 'repoName' - type: String - description: | - Name of the Cloud Source Repository. - required: true - - name: 'dir' - type: String - description: | - Directory, relative to the source root, in which to run the build. - This must be a relative path. If a step's dir is specified and is an absolute path, - this value is ignored for that step's execution. - - name: 'invertRegex' - type: Boolean - description: | - Only trigger a build if the revision regex does NOT match the revision regex. - - name: 'substitutions' - type: KeyValuePairs - description: | - Substitutions to use in a triggered build. Should only be used with triggers.run - - name: 'branchName' - type: String - description: | - Regex matching branches to build. Exactly one a of branch name, tag, or commit SHA must be provided. - The syntax of the regular expressions accepted is the syntax accepted by RE2 and - described at https://github.com/google/re2/wiki/Syntax - exactly_one_of: - - 'build.0.source.0.repo_source.0.branch_name' - - 'build.0.source.0.repo_source.0.commit_sha' - - 'build.0.source.0.repo_source.0.tag_name' - - name: 'tagName' - type: String - description: | - Regex matching tags to build. Exactly one a of branch name, tag, or commit SHA must be provided. - The syntax of the regular expressions accepted is the syntax accepted by RE2 and - described at https://github.com/google/re2/wiki/Syntax - exactly_one_of: - - 'build.0.source.0.repo_source.0.branch_name' - - 'build.0.source.0.repo_source.0.commit_sha' - - 'build.0.source.0.repo_source.0.tag_name' - - name: 'commitSha' - type: String - description: | - Explicit commit SHA to build. Exactly one a of branch name, tag, or commit SHA must be provided. - exactly_one_of: - - 'build.0.source.0.repo_source.0.branch_name' - - 'build.0.source.0.repo_source.0.commit_sha' - - 'build.0.source.0.repo_source.0.tag_name' - - name: 'tags' - type: Array - description: | - Tags for annotation of a Build. These are not docker tags. - item_type: - type: String - - name: 'images' - type: Array - description: | - A list of images to be pushed upon the successful completion of all build steps. - The images are pushed using the builder service account's credentials. - The digests of the pushed images will be stored in the Build resource's results field. - If any of the images fail to be pushed, the build status is marked FAILURE. - item_type: - type: String - - name: 'substitutions' - type: KeyValuePairs - description: | - Substitutions data for Build resource. - - name: 'queueTtl' - type: String - description: | - TTL in queue for this build. If provided and the build is enqueued longer than this value, - the build will expire and the build status will be EXPIRED. - The TTL starts ticking from createTime. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". - - name: 'logsBucket' - type: String - description: | - Google Cloud Storage bucket where logs should be written. - Logs file names will be of the format ${logsBucket}/log-${build_id}.txt. - - name: 'timeout' - type: String - description: | - Amount of time that this build should be allowed to run, to second granularity. - If this amount of time elapses, work on the build will cease and the build status will be TIMEOUT. - This timeout must be equal to or greater than the sum of the timeouts for build steps within the build. - The expected format is the number of seconds followed by s. - Default time is ten minutes (600s). - default_value: "600s" - - name: 'secret' - type: Array - description: | - Secrets to decrypt using Cloud Key Management Service. - api_name: secrets - item_type: - type: NestedObject - properties: - - name: 'kmsKeyName' - type: String - description: | - Cloud KMS key name to use to decrypt these envs. - required: true - - name: 'secretEnv' - type: KeyValuePairs - description: | - Map of environment variable name to its encrypted value. - Secret environment variables must be unique across all of a build's secrets, - and must be used by at least one build step. Values can be at most 64 KB in size. - There can be at most 100 secret values across all of a build's secrets. - - name: 'availableSecrets' - type: NestedObject - description: | - Secrets and secret environment variables. - properties: - - name: 'secretManager' - type: Array - description: | - Pairs a secret environment variable with a SecretVersion in Secret Manager. - required: true - item_type: - type: NestedObject - properties: - - name: 'versionName' - type: String - description: | - Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/* - required: true - - name: 'env' - type: String - description: | - Environment variable name to associate with the secret. Secret environment - variables must be unique across all of a build's secrets, and must be used - by at least one build step. - required: true - - name: 'step' - type: Array - description: | - The operations to be performed on the workspace. - api_name: steps - required: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name of the container image that will run this particular build step. - - If the image is available in the host's Docker daemon's cache, it will be - run directly. If not, the host will attempt to pull the image first, using - the builder service account's credentials if necessary. - - The Docker daemon's cache will already have the latest versions of all of - the officially supported build steps (see https://github.com/GoogleCloudPlatform/cloud-builders - for images and examples). - The Docker daemon will also have cached many of the layers for some popular - images, like "ubuntu", "debian", but they will be refreshed at the time - you attempt to use them. - - If you built an image in a previous build step, it will be stored in the - host's Docker daemon's cache and is available to use as the name for a - later build step. - required: true - - name: 'args' - type: Array - description: | - A list of arguments that will be presented to the step when it is started. - - If the image used to run the step's container has an entrypoint, the args - are used as arguments to that entrypoint. If the image does not define an - entrypoint, the first element in args is used as the entrypoint, and the - remainder will be used as arguments. - item_type: - type: String - - name: 'env' - type: Array - description: | - A list of environment variable definitions to be used when - running a step. - - The elements are of the form "KEY=VALUE" for the environment variable - "KEY" being given the value "VALUE". - item_type: - type: String - - name: 'id' - type: String - description: | - Unique identifier for this build step, used in `wait_for` to - reference this build step as a dependency. - - name: 'entrypoint' - type: String - description: | - Entrypoint to be used instead of the build step image's - default entrypoint. - If unset, the image's default entrypoint is used - - name: 'dir' - type: String - description: | - Working directory to use when running this step's container. - - If this value is a relative path, it is relative to the build's working - directory. If this value is absolute, it may be outside the build's working - directory, in which case the contents of the path may not be persisted - across build step executions, unless a `volume` for that path is specified. - - If the build specifies a `RepoSource` with `dir` and a step with a - `dir`, - which specifies an absolute path, the `RepoSource` `dir` is ignored - for the step's execution. - - name: 'secretEnv' - type: Array - description: | - A list of environment variables which are encrypted using - a Cloud Key - Management Service crypto key. These values must be specified in - the build's `Secret`. - item_type: - type: String - - name: 'timeout' - type: String - description: | - Time limit for executing this build step. If not defined, - the step has no - time limit and will be allowed to continue to run until either it - completes or the build itself times out. - - name: 'timing' - type: String - description: | - Output only. Stores timing information for executing this - build step. - immutable: false - - name: 'volumes' - type: Array - description: | - List of volumes to mount into the build step. - - Each volume is created as an empty volume prior to execution of the - build step. Upon completion of the build, volumes and their contents - are discarded. - - Using a named volume in only one step is not valid as it is - indicative of a build request with an incorrect configuration. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the volume to mount. - - Volume names must be unique per build step and must be valid names for - Docker volumes. Each named volume must be used by at least two build steps. - required: true - - name: 'path' - type: String - description: | - Path at which to mount the volume. - - Paths must be absolute and cannot conflict with other volume paths on - the same build step or with certain reserved volume paths. - required: true - - name: 'waitFor' - type: Array - description: | - The ID(s) of the step(s) that this build step depends on. - - This build step will not start until all the build steps in `wait_for` - have completed successfully. If `wait_for` is empty, this build step - will start when all previous build steps in the `Build.Steps` list - have completed successfully. - item_type: - type: String - - name: 'script' - type: String - description: | - A shell script to be executed in the step. - When script is provided, the user cannot specify the entrypoint or args. - - name: 'allowFailure' - type: Boolean - description: | - Allow this build step to fail without failing the entire build. - If false, the entire build will fail if this step fails. Otherwise, the - build will succeed, but this step will still have a failure status. - Error information will be reported in the `failureDetail` field. - - `allowExitCodes` takes precedence over this field. - - name: 'allowExitCodes' - type: Array - description: | - Allow this build step to fail without failing the entire build if and - only if the exit code is one of the specified codes. - - If `allowFailure` is also specified, this field will take precedence. - item_type: - type: Integer - - name: 'artifacts' - type: NestedObject - description: | - Artifacts produced by the build that should be uploaded upon successful completion of all build steps. - properties: - - name: 'images' - type: Array - description: | - A list of images to be pushed upon the successful completion of all build steps. - - The images will be pushed using the builder service account's credentials. - - The digests of the pushed images will be stored in the Build resource's results field. - - If any of the images fail to be pushed, the build is marked FAILURE. - item_type: - type: String - - name: 'objects' - type: NestedObject - description: | - A list of objects to be uploaded to Cloud Storage upon successful completion of all build steps. - - Files in the workspace matching specified paths globs will be uploaded to the - Cloud Storage location using the builder service account's credentials. - - The location and generation of the uploaded objects will be stored in the Build resource's results field. - - If any objects fail to be pushed, the build is marked FAILURE. - properties: - - name: 'location' - type: String - description: | - Cloud Storage bucket and optional object path, in the form "gs://bucket/path/to/somewhere/". - - Files in the workspace matching any path pattern will be uploaded to Cloud Storage with - this location as a prefix. - - name: 'paths' - type: Array - description: | - Path globs used to match files in the build's workspace. - item_type: - type: String - - name: 'timing' - type: NestedObject - description: | - Output only. Stores timing information for pushing all artifact objects. - output: true - properties: - - name: 'startTime' - type: String - description: | - Start of time span. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to - nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - name: 'endTime' - type: String - description: | - End of time span. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to - nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - name: 'mavenArtifacts' - type: Array - description: | - A Maven artifact to upload to Artifact Registry upon successful completion of all build steps. - - The location and generation of the uploaded objects will be stored in the Build resource's results field. - - If any objects fail to be pushed, the build is marked FAILURE. - item_type: - type: NestedObject - properties: - - name: 'repository' - type: String - description: | - Artifact Registry repository, in the form "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" - - Artifact in the workspace specified by path will be uploaded to Artifact Registry with this location as a prefix. - - name: 'path' - type: String - description: | - Path to an artifact in the build's workspace to be uploaded to Artifact Registry. This can be either an absolute path, e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. - - name: 'artifactId' - type: String - description: | - Maven artifactId value used when uploading the artifact to Artifact Registry. - - name: 'groupId' - type: String - description: | - Maven groupId value used when uploading the artifact to Artifact Registry. - - name: 'version' - type: String - description: | - Maven version value used when uploading the artifact to Artifact Registry. - - name: 'pythonPackages' - type: Array - description: | - Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository. - - The location and generation of the uploaded objects will be stored in the Build resource's results field. - - If any objects fail to be pushed, the build is marked FAILURE. - item_type: - type: NestedObject - properties: - - name: 'repository' - type: String - description: | - Artifact Registry repository, in the form "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" - - Files in the workspace matching any path pattern will be uploaded to Artifact Registry with this location as a prefix. - - name: 'paths' - type: Array - description: | - Path globs used to match files in the build's workspace. For Python/ Twine, this is usually dist/*, and sometimes additionally an .asc file. - item_type: - type: String - - name: 'npmPackages' - type: Array - description: | - Npm package to upload to Artifact Registry upon successful completion of all build steps. - - The location and generation of the uploaded objects will be stored in the Build resource's results field. - - If any objects fail to be pushed, the build is marked FAILURE. - item_type: - type: NestedObject - properties: - - name: 'repository' - type: String - description: | - Artifact Registry repository, in the form "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" - - Npm package in the workspace specified by path will be zipped and uploaded to Artifact Registry with this location as a prefix. - - name: 'packagePath' - type: String - description: | - Path to the package.json. e.g. workspace/path/to/package - - name: 'options' - type: NestedObject - description: | - Special options for this build. - properties: - - name: 'sourceProvenanceHash' - type: Array - description: | - Requested hash for SourceProvenance. - item_type: - type: Enum - description: | - Specifies the hash algorithm, if any. - enum_values: - - 'NONE' - - 'SHA256' - - 'MD5' - - name: 'requestedVerifyOption' - type: Enum - description: | - Requested verifiability options. - enum_values: - - 'NOT_VERIFIED' - - 'VERIFIED' - - name: 'machineType' - type: String - description: | - Compute Engine machine type on which to run the build. - - name: 'diskSizeGb' - type: Integer - description: | - Requested disk size for the VM that runs the build. Note that this is NOT "disk free"; - some of the space will be used by the operating system and build utilities. - Also note that this is the minimum disk size that will be allocated for the build -- - the build may run with a larger disk than requested. At present, the maximum disk size - is 1000GB; builds that request more than the maximum are rejected with an error. - - name: 'substitutionOption' - type: Enum - description: | - Option to specify behavior when there is an error in the substitution checks. - - NOTE this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden - in the build configuration file. - enum_values: - - 'MUST_MATCH' - - 'ALLOW_LOOSE' - - name: 'dynamicSubstitutions' - type: Boolean - description: | - Option to specify whether or not to apply bash style string operations to the substitutions. - - NOTE this is always enabled for triggered builds and cannot be overridden in the build configuration file. - send_empty_value: true - - name: 'logStreamingOption' - type: Enum - description: | - Option to define build log streaming behavior to Google Cloud Storage. - enum_values: - - 'STREAM_DEFAULT' - - 'STREAM_ON' - - 'STREAM_OFF' - - name: 'workerPool' - type: String - description: | - Option to specify a WorkerPool for the build. Format projects/{project}/workerPools/{workerPool} - - This field is experimental. - - name: 'logging' - type: Enum - description: | - Option to specify the logging mode, which determines if and where build logs are stored. - enum_values: - - 'LOGGING_UNSPECIFIED' - - 'LEGACY' - - 'GCS_ONLY' - - 'STACKDRIVER_ONLY' - - 'CLOUD_LOGGING_ONLY' - - 'NONE' - - name: 'env' - type: Array - description: | - A list of global environment variable definitions that will exist for all build steps - in this build. If a variable is defined in both globally and in a build step, - the variable will use the build step value. - - The elements are of the form "KEY=VALUE" for the environment variable "KEY" being given the value "VALUE". - item_type: - type: String - - name: 'secretEnv' - type: Array - description: | - A list of global environment variables, which are encrypted using a Cloud Key Management - Service crypto key. These values must be specified in the build's Secret. These variables - will be available to all build steps in this build. - item_type: - type: String - - name: 'volumes' - type: Array - description: | - Global list of volumes to mount for ALL build steps - - Each volume is created as an empty volume prior to starting the build process. - Upon completion of the build, volumes and their contents are discarded. Global - volume names and paths cannot conflict with the volumes defined a build step. - - Using a global volume in a build with only one step is not valid as it is indicative - of a build request with an incorrect configuration. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the volume to mount. - - Volume names must be unique per build step and must be valid names for Docker volumes. - Each named volume must be used by at least two build steps. - - name: 'path' - type: String - description: | - Path at which to mount the volume. - - Paths must be absolute and cannot conflict with other volume paths on the same - build step or with certain reserved volume paths. diff --git a/mmv1/products/cloudbuild/go_product.yaml b/mmv1/products/cloudbuild/go_product.yaml deleted file mode 100644 index 0f2aa50748c9..000000000000 --- a/mmv1/products/cloudbuild/go_product.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudBuild' -legacy_name: 'cloudbuild' -display_name: 'Cloud Build' -versions: - - name: 'ga' - base_url: 'https://cloudbuild.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudbuild/product.yaml b/mmv1/products/cloudbuild/product.yaml index fb8740f5d960..e7f79963047c 100644 --- a/mmv1/products/cloudbuild/product.yaml +++ b/mmv1/products/cloudbuild/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,12 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudBuild -display_name: Cloud Build +--- +name: 'CloudBuild' legacy_name: 'cloudbuild' +display_name: 'Cloud Build' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudbuild.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://cloudbuild.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudbuildv2/Connection.yaml b/mmv1/products/cloudbuildv2/Connection.yaml index d4098206e000..205195397bcf 100644 --- a/mmv1/products/cloudbuildv2/Connection.yaml +++ b/mmv1/products/cloudbuildv2/Connection.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,345 +11,349 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Connection' -base_url: projects/{{project}}/locations/{{location}}/connections -create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{name}} -self_link: projects/{{project}}/locations/{{location}}/connections/{{name}} -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data Center/Cloud or GitLab. +references: guides: 'Official Documentation': 'https://cloud.google.com/build/docs' api: 'https://cloud.google.com/build/docs/api/reference/rest' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/connections/{{name}}' + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' -update_verb: :PATCH -description: | - A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data Center/Cloud or GitLab. -exclude_tgc: true -legacy_long_form_project: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true + result: + resource_inside_response: false +iam_policy: + exclude_import_test: true method_name_separator: ':' - fetch_iam_policy_verb: :GET allowed_iam_role: 'roles/cloudbuild.connectionViewer' parent_resource_attribute: 'name' -id_format: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' -import_format: - [ - 'projects/{{project}}/locations/{{location}}/connections/{{name}}', - '{{name}}', - ] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: +exclude_tgc: true +legacy_long_form_project: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_connection' + - name: 'cloudbuildv2_connection' primary_resource_id: 'my-connection' - primary_resource_name: "fmt.Sprintf(\"tf-test-connection%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' vars: connection_name: 'tf-test-connection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_connection_ghe' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_connection_github' - skip_test: true + - name: 'cloudbuildv2_connection_ghe' + exclude_test: true + - name: 'cloudbuildv2_connection_github' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: Immutable. The resource name of the connection. url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: The location for the resource url_param_only: true required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: createTime + - name: 'createTime' + type: String description: Output only. Server assigned timestamp for when the connection was created. output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: Output only. Server assigned timestamp for when the connection was updated. output: true - - !ruby/object:Api::Type::NestedObject - name: githubConfig + - name: 'githubConfig' + type: NestedObject description: Configuration for connections to github.com. conflicts: - - 'github_enterprise_config' - - 'gitlab_config' - - 'bitbucket_cloud_config' - - 'bitbucket_data_center_config' + - github_enterprise_config + - gitlab_config + - bitbucket_cloud_config + - bitbucket_data_center_config properties: - - !ruby/object:Api::Type::NestedObject - name: authorizerCredential + - name: 'authorizerCredential' + type: NestedObject description: OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App. properties: - - !ruby/object:Api::Type::String - name: oauthTokenSecretVersion + - name: 'oauthTokenSecretVersion' + type: String description: 'A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::Integer - name: appInstallationId + - name: 'appInstallationId' + type: Integer description: GitHub App installation id. - - !ruby/object:Api::Type::NestedObject - name: githubEnterpriseConfig - conflicts: - - 'github_config' - - 'gitlab_config' - - 'bitbucket_cloud_config' - - 'bitbucket_data_center_config' + - name: 'githubEnterpriseConfig' + type: NestedObject description: Configuration for connections to an instance of GitHub Enterprise. + conflicts: + - github_config + - gitlab_config + - bitbucket_cloud_config + - bitbucket_data_center_config properties: - - !ruby/object:Api::Type::String - name: hostUri + - name: 'hostUri' + type: String description: Required. The URI of the GitHub Enterprise host this connection is for. required: true - - !ruby/object:Api::Type::Integer - name: appId + - name: 'appId' + type: Integer description: Id of the GitHub App created from the manifest. - - !ruby/object:Api::Type::String - name: appSlug + - name: 'appSlug' + type: String description: The URL-friendly name of the GitHub App. - - !ruby/object:Api::Type::String - name: privateKeySecretVersion + - name: 'privateKeySecretVersion' + type: String description: SecretManager resource containing the private key of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: webhookSecretSecretVersion + - name: 'webhookSecretSecretVersion' + type: String description: SecretManager resource containing the webhook secret of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::Integer - name: appInstallationId + - name: 'appInstallationId' + type: Integer description: ID of the installation of the GitHub App. - - !ruby/object:Api::Type::NestedObject - name: serviceDirectoryConfig + - name: 'serviceDirectoryConfig' + type: NestedObject description: Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet. properties: - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: sslCa + - name: 'sslCa' + type: String description: SSL certificate to use for requests to GitHub Enterprise. - - !ruby/object:Api::Type::NestedObject - name: gitlabConfig - conflicts: - - 'github_config' - - 'github_enterprise_config' - - 'bitbucket_cloud_config' - - 'bitbucket_data_center_config' + - name: 'gitlabConfig' + type: NestedObject description: Configuration for connections to gitlab.com or an instance of GitLab Enterprise. + conflicts: + - github_config + - github_enterprise_config + - bitbucket_cloud_config + - bitbucket_data_center_config properties: - - !ruby/object:Api::Type::String - name: hostUri + - name: 'hostUri' + type: String description: The URI of the GitLab Enterprise host this connection is for. If not specified, the default value is https://gitlab.com. default_from_api: true - - !ruby/object:Api::Type::String - name: webhookSecretSecretVersion + - name: 'webhookSecretSecretVersion' + type: String description: Required. Immutable. SecretManager resource containing the webhook secret of a GitLab Enterprise project, formatted as `projects/*/secrets/*/versions/*`. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::NestedObject - name: readAuthorizerCredential + - name: 'readAuthorizerCredential' + type: NestedObject description: Required. A GitLab personal access token with the minimum `read_api` scope access. required: true properties: - - !ruby/object:Api::Type::String - name: userTokenSecretVersion + - name: 'userTokenSecretVersion' + type: String description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::NestedObject - name: authorizerCredential + - name: 'authorizerCredential' + type: NestedObject description: Required. A GitLab personal access token with the `api` scope access. required: true properties: - - !ruby/object:Api::Type::String - name: userTokenSecretVersion + - name: 'userTokenSecretVersion' + type: String description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::NestedObject - name: serviceDirectoryConfig + - name: 'serviceDirectoryConfig' + type: NestedObject description: Configuration for using Service Directory to privately connect to a GitLab Enterprise server. This should only be set if the GitLab Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitLab Enterprise server will be made over the public internet. properties: - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: sslCa + - name: 'sslCa' + type: String description: SSL certificate to use for requests to GitLab Enterprise. - - !ruby/object:Api::Type::String - name: serverVersion + - name: 'serverVersion' + type: String description: Output only. Version of the GitLab Enterprise server running on the `host_uri`. output: true - - !ruby/object:Api::Type::NestedObject - name: bitbucketDataCenterConfig - conflicts: - - 'github_config' - - 'github_enterprise_config' - - 'bitbucket_cloud_config' - - 'gitlab_config' + - name: 'bitbucketDataCenterConfig' + type: NestedObject description: Configuration for connections to Bitbucket Data Center. + conflicts: + - github_config + - github_enterprise_config + - bitbucket_cloud_config + - gitlab_config properties: - - !ruby/object:Api::Type::String - name: hostUri + - name: 'hostUri' + type: String description: The URI of the Bitbucket Data Center host this connection is for. required: true - - !ruby/object:Api::Type::String - name: webhookSecretSecretVersion + - name: 'webhookSecretSecretVersion' + type: String description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::NestedObject - name: readAuthorizerCredential + - name: 'readAuthorizerCredential' + type: NestedObject description: Required. A http access token with the `REPO_READ` access. required: true properties: - - !ruby/object:Api::Type::String - name: userTokenSecretVersion + - name: 'userTokenSecretVersion' + type: String description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::NestedObject - name: authorizerCredential + - name: 'authorizerCredential' + type: NestedObject description: Required. A http access token with the `REPO_ADMIN` scope access. required: true properties: - - !ruby/object:Api::Type::String - name: userTokenSecretVersion + - name: 'userTokenSecretVersion' + type: String description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::NestedObject - name: serviceDirectoryConfig + - name: 'serviceDirectoryConfig' + type: NestedObject description: Configuration for using Service Directory to privately connect to a Bitbucket Data Center. This should only be set if the Bitbucket Data Center is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the Bitbucket Data Center will be made over the public internet. properties: - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: sslCa + - name: 'sslCa' + type: String description: SSL certificate to use for requests to the Bitbucket Data Center. - - !ruby/object:Api::Type::String - name: serverVersion + - name: 'serverVersion' + type: String description: Output only. Version of the Bitbucket Data Center running on the `host_uri`. output: true - - !ruby/object:Api::Type::NestedObject - name: bitbucketCloudConfig - conflicts: - - 'github_config' - - 'github_enterprise_config' - - 'gitlab_config' - - 'bitbucket_data_center_config' + - name: 'bitbucketCloudConfig' + type: NestedObject description: Configuration for connections to Bitbucket Cloud. + conflicts: + - github_config + - github_enterprise_config + - gitlab_config + - bitbucket_data_center_config properties: - - !ruby/object:Api::Type::String - name: workspace + - name: 'workspace' + type: String description: The Bitbucket Cloud Workspace ID to be connected to Google Cloud Platform. required: true - - !ruby/object:Api::Type::String - name: webhookSecretSecretVersion + - name: 'webhookSecretSecretVersion' + type: String description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::NestedObject - name: readAuthorizerCredential + - name: 'readAuthorizerCredential' + type: NestedObject description: Required. An access token with the `repository` access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate the credentials. required: true properties: - - !ruby/object:Api::Type::String - name: userTokenSecretVersion + - name: 'userTokenSecretVersion' + type: String description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::NestedObject - name: authorizerCredential + - name: 'authorizerCredential' + type: NestedObject description: Required. An access token with the `webhook`, `repository`, `repository:admin` and `pullrequest` scope access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate these credentials. required: true properties: - - !ruby/object:Api::Type::String - name: userTokenSecretVersion + - name: 'userTokenSecretVersion' + type: String description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: username + - name: 'username' + type: String description: Output only. The username associated to this token. output: true - - !ruby/object:Api::Type::NestedObject - name: installationState + - name: 'installationState' + type: NestedObject description: Output only. Installation state of the Connection. output: true properties: - - !ruby/object:Api::Type::Enum - name: stage + - name: 'stage' + type: Enum description: Output only. Current step of the installation process. output: true - values: - - :STAGE_UNSPECIFIED - - :PENDING_CREATE_APP - - :PENDING_USER_OAUTH - - :PENDING_INSTALL_APP - - :COMPLETE - - !ruby/object:Api::Type::String - name: message + enum_values: + - 'STAGE_UNSPECIFIED' + - 'PENDING_CREATE_APP' + - 'PENDING_USER_OAUTH' + - 'PENDING_INSTALL_APP' + - 'COMPLETE' + - name: 'message' + type: String description: Output only. Message of what the user should do next to continue the installation. Empty string if the installation is already complete. output: true - - !ruby/object:Api::Type::String - name: actionUri + - name: 'actionUri' + type: String description: Output only. Link to follow for next action. Empty string if the installation is already complete. output: true - - !ruby/object:Api::Type::Boolean - name: disabled + - name: 'disabled' + type: Boolean description: If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled. - - !ruby/object:Api::Type::Boolean - name: reconciling + - name: 'reconciling' + type: Boolean description: Output only. Set to true when the connection is being set up or updated in the background. output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: annotations + - name: 'annotations' + type: KeyValueAnnotations description: Allows clients to store small amounts of arbitrary data. - - !ruby/object:Api::Type::Fingerprint - name: etag + - name: 'etag' + type: Fingerprint description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. + output: true diff --git a/mmv1/products/cloudbuildv2/Repository.yaml b/mmv1/products/cloudbuildv2/Repository.yaml index 25fa4e5fd548..31e65c9c70bd 100644 --- a/mmv1/products/cloudbuildv2/Repository.yaml +++ b/mmv1/products/cloudbuildv2/Repository.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,96 +11,101 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Repository -base_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories -create_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories?repositoryId={{name}} -self_link: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories/{{name}} -immutable: true -references: !ruby/object:Api::Resource::ReferenceLinks +--- +name: 'Repository' +description: "A repository associated to a parent connection." +references: guides: 'Official Documentation': 'https://cloud.google.com/build/docs' api: 'https://cloud.google.com/build/docs/api/reference/rest' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories?repositoryId={{name}}' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' -description: "A repository associated to a parent connection." + result: + resource_inside_response: false +custom_code: + encoder: 'templates/terraform/encoders/cloudbuildv2_repository.go.tmpl' exclude_tgc: true legacy_long_form_project: true examples: # These tests depend on secrets stored in a separate project, so we prefer not # to show them in the docs. - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_repository_ghe' + - name: 'cloudbuildv2_repository_ghe' primary_resource_id: 'primary' - skip_docs: true vars: connection_name: 'connection' repository_name: 'repository' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_repository_github' + exclude_docs: true + - name: 'cloudbuildv2_repository_github' primary_resource_id: 'primary' - skip_docs: true vars: connection_name: 'connection' repository_name: 'repository' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_repository_gle' + exclude_docs: true + - name: 'cloudbuildv2_repository_gle' primary_resource_id: 'primary' - skip_docs: true vars: connection_name: 'connection' repository_name: 'repository' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_repository_ghe_doc' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudbuildv2_repository_github_doc' - skip_test: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/cloudbuildv2_repository.go.erb + exclude_docs: true + - name: 'cloudbuildv2_repository_ghe_doc' + exclude_test: true + - name: 'cloudbuildv2_repository_github_doc' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: The location for the resource url_param_only: true immutable: true - default_from_api: true # EXTRACT_FROM_FIELD_IF_EMPTY - - !ruby/object:Api::Type::ResourceRef - name: parent_connection - resource: connection - imports: name + # EXTRACT_FROM_FIELD_IF_EMPTY + default_from_api: true + - name: 'parent_connection' + type: ResourceRef description: The connection for the resource url_param_only: true required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + resource: 'connection' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: Name of the repository. required: true immutable: true ignore_read: true - - !ruby/object:Api::Type::String - name: remoteUri + - name: 'remoteUri' + type: String description: Required. Git Clone HTTPS URI. required: true immutable: true - - !ruby/object:Api::Type::String - name: createTime + - name: 'createTime' + type: String description: Output only. Server assigned timestamp for when the connection was created. output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: Output only. Server assigned timestamp for when the connection was updated. output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: annotations + - name: 'annotations' + type: KeyValueAnnotations description: Allows clients to store small amounts of arbitrary data. immutable: true - - !ruby/object:Api::Type::String - name: etag + - name: 'etag' + type: String description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. output: true diff --git a/mmv1/products/cloudbuildv2/go_Connection.yaml b/mmv1/products/cloudbuildv2/go_Connection.yaml deleted file mode 100644 index 027d933d153a..000000000000 --- a/mmv1/products/cloudbuildv2/go_Connection.yaml +++ /dev/null @@ -1,360 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Connection' -description: | - A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data Center/Cloud or GitLab. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/build/docs' - api: 'https://cloud.google.com/build/docs/api/reference/rest' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/connections' -self_link: 'projects/{{project}}/locations/{{location}}/connections/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{location}}/connections/{{name}}' - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - result: - resource_inside_response: false -iam_policy: - skip_import_test: true - method_name_separator: ':' - allowed_iam_role: 'roles/cloudbuild.connectionViewer' - parent_resource_attribute: 'name' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: -exclude_tgc: true -legacy_long_form_project: true -examples: - - name: 'cloudbuildv2_connection' - primary_resource_id: 'my-connection' - primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' - vars: - connection_name: 'tf-test-connection' - - name: 'cloudbuildv2_connection_ghe' - skip_test: true - - name: 'cloudbuildv2_connection_github' - skip_test: true -parameters: - - name: 'name' - type: String - description: Immutable. The resource name of the connection. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: The location for the resource - url_param_only: true - required: true - immutable: true -properties: - - name: 'createTime' - type: String - description: Output only. Server assigned timestamp for when the connection was created. - output: true - - name: 'updateTime' - type: String - description: Output only. Server assigned timestamp for when the connection was updated. - output: true - - name: 'githubConfig' - type: NestedObject - description: Configuration for connections to github.com. - conflicts: - - github_enterprise_config - - gitlab_config - - bitbucket_cloud_config - - bitbucket_data_center_config - properties: - - name: 'authorizerCredential' - type: NestedObject - description: OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App. - properties: - - name: 'oauthTokenSecretVersion' - type: String - description: 'A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'appInstallationId' - type: Integer - description: GitHub App installation id. - - name: 'githubEnterpriseConfig' - type: NestedObject - description: Configuration for connections to an instance of GitHub Enterprise. - conflicts: - - github_config - - gitlab_config - - bitbucket_cloud_config - - bitbucket_data_center_config - properties: - - name: 'hostUri' - type: String - description: Required. The URI of the GitHub Enterprise host this connection is for. - required: true - - name: 'appId' - type: Integer - description: Id of the GitHub App created from the manifest. - - name: 'appSlug' - type: String - description: The URL-friendly name of the GitHub App. - - name: 'privateKeySecretVersion' - type: String - description: SecretManager resource containing the private key of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'webhookSecretSecretVersion' - type: String - description: SecretManager resource containing the webhook secret of the GitHub App, formatted as `projects/*/secrets/*/versions/*`. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'appInstallationId' - type: Integer - description: ID of the installation of the GitHub App. - - name: 'serviceDirectoryConfig' - type: NestedObject - description: Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet. - properties: - - name: 'service' - type: String - description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'sslCa' - type: String - description: SSL certificate to use for requests to GitHub Enterprise. - - name: 'gitlabConfig' - type: NestedObject - description: Configuration for connections to gitlab.com or an instance of GitLab Enterprise. - conflicts: - - github_config - - github_enterprise_config - - bitbucket_cloud_config - - bitbucket_data_center_config - properties: - - name: 'hostUri' - type: String - description: The URI of the GitLab Enterprise host this connection is for. If not specified, the default value is https://gitlab.com. - default_from_api: true - - name: 'webhookSecretSecretVersion' - type: String - description: Required. Immutable. SecretManager resource containing the webhook secret of a GitLab Enterprise project, formatted as `projects/*/secrets/*/versions/*`. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'readAuthorizerCredential' - type: NestedObject - description: Required. A GitLab personal access token with the minimum `read_api` scope access. - required: true - properties: - - name: 'userTokenSecretVersion' - type: String - description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'authorizerCredential' - type: NestedObject - description: Required. A GitLab personal access token with the `api` scope access. - required: true - properties: - - name: 'userTokenSecretVersion' - type: String - description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'serviceDirectoryConfig' - type: NestedObject - description: Configuration for using Service Directory to privately connect to a GitLab Enterprise server. This should only be set if the GitLab Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitLab Enterprise server will be made over the public internet. - properties: - - name: 'service' - type: String - description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'sslCa' - type: String - description: SSL certificate to use for requests to GitLab Enterprise. - - name: 'serverVersion' - type: String - description: Output only. Version of the GitLab Enterprise server running on the `host_uri`. - output: true - - name: 'bitbucketDataCenterConfig' - type: NestedObject - description: Configuration for connections to Bitbucket Data Center. - conflicts: - - github_config - - github_enterprise_config - - bitbucket_cloud_config - - gitlab_config - properties: - - name: 'hostUri' - type: String - description: The URI of the Bitbucket Data Center host this connection is for. - required: true - - name: 'webhookSecretSecretVersion' - type: String - description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'readAuthorizerCredential' - type: NestedObject - description: Required. A http access token with the `REPO_READ` access. - required: true - properties: - - name: 'userTokenSecretVersion' - type: String - description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'authorizerCredential' - type: NestedObject - description: Required. A http access token with the `REPO_ADMIN` scope access. - required: true - properties: - - name: 'userTokenSecretVersion' - type: String - description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'serviceDirectoryConfig' - type: NestedObject - description: Configuration for using Service Directory to privately connect to a Bitbucket Data Center. This should only be set if the Bitbucket Data Center is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the Bitbucket Data Center will be made over the public internet. - properties: - - name: 'service' - type: String - description: 'Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'sslCa' - type: String - description: SSL certificate to use for requests to the Bitbucket Data Center. - - name: 'serverVersion' - type: String - description: Output only. Version of the Bitbucket Data Center running on the `host_uri`. - output: true - - name: 'bitbucketCloudConfig' - type: NestedObject - description: Configuration for connections to Bitbucket Cloud. - conflicts: - - github_config - - github_enterprise_config - - gitlab_config - - bitbucket_data_center_config - properties: - - name: 'workspace' - type: String - description: The Bitbucket Cloud Workspace ID to be connected to Google Cloud Platform. - required: true - - name: 'webhookSecretSecretVersion' - type: String - description: Required. Immutable. SecretManager resource containing the webhook secret used to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'readAuthorizerCredential' - type: NestedObject - description: Required. An access token with the `repository` access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate the credentials. - required: true - properties: - - name: 'userTokenSecretVersion' - type: String - description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'authorizerCredential' - type: NestedObject - description: Required. An access token with the `webhook`, `repository`, `repository:admin` and `pullrequest` scope access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate these credentials. - required: true - properties: - - name: 'userTokenSecretVersion' - type: String - description: 'Required. A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`.' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'username' - type: String - description: Output only. The username associated to this token. - output: true - - name: 'installationState' - type: NestedObject - description: Output only. Installation state of the Connection. - output: true - properties: - - name: 'stage' - type: Enum - description: Output only. Current step of the installation process. - output: true - enum_values: - - 'STAGE_UNSPECIFIED' - - 'PENDING_CREATE_APP' - - 'PENDING_USER_OAUTH' - - 'PENDING_INSTALL_APP' - - 'COMPLETE' - - name: 'message' - type: String - description: Output only. Message of what the user should do next to continue the installation. Empty string if the installation is already complete. - output: true - - name: 'actionUri' - type: String - description: Output only. Link to follow for next action. Empty string if the installation is already complete. - output: true - - name: 'disabled' - type: Boolean - description: If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled. - - name: 'reconciling' - type: Boolean - description: Output only. Set to true when the connection is being set up or updated in the background. - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: Allows clients to store small amounts of arbitrary data. - - name: 'etag' - type: Fingerprint - description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. - output: true diff --git a/mmv1/products/cloudbuildv2/go_Repository.yaml b/mmv1/products/cloudbuildv2/go_Repository.yaml deleted file mode 100644 index 167d611f8544..000000000000 --- a/mmv1/products/cloudbuildv2/go_Repository.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Repository' -description: "A repository associated to a parent connection." -references: - guides: - 'Official Documentation': 'https://cloud.google.com/build/docs' - api: 'https://cloud.google.com/build/docs/api/reference/rest' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories' -self_link: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories?repositoryId={{name}}' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - result: - resource_inside_response: false -custom_code: - encoder: 'templates/terraform/encoders/go/cloudbuildv2_repository.go.tmpl' -exclude_tgc: true -legacy_long_form_project: true -examples: - - name: 'cloudbuildv2_repository_ghe' - primary_resource_id: 'primary' - vars: - connection_name: 'connection' - repository_name: 'repository' - skip_docs: true - - name: 'cloudbuildv2_repository_github' - primary_resource_id: 'primary' - vars: - connection_name: 'connection' - repository_name: 'repository' - skip_docs: true - - name: 'cloudbuildv2_repository_gle' - primary_resource_id: 'primary' - vars: - connection_name: 'connection' - repository_name: 'repository' - skip_docs: true - - name: 'cloudbuildv2_repository_ghe_doc' - skip_test: true - - name: 'cloudbuildv2_repository_github_doc' - skip_test: true -parameters: - - name: 'location' - type: String - description: The location for the resource - url_param_only: true - immutable: true - default_from_api: true - - name: 'parent_connection' - type: ResourceRef - description: The connection for the resource - url_param_only: true - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - resource: 'connection' - imports: 'name' -properties: - - name: 'name' - type: String - description: Name of the repository. - required: true - immutable: true - ignore_read: true - - name: 'remoteUri' - type: String - description: Required. Git Clone HTTPS URI. - required: true - immutable: true - - name: 'createTime' - type: String - description: Output only. Server assigned timestamp for when the connection was created. - output: true - - name: 'updateTime' - type: String - description: Output only. Server assigned timestamp for when the connection was updated. - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: Allows clients to store small amounts of arbitrary data. - immutable: true - - name: 'etag' - type: String - description: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. - output: true diff --git a/mmv1/products/cloudbuildv2/go_product.yaml b/mmv1/products/cloudbuildv2/go_product.yaml deleted file mode 100644 index 4963430cccf4..000000000000 --- a/mmv1/products/cloudbuildv2/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Cloudbuildv2' -display_name: 'Cloud Build v2' -versions: - - name: 'ga' - base_url: 'https://cloudbuild.googleapis.com/v2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudbuildv2/product.yaml b/mmv1/products/cloudbuildv2/product.yaml index d0d9616ec001..5c3e629ed15f 100644 --- a/mmv1/products/cloudbuildv2/product.yaml +++ b/mmv1/products/cloudbuildv2/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Cloudbuildv2 -display_name: Cloud Build v2 +--- +name: 'Cloudbuildv2' +display_name: 'Cloud Build v2' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudbuild.googleapis.com/v2/ + - name: 'ga' + base_url: 'https://cloudbuild.googleapis.com/v2/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/clouddeploy/Automation.yaml b/mmv1/products/clouddeploy/Automation.yaml index bb46c92440bb..d2e82a60d497 100644 --- a/mmv1/products/clouddeploy/Automation.yaml +++ b/mmv1/products/clouddeploy/Automation.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,167 +11,166 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Automation' description: | An `Automation` enables the automation of manually driven actions for a Delivery Pipeline, which includes Release promotion amongst Targets, Rollout repair and Rollout deployment strategy advancement. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Automate your deployment': 'https://cloud.google.com/deploy/docs/automation' api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines.automations' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations' self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' - create_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations?automationId={{name}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: false - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' -import_format: - [ - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}', - ] -autogen_async: true +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "clouddeploy_automation_basic" - primary_resource_id: "b-automation" + - name: 'clouddeploy_automation_basic' + primary_resource_id: 'b-automation' vars: - automation: "cd-automation" - delivery_pipeline: "cd-pipeline" + automation: 'cd-automation' + delivery_pipeline: 'cd-pipeline' test_env_vars: - service_account: :SERVICE_ACCT - - !ruby/object:Provider::Terraform::Examples - name: "clouddeploy_automation_full" - - primary_resource_id: "f-automation" + service_account: 'SERVICE_ACCT' + - name: 'clouddeploy_automation_full' + primary_resource_id: 'f-automation' vars: - automation: "cd-automation" - delivery_pipeline: "cd-pipeline" + automation: 'cd-automation' + delivery_pipeline: 'cd-pipeline' test_env_vars: - service_account: :SERVICE_ACCT + service_account: 'SERVICE_ACCT' parameters: - - !ruby/object:Api::Type::String - name: "location" - immutable: true - url_param_only: true + - name: 'location' + type: String description: "The location for the resource" + url_param_only: true required: true - - !ruby/object:Api::Type::String - name: "delivery_pipeline" immutable: true - url_param_only: true + - name: 'delivery_pipeline' + type: String description: "The delivery_pipeline for the resource" + url_param_only: true required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: "name" + - name: 'name' + type: String description: "Name of the `Automation`." + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: "uid" + - name: 'uid' + type: String description: "Output only. Unique identifier of the `Automation`." output: true - - !ruby/object:Api::Type::String - name: "description" + - name: 'description' + type: String description: "Optional. Description of the `Automation`. Max length is 255 characters." - - !ruby/object:Api::Type::String - name: "createTime" + - name: 'createTime' + type: String description: "Output only. Time at which the automation was created." output: true - - !ruby/object:Api::Type::String - name: "updateTime" + - name: 'updateTime' + type: String description: "Output only. Time at which the automation was updated." output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: "annotations" + - name: 'annotations' + type: KeyValueAnnotations description: "Optional. User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. Annotations must meet the following constraints: * Annotations are key/value pairs. * Valid annotation keys have two segments: an optional prefix and name, separated by a slash (`/`). * The name segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots (`.`), and alphanumerics between. * The prefix is optional. If specified, the prefix must be a DNS subdomain: a series of DNS labels separated by dots(`.`), not longer than 253 characters in total, followed by a slash (`/`). See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set for more details." - - !ruby/object:Api::Type::KeyValueLabels - name: "labels" + - name: 'labels' + type: KeyValueLabels description: "Optional. Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 63 characters." - - !ruby/object:Api::Type::String - name: "etag" + - name: 'etag' + type: String description: "Optional. The weak etag of the `Automation` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." output: true - - !ruby/object:Api::Type::Boolean - name: "suspended" + - name: 'suspended' + type: Boolean description: "Optional. When Suspended, automation is deactivated from execution." send_empty_value: true - - !ruby/object:Api::Type::String - name: "serviceAccount" + - name: 'serviceAccount' + type: String description: "Required. Email address of the user-managed IAM service account that creates Cloud Deploy release and rollout resources." required: true - - !ruby/object:Api::Type::NestedObject - name: "selector" + - name: 'selector' + type: NestedObject description: "Required. Selected resources to which the automation will be applied." required: true properties: - - !ruby/object:Api::Type::Array - name: "targets" + - name: 'targets' + type: Array description: "Contains attributes about a target." required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: "id" + - name: 'id' + type: String description: "ID of the `Target`. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine which target is being referred to * \"*\", all targets in a location." - - !ruby/object:Api::Type::KeyValuePairs - name: "labels" + - name: 'labels' + type: KeyValuePairs description: "Target labels." default_from_api: true - - !ruby/object:Api::Type::Array - name: "rules" + - name: 'rules' + type: Array description: "Required. List of Automation rules associated with the Automation resource. Must have at least one rule and limited to 250 rules per Delivery Pipeline. Note: the order of the rules here is not the same as the order of execution." required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: "promoteReleaseRule" + - name: 'promoteReleaseRule' + type: NestedObject description: "Optional. `PromoteReleaseRule` will automatically promote a release from the current target to a specified target." properties: - - !ruby/object:Api::Type::String - name: "id" + - name: 'id' + type: String description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." required: true - - !ruby/object:Api::Type::String - name: "wait" + - name: 'wait' + type: String description: "Optional. How long the release need to be paused until being promoted to the next target." - - !ruby/object:Api::Type::String - name: "destinationTargetId" + - name: 'destinationTargetId' + type: String description: "Optional. The ID of the stage in the pipeline to which this `Release` is deploying. If unspecified, default it to the next stage in the promotion flow. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine if the target is one of the stages in the promotion sequence defined in the pipeline. * \"@next\", the next target in the promotion sequence." - - !ruby/object:Api::Type::String - name: "destinationPhase" + - name: 'destinationPhase' + type: String description: "Optional. The starting phase of the rollout created by this operation. Default to the first phase." - - !ruby/object:Api::Type::NestedObject - name: "advanceRolloutRule" + - name: 'advanceRolloutRule' + type: NestedObject description: "Optional. The `AdvanceRolloutRule` will automatically advance a successful Rollout." properties: - - !ruby/object:Api::Type::String - name: "id" + - name: 'id' + type: String description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." required: true - - !ruby/object:Api::Type::String - name: "wait" + - name: 'wait' + type: String description: "Optional. How long to wait after a rollout is finished." - - !ruby/object:Api::Type::Array - name: "sourcePhases" - item_type: Api::Type::String + - name: 'sourcePhases' + type: Array description: "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." + item_type: + type: String diff --git a/mmv1/products/clouddeploy/CustomTargetType.yaml b/mmv1/products/clouddeploy/CustomTargetType.yaml index 725ba6c23f62..3f7368ffe4b4 100644 --- a/mmv1/products/clouddeploy/CustomTargetType.yaml +++ b/mmv1/products/clouddeploy/CustomTargetType.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,184 +11,185 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: "CustomTargetType" +--- +name: 'CustomTargetType' description: | A Cloud Deploy `CustomTargetType` defines a type of custom target that can be referenced in a Cloud Deploy `Target` in order to facilitate deploying to other systems besides the supported runtimes. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - "Define and use a custom target type": "https://cloud.google.com/deploy/docs/deploy-app-custom-target" - api: "https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.customTargetTypes" -base_url: "projects/{{project}}/locations/{{location}}/customTargetTypes" -self_link: "projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}" -create_url: "projects/{{project}}/locations/{{location}}/customTargetTypes?customTargetTypeId={{name}}" -update_verb: :PATCH + 'Define and use a custom target type': 'https://cloud.google.com/deploy/docs/deploy-app-custom-target' + api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.customTargetTypes' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes' +self_link: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes?customTargetTypeId={{name}}' +update_verb: 'PATCH' update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: "name" - base_url: "{{op_id}}" +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result - path: "response" + result: + path: 'response' resource_inside_response: false - status: !ruby/object:Api::OpAsync::Status - path: "done" - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: "error" - message: "message" -id_format: "projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}" -import_format: - [ - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' - ] -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'name' + error: + path: 'error' + message: 'message' +iam_policy: method_name_separator: ':' + parent_resource_attribute: 'name' base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' - import_format: ['projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}', '{{name}}'] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' + - '{{name}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "clouddeploy_custom_target_type_basic" - primary_resource_id: "custom-target-type" + - name: 'clouddeploy_custom_target_type_basic' + primary_resource_id: 'custom-target-type' primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' vars: - custom_target_type_name: "my-custom-target-type" - - !ruby/object:Provider::Terraform::Examples - name: "clouddeploy_custom_target_type_git_skaffold_modules" - primary_resource_id: "custom-target-type" + custom_target_type_name: 'my-custom-target-type' + - name: 'clouddeploy_custom_target_type_git_skaffold_modules' + primary_resource_id: 'custom-target-type' primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' vars: - custom_target_type_name: "my-custom-target-type" - - !ruby/object:Provider::Terraform::Examples - name: "clouddeploy_custom_target_type_gcs_skaffold_modules" - primary_resource_id: "custom-target-type" + custom_target_type_name: 'my-custom-target-type' + - name: 'clouddeploy_custom_target_type_gcs_skaffold_modules' + primary_resource_id: 'custom-target-type' primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' vars: - custom_target_type_name: "my-custom-target-type" - - !ruby/object:Provider::Terraform::Examples - name: "clouddeploy_custom_target_type_gcb_repo_skaffold_modules" - primary_resource_id: "custom-target-type" + custom_target_type_name: 'my-custom-target-type' + - name: 'clouddeploy_custom_target_type_gcb_repo_skaffold_modules' + primary_resource_id: 'custom-target-type' primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' vars: - custom_target_type_name: "my-custom-target-type" + custom_target_type_name: 'my-custom-target-type' parameters: - - !ruby/object:Api::Type::String - name: "location" + - name: 'location' + type: String + description: "The location of the source." + url_param_only: true required: true immutable: true - url_param_only: true - description: "The location of the source." properties: - - !ruby/object:Api::Type::String - name: "name" + - name: 'name' + type: String description: "Name of the `CustomTargetType`." + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: "customTargetTypeId" + - name: 'customTargetTypeId' + type: String description: "Resource id of the `CustomTargetType`." output: true - - !ruby/object:Api::Type::String - name: "uid" + - name: 'uid' + type: String description: "Unique identifier of the `CustomTargetType`." output: true - - !ruby/object:Api::Type::String - name: "description" + - name: 'description' + type: String description: "Description of the `CustomTargetType`. Max length is 255 characters." - - !ruby/object:Api::Type::KeyValueAnnotations - name: "annotations" + - name: 'annotations' + type: KeyValueAnnotations description: "User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. See https://google.aip.dev/128#annotations for more details such as format and size limitations." - - !ruby/object:Api::Type::KeyValueLabels - name: "labels" + - name: 'labels' + type: KeyValueLabels description: "Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes." - - !ruby/object:Api::Type::String - name: "createTime" + - name: 'createTime' + type: String description: "Time at which the `CustomTargetType` was created." output: true - - !ruby/object:Api::Type::String - name: "updateTime" + - name: 'updateTime' + type: String description: "Time at which the `CustomTargetType` was updated." output: true - - !ruby/object:Api::Type::String - name: "etag" + - name: 'etag' + type: String description: "The weak etag of the `CustomTargetType` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." output: true - - !ruby/object:Api::Type::NestedObject - name: "customActions" + - name: 'customActions' + type: NestedObject description: "Configures render and deploy for the `CustomTargetType` using Skaffold custom actions." properties: - - !ruby/object:Api::Type::String - name: "renderAction" + - name: 'renderAction' + type: String description: "The Skaffold custom action responsible for render operations. If not provided then Cloud Deploy will perform the render operations via `skaffold render`." - - !ruby/object:Api::Type::String - name: "deployAction" + - name: 'deployAction' + type: String description: "The Skaffold custom action responsible for deploy operations." required: true - - !ruby/object:Api::Type::Array - name: "includeSkaffoldModules" + - name: 'includeSkaffoldModules' + type: Array description: "List of Skaffold modules Cloud Deploy will include in the Skaffold Config as required before performing diagnose." - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: "configs" + - name: 'configs' + type: Array description: "The Skaffold Config modules to use from the specified source." - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: "git" + item_type: + type: String + - name: 'git' + type: NestedObject description: "Remote git repository containing the Skaffold Config modules." exactly_one_of: - - git - - googleCloudStorage - - googleCloudBuildRepo + - 'git' + - 'googleCloudStorage' + - 'googleCloudBuildRepo' properties: - - !ruby/object:Api::Type::String - name: "repo" + - name: 'repo' + type: String description: "Git repository the package should be cloned from." required: true - - !ruby/object:Api::Type::String - name: "path" + - name: 'path' + type: String description: "Relative path from the repository root to the Skaffold file." - - !ruby/object:Api::Type::String - name: "ref" + - name: 'ref' + type: String description: "Git ref the package should be cloned from." - - !ruby/object:Api::Type::NestedObject - name: "googleCloudStorage" + - name: 'googleCloudStorage' + type: NestedObject description: "Cloud Storage bucket containing Skaffold Config modules." exactly_one_of: - - git - - googleCloudStorage - - googleCloudBuildRepo + - 'git' + - 'googleCloudStorage' + - 'googleCloudBuildRepo' properties: - - !ruby/object:Api::Type::String - name: "source" + - name: 'source' + type: String description: "Cloud Storage source paths to copy recursively. For example, providing `gs://my-bucket/dir/configs/*` will result in Skaffold copying all files within the `dir/configs` directory in the bucket `my-bucket`." required: true - - !ruby/object:Api::Type::String - name: "path" + - name: 'path' + type: String description: "Relative path from the source to the Skaffold file." - - !ruby/object:Api::Type::NestedObject - name: "googleCloudBuildRepo" + - name: 'googleCloudBuildRepo' + type: NestedObject description: "Cloud Build 2nd gen repository containing the Skaffold Config modules." exactly_one_of: - - git - - googleCloudStorage - - googleCloudBuildRepo + - 'git' + - 'googleCloudStorage' + - 'googleCloudBuildRepo' properties: - - !ruby/object:Api::Type::String - name: "repository" + - name: 'repository' + type: String description: "Cloud Build 2nd gen repository in the format of 'projects//locations//connections//repositories/'." required: true - - !ruby/object:Api::Type::String - name: "path" + - name: 'path' + type: String description: "Relative path from the repository root to the Skaffold file." - - !ruby/object:Api::Type::String - name: "ref" + - name: 'ref' + type: String description: "Branch or tag to use when cloning the repository." diff --git a/mmv1/products/clouddeploy/DeliveryPipeline.yaml b/mmv1/products/clouddeploy/DeliveryPipeline.yaml index 5a0ae025b50e..e9fc0874ca46 100644 --- a/mmv1/products/clouddeploy/DeliveryPipeline.yaml +++ b/mmv1/products/clouddeploy/DeliveryPipeline.yaml @@ -11,36 +11,45 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DeliveryPipeline' description: | A DeliveryPipeline defines a pipeline through which a Skaffold configuration can progress. -references: !ruby/object:Api::Resource::ReferenceLinks +exclude_resource: true +references: guides: 'Deploy an app to GKE using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-gke' 'Deploy an app to Cloud Run using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-run' 'Create a pipeline and release in the Google Cloud console': 'https://cloud.google.com/deploy/docs/deploy-app-in-console' api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines' self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' -exclude_resource: true -id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' import_format: - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'name' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' + parent_resource_attribute: 'name' base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' - import_format: ['projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}', '{{name}}'] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' + - '{{name}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'clouddeploy_delivery_pipeline_basic' + - name: 'clouddeploy_delivery_pipeline_basic' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cd-delivery-pipeline%s", context["random_suffix"])' vars: delivery_pipeline: 'cd-delivery-pipeline' +parameters: properties: - - !ruby/object:Api::Type::String - name: "name" + - name: 'name' + type: String description: "Dummy property." required: true diff --git a/mmv1/products/clouddeploy/Target.yaml b/mmv1/products/clouddeploy/Target.yaml index b8ab9d6fd154..9f2c6bfdf82b 100644 --- a/mmv1/products/clouddeploy/Target.yaml +++ b/mmv1/products/clouddeploy/Target.yaml @@ -11,30 +11,39 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Target' description: | The Cloud Deploy `Target` resource. -base_url: 'projects/{{project}}/locations/{{location}}/targets' -self_link: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' exclude_resource: true +docs: id_format: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/targets' +self_link: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' import_format: - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'name' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' + parent_resource_attribute: 'name' base_url: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' - import_format: ['projects/{{project}}/locations/{{location}}/targets/{{name}}', '{{name}}'] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' + - '{{name}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'clouddeploy_target_basic' + - name: 'clouddeploy_target_basic' primary_resource_id: 'default' primary_resource_name: 'fmt.Sprintf("tf-test-cd-target%s", context["random_suffix"])' vars: target: 'cd-target' +parameters: properties: - - !ruby/object:Api::Type::String - name: "name" + - name: 'name' + type: String description: "Dummy property." required: true diff --git a/mmv1/products/clouddeploy/go_Automation.yaml b/mmv1/products/clouddeploy/go_Automation.yaml deleted file mode 100644 index d7dadd6404b5..000000000000 --- a/mmv1/products/clouddeploy/go_Automation.yaml +++ /dev/null @@ -1,177 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Automation' -description: | - An `Automation` enables the automation of manually driven actions for a Delivery Pipeline, which includes Release promotion amongst Targets, Rollout repair and Rollout deployment strategy advancement. -references: - guides: - 'Automate your deployment': 'https://cloud.google.com/deploy/docs/automation' - api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines.automations' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations' -self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations?automationId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{delivery_pipeline}}/automations/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'clouddeploy_automation_basic' - primary_resource_id: 'b-automation' - vars: - automation: 'cd-automation' - delivery_pipeline: 'cd-pipeline' - test_env_vars: - service_account: 'SERVICE_ACCT' - - name: 'clouddeploy_automation_full' - primary_resource_id: 'f-automation' - vars: - automation: 'cd-automation' - delivery_pipeline: 'cd-pipeline' - test_env_vars: - service_account: 'SERVICE_ACCT' -parameters: - - name: 'location' - type: String - description: "The location for the resource" - url_param_only: true - required: true - immutable: true - - name: 'delivery_pipeline' - type: String - description: "The delivery_pipeline for the resource" - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: "Name of the `Automation`." - url_param_only: true - required: true - immutable: true - - name: 'uid' - type: String - description: "Output only. Unique identifier of the `Automation`." - output: true - - name: 'description' - type: String - description: "Optional. Description of the `Automation`. Max length is 255 characters." - - name: 'createTime' - type: String - description: "Output only. Time at which the automation was created." - output: true - - name: 'updateTime' - type: String - description: "Output only. Time at which the automation was updated." - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: "Optional. User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. Annotations must meet the following constraints: * Annotations are key/value pairs. * Valid annotation keys have two segments: an optional prefix and name, separated by a slash (`/`). * The name segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots (`.`), and alphanumerics between. * The prefix is optional. If specified, the prefix must be a DNS subdomain: a series of DNS labels separated by dots(`.`), not longer than 253 characters in total, followed by a slash (`/`). See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set for more details." - - name: 'labels' - type: KeyValueLabels - description: "Optional. Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 63 characters." - - name: 'etag' - type: String - description: "Optional. The weak etag of the `Automation` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." - output: true - - name: 'suspended' - type: Boolean - description: "Optional. When Suspended, automation is deactivated from execution." - send_empty_value: true - - name: 'serviceAccount' - type: String - description: "Required. Email address of the user-managed IAM service account that creates Cloud Deploy release and rollout resources." - required: true - - name: 'selector' - type: NestedObject - description: "Required. Selected resources to which the automation will be applied." - required: true - properties: - - name: 'targets' - type: Array - description: "Contains attributes about a target." - required: true - item_type: - type: NestedObject - properties: - - name: 'id' - type: String - description: "ID of the `Target`. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine which target is being referred to * \"*\", all targets in a location." - - name: 'labels' - type: KeyValuePairs - description: "Target labels." - default_from_api: true - - name: 'rules' - type: Array - description: "Required. List of Automation rules associated with the Automation resource. Must have at least one rule and limited to 250 rules per Delivery Pipeline. Note: the order of the rules here is not the same as the order of execution." - required: true - item_type: - type: NestedObject - properties: - - name: 'promoteReleaseRule' - type: NestedObject - description: "Optional. `PromoteReleaseRule` will automatically promote a release from the current target to a specified target." - properties: - - name: 'id' - type: String - description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." - required: true - - name: 'wait' - type: String - description: "Optional. How long the release need to be paused until being promoted to the next target." - - name: 'destinationTargetId' - type: String - description: "Optional. The ID of the stage in the pipeline to which this `Release` is deploying. If unspecified, default it to the next stage in the promotion flow. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine if the target is one of the stages in the promotion sequence defined in the pipeline. * \"@next\", the next target in the promotion sequence." - - name: 'destinationPhase' - type: String - description: "Optional. The starting phase of the rollout created by this operation. Default to the first phase." - - name: 'advanceRolloutRule' - type: NestedObject - description: "Optional. The `AdvanceRolloutRule` will automatically advance a successful Rollout." - properties: - - name: 'id' - type: String - description: "Required. ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." - required: true - - name: 'wait' - type: String - description: "Optional. How long to wait after a rollout is finished." - - name: 'sourcePhases' - type: Array - description: "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." - item_type: - type: String diff --git a/mmv1/products/clouddeploy/go_CustomTargetType.yaml b/mmv1/products/clouddeploy/go_CustomTargetType.yaml deleted file mode 100644 index 33e61223005b..000000000000 --- a/mmv1/products/clouddeploy/go_CustomTargetType.yaml +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CustomTargetType' -description: | - A Cloud Deploy `CustomTargetType` defines a type of custom target that can be referenced in a - Cloud Deploy `Target` in order to facilitate deploying to other systems besides the supported runtimes. -references: - guides: - 'Define and use a custom target type': 'https://cloud.google.com/deploy/docs/deploy-app-custom-target' - api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.customTargetTypes' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes' -self_link: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes?customTargetTypeId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/customTargetTypes/{{name}}' - - '{{name}}' -custom_code: -examples: - - name: 'clouddeploy_custom_target_type_basic' - primary_resource_id: 'custom-target-type' - primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' - vars: - custom_target_type_name: 'my-custom-target-type' - - name: 'clouddeploy_custom_target_type_git_skaffold_modules' - primary_resource_id: 'custom-target-type' - primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' - vars: - custom_target_type_name: 'my-custom-target-type' - - name: 'clouddeploy_custom_target_type_gcs_skaffold_modules' - primary_resource_id: 'custom-target-type' - primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' - vars: - custom_target_type_name: 'my-custom-target-type' - - name: 'clouddeploy_custom_target_type_gcb_repo_skaffold_modules' - primary_resource_id: 'custom-target-type' - primary_resource_name: 'fmt.Sprintf("tf-test-my-custom-target-type%s", context["random_suffix"])' - vars: - custom_target_type_name: 'my-custom-target-type' -parameters: - - name: 'location' - type: String - description: "The location of the source." - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: "Name of the `CustomTargetType`." - url_param_only: true - required: true - immutable: true - - name: 'customTargetTypeId' - type: String - description: "Resource id of the `CustomTargetType`." - output: true - - name: 'uid' - type: String - description: "Unique identifier of the `CustomTargetType`." - output: true - - name: 'description' - type: String - description: "Description of the `CustomTargetType`. Max length is 255 characters." - - name: 'annotations' - type: KeyValueAnnotations - description: "User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. See https://google.aip.dev/128#annotations for more details such as format and size limitations." - - name: 'labels' - type: KeyValueLabels - description: "Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes." - - name: 'createTime' - type: String - description: "Time at which the `CustomTargetType` was created." - output: true - - name: 'updateTime' - type: String - description: "Time at which the `CustomTargetType` was updated." - output: true - - name: 'etag' - type: String - description: "The weak etag of the `CustomTargetType` resource. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." - output: true - - name: 'customActions' - type: NestedObject - description: "Configures render and deploy for the `CustomTargetType` using Skaffold custom actions." - properties: - - name: 'renderAction' - type: String - description: "The Skaffold custom action responsible for render operations. If not provided then Cloud Deploy will perform the render operations via `skaffold render`." - - name: 'deployAction' - type: String - description: "The Skaffold custom action responsible for deploy operations." - required: true - - name: 'includeSkaffoldModules' - type: Array - description: "List of Skaffold modules Cloud Deploy will include in the Skaffold Config as required before performing diagnose." - item_type: - type: NestedObject - properties: - - name: 'configs' - type: Array - description: "The Skaffold Config modules to use from the specified source." - item_type: - type: String - - name: 'git' - type: NestedObject - description: "Remote git repository containing the Skaffold Config modules." - exactly_one_of: - - 'git' - - 'googleCloudStorage' - - 'googleCloudBuildRepo' - properties: - - name: 'repo' - type: String - description: "Git repository the package should be cloned from." - required: true - - name: 'path' - type: String - description: "Relative path from the repository root to the Skaffold file." - - name: 'ref' - type: String - description: "Git ref the package should be cloned from." - - name: 'googleCloudStorage' - type: NestedObject - description: "Cloud Storage bucket containing Skaffold Config modules." - exactly_one_of: - - 'git' - - 'googleCloudStorage' - - 'googleCloudBuildRepo' - properties: - - name: 'source' - type: String - description: "Cloud Storage source paths to copy recursively. For example, providing `gs://my-bucket/dir/configs/*` will result in Skaffold copying all files within the `dir/configs` directory in the bucket `my-bucket`." - required: true - - name: 'path' - type: String - description: "Relative path from the source to the Skaffold file." - - name: 'googleCloudBuildRepo' - type: NestedObject - description: "Cloud Build 2nd gen repository containing the Skaffold Config modules." - exactly_one_of: - - 'git' - - 'googleCloudStorage' - - 'googleCloudBuildRepo' - properties: - - name: 'repository' - type: String - description: "Cloud Build 2nd gen repository in the format of 'projects//locations//connections//repositories/'." - required: true - - name: 'path' - type: String - description: "Relative path from the repository root to the Skaffold file." - - name: 'ref' - type: String - description: "Branch or tag to use when cloning the repository." diff --git a/mmv1/products/clouddeploy/go_DeliveryPipeline.yaml b/mmv1/products/clouddeploy/go_DeliveryPipeline.yaml deleted file mode 100644 index b76a721f65d3..000000000000 --- a/mmv1/products/clouddeploy/go_DeliveryPipeline.yaml +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DeliveryPipeline' -description: | - A DeliveryPipeline defines a pipeline through which a Skaffold configuration can progress. -exclude_resource: true -references: - guides: - 'Deploy an app to GKE using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-gke' - 'Deploy an app to Cloud Run using Cloud Deploy': 'https://cloud.google.com/deploy/docs/deploy-app-run' - 'Create a pipeline and release in the Google Cloud console': 'https://cloud.google.com/deploy/docs/deploy-app-in-console' - api: 'https://cloud.google.com/deploy/docs/api/reference/rest/v1/projects.locations.deliveryPipelines' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines' -self_link: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/deliveryPipelines/{{name}}' - - '{{name}}' -custom_code: -examples: - - name: 'clouddeploy_delivery_pipeline_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cd-delivery-pipeline%s", context["random_suffix"])' - vars: - delivery_pipeline: 'cd-delivery-pipeline' -parameters: -properties: - - name: 'name' - type: String - description: "Dummy property." - required: true diff --git a/mmv1/products/clouddeploy/go_Target.yaml b/mmv1/products/clouddeploy/go_Target.yaml deleted file mode 100644 index b897ab8a86ad..000000000000 --- a/mmv1/products/clouddeploy/go_Target.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Target' -description: | - The Cloud Deploy `Target` resource. -exclude_resource: true -docs: -id_format: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/targets' -self_link: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/locations/{{location}}/targets/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/targets/{{name}}' - - '{{name}}' -custom_code: -examples: - - name: 'clouddeploy_target_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cd-target%s", context["random_suffix"])' - vars: - target: 'cd-target' -parameters: -properties: - - name: 'name' - type: String - description: "Dummy property." - required: true diff --git a/mmv1/products/clouddeploy/go_product.yaml b/mmv1/products/clouddeploy/go_product.yaml deleted file mode 100644 index d08276ee376a..000000000000 --- a/mmv1/products/clouddeploy/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Clouddeploy' -display_name: 'Cloud Deploy' -versions: - - name: 'ga' - base_url: 'https://clouddeploy.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://clouddeploy.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/clouddeploy/product.yaml b/mmv1/products/clouddeploy/product.yaml index 37399bef4491..afdecd3a1643 100644 --- a/mmv1/products/clouddeploy/product.yaml +++ b/mmv1/products/clouddeploy/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Clouddeploy -display_name: Cloud Deploy +--- +name: 'Clouddeploy' +display_name: 'Cloud Deploy' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://clouddeploy.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://clouddeploy.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://clouddeploy.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://clouddeploy.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/clouddomains/Registration.yaml b/mmv1/products/clouddomains/Registration.yaml index 0d19d1b64743..c641c5cf7568 100644 --- a/mmv1/products/clouddomains/Registration.yaml +++ b/mmv1/products/clouddomains/Registration.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,55 +11,55 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Registration' description: | Registers a new domain name and creates a corresponding Registration resource. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Register a domain with Cloud Domains': 'https://cloud.google.com/domains/docs/buy-register-domain' api: 'https://cloud.google.com/domains/docs/reference/rest/v1/projects.locations.registrations' -base_url: 'projects/{{project}}/locations/{{location}}/registrations' -self_link: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' -create_url: 'projects/{{project}}/locations/{{location}}/registrations:register' -import_format: ['projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}'] -immutable: true -# Cannot be deleted -skip_delete: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/clouddomains_registration.go.erb - post_create: templates/terraform/post_create/clouddomains_registration.go.erb - encoder: templates/terraform/encoders/clouddomains_registration.go.erb -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | The Terraform implementation of this resource will not actually delete a Registration during `terraform destroy`. Instead it will "abandon" the resource and remove it from state. For information on deleting a registered domain, see https://cloud.google.com/domains/docs/delete-domain -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +id_format: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +base_url: 'projects/{{project}}/locations/{{location}}/registrations' +self_link: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +create_url: 'projects/{{project}}/locations/{{location}}/registrations:register' +# Cannot be deleted +exclude_delete: true +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: false - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' -autogen_async: true +custom_code: + constants: 'templates/terraform/constants/clouddomains_registration.go.tmpl' + encoder: 'templates/terraform/encoders/clouddomains_registration.go.tmpl' + post_create: 'templates/terraform/post_create/clouddomains_registration.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: "clouddomains_registration_full" - primary_resource_id: "my_registration" + - name: 'clouddomains_registration_full' + primary_resource_id: 'my_registration' # Must be tested in staging environment with all-time unique domains - skip_test: true + exclude_test: true # ignore_read_extra: # - 'contact_settings.0.registrant_contact.0.phone_number' # - 'contact_settings.0.registrant_contact.0.fax_number' @@ -71,92 +71,92 @@ examples: # - 'contact_settings.0.technical_contact.0.fax_number' # - 'contact_settings.0.technical_contact.0.postal_address' parameters: - - !ruby/object:Api::Type::String - name: location - url_param_only: true + - name: 'location' + type: String description: "The location for the resource" + url_param_only: true required: true - - !ruby/object:Api::Type::String - name: domainName + - name: 'domainName' + type: String description: "Required. The domain name. Unicode domain names must be expressed in Punycode format." required: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: "Output only. Name of the Registration resource, in the format projects/*/locations/*/registrations/." output: true - - !ruby/object:Api::Type::String - name: createTime + - name: 'createTime' + type: String description: "Output only. Time at which the automation was created." output: true - - !ruby/object:Api::Type::String - name: expireTime + - name: 'expireTime' + type: String description: "Output only. Time at which the automation was updated." output: true - - !ruby/object:Api::Type::String - name: state - output: true + - name: 'state' + type: String description: Output only. The current state of the Registration. - - !ruby/object:Api::Type::Array - name: issues + output: true + - name: 'issues' + type: Array description: Output only. The set of issues with the Registration that require attention. - item_type: Api::Type::String output: true - - !ruby/object:Api::Type::KeyValueLabels - name: labels + item_type: + type: String + - name: 'labels' + type: KeyValueLabels description: Set of labels associated with the Registration. - - !ruby/object:Api::Type::Array - name: domainNotices + - name: 'domainNotices' + type: Array description: The list of domain notices that you acknowledge. Possible value is HSTS_PRELOADED - item_type: Api::Type::String ignore_read: true - - !ruby/object:Api::Type::Array - name: contactNotices + item_type: + type: String + - name: 'contactNotices' + type: Array description: The list of contact notices that the caller acknowledges. Possible value is PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT - item_type: Api::Type::String - ignore_read: true - - !ruby/object:Api::Type::NestedObject - name: yearlyPrice - required: true ignore_read: true + item_type: + type: String + - name: 'yearlyPrice' + type: NestedObject description: | Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from registrations.retrieveRegisterParameters or registrations.searchDomains calls. + required: true + ignore_read: true properties: - - !ruby/object:Api::Type::String - name: currencyCode + - name: 'currencyCode' + type: String description: The three-letter currency code defined in ISO 4217. - - !ruby/object:Api::Type::String - name: units + - name: 'units' + type: String description: The whole units of the amount. For example if currencyCode is "USD", then 1 unit is one US dollar. - - !ruby/object:Api::Type::Array - name: supportedPrivacy + - name: 'supportedPrivacy' + type: Array description: Output only. Set of options for the contactSettings.privacy field that this Registration supports. - item_type: Api::Type::String - output: true - - !ruby/object:Api::Type::String - name: registerFailureReason output: true + item_type: + type: String + - name: 'registerFailureReason' + type: String description: Output only. The reason the domain registration failed. Only set for domains in REGISTRATION_FAILED state. - - !ruby/object:Api::Type::NestedObject - name: managementSettings + output: true + - name: 'managementSettings' + type: NestedObject description: "Settings for management of the Registration, including renewal, billing, and transfer" default_from_api: true properties: - - !ruby/object:Api::Type::String - name: renewalMethod - output: true + - name: 'renewalMethod' + type: String description: | Output only. The actual renewal method for this Registration. When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, the actual renewalMethod can be equal to RENEWAL_DISABLED—for example, when there are problems with the billing account or reported domain abuse. In such cases, check the issues field on the Registration. After the problem is resolved, the renewalMethod is automatically updated to preferredRenewalMethod in a few hours. - - !ruby/object:Api::Type::String - name: preferredRenewalMethod - default_from_api: true - at_least_one_of: - - managementSettings.0.preferredRenewalMethod - - managementSettings.0.transferLockState + output: true + - name: 'preferredRenewalMethod' + type: String description: | The desired renewal method for this Registration. The actual renewalMethod is automatically updated to reflect this choice. If unset or equal to RENEWAL_METHOD_UNSPECIFIED, the actual renewalMethod is treated as if it were set to AUTOMATIC_RENEWAL. @@ -166,136 +166,145 @@ properties: When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, the actual renewalMethod can be set to RENEWAL_DISABLED in case of problems with the billing account or reported domain abuse. In such cases, check the issues field on the Registration. After the problem is resolved, the renewalMethod is automatically updated to preferredRenewalMethod in a few hours. - - !ruby/object:Api::Type::String - name: transferLockState default_from_api: true at_least_one_of: - - managementSettings.0.preferredRenewalMethod - - managementSettings.0.transferLockState + - 'managementSettings.0.preferredRenewalMethod' + - 'managementSettings.0.transferLockState' + - name: 'transferLockState' + type: String description: Controls whether the domain can be transferred to another registrar. Values are UNLOCKED or LOCKED. - - !ruby/object:Api::Type::NestedObject - name: dnsSettings + default_from_api: true + at_least_one_of: + - 'managementSettings.0.preferredRenewalMethod' + - 'managementSettings.0.transferLockState' + - name: 'dnsSettings' + type: NestedObject description: Settings controlling the DNS configuration of the Registration. properties: - - !ruby/object:Api::Type::NestedObject - name: customDns + - name: 'customDns' + type: NestedObject description: Configuration for an arbitrary DNS provider. properties: - - !ruby/object:Api::Type::Array - name: nameServers - required: true + - name: 'nameServers' + type: Array description: | Required. A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: dsRecords + required: true + item_type: + type: String + - name: 'dsRecords' + type: Array description: | The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: keyTag + - name: 'keyTag' + type: Integer description: The key tag of the record. Must be set in range 0 -- 65535. - - !ruby/object:Api::Type::String - name: algorithm + - name: 'algorithm' + type: String description: The algorithm used to generate the referenced DNSKEY. - - !ruby/object:Api::Type::String - name: digestType + - name: 'digestType' + type: String description: The hash function used to generate the digest of the referenced DNSKEY. - - !ruby/object:Api::Type::String - name: digest + - name: 'digest' + type: String description: The digest generated from the referenced DNSKEY. - - !ruby/object:Api::Type::Array - name: "glueRecords" + - name: 'glueRecords' + type: Array description: "The list of glue records for this Registration. Commonly empty." - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: hostName + - name: 'hostName' + type: String description: "Required. Domain name of the host in Punycode format." required: true - - !ruby/object:Api::Type::Array - name: ipv4Addresses + - name: 'ipv4Addresses' + type: Array description: | List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). At least one of ipv4_address and ipv6_address must be set. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: ipv6Addresses + item_type: + type: String + - name: 'ipv6Addresses' + type: Array description: | List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). At least one of ipv4_address and ipv6_address must be set. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: contactSettings + item_type: + type: String + - name: 'contactSettings' + type: NestedObject description: Required. Settings for contact information linked to the Registration. required: true properties: - - !ruby/object:Api::Type::String - name: privacy - required: true + - name: 'privacy' + type: String description: | Required. Privacy setting for the contacts associated with the Registration. Values are PUBLIC_CONTACT_DATA, PRIVATE_CONTACT_DATA, and REDACTED_CONTACT_DATA - - !ruby/object:Api::Type::NestedObject - name: registrantContact required: true - # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields - custom_flatten: templates/terraform/custom_flatten/clouddomains_ignore_numbers_registrant.go.erb + - name: 'registrantContact' + type: NestedObject description: | Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension. + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: 'templates/terraform/custom_flatten/clouddomains_ignore_numbers_registrant.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: email - required: true + - name: 'email' + type: String description: Required. Email address of the contact. - - !ruby/object:Api::Type::String - name: phoneNumber required: true + - name: 'phoneNumber' + type: String description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". - - !ruby/object:Api::Type::String - name: faxNumber - description: Fax number of the contact in international format. For example, "+1-800-555-0123". - - !ruby/object:Api::Type::NestedObject - name: postalAddress required: true + - name: 'faxNumber' + type: String + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - name: 'postalAddress' + type: NestedObject description: Required. Postal address of the contact. + required: true properties: - - !ruby/object:Api::Type::String - name: regionCode - required: true + - name: 'regionCode' + type: String description: | Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. - - !ruby/object:Api::Type::String - name: postalCode + required: true + - name: 'postalCode' + type: String description: | Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - - !ruby/object:Api::Type::String - name: administrativeArea + - name: 'administrativeArea' + type: String description: | Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated. - - !ruby/object:Api::Type::String - name: locality + - name: 'locality' + type: String description: | Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. - - !ruby/object:Api::Type::String - name: organization + - name: 'organization' + type: String description: | The name of the organization at the address. - - !ruby/object:Api::Type::Array - name: addressLines + - name: 'addressLines' + type: Array description: | Unstructured address lines describing the lower levels of an address. Because values in addressLines do not have type information and may sometimes contain multiple values in a single @@ -303,70 +312,72 @@ properties: "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: recipients + item_type: + type: String + - name: 'recipients' + type: Array description: | The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain "care of" information. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: adminContact - required: true - # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields - custom_flatten: templates/terraform/custom_flatten/clouddomains_ignore_numbers_admin.go.erb + item_type: + type: String + - name: 'adminContact' + type: NestedObject description: | Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension. + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: 'templates/terraform/custom_flatten/clouddomains_ignore_numbers_admin.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: email - required: true + - name: 'email' + type: String description: Required. Email address of the contact. - - !ruby/object:Api::Type::String - name: phoneNumber required: true + - name: 'phoneNumber' + type: String description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". - - !ruby/object:Api::Type::String - name: faxNumber - description: Fax number of the contact in international format. For example, "+1-800-555-0123". - - !ruby/object:Api::Type::NestedObject - name: postalAddress required: true + - name: 'faxNumber' + type: String + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - name: 'postalAddress' + type: NestedObject description: Required. Postal address of the contact. + required: true properties: - - !ruby/object:Api::Type::String - name: regionCode - required: true + - name: 'regionCode' + type: String description: | Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. - - !ruby/object:Api::Type::String - name: postalCode + required: true + - name: 'postalCode' + type: String description: | Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - - !ruby/object:Api::Type::String - name: administrativeArea + - name: 'administrativeArea' + type: String description: | Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated. - - !ruby/object:Api::Type::String - name: locality + - name: 'locality' + type: String description: | Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. - - !ruby/object:Api::Type::String - name: organization + - name: 'organization' + type: String description: | The name of the organization at the address. - - !ruby/object:Api::Type::Array - name: addressLines + - name: 'addressLines' + type: Array description: | Unstructured address lines describing the lower levels of an address. Because values in addressLines do not have type information and may sometimes contain multiple values in a single @@ -374,70 +385,72 @@ properties: "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: recipients + item_type: + type: String + - name: 'recipients' + type: Array description: | The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain "care of" information. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: technicalContact - required: true - # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields - custom_flatten: templates/terraform/custom_flatten/clouddomains_ignore_numbers_technical.go.erb + item_type: + type: String + - name: 'technicalContact' + type: NestedObject description: | Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension. + required: true + # ignore read on phone and fax numbers. Need to use custom flatten because ignore_read doesn't work with nested fields + custom_flatten: 'templates/terraform/custom_flatten/clouddomains_ignore_numbers_technical.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: email - required: true + - name: 'email' + type: String description: Required. Email address of the contact. - - !ruby/object:Api::Type::String - name: phoneNumber required: true + - name: 'phoneNumber' + type: String description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". - - !ruby/object:Api::Type::String - name: faxNumber - description: Fax number of the contact in international format. For example, "+1-800-555-0123". - - !ruby/object:Api::Type::NestedObject - name: postalAddress required: true + - name: 'faxNumber' + type: String + description: Fax number of the contact in international format. For example, "+1-800-555-0123". + - name: 'postalAddress' + type: NestedObject description: Required. Postal address of the contact. + required: true properties: - - !ruby/object:Api::Type::String - name: regionCode - required: true + - name: 'regionCode' + type: String description: | Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. - - !ruby/object:Api::Type::String - name: postalCode + required: true + - name: 'postalCode' + type: String description: | Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - - !ruby/object:Api::Type::String - name: administrativeArea + - name: 'administrativeArea' + type: String description: | Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated. - - !ruby/object:Api::Type::String - name: locality + - name: 'locality' + type: String description: | Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. - - !ruby/object:Api::Type::String - name: organization + - name: 'organization' + type: String description: | The name of the organization at the address. - - !ruby/object:Api::Type::Array - name: addressLines + - name: 'addressLines' + type: Array description: | Unstructured address lines describing the lower levels of an address. Because values in addressLines do not have type information and may sometimes contain multiple values in a single @@ -445,10 +458,12 @@ properties: "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, the most specific line of an address can be selected based on the language. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: recipients + item_type: + type: String + - name: 'recipients' + type: Array description: | The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain "care of" information. - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/clouddomains/go_Registration.yaml b/mmv1/products/clouddomains/go_Registration.yaml deleted file mode 100644 index b218b5c2b6a1..000000000000 --- a/mmv1/products/clouddomains/go_Registration.yaml +++ /dev/null @@ -1,455 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Registration' -description: | - Registers a new domain name and creates a corresponding Registration resource. -references: - guides: - 'Register a domain with Cloud Domains': 'https://cloud.google.com/domains/docs/buy-register-domain' - api: 'https://cloud.google.com/domains/docs/reference/rest/v1/projects.locations.registrations' -docs: - warning: | - The Terraform implementation of this resource will not actually delete a Registration during - `terraform destroy`. Instead it will "abandon" the resource and remove it from state. - For information on deleting a registered domain, see https://cloud.google.com/domains/docs/delete-domain -id_format: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' -base_url: 'projects/{{project}}/locations/{{location}}/registrations' -self_link: 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' -create_url: 'projects/{{project}}/locations/{{location}}/registrations:register' -exclude_delete: true -immutable: true -import_format: - - 'projects/{{project}}/locations/{{location}}/registrations/{{domain_name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/clouddomains_registration.go.tmpl' - encoder: 'templates/terraform/encoders/go/clouddomains_registration.go.tmpl' - post_create: 'templates/terraform/post_create/go/clouddomains_registration.go.tmpl' -examples: - - name: 'clouddomains_registration_full' - primary_resource_id: 'my_registration' - skip_test: true -parameters: - - name: 'location' - type: String - description: "The location for the resource" - url_param_only: true - required: true - - name: 'domainName' - type: String - description: "Required. The domain name. Unicode domain names must be expressed in Punycode format." - required: true -properties: - - name: 'name' - type: String - description: "Output only. Name of the Registration resource, in the format projects/*/locations/*/registrations/." - output: true - - name: 'createTime' - type: String - description: "Output only. Time at which the automation was created." - output: true - - name: 'expireTime' - type: String - description: "Output only. Time at which the automation was updated." - output: true - - name: 'state' - type: String - description: Output only. The current state of the Registration. - output: true - - name: 'issues' - type: Array - description: Output only. The set of issues with the Registration that require attention. - output: true - item_type: - type: String - - name: 'labels' - type: KeyValueLabels - description: Set of labels associated with the Registration. - - name: 'domainNotices' - type: Array - description: The list of domain notices that you acknowledge. Possible value is HSTS_PRELOADED - ignore_read: true - item_type: - type: String - - name: 'contactNotices' - type: Array - description: The list of contact notices that the caller acknowledges. Possible value is PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT - ignore_read: true - item_type: - type: String - - name: 'yearlyPrice' - type: NestedObject - description: | - Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from - registrations.retrieveRegisterParameters or registrations.searchDomains calls. - required: true - ignore_read: true - properties: - - name: 'currencyCode' - type: String - description: The three-letter currency code defined in ISO 4217. - - name: 'units' - type: String - description: The whole units of the amount. For example if currencyCode is "USD", then 1 unit is one US dollar. - - name: 'supportedPrivacy' - type: Array - description: Output only. Set of options for the contactSettings.privacy field that this Registration supports. - output: true - item_type: - type: String - - name: 'registerFailureReason' - type: String - description: Output only. The reason the domain registration failed. Only set for domains in REGISTRATION_FAILED state. - output: true - - name: 'managementSettings' - type: NestedObject - description: "Settings for management of the Registration, including renewal, billing, and transfer" - default_from_api: true - properties: - - name: 'renewalMethod' - type: String - description: | - Output only. The actual renewal method for this Registration. When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, - the actual renewalMethod can be equal to RENEWAL_DISABLED—for example, when there are problems with the billing account - or reported domain abuse. In such cases, check the issues field on the Registration. After the problem is resolved, the - renewalMethod is automatically updated to preferredRenewalMethod in a few hours. - output: true - - name: 'preferredRenewalMethod' - type: String - description: | - The desired renewal method for this Registration. The actual renewalMethod is automatically updated to reflect this choice. - If unset or equal to RENEWAL_METHOD_UNSPECIFIED, the actual renewalMethod is treated as if it were set to AUTOMATIC_RENEWAL. - You cannot use RENEWAL_DISABLED during resource creation, and you can update the renewal status only when the Registration - resource has state ACTIVE or SUSPENDED. - - When preferredRenewalMethod is set to AUTOMATIC_RENEWAL, the actual renewalMethod can be set to RENEWAL_DISABLED in case of - problems with the billing account or reported domain abuse. In such cases, check the issues field on the Registration. After - the problem is resolved, the renewalMethod is automatically updated to preferredRenewalMethod in a few hours. - default_from_api: true - at_least_one_of: - - 'managementSettings.0.preferredRenewalMethod' - - 'managementSettings.0.transferLockState' - - name: 'transferLockState' - type: String - description: Controls whether the domain can be transferred to another registrar. Values are UNLOCKED or LOCKED. - default_from_api: true - at_least_one_of: - - 'managementSettings.0.preferredRenewalMethod' - - 'managementSettings.0.transferLockState' - - name: 'dnsSettings' - type: NestedObject - description: Settings controlling the DNS configuration of the Registration. - properties: - - name: 'customDns' - type: NestedObject - description: Configuration for an arbitrary DNS provider. - properties: - - name: 'nameServers' - type: Array - description: | - Required. A list of name servers that store the DNS zone for this domain. Each name server is a domain - name, with Unicode domain names expressed in Punycode format. - required: true - item_type: - type: String - - name: 'dsRecords' - type: Array - description: | - The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide - the values to set here. If this field is empty, DNSSEC is disabled. - item_type: - type: NestedObject - properties: - - name: 'keyTag' - type: Integer - description: The key tag of the record. Must be set in range 0 -- 65535. - - name: 'algorithm' - type: String - description: The algorithm used to generate the referenced DNSKEY. - - name: 'digestType' - type: String - description: The hash function used to generate the digest of the referenced DNSKEY. - - name: 'digest' - type: String - description: The digest generated from the referenced DNSKEY. - - name: 'glueRecords' - type: Array - description: "The list of glue records for this Registration. Commonly empty." - item_type: - type: NestedObject - properties: - - name: 'hostName' - type: String - description: "Required. Domain name of the host in Punycode format." - required: true - - name: 'ipv4Addresses' - type: Array - description: | - List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). - At least one of ipv4_address and ipv6_address must be set. - item_type: - type: String - - name: 'ipv6Addresses' - type: Array - description: | - List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. 198.51.100.1). - At least one of ipv4_address and ipv6_address must be set. - item_type: - type: String - - name: 'contactSettings' - type: NestedObject - description: Required. Settings for contact information linked to the Registration. - required: true - properties: - - name: 'privacy' - type: String - description: | - Required. Privacy setting for the contacts associated with the Registration. - Values are PUBLIC_CONTACT_DATA, PRIVATE_CONTACT_DATA, and REDACTED_CONTACT_DATA - required: true - - name: 'registrantContact' - type: NestedObject - description: | - Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. - - Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to - avoid domain suspension. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/clouddomains_ignore_numbers_registrant.go.tmpl' - properties: - - name: 'email' - type: String - description: Required. Email address of the contact. - required: true - - name: 'phoneNumber' - type: String - description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". - required: true - - name: 'faxNumber' - type: String - description: Fax number of the contact in international format. For example, "+1-800-555-0123". - - name: 'postalAddress' - type: NestedObject - description: Required. Postal address of the contact. - required: true - properties: - - name: 'regionCode' - type: String - description: | - Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to - ensure the value is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. - required: true - - name: 'postalCode' - type: String - description: | - Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, - they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - - name: 'administrativeArea' - type: String - description: | - Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, - a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community - (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland - this should be left unpopulated. - - name: 'locality' - type: String - description: | - Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world - where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. - - name: 'organization' - type: String - description: | - The name of the organization at the address. - - name: 'addressLines' - type: Array - description: | - Unstructured address lines describing the lower levels of an address. - Because values in addressLines do not have type information and may sometimes contain multiple values in a single - field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be - "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language - is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, - the most specific line of an address can be selected based on the language. - item_type: - type: String - - name: 'recipients' - type: Array - description: | - The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, - it might contain "care of" information. - item_type: - type: String - - name: 'adminContact' - type: NestedObject - description: | - Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. - - Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to - avoid domain suspension. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/clouddomains_ignore_numbers_admin.go.tmpl' - properties: - - name: 'email' - type: String - description: Required. Email address of the contact. - required: true - - name: 'phoneNumber' - type: String - description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". - required: true - - name: 'faxNumber' - type: String - description: Fax number of the contact in international format. For example, "+1-800-555-0123". - - name: 'postalAddress' - type: NestedObject - description: Required. Postal address of the contact. - required: true - properties: - - name: 'regionCode' - type: String - description: | - Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to - ensure the value is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. - required: true - - name: 'postalCode' - type: String - description: | - Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, - they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - - name: 'administrativeArea' - type: String - description: | - Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, - a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community - (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland - this should be left unpopulated. - - name: 'locality' - type: String - description: | - Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world - where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. - - name: 'organization' - type: String - description: | - The name of the organization at the address. - - name: 'addressLines' - type: Array - description: | - Unstructured address lines describing the lower levels of an address. - Because values in addressLines do not have type information and may sometimes contain multiple values in a single - field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be - "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language - is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, - the most specific line of an address can be selected based on the language. - item_type: - type: String - - name: 'recipients' - type: Array - description: | - The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, - it might contain "care of" information. - item_type: - type: String - - name: 'technicalContact' - type: NestedObject - description: | - Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain. - - Warning: For new Registrations, the registrant receives an email confirmation that they must complete within 15 days to - avoid domain suspension. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/clouddomains_ignore_numbers_technical.go.tmpl' - properties: - - name: 'email' - type: String - description: Required. Email address of the contact. - required: true - - name: 'phoneNumber' - type: String - description: Required. Phone number of the contact in international format. For example, "+1-800-555-0123". - required: true - - name: 'faxNumber' - type: String - description: Fax number of the contact in international format. For example, "+1-800-555-0123". - - name: 'postalAddress' - type: NestedObject - description: Required. Postal address of the contact. - required: true - properties: - - name: 'regionCode' - type: String - description: | - Required. CLDR region code of the country/region of the address. This is never inferred and it is up to the user to - ensure the value is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: "CH" for Switzerland. - required: true - - name: 'postalCode' - type: String - description: | - Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, - they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.). - - name: 'administrativeArea' - type: String - description: | - Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, - a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community - (e.g. "Barcelona" and not "Catalonia"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland - this should be left unpopulated. - - name: 'locality' - type: String - description: | - Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world - where localities are not well defined or do not fit into this structure well, leave locality empty and use addressLines. - - name: 'organization' - type: String - description: | - The name of the organization at the address. - - name: 'addressLines' - type: Array - description: | - Unstructured address lines describing the lower levels of an address. - Because values in addressLines do not have type information and may sometimes contain multiple values in a single - field (e.g. "Austin, TX"), it is important that the line order is clear. The order of address lines should be - "envelope order" for the country/region of the address. In places where this can vary (e.g. Japan), address_language - is used to make it explicit (e.g. "ja" for large-to-small ordering and "ja-Latn" or "en" for small-to-large). This way, - the most specific line of an address can be selected based on the language. - item_type: - type: String - - name: 'recipients' - type: Array - description: | - The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, - it might contain "care of" information. - item_type: - type: String diff --git a/mmv1/products/clouddomains/go_product.yaml b/mmv1/products/clouddomains/go_product.yaml deleted file mode 100644 index 7f7c87b9d838..000000000000 --- a/mmv1/products/clouddomains/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Clouddomains' -display_name: 'Cloud Domains' -versions: - - name: 'ga' - base_url: 'https://domains.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://domains.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/clouddomains/product.yaml b/mmv1/products/clouddomains/product.yaml index 69ce9cc5faa2..3d41bbe2a549 100644 --- a/mmv1/products/clouddomains/product.yaml +++ b/mmv1/products/clouddomains/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Clouddomains -display_name: Cloud Domains +--- +name: 'Clouddomains' +display_name: 'Cloud Domains' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://domains.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://domains.googleapis.com/v1beta1/ + - name: 'ga' + base_url: 'https://domains.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://domains.googleapis.com/v1beta1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudfunctions/CloudFunction.yaml b/mmv1/products/cloudfunctions/CloudFunction.yaml index c4b92107f2fa..e09afc57d7ed 100644 --- a/mmv1/products/cloudfunctions/CloudFunction.yaml +++ b/mmv1/products/cloudfunctions/CloudFunction.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,200 +11,198 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'CloudFunction' -base_url: projects/{{project}}/locations/{{region}}/functions -create_verb: :POST +legacy_name: 'google_cloudfunctions_function' description: | A Cloud Function that contains user computation executed in response to an event. -collection_url_key: 'functions' +exclude_resource: true +docs: +id_format: 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' +base_url: 'projects/{{project}}/locations/{{region}}/functions' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'cloud_function' +collection_url_key: 'functions' +iam_policy: method_name_separator: ':' - -legacy_name: 'google_cloudfunctions_function' -id_format: 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' -import_format: - ['projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}'] -exclude_resource: true + parent_resource_attribute: 'cloud_function' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions_cloud_function' + - name: 'cloudfunctions_cloud_function' primary_resource_id: 'function' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-function%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-function%s", context["random_suffix"])' vars: function_name: 'my-function' bucket_name: 'cloudfunctions-function-example-bucket' zip_path: 'path/to/index.zip' test_vars_overrides: - zip_path: 'acctest.CreateZIPArchiveForCloudFunctionSource(t, testHTTPTriggerPath)' + 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, testHTTPTriggerPath)' parameters: - - !ruby/object:Api::Type::String - name: 'region' - required: true + - name: 'region' + type: String description: The location of this cloud function. + required: true # This is not a real API field. # This is a more user-centric way for users to specify # that they want to use a HTTP Trigger rather than # send httpsTrigger with an empty dictionary. - - !ruby/object:Api::Type::Boolean - name: 'trigger_http' + - name: 'trigger_http' + type: Boolean description: 'Use HTTP to trigger this function' properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | A user-defined name of the function. Function names must be unique globally and match pattern `projects/*/locations/*/functions/*`. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: 'User-provided description of a function.' - - !ruby/object:Api::Type::Enum - name: 'status' - output: true + - name: 'status' + type: Enum description: | Status of the function deployment. - values: - - :CLOUD_FUNCTION_STATUS_UNSPECIFIED - - :ACTOVE - - :OFFLINE - - :DEPLOY_IN_PROGRESS - - :DELETE_IN_PROGRESS - - :UNKNOWN - - !ruby/object:Api::Type::String - name: 'entryPoint' + output: true + enum_values: + - 'CLOUD_FUNCTION_STATUS_UNSPECIFIED' + - 'ACTOVE' + - 'OFFLINE' + - 'DEPLOY_IN_PROGRESS' + - 'DELETE_IN_PROGRESS' + - 'UNKNOWN' + - name: 'entryPoint' + type: String description: | The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in source_location. - - !ruby/object:Api::Type::String - name: 'runtime' + - name: 'runtime' + type: String description: | The runtime in which the function is going to run. If empty, defaults to Node.js 6. - - !ruby/object:Api::Type::String - name: 'timeout' + - name: 'timeout' + type: String description: | The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds. - - !ruby/object:Api::Type::Integer - name: 'availableMemoryMb' + - name: 'availableMemoryMb' + type: Integer description: 'The amount of memory in MB available for a function.' - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' - output: true + - name: 'serviceAccountEmail' + type: String description: 'The email of the service account for this function.' - - !ruby/object:Api::Type::String - name: 'buildServiceAccount' - default_from_api: true - description: 'The fully-qualified name of the service account to be used for the build step of deploying this function' - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'buildServiceAccount' + type: String + description: 'The fully-qualified name of the service account to be used for the build step of deploying this function' + default_from_api: true + - name: 'updateTime' + type: String description: 'The last update timestamp of a Cloud Function' - - !ruby/object:Api::Type::String - name: 'versionId' output: true + - name: 'versionId' + type: String description: | The version identifier of the Cloud Function. Each deployment attempt results in a new version of a function being created. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: | A set of key/value label pairs associated with this Cloud Function. - - !ruby/object:Api::Type::KeyValuePairs - name: 'environmentVariables' + - name: 'environmentVariables' + type: KeyValuePairs description: | Environment variables that shall be available during function execution. - - !ruby/object:Api::Type::String - name: 'sourceArchiveUrl' + - name: 'sourceArchiveUrl' + type: String description: | The Google Cloud Storage URL, starting with gs://, pointing to the zip archive which contains the function. exactly_one_of: - - source_repository - - source_archive_url - - source_upload_url - - !ruby/object:Api::Type::String - name: 'sourceUploadUrl' + - 'source_repository' + - 'source_archive_url' + - 'source_upload_url' + - name: 'sourceUploadUrl' + type: String description: | The Google Cloud Storage signed URL used for source uploading. exactly_one_of: - - source_repository - - source_archive_url - - source_upload_url - - !ruby/object:Api::Type::NestedObject - name: 'sourceRepository' + - 'source_repository' + - 'source_archive_url' + - 'source_upload_url' + - name: 'sourceRepository' + type: NestedObject description: | The source repository where a function is hosted. exactly_one_of: - - source_repository - - source_archive_url - - source_upload_url + - 'source_repository' + - 'source_archive_url' + - 'source_upload_url' properties: - - !ruby/object:Api::Type::String - name: 'url' - required: true + - name: 'url' + type: String description: | The URL pointing to the hosted repository where the function is defined - - !ruby/object:Api::Type::String - name: 'deployedUrl' - output: true + required: true + - name: 'deployedUrl' + type: String description: | The URL pointing to the hosted repository where the function were defined at the time of deployment. - - !ruby/object:Api::Type::NestedObject - name: 'httpsTrigger' + output: true + - name: 'httpsTrigger' + type: NestedObject description: | An HTTPS endpoint type of source that can be triggered via URL. properties: - - !ruby/object:Api::Type::String - name: 'url' - output: true + - name: 'url' + type: String description: 'The deployed url for the function.' - - !ruby/object:Api::Type::NestedObject - name: 'eventTrigger' + output: true + - name: 'eventTrigger' + type: NestedObject description: | An HTTPS endpoint type of source that can be triggered via URL. properties: - - !ruby/object:Api::Type::String - name: 'eventType' - required: true + - name: 'eventType' + type: String description: | The type of event to observe. For example: `providers/cloud.storage/eventTypes/object.change` and `providers/cloud.pubsub/eventTypes/topic.publish`. - - !ruby/object:Api::Type::String - name: 'resource' required: true + - name: 'resource' + type: String description: | The resource(s) from which to observe events, for example, `projects/_/buckets/myBucket.` - - !ruby/object:Api::Type::String - name: 'service' + required: true + - name: 'service' + type: String description: | The hostname of the service that should be observed. diff --git a/mmv1/products/cloudfunctions/go_CloudFunction.yaml b/mmv1/products/cloudfunctions/go_CloudFunction.yaml deleted file mode 100644 index 15d0e8a3df5a..000000000000 --- a/mmv1/products/cloudfunctions/go_CloudFunction.yaml +++ /dev/null @@ -1,209 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudFunction' -legacy_name: 'google_cloudfunctions_function' -description: | - A Cloud Function that contains user computation executed in response to an event. -exclude_resource: true -docs: -id_format: 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' -base_url: 'projects/{{project}}/locations/{{region}}/functions' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{region}}/functions/{{cloud_function}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -collection_url_key: 'functions' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'cloud_function' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: -examples: - - name: 'cloudfunctions_cloud_function' - primary_resource_id: 'function' - primary_resource_name: 'fmt.Sprintf("tf-test-my-function%s", context["random_suffix"])' - vars: - function_name: 'my-function' - bucket_name: 'cloudfunctions-function-example-bucket' - zip_path: 'path/to/index.zip' - test_vars_overrides: - 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, testHTTPTriggerPath)' -parameters: - - name: 'region' - type: String - description: The location of this cloud function. - # This is not a real API field. - # This is a more user-centric way for users to specify - # that they want to use a HTTP Trigger rather than - # send httpsTrigger with an empty dictionary. - required: true - - name: 'trigger_http' - type: Boolean - description: 'Use HTTP to trigger this function' -properties: - - name: 'name' - type: String - description: | - A user-defined name of the function. Function names must - be unique globally and match pattern `projects/*/locations/*/functions/*`. - required: true - - name: 'description' - type: String - description: 'User-provided description of a function.' - - name: 'status' - type: Enum - description: | - Status of the function deployment. - output: true - enum_values: - - 'CLOUD_FUNCTION_STATUS_UNSPECIFIED' - - 'ACTOVE' - - 'OFFLINE' - - 'DEPLOY_IN_PROGRESS' - - 'DELETE_IN_PROGRESS' - - 'UNKNOWN' - - name: 'entryPoint' - type: String - description: | - The name of the function (as defined in source code) that will be executed. - Defaults to the resource name suffix, if not specified. For backward - compatibility, if function with given name is not found, then the system - will try to use function named "function". For Node.js this is name of a - function exported by the module specified in source_location. - - name: 'runtime' - type: String - description: | - The runtime in which the function is going to run. If empty, - defaults to Node.js 6. - - name: 'timeout' - type: String - description: | - The function execution timeout. Execution is considered failed and can - be terminated if the function is not completed at the end of the timeout - period. Defaults to 60 seconds. - - name: 'availableMemoryMb' - type: Integer - description: 'The amount of memory in MB available for a function.' - - name: 'serviceAccountEmail' - type: String - description: 'The email of the service account for this function.' - output: true - - name: 'buildServiceAccount' - type: String - description: 'The fully-qualified name of the service account to be used for the build step of deploying this function' - default_from_api: true - - name: 'updateTime' - type: String - description: 'The last update timestamp of a Cloud Function' - output: true - - name: 'versionId' - type: String - description: | - The version identifier of the Cloud Function. Each deployment attempt - results in a new version of a function being created. - output: true - - name: 'labels' - type: KeyValueLabels - description: | - A set of key/value label pairs associated with this Cloud Function. - - name: 'environmentVariables' - type: KeyValuePairs - description: | - Environment variables that shall be available during function execution. - - name: 'sourceArchiveUrl' - type: String - description: | - The Google Cloud Storage URL, starting with gs://, pointing to the zip - archive which contains the function. - exactly_one_of: - - 'source_repository' - - 'source_archive_url' - - 'source_upload_url' - - name: 'sourceUploadUrl' - type: String - description: | - The Google Cloud Storage signed URL used for source uploading. - exactly_one_of: - - 'source_repository' - - 'source_archive_url' - - 'source_upload_url' - - name: 'sourceRepository' - type: NestedObject - description: | - The source repository where a function is hosted. - exactly_one_of: - - 'source_repository' - - 'source_archive_url' - - 'source_upload_url' - properties: - - name: 'url' - type: String - description: | - The URL pointing to the hosted repository where the function is defined - required: true - - name: 'deployedUrl' - type: String - description: | - The URL pointing to the hosted repository where the function were defined - at the time of deployment. - output: true - - name: 'httpsTrigger' - type: NestedObject - description: | - An HTTPS endpoint type of source that can be triggered via URL. - properties: - - name: 'url' - type: String - description: 'The deployed url for the function.' - output: true - - name: 'eventTrigger' - type: NestedObject - description: | - An HTTPS endpoint type of source that can be triggered via URL. - properties: - - name: 'eventType' - type: String - description: | - The type of event to observe. For example: - `providers/cloud.storage/eventTypes/object.change` and - `providers/cloud.pubsub/eventTypes/topic.publish`. - required: true - - name: 'resource' - type: String - description: | - The resource(s) from which to observe events, - for example, `projects/_/buckets/myBucket.` - required: true - - name: 'service' - type: String - description: | - The hostname of the service that should be observed. diff --git a/mmv1/products/cloudfunctions/go_product.yaml b/mmv1/products/cloudfunctions/go_product.yaml deleted file mode 100644 index 0992b4ca143e..000000000000 --- a/mmv1/products/cloudfunctions/go_product.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudFunctions' -legacy_name: 'cloudfunctions' -display_name: 'Cloud Functions' -versions: - - name: 'ga' - base_url: 'https://cloudfunctions.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudfunctions/product.yaml b/mmv1/products/cloudfunctions/product.yaml index 4f796f0f2867..1ed0c30be222 100644 --- a/mmv1/products/cloudfunctions/product.yaml +++ b/mmv1/products/cloudfunctions/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2017 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,12 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudFunctions -display_name: Cloud Functions +--- +name: 'CloudFunctions' legacy_name: 'cloudfunctions' +display_name: 'Cloud Functions' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudfunctions.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://cloudfunctions.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudfunctions2/Function.yaml b/mmv1/products/cloudfunctions2/Function.yaml index 676177731d4b..c5dadbe2b121 100644 --- a/mmv1/products/cloudfunctions2/Function.yaml +++ b/mmv1/products/cloudfunctions2/Function.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,72 +11,74 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'function' -base_url: projects/{{project}}/locations/{{location}}/functions -create_url: projects/{{project}}/locations/{{location}}/functions?functionId={{name}} -self_link: projects/{{project}}/locations/{{location}}/functions/{{name}} -create_verb: :POST -update_verb: :PATCH -references: !ruby/object:Api::Resource::ReferenceLinks - api: 'https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions' description: | A Cloud Function that contains user computation executed in response to an event. -collection_url_key: 'functions' +references: + guides: + api: 'https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/functions' +self_link: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/functions?functionId={{name}}' +update_verb: 'PATCH' update_mask: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/functions/{{name}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 # It takes about 35-40 mins to get the resource created - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 60 update_minutes: 60 delete_minutes: 60 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' -import_format: - ['projects/{{project}}/locations/{{location}}/functions/{{name}}'] +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'cloud_function' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/functions/{{cloud_function}}' + - '{{cloud_function}}' +custom_code: + constants: 'templates/terraform/constants/cloudfunctions2_function.go.tmpl' + encoder: 'templates/terraform/encoders/cloudfunctions2_runtime_update_policy.go.tmpl' taint_resource_on_failed_create: true -autogen_async: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/cloudfunctions2_function.go.erb' - encoder: 'templates/terraform/encoders/cloudfunctions2_runtime_update_policy.go.erb' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_basic' + - name: 'cloudfunctions2_basic' primary_resource_id: 'function' - primary_resource_name: "fmt.Sprintf(\"tf-test-function-v2%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' vars: function: 'function-v2' bucket_name: 'gcf-source' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - location: - '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_full' + - name: 'cloudfunctions2_full' primary_resource_id: 'function' vars: bucket_name: 'gcf-source' @@ -85,18 +87,16 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - zip_path: '"./test-fixtures/function-source-pubsub.zip"' - primary_resource_id: '"terraform-test"' - location: - '"us-central1"' + 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"us-central1"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_scheduler_auth' + - name: 'cloudfunctions2_scheduler_auth' primary_resource_id: 'function' vars: bucket_name: 'gcf-source' @@ -104,19 +104,17 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - primary_resource_id: '"terraform-test"' - location: - '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_basic_gcs' + exclude_test: true + - name: 'cloudfunctions2_basic_gcs' primary_resource_id: 'function' vars: bucket_name_source: 'gcf-source-bucket' @@ -125,20 +123,16 @@ examples: function_name: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - zip_path: '"./test-fixtures/function-source-eventarc-gcs.zip"' - primary_resource_id: '"terraform-test"' - policyChanged: - "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", - \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ - )" + 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' + 'primary_resource_id': '"terraform-test"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_basic_auditlogs' + - name: 'cloudfunctions2_basic_auditlogs' primary_resource_id: 'function' vars: bucket_name_source: 'gcf-source-bucket' @@ -147,42 +141,34 @@ examples: function_name: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - zip_path: '"./test-fixtures/function-source-eventarc-gcs.zip"' - primary_resource_id: '"terraform-test"' - policyChanged: - "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", - \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ - )" + 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' + 'primary_resource_id': '"terraform-test"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_basic_builder' + - name: 'cloudfunctions2_basic_builder' primary_resource_id: 'function' - primary_resource_name: "fmt.Sprintf(\"tf-test-function-v2%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' vars: function: 'function-v2' bucket_name: 'gcf-source' zip_path: 'function-source.zip' service_account: 'gcf-sa' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - location: - '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' external_providers: ["random", "time"] - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_secret_env' + - name: 'cloudfunctions2_secret_env' primary_resource_id: 'function' vars: function: 'function-secret' @@ -190,20 +176,16 @@ examples: zip_path: 'function-source.zip' secret: 'secret' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - location: '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' - policyChanged: - "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", - \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ - )" + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_secret_volume' + - name: 'cloudfunctions2_secret_volume' primary_resource_id: 'function' vars: function: 'function-secret' @@ -211,20 +193,16 @@ examples: zip_path: 'function-source.zip' secret: 'secret' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - location: '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' - policyChanged: - "acctest.BootstrapPSARole(t, \"service-\", \"gcp-sa-pubsub\", - \"roles/cloudkms.cryptoKeyEncrypterDecrypter\"\ - )" + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_private_workerpool' + - name: 'cloudfunctions2_private_workerpool' primary_resource_id: 'function' vars: function: 'function-workerpool' @@ -232,21 +210,17 @@ examples: zip_path: 'function-source.zip' pool: 'workerpool' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - location: - '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_cmek' - skip_docs: true # the example file is written in a repetitive way to help acc tests, so exclude - skip_vcr: true + - name: 'cloudfunctions2_cmek' primary_resource_id: 'function' - min_version: beta + min_version: 'beta' vars: function: 'function-cmek' bucket_name: 'gcf-source' @@ -256,21 +230,21 @@ examples: unencoded-ar-repo: 'ar-repo' kms_key_name: 'cmek-key' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - kms_key_name: 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - location: - '"us-central1"' - zip_path: '"./test-fixtures/function-source.zip"' + 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + 'location': '"us-central1"' + 'zip_path': '"./test-fixtures/function-source.zip"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_cmek_docs' - skip_test: true # this example file will cause IAM conflicts between tests if used to make a test + # the example file is written in a repetitive way to help acc tests, so exclude + exclude_docs: true + skip_vcr: true + - name: 'cloudfunctions2_cmek_docs' primary_resource_id: 'function' - min_version: beta + min_version: 'beta' vars: function: 'function-cmek' bucket_name: 'gcf-source' @@ -280,10 +254,11 @@ examples: unencoded-ar-repo: 'ar-repo' kms_key_name: 'cmek-key' project: 'my-project-name' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_abiu' + # this example file will cause IAM conflicts between tests if used to make a test + exclude_test: true + - name: 'cloudfunctions2_abiu' primary_resource_id: 'function' - min_version: beta + min_version: 'beta' vars: bucket_name: 'gcf-source' service_account: 'gcf-sa' @@ -291,20 +266,18 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - zip_path: '"./test-fixtures/function-source-pubsub.zip"' - primary_resource_id: '"terraform-test"' - location: - '"europe-west6"' + 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"europe-west6"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudfunctions2_abiu_on_deploy' + - name: 'cloudfunctions2_abiu_on_deploy' primary_resource_id: 'function' - min_version: beta + min_version: 'beta' vars: bucket_name: 'gcf-source' service_account: 'gcf-sa' @@ -312,451 +285,447 @@ examples: function: 'gcf-function' zip_path: 'function-source.zip' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' test_vars_overrides: - zip_path: '"./test-fixtures/function-source-pubsub.zip"' - primary_resource_id: '"terraform-test"' - location: - '"europe-west6"' + 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' + 'primary_resource_id': '"terraform-test"' + 'location': '"europe-west6"' # ignore these fields during import step ignore_read_extra: - 'build_config.0.source.0.storage_source.0.object' - 'build_config.0.source.0.storage_source.0.bucket' -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'cloud_function' - method_name_separator: ':' - import_format: - [ - 'projects/{{project}}/locations/{{location}}/functions/{{cloud_function}}', - '{{cloud_function}}', - ] parameters: - - !ruby/object:Api::Type::String - name: 'location' - immutable: true - required: true - url_param_only: true + - name: 'location' + type: String description: The location of this cloud function. -properties: - - !ruby/object:Api::Type::String - name: 'name' + url_param_only: true required: true immutable: true +properties: + - name: 'name' + type: String description: | A user-defined name of the function. Function names must be unique globally and match pattern `projects/*/locations/*/functions/*`. - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - - !ruby/object:Api::Type::String - name: 'description' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'description' + type: String description: 'User-provided description of a function.' - - !ruby/object:Api::Type::Enum - name: 'environment' - output: true + - name: 'environment' + type: Enum description: 'The environment the function is hosted on.' - values: - - :ENVIRONMENT_UNSPECIFIED - - :GEN_1 - - :GEN_2 - - !ruby/object:Api::Type::String - name: 'url' output: true + enum_values: + - 'ENVIRONMENT_UNSPECIFIED' + - 'GEN_1' + - 'GEN_2' + - name: 'url' + type: String description: 'Output only. The deployed url for the function.' - - !ruby/object:Api::Type::Enum - name: 'state' output: true + - name: 'state' + type: Enum description: 'Describes the current state of the function.' - values: - - :STATE_UNSPECIFIED - - :ACTIVE - - :FAILED - - :DEPLOYING - - :DELETING - - :UNKNOWN - - !ruby/object:Api::Type::NestedObject - name: 'buildConfig' + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'ACTIVE' + - 'FAILED' + - 'DEPLOYING' + - 'DELETING' + - 'UNKNOWN' + - name: 'buildConfig' + type: NestedObject description: | Describes the Build step of the function that builds a container from the given source. properties: - - !ruby/object:Api::Type::String - name: 'build' + - name: 'build' + type: String description: | The Cloud Build name of the latest successful deployment of the function. output: true - - !ruby/object:Api::Type::String - name: 'runtime' + - name: 'runtime' + type: String description: | The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. - - !ruby/object:Api::Type::String - name: 'entryPoint' + - name: 'entryPoint' + type: String description: | The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in source_location. - - !ruby/object:Api::Type::NestedObject - name: 'source' + - name: 'source' + type: NestedObject description: 'The location of the function source code.' properties: - - !ruby/object:Api::Type::NestedObject - name: 'storageSource' + - name: 'storageSource' + type: NestedObject description: 'If provided, get the source from this location in Google Cloud Storage.' exactly_one_of: - - storage_source - - repo_source + - 'storage_source' + - 'repo_source' properties: - - !ruby/object:Api::Type::String - name: 'bucket' + - name: 'bucket' + type: String description: 'Google Cloud Storage bucket containing the source' - custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_bucket.go.erb' - - !ruby/object:Api::Type::String - name: 'object' + custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_bucket.go.tmpl' + - name: 'object' + type: String description: 'Google Cloud Storage object containing the source.' - custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_object.go.erb' - - !ruby/object:Api::Type::Integer - name: 'generation' - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_generation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_object.go.tmpl' + - name: 'generation' + type: Integer description: | Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used. - - !ruby/object:Api::Type::NestedObject - name: 'repoSource' + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/cloudfunctions2_function_source_generation.go.tmpl' + - name: 'repoSource' + type: NestedObject description: 'If provided, get the source from this location in a Cloud Source Repository.' exactly_one_of: - - storage_source - - repo_source + - 'storage_source' + - 'repo_source' properties: - - !ruby/object:Api::Type::String - name: 'projectId' - immutable: true + - name: 'projectId' + type: String description: | ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. - - !ruby/object:Api::Type::String - name: 'repoName' + immutable: true + - name: 'repoName' + type: String description: 'Name of the Cloud Source Repository.' - - !ruby/object:Api::Type::String - name: 'branchName' + - name: 'branchName' + type: String description: 'Regex matching branches to build.' exactly_one_of: - - branch_name - - tag_name - - commit_sha - - !ruby/object:Api::Type::String - name: 'tagName' + - 'branch_name' + - 'tag_name' + - 'commit_sha' + - name: 'tagName' + type: String description: 'Regex matching tags to build.' exactly_one_of: - - branch_name - - tag_name - - commit_sha - - !ruby/object:Api::Type::String - name: 'commitSha' + - 'branch_name' + - 'tag_name' + - 'commit_sha' + - name: 'commitSha' + type: String description: 'Regex matching tags to build.' exactly_one_of: - - branch_name - - tag_name - - commit_sha - - !ruby/object:Api::Type::String - name: 'dir' + - 'branch_name' + - 'tag_name' + - 'commit_sha' + - name: 'dir' + type: String description: | Directory, relative to the source root, in which to run the build. - - !ruby/object:Api::Type::Boolean - name: 'invertRegex' + - name: 'invertRegex' + type: Boolean description: | Only trigger a build if the revision regex does NOT match the revision regex. - - !ruby/object:Api::Type::String - name: 'workerPool' + - name: 'workerPool' + type: String description: 'Name of the Cloud Build Custom Worker Pool that should be used to build the function.' - - !ruby/object:Api::Type::KeyValuePairs - name: 'environmentVariables' + - name: 'environmentVariables' + type: KeyValuePairs description: | User-provided build-time environment variables for the function. default_from_api: true - - !ruby/object:Api::Type::String - name: 'dockerRepository' + - name: 'dockerRepository' + type: String description: | User managed repository created in Artifact Registry optionally with a customer managed encryption key. default_from_api: true - - !ruby/object:Api::Type::String - name: 'serviceAccount' + - name: 'serviceAccount' + type: String description: 'The fully-qualified name of the service account to be used for building the container.' default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'automaticUpdatePolicy' + - name: 'automaticUpdatePolicy' + type: NestedObject description: | Security patches are applied automatically to the runtime without requiring the function to be redeployed. - exactly_one_of: - - automatic_update_policy - - on_deploy_update_policy + default_from_api: true send_empty_value: true allow_empty_object: true - default_from_api: true - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'onDeployUpdatePolicy' + exactly_one_of: + - 'automatic_update_policy' + - 'on_deploy_update_policy' + properties: + [] + - name: 'onDeployUpdatePolicy' + type: NestedObject description: | Security patches are only applied when a function is redeployed. - exactly_one_of: - - automatic_update_policy - - on_deploy_update_policy send_empty_value: true allow_empty_object: true + exactly_one_of: + - 'automatic_update_policy' + - 'on_deploy_update_policy' properties: - - !ruby/object:Api::Type::String - name: 'runtimeVersion' - output: true + - name: 'runtimeVersion' + type: String description: | The runtime version which was used during latest function deployment. - - !ruby/object:Api::Type::NestedObject - name: 'serviceConfig' + output: true + - name: 'serviceConfig' + type: NestedObject description: 'Describes the Service being deployed.' properties: - - !ruby/object:Api::Type::String - name: 'service' + - name: 'service' + type: String description: | Name of the service associated with a Function. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'timeoutSeconds' + - name: 'timeoutSeconds' + type: Integer description: | The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds. default_from_api: true - - !ruby/object:Api::Type::String - name: 'availableMemory' + - name: 'availableMemory' + type: String description: | The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxInstanceRequestConcurrency' + - name: 'maxInstanceRequestConcurrency' + type: Integer description: 'Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1.' default_from_api: true - - !ruby/object:Api::Type::String - name: 'availableCpu' + - name: 'availableCpu' + type: String description: 'The number of CPUs used in a single container instance. Default value is calculated from available memory.' default_from_api: true - - !ruby/object:Api::Type::KeyValuePairs - name: 'environmentVariables' + - name: 'environmentVariables' + type: KeyValuePairs description: 'Environment variables that shall be available during function execution.' default_from_api: true diff_suppress_func: 'environmentVariablesDiffSuppress' - - !ruby/object:Api::Type::Integer - name: 'maxInstanceCount' + - name: 'maxInstanceCount' + type: Integer description: | The limit on the maximum number of function instances that may coexist at a given time. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'minInstanceCount' + - name: 'minInstanceCount' + type: Integer description: | The limit on the minimum number of function instances that may coexist at a given time. - - !ruby/object:Api::Type::String - name: 'vpcConnector' + - name: 'vpcConnector' + type: String description: 'The Serverless VPC Access connector that this cloud function can connect to.' - - !ruby/object:Api::Type::Enum - name: 'vpcConnectorEgressSettings' + - name: 'vpcConnectorEgressSettings' + type: Enum description: 'Available egress settings.' - values: - - :VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED - - :PRIVATE_RANGES_ONLY - - :ALL_TRAFFIC - - !ruby/object:Api::Type::Enum - name: 'ingressSettings' + enum_values: + - 'VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED' + - 'PRIVATE_RANGES_ONLY' + - 'ALL_TRAFFIC' + - name: 'ingressSettings' + type: Enum description: 'Available ingress settings. Defaults to "ALLOW_ALL" if unspecified.' - values: - - :ALLOW_ALL - - :ALLOW_INTERNAL_ONLY - - :ALLOW_INTERNAL_AND_GCLB - default_value: :ALLOW_ALL - - !ruby/object:Api::Type::String - name: 'uri' + default_value: "ALLOW_ALL" + enum_values: + - 'ALLOW_ALL' + - 'ALLOW_INTERNAL_ONLY' + - 'ALLOW_INTERNAL_AND_GCLB' + - name: 'uri' + type: String description: 'URI of the Service deployed.' output: true - - !ruby/object:Api::Type::String - name: 'gcfUri' + - name: 'gcfUri' + type: String description: 'URIs of the Service deployed' output: true - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' + - name: 'serviceAccountEmail' + type: String description: 'The email of the service account for this function.' default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'allTrafficOnLatestRevision' + - name: 'allTrafficOnLatestRevision' + type: Boolean description: 'Whether 100% of traffic is routed to the latest revision. Defaults to true.' default_value: true - - !ruby/object:Api::Type::Array - name: 'secretEnvironmentVariables' + - name: 'secretEnvironmentVariables' + type: Array description: 'Secret environment variables configuration.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: key + - name: 'key' + type: String description: | Name of the environment variable. required: true - - !ruby/object:Api::Type::String - name: projectId + - name: 'projectId' + type: String description: | Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. required: true - - !ruby/object:Api::Type::String - name: secret + - name: 'secret' + type: String description: | Name of the secret in secret manager (not the full resource name). required: true - - !ruby/object:Api::Type::String - name: version + - name: 'version' + type: String description: | Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start. required: true - - !ruby/object:Api::Type::Array - name: 'secretVolumes' + - name: 'secretVolumes' + type: Array description: 'Secret volumes configuration.' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: mountPath + - name: 'mountPath' + type: String description: | The path within the container to mount the secret volume. For example, setting the mountPath as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets required: true - - !ruby/object:Api::Type::String - name: projectId + - name: 'projectId' + type: String description: | Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. required: true - - !ruby/object:Api::Type::String - name: secret + - name: 'secret' + type: String description: | Name of the secret in secret manager (not the full resource name). required: true - - !ruby/object:Api::Type::Array - name: 'versions' + - name: 'versions' + type: Array description: List of secret versions to mount for this secret. If empty, the latest version of the secret will be made available in a file named after the secret under the mount point.' default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: version + - name: 'version' + type: String description: | Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately. required: true - - !ruby/object:Api::Type::String - name: path + - name: 'path' + type: String description: | Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as '/etc/secrets' and path as secret_foo would mount the secret value file at /etc/secrets/secret_foo. required: true - - !ruby/object:Api::Type::NestedObject - name: 'eventTrigger' + - name: 'eventTrigger' + type: NestedObject description: | An Eventarc trigger managed by Google Cloud Functions that fires events in response to a condition in another service. properties: - - !ruby/object:Api::Type::String - name: 'trigger' + - name: 'trigger' + type: String description: 'Output only. The resource name of the Eventarc trigger.' output: true - - !ruby/object:Api::Type::String - name: 'triggerRegion' + - name: 'triggerRegion' + type: String description: | The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function. default_from_api: true - - !ruby/object:Api::Type::String - name: 'eventType' + - name: 'eventType' + type: String description: 'Required. The type of event to observe.' - - !ruby/object:Api::Type::Array - name: 'eventFilters' + - name: 'eventFilters' + type: Array description: 'Criteria used to filter events.' is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: attribute + - name: 'attribute' + type: String description: | 'Required. The name of a CloudEvents attribute. Currently, only a subset of attributes are supported for filtering. Use the `gcloud eventarc providers describe` command to learn more about events and their attributes. Do not filter for the 'type' attribute here, as this is already achieved by the resource's `event_type` attribute. required: true - - !ruby/object:Api::Type::String - name: value + - name: 'value' + type: String description: | Required. The value for the attribute. If the operator field is set as `match-path-pattern`, this value can be a path pattern instead of an exact value. required: true - - !ruby/object:Api::Type::String - name: operator + - name: 'operator' + type: String description: | Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`. [See documentation on path patterns here](https://cloud.google.com/eventarc/docs/path-patterns)' - - !ruby/object:Api::Type::String - name: 'pubsubTopic' + - name: 'pubsubTopic' + type: String description: | The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. default_from_api: true - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' + - name: 'serviceAccountEmail' + type: String description: | Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services. If empty, defaults to the Compute Engine default service account: {project_number}-compute@developer.gserviceaccount.com. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'retryPolicy' + - name: 'retryPolicy' + type: Enum description: | Describes the retry policy in case of function's execution failure. Retried execution is charged as any other execution. - values: - - :RETRY_POLICY_UNSPECIFIED - - :RETRY_POLICY_DO_NOT_RETRY - - :RETRY_POLICY_RETRY - - !ruby/object:Api::Type::String - name: 'updateTime' - output: true + enum_values: + - 'RETRY_POLICY_UNSPECIFIED' + - 'RETRY_POLICY_DO_NOT_RETRY' + - 'RETRY_POLICY_RETRY' + - name: 'updateTime' + type: String description: 'The last update timestamp of a Cloud Function.' - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: | A set of key/value label pairs associated with this Cloud Function. - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. diff --git a/mmv1/products/cloudfunctions2/go_Function.yaml b/mmv1/products/cloudfunctions2/go_Function.yaml deleted file mode 100644 index 002d0be758d7..000000000000 --- a/mmv1/products/cloudfunctions2/go_Function.yaml +++ /dev/null @@ -1,717 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'function' -description: | - A Cloud Function that contains user computation executed in response to an event. -references: - guides: - api: 'https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/functions' -self_link: 'projects/{{project}}/locations/{{location}}/functions/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/functions?functionId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/functions/{{name}}' -timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'cloud_function' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/functions/{{cloud_function}}' - - '{{cloud_function}}' -custom_code: - constants: 'templates/terraform/constants/go/cloudfunctions2_function.go.tmpl' - encoder: 'templates/terraform/encoders/go/cloudfunctions2_runtime_update_policy.go.tmpl' -taint_resource_on_failed_create: true -examples: - - name: 'cloudfunctions2_basic' - primary_resource_id: 'function' - primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' - vars: - function: 'function-v2' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_full' - primary_resource_id: 'function' - vars: - bucket_name: 'gcf-source' - service_account: 'gcf-sa' - topic: 'functions2-topic' - function: 'gcf-function' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' - 'primary_resource_id': '"terraform-test"' - 'location': '"us-central1"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_scheduler_auth' - primary_resource_id: 'function' - vars: - bucket_name: 'gcf-source' - service_account: 'gcf-sa' - function: 'gcf-function' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'primary_resource_id': '"terraform-test"' - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - skip_test: true - - name: 'cloudfunctions2_basic_gcs' - primary_resource_id: 'function' - vars: - bucket_name_source: 'gcf-source-bucket' - bucket_name_trigger: 'gcf-trigger-bucket' - service_account: 'gcf-sa' - function_name: 'gcf-function' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' - 'primary_resource_id': '"terraform-test"' - 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_basic_auditlogs' - primary_resource_id: 'function' - vars: - bucket_name_source: 'gcf-source-bucket' - bucket_name_auditlogs: 'gcf-auditlog-bucket' - service_account: 'gcf-sa' - function_name: 'gcf-function' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'zip_path': '"./test-fixtures/function-source-eventarc-gcs.zip"' - 'primary_resource_id': '"terraform-test"' - 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_basic_builder' - primary_resource_id: 'function' - primary_resource_name: 'fmt.Sprintf("tf-test-function-v2%s", context["random_suffix"])' - vars: - function: 'function-v2' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - service_account: 'gcf-sa' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - external_providers: ["random", "time"] - - name: 'cloudfunctions2_secret_env' - primary_resource_id: 'function' - vars: - function: 'function-secret' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - secret: 'secret' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_secret_volume' - primary_resource_id: 'function' - vars: - function: 'function-secret' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - secret: 'secret' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "gcp-sa-pubsub", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_private_workerpool' - primary_resource_id: 'function' - vars: - function: 'function-workerpool' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - pool: 'workerpool' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_cmek' - primary_resource_id: 'function' - min_version: 'beta' - vars: - function: 'function-cmek' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - kms_service_name: 'cloudkms.googleapis.com' - cmek-repo: 'cmek-repo' - unencoded-ar-repo: 'ar-repo' - kms_key_name: 'cmek-key' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - 'location': '"us-central1"' - 'zip_path': '"./test-fixtures/function-source.zip"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - skip_docs: true - skip_vcr: true - - name: 'cloudfunctions2_cmek_docs' - primary_resource_id: 'function' - min_version: 'beta' - vars: - function: 'function-cmek' - bucket_name: 'gcf-source' - zip_path: 'function-source.zip' - kms_service_name: 'cloudkms.googleapis.com' - cmek-repo: 'cmek-repo' - unencoded-ar-repo: 'ar-repo' - kms_key_name: 'cmek-key' - project: 'my-project-name' - skip_test: true - - name: 'cloudfunctions2_abiu' - primary_resource_id: 'function' - min_version: 'beta' - vars: - bucket_name: 'gcf-source' - service_account: 'gcf-sa' - topic: 'functions2-topic' - function: 'gcf-function' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' - 'primary_resource_id': '"terraform-test"' - 'location': '"europe-west6"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' - - name: 'cloudfunctions2_abiu_on_deploy' - primary_resource_id: 'function' - min_version: 'beta' - vars: - bucket_name: 'gcf-source' - service_account: 'gcf-sa' - topic: 'functions2-topic' - function: 'gcf-function' - zip_path: 'function-source.zip' - test_env_vars: - project: 'PROJECT_NAME' - test_vars_overrides: - 'zip_path': '"./test-fixtures/function-source-pubsub.zip"' - 'primary_resource_id': '"terraform-test"' - 'location': '"europe-west6"' - ignore_read_extra: - - 'build_config.0.source.0.storage_source.0.object' - - 'build_config.0.source.0.storage_source.0.bucket' -parameters: - - name: 'location' - type: String - description: The location of this cloud function. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - A user-defined name of the function. Function names must - be unique globally and match pattern `projects/*/locations/*/functions/*`. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'description' - type: String - description: 'User-provided description of a function.' - - name: 'environment' - type: Enum - description: 'The environment the function is hosted on.' - output: true - enum_values: - - 'ENVIRONMENT_UNSPECIFIED' - - 'GEN_1' - - 'GEN_2' - - name: 'url' - type: String - description: 'Output only. The deployed url for the function.' - output: true - - name: 'state' - type: Enum - description: 'Describes the current state of the function.' - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'ACTIVE' - - 'FAILED' - - 'DEPLOYING' - - 'DELETING' - - 'UNKNOWN' - - name: 'buildConfig' - type: NestedObject - description: | - Describes the Build step of the function that builds a container - from the given source. - properties: - - name: 'build' - type: String - description: | - The Cloud Build name of the latest successful - deployment of the function. - output: true - - name: 'runtime' - type: String - description: | - The runtime in which to run the function. Required when deploying a new - function, optional when updating an existing function. - - name: 'entryPoint' - type: String - description: | - The name of the function (as defined in source code) that will be executed. - Defaults to the resource name suffix, if not specified. For backward - compatibility, if function with given name is not found, then the system - will try to use function named "function". For Node.js this is name of a - function exported by the module specified in source_location. - - name: 'source' - type: NestedObject - description: 'The location of the function source code.' - properties: - - name: 'storageSource' - type: NestedObject - description: - 'If provided, get the source from this location in Google Cloud - Storage.' - exactly_one_of: - - 'storage_source' - - 'repo_source' - properties: - - name: 'bucket' - type: String - description: 'Google Cloud Storage bucket containing the source' - custom_flatten: 'templates/terraform/custom_flatten/go/cloudfunctions2_function_source_bucket.go.tmpl' - - name: 'object' - type: String - description: - 'Google Cloud Storage object containing the source.' - custom_flatten: 'templates/terraform/custom_flatten/go/cloudfunctions2_function_source_object.go.tmpl' - - name: 'generation' - type: Integer - description: | - Google Cloud Storage generation for the object. If the generation - is omitted, the latest generation will be used. - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/cloudfunctions2_function_source_generation.go.tmpl' - - name: 'repoSource' - type: NestedObject - description: - 'If provided, get the source from this location in a Cloud Source - Repository.' - exactly_one_of: - - 'storage_source' - - 'repo_source' - properties: - - name: 'projectId' - type: String - description: | - ID of the project that owns the Cloud Source Repository. If omitted, the - project ID requesting the build is assumed. - immutable: true - - name: 'repoName' - type: String - description: 'Name of the Cloud Source Repository.' - - name: 'branchName' - type: String - description: 'Regex matching branches to build.' - exactly_one_of: - - 'branch_name' - - 'tag_name' - - 'commit_sha' - - name: 'tagName' - type: String - description: 'Regex matching tags to build.' - exactly_one_of: - - 'branch_name' - - 'tag_name' - - 'commit_sha' - - name: 'commitSha' - type: String - description: 'Regex matching tags to build.' - exactly_one_of: - - 'branch_name' - - 'tag_name' - - 'commit_sha' - - name: 'dir' - type: String - description: | - Directory, relative to the source root, in which to run the build. - - name: 'invertRegex' - type: Boolean - description: | - Only trigger a build if the revision regex does - NOT match the revision regex. - - name: 'workerPool' - type: String - description: - 'Name of the Cloud Build Custom Worker Pool that should be used to - build the function.' - - name: 'environmentVariables' - type: KeyValuePairs - description: | - User-provided build-time environment variables for the function. - default_from_api: true - - name: 'dockerRepository' - type: String - description: | - User managed repository created in Artifact Registry optionally with a customer managed encryption key. - default_from_api: true - - name: 'serviceAccount' - type: String - description: 'The fully-qualified name of the service account to be used for building the container.' - default_from_api: true - - name: 'automaticUpdatePolicy' - type: NestedObject - description: | - Security patches are applied automatically to the runtime without requiring - the function to be redeployed. - default_from_api: true - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'automatic_update_policy' - - 'on_deploy_update_policy' - properties: - [] - - name: 'onDeployUpdatePolicy' - type: NestedObject - description: | - Security patches are only applied when a function is redeployed. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'automatic_update_policy' - - 'on_deploy_update_policy' - properties: - - name: 'runtimeVersion' - type: String - description: | - The runtime version which was used during latest function deployment. - output: true - - name: 'serviceConfig' - type: NestedObject - description: 'Describes the Service being deployed.' - properties: - - name: 'service' - type: String - description: | - Name of the service associated with a Function. - default_from_api: true - - name: 'timeoutSeconds' - type: Integer - description: | - The function execution timeout. Execution is considered failed and - can be terminated if the function is not completed at the end of the - timeout period. Defaults to 60 seconds. - default_from_api: true - - name: 'availableMemory' - type: String - description: | - The amount of memory available for a function. - Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is - supplied the value is interpreted as bytes. - default_from_api: true - - name: 'maxInstanceRequestConcurrency' - type: Integer - description: - 'Sets the maximum number of concurrent requests that each instance can - receive. Defaults to 1.' - default_from_api: true - - name: 'availableCpu' - type: String - description: - 'The number of CPUs used in a single container instance. Default value - is calculated from available memory.' - default_from_api: true - - name: 'environmentVariables' - type: KeyValuePairs - description: - 'Environment variables that shall be available during function - execution.' - default_from_api: true - diff_suppress_func: 'environmentVariablesDiffSuppress' - - name: 'maxInstanceCount' - type: Integer - description: | - The limit on the maximum number of function instances that may coexist at a - given time. - default_from_api: true - - name: 'minInstanceCount' - type: Integer - description: | - The limit on the minimum number of function instances that may coexist at a - given time. - - name: 'vpcConnector' - type: String - description: - 'The Serverless VPC Access connector that this cloud function can - connect to.' - - name: 'vpcConnectorEgressSettings' - type: Enum - description: 'Available egress settings.' - enum_values: - - 'VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED' - - 'PRIVATE_RANGES_ONLY' - - 'ALL_TRAFFIC' - - name: 'ingressSettings' - type: Enum - description: - 'Available ingress settings. Defaults to "ALLOW_ALL" if unspecified.' - default_value: "ALLOW_ALL" - enum_values: - - 'ALLOW_ALL' - - 'ALLOW_INTERNAL_ONLY' - - 'ALLOW_INTERNAL_AND_GCLB' - - name: 'uri' - type: String - description: 'URI of the Service deployed.' - output: true - - name: 'gcfUri' - type: String - description: 'URIs of the Service deployed' - output: true - - name: 'serviceAccountEmail' - type: String - description: 'The email of the service account for this function.' - default_from_api: true - - name: 'allTrafficOnLatestRevision' - type: Boolean - description: - 'Whether 100% of traffic is routed to the latest revision. Defaults to - true.' - default_value: true - - name: 'secretEnvironmentVariables' - type: Array - description: 'Secret environment variables configuration.' - item_type: - type: NestedObject - properties: - - name: 'key' - type: String - description: | - Name of the environment variable. - required: true - - name: 'projectId' - type: String - description: | - Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. - required: true - - name: 'secret' - type: String - description: | - Name of the secret in secret manager (not the full resource name). - required: true - - name: 'version' - type: String - description: | - Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start. - required: true - - name: 'secretVolumes' - type: Array - description: 'Secret volumes configuration.' - item_type: - type: NestedObject - properties: - - name: 'mountPath' - type: String - description: | - The path within the container to mount the secret volume. For example, setting the mountPath as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets - required: true - - name: 'projectId' - type: String - description: | - Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function. - required: true - - name: 'secret' - type: String - description: | - Name of the secret in secret manager (not the full resource name). - required: true - - name: 'versions' - type: Array - description: - List of secret versions to mount for this secret. If empty, the - latest version of the secret will be made available in a file - named after the secret under the mount point.' - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'version' - type: String - description: | - Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately. - required: true - - name: 'path' - type: String - description: | - Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as '/etc/secrets' and path as secret_foo would mount the secret value file at /etc/secrets/secret_foo. - required: true - - name: 'eventTrigger' - type: NestedObject - description: | - An Eventarc trigger managed by Google Cloud Functions that fires events in - response to a condition in another service. - properties: - - name: 'trigger' - type: String - description: 'Output only. The resource name of the Eventarc trigger.' - output: true - - name: 'triggerRegion' - type: String - description: | - The region that the trigger will be in. The trigger will only receive - events originating in this region. It can be the same - region as the function, a different region or multi-region, or the global - region. If not provided, defaults to the same region as the function. - default_from_api: true - - name: 'eventType' - type: String - description: 'Required. The type of event to observe.' - - name: 'eventFilters' - type: Array - description: 'Criteria used to filter events.' - is_set: true - item_type: - type: NestedObject - properties: - - name: 'attribute' - type: String - description: | - 'Required. The name of a CloudEvents attribute. - Currently, only a subset of attributes are supported for filtering. Use the `gcloud eventarc providers describe` command to learn more about events and their attributes. - Do not filter for the 'type' attribute here, as this is already achieved by the resource's `event_type` attribute. - required: true - - name: 'value' - type: String - description: | - Required. The value for the attribute. - If the operator field is set as `match-path-pattern`, this value can be a path pattern instead of an exact value. - required: true - - name: 'operator' - type: String - description: | - Optional. The operator used for matching the events with the value of - the filter. If not specified, only events that have an exact key-value - pair specified in the filter are matched. - The only allowed value is `match-path-pattern`. - [See documentation on path patterns here](https://cloud.google.com/eventarc/docs/path-patterns)' - - name: 'pubsubTopic' - type: String - description: | - The name of a Pub/Sub topic in the same project that will be used - as the transport topic for the event delivery. - default_from_api: true - - name: 'serviceAccountEmail' - type: String - description: | - Optional. The email of the trigger's service account. The service account - must have permission to invoke Cloud Run services. If empty, defaults to the - Compute Engine default service account: {project_number}-compute@developer.gserviceaccount.com. - default_from_api: true - - name: 'retryPolicy' - type: Enum - description: | - Describes the retry policy in case of function's execution failure. - Retried execution is charged as any other execution. - enum_values: - - 'RETRY_POLICY_UNSPECIFIED' - - 'RETRY_POLICY_DO_NOT_RETRY' - - 'RETRY_POLICY_RETRY' - - name: 'updateTime' - type: String - description: 'The last update timestamp of a Cloud Function.' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - A set of key/value label pairs associated with this Cloud Function. - - name: 'kmsKeyName' - type: String - description: | - Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. - It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. diff --git a/mmv1/products/cloudfunctions2/go_product.yaml b/mmv1/products/cloudfunctions2/go_product.yaml deleted file mode 100644 index 48d6ff6888bd..000000000000 --- a/mmv1/products/cloudfunctions2/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Cloudfunctions2' -display_name: 'Cloud Functions (2nd gen)' -versions: - - name: 'beta' - base_url: 'https://cloudfunctions.googleapis.com/v2beta/' - - name: 'ga' - base_url: 'https://cloudfunctions.googleapis.com/v2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudfunctions2/product.yaml b/mmv1/products/cloudfunctions2/product.yaml index 09fbf22fa7dc..e3a9eff862f4 100644 --- a/mmv1/products/cloudfunctions2/product.yaml +++ b/mmv1/products/cloudfunctions2/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Cloudfunctions2 -display_name: Cloud Functions (2nd gen) -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'Cloudfunctions2' +display_name: 'Cloud Functions (2nd gen)' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://cloudfunctions.googleapis.com/v2beta/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudfunctions.googleapis.com/v2/ + - name: 'beta' + base_url: 'https://cloudfunctions.googleapis.com/v2beta/' + - name: 'ga' + base_url: 'https://cloudfunctions.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudidentity/Group.yaml b/mmv1/products/cloudidentity/Group.yaml index 0fe37e0e21aa..f3b8b25de0b2 100644 --- a/mmv1/products/cloudidentity/Group.yaml +++ b/mmv1/products/cloudidentity/Group.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,82 +11,85 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Group' -base_url: 'groups?initialGroupConfig={{initial_group_config}}' -update_url: '{{name}}' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true description: | A Cloud Identity resource representing a Group. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/setup' api: 'https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups' -async: !ruby/object:Provider::Terraform::PollAsync - check_response_func_existence: transport_tpg.PollCheckForExistenceWith403 - check_response_func_absence: transport_tpg.PollCheckForAbsenceWith403 - target_occurrences: 10 - actions: ['create', 'update', 'delete'] -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. -import_format: ['{{name}}'] -skip_sweeper: true +base_url: 'groups?initialGroupConfig={{initial_group_config}}' +self_link: '{{name}}' +update_url: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'transport_tpg.PollCheckForExistenceWith403' + check_response_func_absence: 'transport_tpg.PollCheckForAbsenceWith403' + suppress_error: false + target_occurrences: 10 + actions: ['create', 'update', 'delete'] +custom_code: + post_create: 'templates/terraform/post_create/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/cloud_identity_group_import.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: - 'cloud_identity_groups_basic' - # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously - skip_test: true + - name: 'cloud_identity_groups_basic' primary_resource_id: 'cloud_identity_group_basic' vars: id_group: 'my-identity-group' test_env_vars: - org_domain: :ORG_DOMAIN - cust_id: :CUST_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/set_computed_name.erb - custom_import: templates/terraform/custom_import/cloud_identity_group_import.go.erb + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + exclude_test: true parameters: - - !ruby/object:Api::Type::Enum - name: 'initialGroupConfig' + - name: 'initialGroupConfig' + type: Enum description: | The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) for possible values. - values: + url_param_only: true + immutable: true + default_value: "EMPTY" + enum_values: - 'INITIAL_GROUP_CONFIG_UNSPECIFIED' - 'WITH_INITIAL_OWNER' - 'EMPTY' - default_value: :EMPTY - url_param_only: true - immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Resource name of the Group in the format: groups/{group_id}, where group_id is the unique ID assigned to the Group. - - !ruby/object:Api::Type::NestedObject - name: 'groupKey' - required: true - immutable: true + output: true + - name: 'groupKey' + type: NestedObject description: | EntityKey of the Group. + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'id' - required: true - immutable: true + - name: 'id' + type: String description: | The ID of the entity. @@ -97,9 +100,10 @@ properties: to the Identity Source's requirements. Must be unique within a namespace. - - !ruby/object:Api::Type::String - name: 'namespace' + required: true immutable: true + - name: 'namespace' + type: String description: | The namespace in which the entity exists. @@ -109,34 +113,35 @@ properties: If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`. - - !ruby/object:Api::Type::String - name: 'parent' - required: true - immutable: true + immutable: true + - name: 'parent' + type: String description: | The resource name of the entity under which this Group resides in the Cloud Identity resource hierarchy. Must be of the form identitysources/{identity_source_id} for external-identity-mapped groups or customers/{customer_id} for Google Groups. - - !ruby/object:Api::Type::String - name: 'displayName' + required: true + immutable: true + - name: 'displayName' + type: String description: | The display name of the Group. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An extended description to help users determine the purpose of a Group. Must not be longer than 4,096 characters. - - !ruby/object:Api::Type::Array - name: 'additionalGroupKeys' - output: true + - name: 'additionalGroupKeys' + type: Array description: 'Additional group keys associated with the Group' - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'id' - output: true + - name: 'id' + type: String description: | The ID of the entity. @@ -147,9 +152,9 @@ properties: to the Identity Source's requirements. Must be unique within a namespace. - - !ruby/object:Api::Type::String - name: 'namespace' output: true + - name: 'namespace' + type: String description: | The namespace in which the entity exists. @@ -159,19 +164,19 @@ properties: If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`. - - !ruby/object:Api::Type::String - name: 'createTime' - output: true + output: true + - name: 'createTime' + type: String description: | The time when the Group was created. - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'updateTime' + type: String description: | The time when the Group was last updated. - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' - required: true + output: true + - name: 'labels' + type: KeyValuePairs description: | One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value. @@ -182,3 +187,4 @@ properties: Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic. Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value. + required: true diff --git a/mmv1/products/cloudidentity/GroupMembership.yaml b/mmv1/products/cloudidentity/GroupMembership.yaml index bca79a961574..c89d41f2607a 100644 --- a/mmv1/products/cloudidentity/GroupMembership.yaml +++ b/mmv1/products/cloudidentity/GroupMembership.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,87 +11,85 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'GroupMembership' -base_url: '{{group}}/memberships' -self_link: '{{name}}' description: | A Membership defines a relationship between a Group and an entity belonging to that Group, referred to as a "member". -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/memberships-google-groups' api: 'https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships' -immutable: true -read_error_transform: 'transformCloudIdentityGroupMembershipReadError' -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billing_project` and set `user_project_override` to true in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billing_project` you defined. -import_format: ['{{%name}}'] -skip_sweeper: true +base_url: '{{group}}/memberships' +self_link: '{{name}}' +immutable: true +import_format: + - '{{%name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/set_computed_name.tmpl' + custom_update: 'templates/terraform/custom_update/cloud_identity_group_membership.go.tmpl' + post_import: 'templates/terraform/post_import/cloud_identity_group_membership.go.tmpl' +exclude_sweeper: true +read_error_transform: 'transformCloudIdentityGroupMembershipReadError' examples: - - !ruby/object:Provider::Terraform::Examples - name: - 'cloud_identity_group_membership' - # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously - skip_test: true + - name: 'cloud_identity_group_membership' primary_resource_id: 'cloud_identity_group_membership_basic' vars: id_group: 'my-identity-group' test_env_vars: - org_domain: :ORG_DOMAIN - cust_id: :CUST_ID - - !ruby/object:Provider::Terraform::Examples - name: - 'cloud_identity_group_membership_user' - # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously - skip_test: true + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + exclude_test: true + - name: 'cloud_identity_group_membership_user' primary_resource_id: 'cloud_identity_group_membership_basic' vars: id_group: 'my-identity-group' test_env_vars: - org_domain: :ORG_DOMAIN - cust_id: :CUST_ID - identity_user: :IDENTITY_USER -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/set_computed_name.erb - post_import: templates/terraform/post_import/cloud_identity_group_membership.go.erb - custom_update: templates/terraform/custom_update/cloud_identity_group_membership.go.erb - + org_domain: 'ORG_DOMAIN' + cust_id: 'CUST_ID' + identity_user: 'IDENTITY_USER' + # Has a handwritten test due to CloudIdentityGroup-related tests needing to run synchronously + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'group' - resource: 'Group' - imports: 'name' + - name: 'group' + type: ResourceRef description: | The name of the Group to create this membership in. + url_param_only: true required: true immutable: true - url_param_only: true + resource: 'Group' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The resource name of the Membership, of the form groups/{group_id}/memberships/{membership_id}. - - !ruby/object:Api::Type::NestedObject - name: 'memberKey' - immutable: true + output: true + - name: 'memberKey' + type: NestedObject description: | EntityKey of the member. - min_version: beta - exactly_one_of: - - member_key - - preferred_member_key + min_version: 'beta' + immutable: true default_from_api: true + exactly_one_of: + - 'member_key' + - 'preferred_member_key' properties: - - !ruby/object:Api::Type::String - name: 'id' - required: true - immutable: true + - name: 'id' + type: String description: | The ID of the entity. @@ -102,9 +100,10 @@ properties: to the Identity Source's requirements. Must be unique within a namespace. - - !ruby/object:Api::Type::String - name: 'namespace' + required: true immutable: true + - name: 'namespace' + type: String description: | The namespace in which the entity exists. @@ -114,20 +113,19 @@ properties: If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`. - - !ruby/object:Api::Type::NestedObject - name: 'preferredMemberKey' - immutable: true + immutable: true + - name: 'preferredMemberKey' + type: NestedObject description: | EntityKey of the member. - exactly_one_of: - - member_key - - preferred_member_key + immutable: true default_from_api: true + exactly_one_of: + - 'member_key' + - 'preferred_member_key' properties: - - !ruby/object:Api::Type::String - name: 'id' - required: true - immutable: true + - name: 'id' + type: String description: | The ID of the entity. @@ -138,9 +136,10 @@ properties: to the Identity Source's requirements. Must be unique within a namespace. - - !ruby/object:Api::Type::String - name: 'namespace' + required: true immutable: true + - name: 'namespace' + type: String description: | The namespace in which the entity exists. @@ -150,45 +149,46 @@ properties: If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`. - - !ruby/object:Api::Type::String - name: 'createTime' - output: true + immutable: true + - name: 'createTime' + type: String description: | The time when the Membership was created. - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'updateTime' + type: String description: | The time when the Membership was last updated. - - !ruby/object:Api::Type::Array - name: 'roles' - required: true + output: true + - name: 'roles' + type: Array description: | The MembershipRoles that apply to the Membership. Must not contain duplicate MembershipRoles with the same name. - update_verb: :POST - update_url: '{{name}}:modifyMembershipRoles' is_set: true - item_type: !ruby/object:Api::Type::NestedObject + required: true + update_url: '{{name}}:modifyMembershipRoles' + update_verb: 'POST' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'name' - required: true + - name: 'name' + type: Enum description: | The name of the MembershipRole. Must be one of OWNER, MANAGER, MEMBER. - values: - - :OWNER - - :MANAGER - - :MEMBER - - !ruby/object:Api::Type::NestedObject - name: 'expiryDetail' + required: true + enum_values: + - 'OWNER' + - 'MANAGER' + - 'MEMBER' + - name: 'expiryDetail' + type: NestedObject description: | The MembershipRole expiry details, only supported for MEMBER role. Other roles cannot be accompanied with MEMBER role having expiry. properties: - - !ruby/object:Api::Type::String - name: 'expireTime' - required: true + - name: 'expireTime' + type: String description: | The time at which the MembershipRole will expire. @@ -196,8 +196,9 @@ properties: resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::String - name: 'type' - output: true + required: true + - name: 'type' + type: String description: | The type of the membership. + output: true diff --git a/mmv1/products/cloudidentity/go_Group.yaml b/mmv1/products/cloudidentity/go_Group.yaml deleted file mode 100644 index e9c661ae3599..000000000000 --- a/mmv1/products/cloudidentity/go_Group.yaml +++ /dev/null @@ -1,190 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Group' -description: | - A Cloud Identity resource representing a Group. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/setup' - api: 'https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -base_url: 'groups?initialGroupConfig={{initial_group_config}}' -self_link: '{{name}}' -update_url: '{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - type: 'PollAsync' - check_response_func_existence: 'transport_tpg.PollCheckForExistenceWith403' - check_response_func_absence: 'transport_tpg.PollCheckForAbsenceWith403' - suppress_error: false - target_occurrences: 10 - actions: ['create', 'update', 'delete'] -custom_code: - post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' - custom_import: 'templates/terraform/custom_import/go/cloud_identity_group_import.go.tmpl' -exclude_sweeper: true -examples: - - name: 'cloud_identity_groups_basic' - primary_resource_id: 'cloud_identity_group_basic' - vars: - id_group: 'my-identity-group' - test_env_vars: - org_domain: 'ORG_DOMAIN' - cust_id: 'CUST_ID' - skip_test: true -parameters: - - name: 'initialGroupConfig' - type: Enum - description: | - The initial configuration options for creating a Group. - - See the - [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) - for possible values. - url_param_only: true - immutable: true - default_value: "EMPTY" - enum_values: - - 'INITIAL_GROUP_CONFIG_UNSPECIFIED' - - 'WITH_INITIAL_OWNER' - - 'EMPTY' -properties: - - name: 'name' - type: String - description: | - Resource name of the Group in the format: groups/{group_id}, where group_id - is the unique ID assigned to the Group. - output: true - - name: 'groupKey' - type: NestedObject - description: | - EntityKey of the Group. - required: true - immutable: true - properties: - - name: 'id' - type: String - description: | - The ID of the entity. - - For Google-managed entities, the id must be the email address of an existing - group or user. - - For external-identity-mapped entities, the id must be a string conforming - to the Identity Source's requirements. - - Must be unique within a namespace. - required: true - immutable: true - - name: 'namespace' - type: String - description: | - The namespace in which the entity exists. - - If not specified, the EntityKey represents a Google-managed entity - such as a Google user or a Google Group. - - If specified, the EntityKey represents an external-identity-mapped group. - The namespace must correspond to an identity source created in Admin Console - and must be in the form of `identitysources/{identity_source_id}`. - immutable: true - - name: 'parent' - type: String - description: | - The resource name of the entity under which this Group resides in the - Cloud Identity resource hierarchy. - - Must be of the form identitysources/{identity_source_id} for external-identity-mapped - groups or customers/{customer_id} for Google Groups. - required: true - immutable: true - - name: 'displayName' - type: String - description: | - The display name of the Group. - - name: 'description' - type: String - description: | - An extended description to help users determine the purpose of a Group. - Must not be longer than 4,096 characters. - - name: 'additionalGroupKeys' - type: Array - description: 'Additional group keys associated with the Group' - output: true - item_type: - type: NestedObject - properties: - - name: 'id' - type: String - description: | - The ID of the entity. - - For Google-managed entities, the id must be the email address of an existing - group or user. - - For external-identity-mapped entities, the id must be a string conforming - to the Identity Source's requirements. - - Must be unique within a namespace. - output: true - - name: 'namespace' - type: String - description: | - The namespace in which the entity exists. - - If not specified, the EntityKey represents a Google-managed entity - such as a Google user or a Google Group. - - If specified, the EntityKey represents an external-identity-mapped group. - The namespace must correspond to an identity source created in Admin Console - and must be in the form of `identitysources/{identity_source_id}`. - output: true - - name: 'createTime' - type: String - description: | - The time when the Group was created. - output: true - - name: 'updateTime' - type: String - description: | - The time when the Group was last updated. - output: true - - name: 'labels' - type: KeyValuePairs - description: | - One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value. - - Google Groups are the default type of group and have a label with a key of cloudidentity.googleapis.com/groups.discussion_forum and an empty value. - - Existing Google Groups can have an additional label with a key of cloudidentity.googleapis.com/groups.security and an empty value added to them. This is an immutable change and the security label cannot be removed once added. - - Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic. - - Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value. - required: true diff --git a/mmv1/products/cloudidentity/go_GroupMembership.yaml b/mmv1/products/cloudidentity/go_GroupMembership.yaml deleted file mode 100644 index 2b9110fc7a93..000000000000 --- a/mmv1/products/cloudidentity/go_GroupMembership.yaml +++ /dev/null @@ -1,203 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'GroupMembership' -description: | - A Membership defines a relationship between a Group and an entity belonging to that Group, referred to as a "member". -references: - guides: - 'Official Documentation': 'https://cloud.google.com/identity/docs/how-to/memberships-google-groups' - api: 'https://cloud.google.com/identity/docs/reference/rest/v1/groups.memberships' -docs: - warning: | - If you are using User ADCs (Application Default Credentials) with this resource, - you must specify a `billing_project` and set `user_project_override` to true - in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. - Your account must have the `serviceusage.services.use` permission on the - `billing_project` you defined. -base_url: '{{group}}/memberships' -self_link: '{{name}}' -immutable: true -import_format: - - '{{%name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' - custom_update: 'templates/terraform/custom_update/go/cloud_identity_group_membership.go.tmpl' - post_import: 'templates/terraform/post_import/go/cloud_identity_group_membership.go.tmpl' -exclude_sweeper: true -read_error_transform: 'transformCloudIdentityGroupMembershipReadError' -examples: - - name: 'cloud_identity_group_membership' - primary_resource_id: 'cloud_identity_group_membership_basic' - vars: - id_group: 'my-identity-group' - test_env_vars: - org_domain: 'ORG_DOMAIN' - cust_id: 'CUST_ID' - skip_test: true - - name: 'cloud_identity_group_membership_user' - primary_resource_id: 'cloud_identity_group_membership_basic' - vars: - id_group: 'my-identity-group' - test_env_vars: - org_domain: 'ORG_DOMAIN' - cust_id: 'CUST_ID' - identity_user: 'IDENTITY_USER' - skip_test: true -parameters: - - name: 'group' - type: ResourceRef - description: | - The name of the Group to create this membership in. - url_param_only: true - required: true - immutable: true - resource: 'Group' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The resource name of the Membership, of the form groups/{group_id}/memberships/{membership_id}. - output: true - - name: 'memberKey' - type: NestedObject - description: | - EntityKey of the member. - min_version: 'beta' - immutable: true - default_from_api: true - exactly_one_of: - - 'member_key' - - 'preferred_member_key' - properties: - - name: 'id' - type: String - description: | - The ID of the entity. - - For Google-managed entities, the id must be the email address of an existing - group or user. - - For external-identity-mapped entities, the id must be a string conforming - to the Identity Source's requirements. - - Must be unique within a namespace. - required: true - immutable: true - - name: 'namespace' - type: String - description: | - The namespace in which the entity exists. - - If not specified, the EntityKey represents a Google-managed entity - such as a Google user or a Google Group. - - If specified, the EntityKey represents an external-identity-mapped group. - The namespace must correspond to an identity source created in Admin Console - and must be in the form of `identitysources/{identity_source_id}`. - immutable: true - - name: 'preferredMemberKey' - type: NestedObject - description: | - EntityKey of the member. - immutable: true - default_from_api: true - exactly_one_of: - - 'member_key' - - 'preferred_member_key' - properties: - - name: 'id' - type: String - description: | - The ID of the entity. - - For Google-managed entities, the id must be the email address of an existing - group or user. - - For external-identity-mapped entities, the id must be a string conforming - to the Identity Source's requirements. - - Must be unique within a namespace. - required: true - immutable: true - - name: 'namespace' - type: String - description: | - The namespace in which the entity exists. - - If not specified, the EntityKey represents a Google-managed entity - such as a Google user or a Google Group. - - If specified, the EntityKey represents an external-identity-mapped group. - The namespace must correspond to an identity source created in Admin Console - and must be in the form of `identitysources/{identity_source_id}`. - immutable: true - - name: 'createTime' - type: String - description: | - The time when the Membership was created. - output: true - - name: 'updateTime' - type: String - description: | - The time when the Membership was last updated. - output: true - - name: 'roles' - type: Array - description: | - The MembershipRoles that apply to the Membership. - Must not contain duplicate MembershipRoles with the same name. - is_set: true - required: true - update_url: '{{name}}:modifyMembershipRoles' - update_verb: 'POST' - item_type: - type: NestedObject - properties: - - name: 'name' - type: Enum - description: | - The name of the MembershipRole. Must be one of OWNER, MANAGER, MEMBER. - required: true - enum_values: - - 'OWNER' - - 'MANAGER' - - 'MEMBER' - - name: 'expiryDetail' - type: NestedObject - description: | - The MembershipRole expiry details, only supported for MEMBER role. - Other roles cannot be accompanied with MEMBER role having expiry. - properties: - - name: 'expireTime' - type: String - description: | - The time at which the MembershipRole will expire. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond - resolution and up to nine fractional digits. - - Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - required: true - - name: 'type' - type: String - description: | - The type of the membership. - output: true diff --git a/mmv1/products/cloudidentity/go_product.yaml b/mmv1/products/cloudidentity/go_product.yaml deleted file mode 100644 index 14883c7af453..000000000000 --- a/mmv1/products/cloudidentity/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudIdentity' -display_name: 'Cloud Identity' -versions: - - name: 'ga' - base_url: 'https://cloudidentity.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://cloudidentity.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/cloudidentity/product.yaml b/mmv1/products/cloudidentity/product.yaml index 47233708b0a0..65640b3aa9c2 100644 --- a/mmv1/products/cloudidentity/product.yaml +++ b/mmv1/products/cloudidentity/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudIdentity -display_name: Cloud Identity +--- +name: 'CloudIdentity' +display_name: 'Cloud Identity' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudidentity.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://cloudidentity.googleapis.com/v1beta1/ + - name: 'ga' + base_url: 'https://cloudidentity.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://cloudidentity.googleapis.com/v1beta1/' scopes: - - https://www.googleapis.com/auth/cloud-identity + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/cloudids/Endpoint.yaml b/mmv1/products/cloudids/Endpoint.yaml index b45d08d4e3b6..11076d3f7e30 100644 --- a/mmv1/products/cloudids/Endpoint.yaml +++ b/mmv1/products/cloudids/Endpoint.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,93 +11,111 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Endpoint' -base_url: 'projects/{{project}}/locations/{{location}}/endpoints' -create_url: 'projects/{{project}}/locations/{{location}}/endpoints?endpointId={{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' -create_verb: :POST -update_verb: :PATCH -update_mask: true description: | Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/intrusion-detection-system/docs/configuring-ids' +docs: id_format: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/endpoints' +self_link: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/endpoints?endpointId={{name}}' +update_verb: 'PATCH' +update_mask: true import_format: - ['projects/{{project}}/locations/{{location}}/endpoints/{{name}}'] + - 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 autogen_async: true -skip_sweeper: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 2000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudids_endpoint' - primary_resource_id: - 'example-endpoint' + - name: 'cloudids_endpoint' + primary_resource_id: 'example-endpoint' # skip_test set to true since the example is identical to what's in the _test.go file. - skip_test: true + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'location' - required: true - url_param_only: true - immutable: true + - name: 'location' + type: String description: | The location for the endpoint. - ignore_read: true -properties: - - !ruby/object:Api::Type::String - name: 'name' + url_param_only: true required: true immutable: true + ignore_read: true +properties: + - name: 'name' + type: String description: | Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}. - custom_flatten: 'templates/terraform/custom_flatten/id_from_name.erb' - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - - !ruby/object:Api::Type::String - name: 'createTime' - output: true + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/id_from_name.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'createTime' + type: String description: | Creation timestamp in RFC 3339 text format. - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'updateTime' + type: String description: | Last update timestamp in RFC 3339 text format. - - !ruby/object:Api::Type::String - name: 'network' - required: true - immutable: true + output: true + - name: 'network' + type: String description: | Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net"). - - !ruby/object:Api::Type::String + required: true immutable: true - name: 'description' + - name: 'description' + type: String description: | An optional description of the endpoint. - - !ruby/object:Api::Type::String - name: 'endpointForwardingRule' - output: true + immutable: true + - name: 'endpointForwardingRule' + type: String description: | URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring. - - !ruby/object:Api::Type::String - name: 'endpointIp' output: true + - name: 'endpointIp' + type: String description: | Internal IP address of the endpoint's network entry point. - - !ruby/object:Api::Type::Enum - name: 'severity' - required: true - immutable: true + output: true + - name: 'severity' + type: Enum description: | The minimum alert severity level that is reported by the endpoint. - values: - - :INFORMATIONAL - - :LOW - - :MEDIUM - - :HIGH - - :CRITICAL - - !ruby/object:Api::Type::Array - name: 'threatExceptions' + required: true + immutable: true + enum_values: + - 'INFORMATIONAL' + - 'LOW' + - 'MEDIUM' + - 'HIGH' + - 'CRITICAL' + - name: 'threatExceptions' + type: Array description: | Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs. - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/cloudids/go_Endpoint.yaml b/mmv1/products/cloudids/go_Endpoint.yaml deleted file mode 100644 index a2b2bd6377ab..000000000000 --- a/mmv1/products/cloudids/go_Endpoint.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Endpoint' -description: | - Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network. -references: - guides: - api: 'https://cloud.google.com/intrusion-detection-system/docs/configuring-ids' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/endpoints' -self_link: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/endpoints?endpointId={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 2000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -exclude_sweeper: true -examples: - - name: 'cloudids_endpoint' - primary_resource_id: 'example-endpoint' - skip_test: true -parameters: - - name: 'location' - type: String - description: | - The location for the endpoint. - url_param_only: true - required: true - immutable: true - ignore_read: true -properties: - - name: 'name' - type: String - description: | - Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/id_from_name.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'createTime' - type: String - description: | - Creation timestamp in RFC 3339 text format. - output: true - - name: 'updateTime' - type: String - description: | - Last update timestamp in RFC 3339 text format. - output: true - - name: 'network' - type: String - description: | - Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net"). - required: true - immutable: true - - name: 'description' - type: String - description: | - An optional description of the endpoint. - immutable: true - - name: 'endpointForwardingRule' - type: String - description: | - URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring. - output: true - - name: 'endpointIp' - type: String - description: | - Internal IP address of the endpoint's network entry point. - output: true - - name: 'severity' - type: Enum - description: | - The minimum alert severity level that is reported by the endpoint. - required: true - immutable: true - enum_values: - - 'INFORMATIONAL' - - 'LOW' - - 'MEDIUM' - - 'HIGH' - - 'CRITICAL' - - name: 'threatExceptions' - type: Array - description: | - Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs. - item_type: - type: String diff --git a/mmv1/products/cloudids/go_product.yaml b/mmv1/products/cloudids/go_product.yaml deleted file mode 100644 index ffe8c33468fa..000000000000 --- a/mmv1/products/cloudids/go_product.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudIds' -display_name: 'Cloud Intrusion Detection Service' -versions: - - name: 'ga' - base_url: 'https://ids.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloudids' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 2000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/cloudids/product.yaml b/mmv1/products/cloudids/product.yaml index 36f529f6ed64..bd3761940ce6 100644 --- a/mmv1/products/cloudids/product.yaml +++ b/mmv1/products/cloudids/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,29 +11,23 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudIds -display_name: Cloud Intrusion Detection Service +--- +name: 'CloudIds' +display_name: 'Cloud Intrusion Detection Service' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://ids.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://ids.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloudids -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - 'https://www.googleapis.com/auth/cloudids' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 2000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/cloudquotas/QuotaPreference.yaml b/mmv1/products/cloudquotas/QuotaPreference.yaml index caba3b5b9d59..bc7d6c9e391c 100644 --- a/mmv1/products/cloudquotas/QuotaPreference.yaml +++ b/mmv1/products/cloudquotas/QuotaPreference.yaml @@ -11,148 +11,150 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'QuotaPreference' description: | QuotaPreference represents the preferred quota configuration specified for a project, folder or organization. There is only one QuotaPreference resource for a quota value targeting a unique set of dimensions. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Cloud Quotas Overview': 'https://cloud.google.com/docs/quotas/overview' api: 'https://cloud.google.com/docs/quotas/reference/rest/v1/projects.locations.quotaPreferences' +docs: +id_format: '{{parent}}/locations/global/quotaPreferences/{{name}}' base_url: '{{parent}}/locations/global/quotaPreferences' self_link: '{{parent}}/locations/global/quotaPreferences/{{name}}' create_url: '{{parent}}/locations/global/quotaPreferences?quotaPreferenceId={{name}}&ignoreSafetyChecks={{ignore_safety_checks}}' update_url: '{{parent}}/locations/global/quotaPreferences/{{name}}?ignoreSafetyChecks={{ignore_safety_checks}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -skip_delete: true -autogen_async: false -import_format: ['{{%parent}}/locations/global/quotaPreferences/{{name}}'] -id_format: '{{parent}}/locations/global/quotaPreferences/{{name}}' - +exclude_delete: true +import_format: + - '{{%parent}}/locations/global/quotaPreferences/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "cloudquotas_quota_preference_basic" - primary_resource_id: "preference" - skip_test: true + - name: 'cloudquotas_quota_preference_basic' + primary_resource_id: 'preference' vars: - name: "compute_googleapis_com-CPUS-per-project_us-east1" + name: 'compute_googleapis_com-CPUS-per-project_us-east1' test_env_vars: - project: :PROJECT_NAME - + project: 'PROJECT_NAME' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'parent' - immutable: true + - name: 'parent' + type: String + description: The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]". url_param_only: true required: true + immutable: true default_from_api: true - description: The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]". - - !ruby/object:Api::Type::Enum - name: 'ignore_safety_checks' - url_param_only: true - default_value: :QUOTA_SAFETY_CHECK_UNSPECIFIED + - name: 'ignore_safety_checks' + type: Enum description: The list of quota safety checks to be ignored. - values: - - :QUOTA_SAFETY_CHECK_UNSPECIFIED - - :QUOTA_DECREASE_BELOW_USAGE - - :QUOTA_DECREASE_PERCENTAGE_TOO_HIGH - + url_param_only: true + default_value: "QUOTA_SAFETY_CHECK_UNSPECIFIED" + enum_values: + - 'QUOTA_SAFETY_CHECK_UNSPECIFIED' + - 'QUOTA_DECREASE_BELOW_USAGE' + - 'QUOTA_DECREASE_PERCENTAGE_TOO_HIGH' properties: - - !ruby/object:Api::Type::String - name: 'name' - default_from_api: true + - name: 'name' + type: String description: | The resource name of the quota preference. Required except in the CREATE requests. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'service' - required: true default_from_api: true + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + - name: 'service' + type: String description: The name of the service to which the quota preference is applied. - - !ruby/object:Api::Type::String - name: 'quotaId' required: true default_from_api: true + - name: 'quotaId' + type: String description: | The id of the quota to which the quota preference is applied. A quota id is unique in the service. Example: `CPUS-per-project-region`. - - !ruby/object:Api::Type::NestedObject - name: 'quotaConfig' required: true + default_from_api: true + - name: 'quotaConfig' + type: NestedObject description: The preferred quota configuration. + required: true properties: - - !ruby/object:Api::Type::String - name: 'preferredValue' - required: true + - name: 'preferredValue' + type: String description: | The preferred value. Must be greater than or equal to -1. If set to -1, it means the value is "unlimited". - - !ruby/object:Api::Type::String - name: 'stateDetail' - output: true + required: true + - name: 'stateDetail' + type: String description: Optional details about the state of this quota preference. - - !ruby/object:Api::Type::String - name: 'grantedValue' output: true + - name: 'grantedValue' + type: String description: Granted quota value. - - !ruby/object:Api::Type::String - name: 'traceId' - custom_expand: 'templates/terraform/custom_expand/cloudquotas_quota_preference_trace_id.go.erb' output: true + - name: 'traceId' + type: String description: | The trace id that the Google Cloud uses to provision the requested quota. This trace id may be used by the client to contact Cloud support to track the state of a quota preference request. The trace id is only produced for increase requests and is unique for each request. The quota decrease requests do not have a trace id. - - !ruby/object:Api::Type::KeyValuePairs - name: 'annotations' - custom_flatten: 'templates/terraform/custom_flatten/cloudquotas_quota_preference_annotations.go.erb' + output: true + custom_expand: 'templates/terraform/custom_expand/cloudquotas_quota_preference_trace_id.go.tmpl' + - name: 'annotations' + type: KeyValuePairs description: |- The annotations map for clients to store small amounts of arbitrary data. Do not put PII or other sensitive information here. See https://google.aip.dev/128#annotations. An object containing a list of "key: value" pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. - - !ruby/object:Api::Type::String - name: 'requestOrigin' - output: true + custom_flatten: 'templates/terraform/custom_flatten/cloudquotas_quota_preference_annotations.go.tmpl' + - name: 'requestOrigin' + type: String description: The origin of the quota preference request. - - !ruby/object:Api::Type::KeyValuePairs - name: 'dimensions' - default_from_api: true + output: true + - name: 'dimensions' + type: KeyValuePairs description: |- The dimensions that this quota preference applies to. The key of the map entry is the name of a dimension, such as "region", "zone", "network_id", and the value of the map entry is the dimension value. If a dimension is missing from the map of dimensions, the quota preference applies to all the dimension values except for those that have other quota preferences configured for the specific value. NOTE: QuotaPreferences can only be applied across all values of "user" and "resource" dimension. Do not set values for "user" or "resource" in the dimension map. Example: `{"provider": "Foo Inc"}` where "provider" is a service specific dimension. - - !ruby/object:Api::Type::String - name: 'etag' - output: true + default_from_api: true + - name: 'etag' + type: String description: | The current etag of the quota preference. If an etag is provided on update and does not match the current server's etag of the quota preference, the request will be blocked and an ABORTED error will be returned. See https://google.aip.dev/134#etags for more details on etags. - - !ruby/object:Api::Type::String - name: 'createTime' output: true + - name: 'createTime' + type: String description: | Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'updateTime' + type: String description: | Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. - - !ruby/object:Api::Type::Boolean - name: 'reconciling' output: true + - name: 'reconciling' + type: Boolean description: | Is the quota preference pending Google Cloud approval and fulfillment. - - !ruby/object:Api::Type::String - name: 'justification' - ignore_read: true + output: true + - name: 'justification' + type: String description: The reason / justification for this quota preference. - - !ruby/object:Api::Type::String - name: 'contactEmail' ignore_read: true + - name: 'contactEmail' + type: String description: |- An email address that can be used for quota related communication between the Google Cloud and the user in case the Google Cloud needs further information to make a decision on whether the user preferred quota can be granted. The Google account for the email address must have quota update permission for the project, folder or organization this quota preference is for. + ignore_read: true diff --git a/mmv1/products/cloudquotas/go_QuotaPreference.yaml b/mmv1/products/cloudquotas/go_QuotaPreference.yaml deleted file mode 100644 index 545053f4c29a..000000000000 --- a/mmv1/products/cloudquotas/go_QuotaPreference.yaml +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'QuotaPreference' -description: | - QuotaPreference represents the preferred quota configuration specified for a project, folder or organization. There is only one QuotaPreference resource for a quota value targeting a unique set of dimensions. -references: - guides: - 'Cloud Quotas Overview': 'https://cloud.google.com/docs/quotas/overview' - api: 'https://cloud.google.com/docs/quotas/reference/rest/v1/projects.locations.quotaPreferences' -docs: -id_format: '{{parent}}/locations/global/quotaPreferences/{{name}}' -base_url: '{{parent}}/locations/global/quotaPreferences' -self_link: '{{parent}}/locations/global/quotaPreferences/{{name}}' -create_url: '{{parent}}/locations/global/quotaPreferences?quotaPreferenceId={{name}}&ignoreSafetyChecks={{ignore_safety_checks}}' -update_url: '{{parent}}/locations/global/quotaPreferences/{{name}}?ignoreSafetyChecks={{ignore_safety_checks}}' -update_verb: 'PATCH' -update_mask: true -exclude_delete: true -import_format: - - '{{%parent}}/locations/global/quotaPreferences/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'cloudquotas_quota_preference_basic' - primary_resource_id: 'preference' - vars: - name: 'compute_googleapis_com-CPUS-per-project_us-east1' - test_env_vars: - project: 'PROJECT_NAME' - skip_test: true -parameters: - - name: 'parent' - type: String - description: The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]". - url_param_only: true - required: true - immutable: true - default_from_api: true - - name: 'ignore_safety_checks' - type: Enum - description: The list of quota safety checks to be ignored. - url_param_only: true - default_value: "QUOTA_SAFETY_CHECK_UNSPECIFIED" - enum_values: - - 'QUOTA_SAFETY_CHECK_UNSPECIFIED' - - 'QUOTA_DECREASE_BELOW_USAGE' - - 'QUOTA_DECREASE_PERCENTAGE_TOO_HIGH' -properties: - - name: 'name' - type: String - description: | - The resource name of the quota preference. Required except in the CREATE requests. - default_from_api: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - - name: 'service' - type: String - description: The name of the service to which the quota preference is applied. - required: true - default_from_api: true - - name: 'quotaId' - type: String - description: | - The id of the quota to which the quota preference is applied. A quota id is unique in the service. - Example: `CPUS-per-project-region`. - required: true - default_from_api: true - - name: 'quotaConfig' - type: NestedObject - description: The preferred quota configuration. - required: true - properties: - - name: 'preferredValue' - type: String - description: | - The preferred value. Must be greater than or equal to -1. If set to -1, it means the value is "unlimited". - required: true - - name: 'stateDetail' - type: String - description: Optional details about the state of this quota preference. - output: true - - name: 'grantedValue' - type: String - description: Granted quota value. - output: true - - name: 'traceId' - type: String - description: | - The trace id that the Google Cloud uses to provision the requested quota. This trace id may be used by the client to contact Cloud support to track the state of a quota preference request. The trace id is only produced for increase requests and is unique for each request. The quota decrease requests do not have a trace id. - output: true - custom_expand: 'templates/terraform/custom_expand/go/cloudquotas_quota_preference_trace_id.go.tmpl' - - name: 'annotations' - type: KeyValuePairs - description: |- - The annotations map for clients to store small amounts of arbitrary data. Do not put PII or other sensitive information here. See https://google.aip.dev/128#annotations. - - An object containing a list of "key: value" pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. - custom_flatten: 'templates/terraform/custom_flatten/go/cloudquotas_quota_preference_annotations.go.tmpl' - - name: 'requestOrigin' - type: String - description: The origin of the quota preference request. - output: true - - name: 'dimensions' - type: KeyValuePairs - description: |- - The dimensions that this quota preference applies to. The key of the map entry is the name of a dimension, such as "region", "zone", "network_id", and the value of the map entry is the dimension value. If a dimension is missing from the map of dimensions, the quota preference applies to all the dimension values except for those that have other quota preferences configured for the specific value. - - NOTE: QuotaPreferences can only be applied across all values of "user" and "resource" dimension. Do not set values for "user" or "resource" in the dimension map. - - Example: `{"provider": "Foo Inc"}` where "provider" is a service specific dimension. - default_from_api: true - - name: 'etag' - type: String - description: | - The current etag of the quota preference. If an etag is provided on update and does not match the current server's etag of the quota preference, the request will be blocked and an ABORTED error will be returned. See https://google.aip.dev/134#etags for more details on etags. - output: true - - name: 'createTime' - type: String - description: | - Create time stamp. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. - output: true - - name: 'updateTime' - type: String - description: | - Update time stamp. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. - output: true - - name: 'reconciling' - type: Boolean - description: | - Is the quota preference pending Google Cloud approval and fulfillment. - output: true - - name: 'justification' - type: String - description: The reason / justification for this quota preference. - ignore_read: true - - name: 'contactEmail' - type: String - description: |- - An email address that can be used for quota related communication between the Google Cloud and the user in case the Google Cloud needs further information to make a decision on whether the user preferred quota can be granted. - - The Google account for the email address must have quota update permission for the project, folder or organization this quota preference is for. - ignore_read: true diff --git a/mmv1/products/cloudquotas/go_product.yaml b/mmv1/products/cloudquotas/go_product.yaml deleted file mode 100644 index af7296cf7925..000000000000 --- a/mmv1/products/cloudquotas/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudQuotas' -display_name: 'Cloud Quotas' -versions: - - name: 'ga' - base_url: 'https://cloudquotas.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudquotas/product.yaml b/mmv1/products/cloudquotas/product.yaml index 53c82344b0d2..740dfc91284b 100644 --- a/mmv1/products/cloudquotas/product.yaml +++ b/mmv1/products/cloudquotas/product.yaml @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudQuotas -display_name: Cloud Quotas +--- +name: 'CloudQuotas' +display_name: 'Cloud Quotas' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudquotas.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://cloudquotas.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudrun/DomainMapping.yaml b/mmv1/products/cloudrun/DomainMapping.yaml index 64f6a575726b..7bc3a80cee43 100644 --- a/mmv1/products/cloudrun/DomainMapping.yaml +++ b/mmv1/products/cloudrun/DomainMapping.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,171 +11,182 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: DomainMapping -kind: DomainMapping -base_url: apis/domains.cloudrun.com/v1/namespaces/{{project}}/domainmappings -cai_base_url: projects/{{project}}/locations/{{location}}/DomainMappings -references: !ruby/object:Api::Resource::ReferenceLinks +--- +name: 'DomainMapping' +kind: 'DomainMapping' +description: |- + Resource to hold the state and status of a user's domain mapping. +references: guides: 'Official Documentation': 'https://cloud.google.com/run/docs/mapping-custom-domains' api: 'https://cloud.google.com/run/docs/reference/rest/v1/projects.locations.domainmappings' -description: |- - Resource to hold the state and status of a user's domain mapping. -immutable: true +docs: id_format: 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' +base_url: 'apis/domains.cloudrun.com/v1/namespaces/{{project}}/domainmappings' +cai_base_url: 'projects/{{project}}/locations/{{location}}/DomainMappings' +immutable: true import_format: - ['locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}'] -error_retry_predicates: ['transport_tpg.IsCloudRunCreationConflict'] -async: !ruby/object:Provider::Terraform::PollAsync - check_response_func_existence: PollCheckKnativeStatusFunc(res) + - 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'PollCheckKnativeStatusFunc(res)' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 actions: ['create', 'update'] +custom_code: + constants: 'templates/terraform/constants/cloud_run_domain_mapping.go.tmpl' + encoder: 'templates/terraform/encoders/cloud_run_domain_mapping.go.tmpl' + decoder: 'templates/terraform/decoders/cloud_run.go.tmpl' +custom_diff: + - 'hasMetadata' +error_retry_predicates: + + - 'transport_tpg.IsCloudRunCreationConflict' +schema_version: 1 +state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_domain_mapping_basic' + - name: 'cloud_run_domain_mapping_basic' primary_resource_id: 'default' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: - namespace: :PROJECT_NAME -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: 'templates/terraform/encoders/cloud_run_domain_mapping.go.erb' - decoder: 'templates/terraform/decoders/cloud_run.go.erb' - constants: templates/terraform/constants/cloud_run_domain_mapping.go.erb -custom_diff: [ - 'hasMetadata', -] -state_upgraders: true -schema_version: 1 + namespace: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: The location of the cloud run instance. eg us-central1 url_param_only: true required: true properties: - - !ruby/object:Api::Type::String - name: name - url_param_only: true - immutable: true + - name: 'name' + type: String description: |- Name should be a [verified](https://support.google.com/webmasters/answer/9008080) domain + url_param_only: true required: true - - !ruby/object:Api::Type::NestedObject - name: status + immutable: true + - name: 'status' + type: NestedObject description: The current status of the DomainMapping. output: true properties: - - !ruby/object:Api::Type::Array - name: conditions + - name: 'conditions' + type: Array description: |- Array of observed DomainMappingConditions, indicating the current state of the DomainMapping. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: message - output: true + - name: 'message' + type: String description: |- Human readable message indicating details about the current status. - - !ruby/object:Api::Type::String - name: status output: true + - name: 'status' + type: String description: Status of the condition, one of True, False, Unknown. - - !ruby/object:Api::Type::String - name: reason output: true + - name: 'reason' + type: String description: |- One-word CamelCase reason for the condition's current status. - - !ruby/object:Api::Type::String - name: type output: true + - name: 'type' + type: String description: Type of domain mapping condition. - - !ruby/object:Api::Type::Integer - name: observedGeneration + output: true + - name: 'observedGeneration' + type: Integer description: |- ObservedGeneration is the 'Generation' of the DomainMapping that was last processed by the controller. output: true - - !ruby/object:Api::Type::Array - name: resourceRecords + - name: 'resourceRecords' + type: Array description: |- The resource records required to configure this domain mapping. These records must be added to the domain's DNS configuration in order to serve the application via this domain mapping. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: 'Resource record type. Example: `AAAA`.' - values: - - :A - - :AAAA - - :CNAME - - !ruby/object:Api::Type::String - name: rrdata - output: true + enum_values: + - 'A' + - 'AAAA' + - 'CNAME' + - name: 'rrdata' + type: String description: |- Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). - - !ruby/object:Api::Type::String - name: name output: true + - name: 'name' + type: String description: |- Relative name of the object affected by this record. Only applicable for `CNAME` records. Example: 'www'. - - !ruby/object:Api::Type::String - name: mappedRouteName - output: true + output: true + - name: 'mappedRouteName' + type: String description: The name of the route that the mapping currently points to. - - !ruby/object:Api::Type::NestedObject - name: spec + output: true + - name: 'spec' + type: NestedObject description: The spec for this DomainMapping. required: true properties: - - !ruby/object:Api::Type::Boolean - name: forceOverride + - name: 'forceOverride' + type: Boolean description: |- If set, the mapping will override any mapping set before this spec was set. It is recommended that the user leaves this empty to receive an error warning about a potential conflict and only set it once the respective UI has given such a warning. - custom_flatten: templates/terraform/custom_flatten/cloudrun_ignore_force_override.go.erb - - !ruby/object:Api::Type::String - name: routeName - required: true + custom_flatten: 'templates/terraform/custom_flatten/cloudrun_ignore_force_override.go.tmpl' + - name: 'routeName' + type: String description: |- The name of the Cloud Run Service that this DomainMapping applies to. The route must exist. - custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.erb' + required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::Enum - name: certificateMode + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + - name: 'certificateMode' + type: Enum description: The mode of the certificate. - values: - - :NONE - - :AUTOMATIC - default_value: :AUTOMATIC - - !ruby/object:Api::Type::NestedObject - name: metadata - default_from_api: true + default_value: "AUTOMATIC" + enum_values: + - 'NONE' + - 'AUTOMATIC' + - name: 'metadata' + type: NestedObject description: Metadata associated with this DomainMapping. + default_from_api: true properties: - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - - !ruby/object:Api::Type::Integer - name: generation + - name: 'generation' + type: Integer description: |- A sequence number representing a specific generation of the desired state. output: true - - !ruby/object:Api::Type::String - name: resourceVersion + - name: 'resourceVersion' + type: String description: |- An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used @@ -186,28 +197,28 @@ properties: More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency output: true - - !ruby/object:Api::Type::String - name: selfLink + - name: 'selfLink' + type: String description: |- SelfLink is a URL representing this object. output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: |- UID is a unique id generated by the server on successful creation of a resource and is not allowed to change on PUT operations. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids output: true - - !ruby/object:Api::Type::String - name: namespace - required: true + - name: 'namespace' + type: String description: |- In Cloud Run the namespace must be equal to either the project ID or project number. - custom_flatten: templates/terraform/custom_flatten/set_to_project.go.erb - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + required: true + custom_flatten: 'templates/terraform/custom_flatten/set_to_project.go.tmpl' + - name: 'annotations' + type: KeyValueAnnotations description: |- Annotations is a key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. diff --git a/mmv1/products/cloudrun/Service.yaml b/mmv1/products/cloudrun/Service.yaml index 2a277edcd829..dbc773c694ea 100644 --- a/mmv1/products/cloudrun/Service.yaml +++ b/mmv1/products/cloudrun/Service.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,212 +11,209 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Service -kind: Service -base_url: apis/serving.knative.dev/v1/namespaces/{{project}}/services -cai_base_url: projects/{{project}}/locations/{{location}}/services -references: !ruby/object:Api::Resource::ReferenceLinks +--- +name: 'Service' +kind: 'Service' +description: |- + A Cloud Run service has a unique endpoint and autoscales containers. +references: guides: 'Official Documentation': 'https://cloud.google.com/run/docs/' api: 'https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services' -description: |- - A Cloud Run service has a unique endpoint and autoscales containers. -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: ':' - parent_resource_attribute: 'service' - base_url: v1/projects/{{project}}/locations/{{location}}/services/{{service}} - import_format: - [ - 'projects/{{project}}/locations/{{location}}/services/{{service}}', - '{{service}}', - ] -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | We recommend using the `google_cloud_run_v2_service` resource which offers a better developer experience and broader support of Cloud Run features. id_format: 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' +base_url: 'apis/serving.knative.dev/v1/namespaces/{{project}}/services' +cai_base_url: 'projects/{{project}}/locations/{{location}}/services' import_format: - ['locations/{{location}}/namespaces/{{project}}/services/{{name}}'] -error_retry_predicates: ['transport_tpg.IsCloudRunCreationConflict'] -async: !ruby/object:Provider::Terraform::PollAsync - check_response_func_existence: PollCheckKnativeStatusFunc(res) + - 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + type: 'PollAsync' + check_response_func_existence: 'PollCheckKnativeStatusFunc(res)' + check_response_func_absence: 'transport_tpg.PollCheckForAbsence' + suppress_error: false + target_occurrences: 1 actions: ['create', 'update'] +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'service' + base_url: 'v1/projects/{{project}}/locations/{{location}}/services/{{service}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/services/{{service}}' + - '{{service}}' +custom_code: + constants: 'templates/terraform/constants/cloud_run_service.go.tmpl' + encoder: 'templates/terraform/encoders/cloud_run_service.go.tmpl' + decoder: 'templates/terraform/decoders/cloud_run.go.tmpl' +custom_diff: + - 'revisionNameCustomizeDiff' +error_retry_predicates: + + - 'transport_tpg.IsCloudRunCreationConflict' +schema_version: 2 +state_upgrade_base_schema_version: 1 +state_upgraders: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_basic' + - name: 'cloud_run_service_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: - project: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_sql' + project: 'PROJECT_NAME' + - name: 'cloud_run_service_gpu' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'cloud_run_service_sql' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-srv' cloud_run_sql_name: 'cloudrun-sql' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'autogenerate_revision_name' - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_noauth' + - name: 'cloud_run_service_noauth' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: - project: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_multiple_environment_variables' + project: 'PROJECT_NAME' + - name: 'cloud_run_service_multiple_environment_variables' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'autogenerate_revision_name' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_secret_environment_variables' + exclude_docs: true + - name: 'cloud_run_service_secret_environment_variables' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-srv' secret_id: 'secret' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'autogenerate_revision_name' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_secret_volumes' + exclude_docs: true + - name: 'cloud_run_service_secret_volumes' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-srv' secret_id: 'secret' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'autogenerate_revision_name' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_probes' + exclude_docs: true + - name: 'cloud_run_service_probes' primary_resource_id: 'default' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: - project: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_run_service_multicontainer' - min_version: beta + project: 'PROJECT_NAME' + - name: 'cloud_run_service_multicontainer' primary_resource_id: 'default' + min_version: 'beta' vars: cloud_run_service_name: 'cloudrun-srv' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'autogenerate_revision_name' - default_value: false + - name: 'autogenerate_revision_name' description: | If set to `true`, the revision name (template.metadata.name) will be omitted and autogenerated by Cloud Run. This cannot be set to `true` while `template.metadata.name` is also set. (For legacy support, if `template.metadata.name` is unset in state while this field is set to false, the revision name will still autogenerate.) -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: 'templates/terraform/encoders/cloud_run_service.go.erb' - decoder: 'templates/terraform/decoders/cloud_run.go.erb' - constants: templates/terraform/constants/cloud_run_service.go.erb -custom_diff: [ - 'revisionNameCustomizeDiff', -] -state_upgraders: true -state_upgrade_base_schema_version: 1 -schema_version: 2 + type: Boolean + default_value: false parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: The location of the cloud run instance. eg us-central1 url_param_only: true required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: name - # This is a convenience field as terraform expects `name` to be a top level property - url_param_only: true - immutable: true + - name: 'name' + type: String description: |- Name must be unique within a Google Cloud project and region. Is required when creating resources. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + # This is a convenience field as terraform expects `name` to be a top level property + url_param_only: true required: true - - !ruby/object:Api::Type::NestedObject - name: spec - required: true + immutable: true + - name: 'spec' + type: NestedObject description: Spec holds the desired state of the Service (from the client). + required: true flatten_object: true properties: - - !ruby/object:Api::Type::Array - name: traffic + - name: 'traffic' + type: Array description: |- Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: revisionName + - name: 'revisionName' + type: String description: |- RevisionName of a specific revision to which to send this portion of traffic. - - !ruby/object:Api::Type::Integer - name: percent - required: true + - name: 'percent' + type: Integer description: |- Percent specifies percent of the traffic to this Revision or Configuration. - - !ruby/object:Api::Type::String - name: tag + required: true + - name: 'tag' + type: String description: |- Tag is optionally used to expose a dedicated url for referencing this target exclusively. - - !ruby/object:Api::Type::Boolean - name: latestRevision + - name: 'latestRevision' + type: Boolean description: |- LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - - !ruby/object:Api::Type::String - name: url - output: true + - name: 'url' + type: String description: |- URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - - !ruby/object:Api::Type::NestedObject - name: template + output: true + - name: 'template' + type: NestedObject description: |- template holds the latest specification for the Revision to be stamped out. The template references the container image, and may also @@ -229,8 +226,8 @@ properties: Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. properties: - - !ruby/object:Api::Type::NestedObject - name: metadata + - name: 'metadata' + type: NestedObject description: |- Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances @@ -241,20 +238,20 @@ properties: annotation key. default_from_api: true properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + - name: 'labels' + type: KeyValuePairs description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. default_from_api: true diff_suppress_func: 'cloudrunTemplateLabelDiffSuppress' - - !ruby/object:Api::Type::Integer - name: generation + - name: 'generation' + type: Integer description: |- A sequence number representing a specific generation of the desired state. output: true - - !ruby/object:Api::Type::String - name: resourceVersion + - name: 'resourceVersion' + type: String description: |- An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used @@ -262,26 +259,26 @@ properties: resource or set of resources. They may only be valid for a particular resource or set of resources. output: true - - !ruby/object:Api::Type::String - name: selfLink + - name: 'selfLink' + type: String description: |- SelfLink is a URL representing this object. output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: |- UID is a unique id generated by the server on successful creation of a resource and is not allowed to change on PUT operations. output: true - - !ruby/object:Api::Type::String - name: namespace + - name: 'namespace' + type: String description: |- In Cloud Run the namespace must be equal to either the project ID or project number. It will default to the resource's project. default_from_api: true - custom_expand: 'templates/terraform/custom_expand/default_to_project.go.erb' - - !ruby/object:Api::Type::KeyValuePairs - name: 'annotations' + custom_expand: 'templates/terraform/custom_expand/default_to_project.go.tmpl' + - name: 'annotations' + type: KeyValuePairs description: |- Annotations is a key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. @@ -326,465 +323,477 @@ properties: See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--vpc-egress. default_from_api: true diff_suppress_func: 'cloudrunTemplateAnnotationDiffSuppress' - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- Name must be unique within a Google Cloud project and region. Is required when creating resources. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. - custom_expand: 'templates/terraform/custom_expand/cloud_run_service_revision_name.erb' default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: spec - required: true + custom_expand: 'templates/terraform/custom_expand/cloud_run_service_revision_name.tmpl' + - name: 'spec' + type: NestedObject description: RevisionSpec holds the desired state of the Revision (from the client). + required: true default_from_api: true properties: - - !ruby/object:Api::Type::Array - name: containers - update_verb: :PUT - required: true + - name: 'containers' + type: Array description: |- Containers defines the unit of execution for this Revision. + required: true default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: Name of the container default_from_api: true - - !ruby/object:Api::Type::String - deprecation_message: >- - `working_dir` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API. - name: workingDir - immutable: true + - name: 'workingDir' + type: String description: |- Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. - - !ruby/object:Api::Type::Array - name: args + immutable: true + deprecation_message: '`working_dir` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' + - name: 'args' + type: Array description: |- Arguments to the entrypoint. The docker image's CMD is used if this is not provided. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: envFrom - deprecation_message: >- - `env_from` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API. - immutable: true + item_type: + type: String + - name: 'envFrom' + type: Array description: |- List of sources to populate environment variables in the container. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. - item_type: !ruby/object:Api::Type::NestedObject + immutable: true + deprecation_message: '`env_from` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: prefix + - name: 'prefix' + type: String description: |- An optional identifier to prepend to each key in the ConfigMap. - - !ruby/object:Api::Type::NestedObject - name: configMapRef + - name: 'configMapRef' + type: NestedObject description: |- The ConfigMap to select from. properties: - - !ruby/object:Api::Type::Boolean - name: optional + - name: 'optional' + type: Boolean description: |- Specify whether the ConfigMap must be defined - - !ruby/object:Api::Type::NestedObject - name: localObjectReference + - name: 'localObjectReference' + type: NestedObject description: The ConfigMap to select from. properties: - - !ruby/object:Api::Type::String - name: name - required: true + - name: 'name' + type: String description: |- Name of the referent. - - !ruby/object:Api::Type::NestedObject - name: secretRef + required: true + - name: 'secretRef' + type: NestedObject description: |- The Secret to select from. properties: - - !ruby/object:Api::Type::NestedObject - name: localObjectReference + - name: 'localObjectReference' + type: NestedObject description: The Secret to select from. properties: - - !ruby/object:Api::Type::String - name: name - required: true + - name: 'name' + type: String description: |- Name of the referent. - - !ruby/object:Api::Type::Boolean - name: optional + required: true + - name: 'optional' + type: Boolean description: |- Specify whether the Secret must be defined - - !ruby/object:Api::Type::String - name: image - required: true + - name: 'image' + type: String description: |- Docker image name. This is most often a reference to a container located in the container registry, such as gcr.io/cloudrun/hello - - !ruby/object:Api::Type::Array - name: command + required: true + - name: 'command' + type: Array description: |- Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: env + item_type: + type: String + - name: 'env' + type: Array description: |- List of environment variables to set in the container. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: Name of the environment variable. - - !ruby/object:Api::Type::String - name: value + - name: 'value' + type: String description: |- Defaults to "". - - !ruby/object:Api::Type::NestedObject - name: valueFrom + - name: 'valueFrom' + type: NestedObject description: |- Source for the environment variable's value. Only supports secret_key_ref. properties: - - !ruby/object:Api::Type::NestedObject - name: secretKeyRef - required: true + - name: 'secretKeyRef' + type: NestedObject description: |- Selects a key (version) of a secret in Secret Manager. + required: true properties: - - !ruby/object:Api::Type::String - name: key - required: true + - name: 'key' + type: String description: |- A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. - - !ruby/object:Api::Type::String - name: name required: true + - name: 'name' + type: String description: |- The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects/{project-id|project-number}/secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. - - !ruby/object:Api::Type::Array - name: ports + required: true + - name: 'ports' + type: Array description: |- List of open ports in the container. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: If specified, used to specify which protocol to use. Allowed values are "http1" (HTTP/1) and "h2c" (HTTP/2 end-to-end). Defaults to "http1". default_from_api: true - - !ruby/object:Api::Type::String - name: protocol + - name: 'protocol' + type: String description: Protocol for port. Must be "TCP". Defaults to "TCP". - - !ruby/object:Api::Type::Integer - name: containerPort + - name: 'containerPort' + type: Integer description: Port number the container listens on. This must be a valid port number (between 1 and 65535). Defaults to "8080". - - !ruby/object:Api::Type::NestedObject - name: resources + - name: 'resources' + type: NestedObject description: |- Compute Resources required by this container. Used to set values such as max memory default_from_api: true properties: - - !ruby/object:Api::Type::KeyValuePairs - name: limits + - name: 'limits' + type: KeyValuePairs description: |- Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go default_from_api: true - - !ruby/object:Api::Type::KeyValuePairs - name: requests + - name: 'requests' + type: KeyValuePairs description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go - - !ruby/object:Api::Type::Array - name: volumeMounts + - name: 'volumeMounts' + type: Array description: |- Volume to mount into the container's filesystem. Only supports SecretVolumeSources. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: mountPath - required: true + - name: 'mountPath' + type: String description: |- Path within the container at which the volume should be mounted. Must not contain ':'. - - !ruby/object:Api::Type::String - name: name required: true + - name: 'name' + type: String description: |- This must match the Name of a Volume. - - !ruby/object:Api::Type::NestedObject - name: startupProbe + required: true + - name: 'startupProbe' + type: NestedObject description: |- Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. default_from_api: true properties: - - !ruby/object:Api::Type::Integer - name: initialDelaySeconds + - name: 'initialDelaySeconds' + type: Integer description: |- Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value is 240. default_value: 0 - - !ruby/object:Api::Type::Integer - name: timeoutSeconds + - name: 'timeoutSeconds' + type: Integer description: |- Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. default_value: 1 - - !ruby/object:Api::Type::Integer - name: periodSeconds + - name: 'periodSeconds' + type: Integer description: |- How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value is 240. default_value: 10 - - !ruby/object:Api::Type::Integer - name: failureThreshold + - name: 'failureThreshold' + type: Integer description: |- Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. default_value: 3 - - !ruby/object:Api::Type::NestedObject - name: tcpSocket + - name: 'tcpSocket' + type: NestedObject description: |- TcpSocket specifies an action involving a TCP port. - exactly_one_of: - - template.0.spec.0.containers.0.startup_probe.0.tcp_socket - - template.0.spec.0.containers.0.startup_probe.0.http_get - - template.0.spec.0.containers.0.startup_probe.0.grpc send_empty_value: true allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' + - 'template.0.spec.0.containers.0.startup_probe.0.http_get' + - 'template.0.spec.0.containers.0.startup_probe.0.grpc' properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: httpGet + - name: 'httpGet' + type: NestedObject description: |- HttpGet specifies the http request to perform. - exactly_one_of: - - template.0.spec.0.containers.0.startup_probe.0.tcp_socket - - template.0.spec.0.containers.0.startup_probe.0.http_get - - template.0.spec.0.containers.0.startup_probe.0.grpc send_empty_value: true allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' + - 'template.0.spec.0.containers.0.startup_probe.0.http_get' + - 'template.0.spec.0.containers.0.startup_probe.0.grpc' properties: - - !ruby/object:Api::Type::String - name: path + - name: 'path' + type: String description: |- Path to access on the HTTP server. If set, it should not be empty string. - default_value: '/' - - !ruby/object:Api::Type::Integer - name: port + default_value: "/" + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::Array - name: httpHeaders + - name: 'httpHeaders' + type: Array description: |- Custom headers to set in the request. HTTP allows repeated headers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- The header field name. required: true - - !ruby/object:Api::Type::String - name: value + - name: 'value' + type: String description: |- The header field value. - default_value: '' send_empty_value: true - - !ruby/object:Api::Type::NestedObject - name: grpc + default_value: "" + - name: 'grpc' + type: NestedObject description: |- GRPC specifies an action involving a GRPC port. - exactly_one_of: - - template.0.spec.0.containers.0.startup_probe.0.tcp_socket - - template.0.spec.0.containers.0.startup_probe.0.http_get - - template.0.spec.0.containers.0.startup_probe.0.grpc send_empty_value: true allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' + - 'template.0.spec.0.containers.0.startup_probe.0.http_get' + - 'template.0.spec.0.containers.0.startup_probe.0.grpc' properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. - - !ruby/object:Api::Type::NestedObject - name: livenessProbe + - name: 'livenessProbe' + type: NestedObject description: |- Periodic probe of container liveness. Container will be restarted if the probe fails. properties: - - !ruby/object:Api::Type::Integer - name: initialDelaySeconds + - name: 'initialDelaySeconds' + type: Integer description: |- Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value is 3600. default_value: 0 - - !ruby/object:Api::Type::Integer - name: timeoutSeconds + - name: 'timeoutSeconds' + type: Integer description: |- Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than period_seconds. default_value: 1 - - !ruby/object:Api::Type::Integer - name: periodSeconds + - name: 'periodSeconds' + type: Integer description: |- How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value is 3600. default_value: 10 - - !ruby/object:Api::Type::Integer - name: failureThreshold + - name: 'failureThreshold' + type: Integer description: |- Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. default_value: 3 - - !ruby/object:Api::Type::NestedObject - name: httpGet + - name: 'httpGet' + type: NestedObject description: |- HttpGet specifies the http request to perform. - exactly_one_of: - - template.0.spec.0.containers.0.liveness_probe.0.http_get - - template.0.spec.0.containers.0.liveness_probe.0.grpc send_empty_value: true allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.liveness_probe.0.http_get' + - 'template.0.spec.0.containers.0.liveness_probe.0.grpc' properties: - - !ruby/object:Api::Type::String - name: path + - name: 'path' + type: String description: |- Path to access on the HTTP server. If set, it should not be empty string. - default_value: '/' - - !ruby/object:Api::Type::Integer - name: port + default_value: "/" + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::Array - name: httpHeaders + - name: 'httpHeaders' + type: Array description: |- Custom headers to set in the request. HTTP allows repeated headers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: |- The header field name. required: true - - !ruby/object:Api::Type::String - name: value + - name: 'value' + type: String description: |- The header field value. - default_value: '' send_empty_value: true - - !ruby/object:Api::Type::NestedObject - name: grpc + default_value: "" + - name: 'grpc' + type: NestedObject description: |- GRPC specifies an action involving a GRPC port. - exactly_one_of: - - template.0.spec.0.containers.0.liveness_probe.0.http_get - - template.0.spec.0.containers.0.liveness_probe.0.grpc send_empty_value: true allow_empty_object: true + exactly_one_of: + - 'template.0.spec.0.containers.0.liveness_probe.0.http_get' + - 'template.0.spec.0.containers.0.liveness_probe.0.grpc' properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. - - - !ruby/object:Api::Type::Integer - name: containerConcurrency + - name: 'nodeSelector' + type: KeyValuePairs + description: |- + Node Selector describes the hardware requirements of the resources. + Use the following node selector keys to configure features on a Revision: + - `run.googleapis.com/accelerator` sets the [type of GPU](https://cloud.google.com/run/docs/configuring/services/gpu) required by the Revision to run. + min_version: 'beta' + - name: 'containerConcurrency' + type: Integer description: |- ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. If not specified or 0, defaults to 80 when requested CPU >= 1 and defaults to 1 when requested CPU < 1. default_from_api: true - - !ruby/object:Api::Type::Integer - name: timeoutSeconds + - name: 'timeoutSeconds' + type: Integer description: |- TimeoutSeconds holds the max duration the instance is allowed for responding to a request. default_from_api: true - - !ruby/object:Api::Type::String - name: serviceAccountName + - name: 'serviceAccountName' + type: String description: |- Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. default_from_api: true - - !ruby/object:Api::Type::Array - name: volumes + - name: 'volumes' + type: Array description: |- Volume represents a named volume in a container. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name - required: true + - name: 'name' + type: String description: |- Volume's name. - - !ruby/object:Api::Type::NestedObject - name: secret + required: true + - name: 'secret' + type: NestedObject description: |- The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. properties: - - !ruby/object:Api::Type::String - name: secretName - required: true + - name: 'secretName' + type: String description: |- The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. @@ -795,155 +804,156 @@ properties: commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. - - !ruby/object:Api::Type::Integer - name: defaultMode + required: true + - name: 'defaultMode' + type: Integer description: |- Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - - !ruby/object:Api::Type::Array - name: items + - name: 'items' + type: Array description: |- If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: key - required: true + - name: 'key' + type: String description: |- The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. - - !ruby/object:Api::Type::String - name: path required: true + - name: 'path' + type: String description: |- The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - - !ruby/object:Api::Type::Integer - name: mode + required: true + - name: 'mode' + type: Integer description: |- Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - - !ruby/object:Api::Type::NestedObject - name: emptyDir + - name: 'emptyDir' + type: NestedObject description: |- Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). - min_version: beta + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'medium' + - name: 'medium' + type: String description: |- The medium on which the data is stored. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. - - !ruby/object:Api::Type::String - name: 'sizeLimit' + - name: 'sizeLimit' + type: String description: |- Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - - !ruby/object:Api::Type::NestedObject - name: csi + - name: 'csi' + type: NestedObject description: |- A filesystem specified by the Container Storage Interface (CSI). properties: - - !ruby/object:Api::Type::String - name: 'driver' - required: true + - name: 'driver' + type: String description: |- Unique name representing the type of file system to be created. Cloud Run supports the following values: * gcsfuse.run.googleapis.com: Mount a Google Cloud Storage bucket using GCSFuse. This driver requires the run.googleapis.com/execution-environment annotation to be unset or set to "gen2" - - !ruby/object:Api::Type::Boolean - name: 'readOnly' - default_from_api: true + required: true + - name: 'readOnly' + type: Boolean description: |- If true, all mounts created from this volume will be read-only. - - !ruby/object:Api::Type::KeyValuePairs - name: 'volumeAttributes' + default_from_api: true + - name: 'volumeAttributes' + type: KeyValuePairs description: |- Driver-specific attributes. The following options are supported for available drivers: * gcsfuse.run.googleapis.com * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - - !ruby/object:Api::Type::NestedObject - name: nfs + - name: 'nfs' + type: NestedObject description: |- A filesystem backed by a Network File System share. This filesystem requires the run.googleapis.com/execution-environment annotation to be unset or set to "gen2" properties: - - !ruby/object:Api::Type::String - name: server - required: true + - name: 'server' + type: String description: |- IP address or hostname of the NFS server - - !ruby/object:Api::Type::String - name: path required: true + - name: 'path' + type: String description: |- Path exported by the NFS server - - !ruby/object:Api::Type::Boolean - name: readOnly + required: true + - name: 'readOnly' + type: Boolean description: |- If true, mount the NFS volume as read only in all mounts. Defaults to false. - - !ruby/object:Api::Type::Enum - name: servingState - deprecation_message: >- - `serving_state` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API. + - name: 'servingState' + type: Enum description: |- ServingState holds a value describing the state the resources are in for this Revision. It is expected that the system will manipulate this based on routability and load. output: true - values: - - :ACTIVE - - :RESERVE - - :RETIRED - - - !ruby/object:Api::Type::NestedObject - name: status + deprecation_message: '`serving_state` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' + enum_values: + - 'ACTIVE' + - 'RESERVE' + - 'RETIRED' + - name: 'status' + type: NestedObject description: The current status of the Service. output: true properties: - - !ruby/object:Api::Type::Array - name: conditions + - name: 'conditions' + type: Array description: |- Array of observed Service Conditions, indicating the current ready state of the service. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: message - output: true + - name: 'message' + type: String description: |- Human readable message indicating details about the current status. - - !ruby/object:Api::Type::String - name: status output: true + - name: 'status' + type: String description: Status of the condition, one of True, False, Unknown. - - !ruby/object:Api::Type::String - name: reason output: true + - name: 'reason' + type: String description: |- One-word CamelCase reason for the condition's current status. - - !ruby/object:Api::Type::String - name: type output: true + - name: 'type' + type: String description: Type of domain mapping condition. - - !ruby/object:Api::Type::String - name: url + output: true + - name: 'url' + type: String description: |- From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app output: true - - !ruby/object:Api::Type::Integer - name: observedGeneration + - name: 'observedGeneration' + type: Integer description: |- ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. @@ -951,80 +961,81 @@ properties: Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. output: true - - !ruby/object:Api::Type::String - name: latestCreatedRevisionName + - name: 'latestCreatedRevisionName' + type: String description: |- From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. output: true - - !ruby/object:Api::Type::String - name: latestReadyRevisionName + - name: 'latestReadyRevisionName' + type: String description: |- From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". output: true - - !ruby/object:Api::Type::Array - name: traffic + - name: 'traffic' + type: Array description: |- Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: revisionName + - name: 'revisionName' + type: String description: |- RevisionName of a specific revision to which to send this portion of traffic. output: true - - !ruby/object:Api::Type::Integer - name: percent - output: true + - name: 'percent' + type: Integer description: |- Percent specifies percent of the traffic to this Revision or Configuration. - - !ruby/object:Api::Type::String - name: tag output: true + - name: 'tag' + type: String description: |- Tag is optionally used to expose a dedicated url for referencing this target exclusively. - - !ruby/object:Api::Type::Boolean - name: latestRevision output: true + - name: 'latestRevision' + type: Boolean description: |- LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - - !ruby/object:Api::Type::String - name: url output: true + - name: 'url' + type: String description: |- URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - - !ruby/object:Api::Type::NestedObject - name: metadata - required: false + output: true + - name: 'metadata' + type: NestedObject description: |- Metadata associated with this Service, including name, namespace, labels, and annotations. + required: false default_from_api: true properties: - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. - - !ruby/object:Api::Type::Integer - name: generation + - name: 'generation' + type: Integer description: |- A sequence number representing a specific generation of the desired state. output: true - - !ruby/object:Api::Type::String - name: resourceVersion + - name: 'resourceVersion' + type: String description: |- An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used @@ -1032,28 +1043,28 @@ properties: resource or set of resources. They may only be valid for a particular resource or set of resources. output: true - - !ruby/object:Api::Type::String - name: selfLink + - name: 'selfLink' + type: String description: |- SelfLink is a URL representing this object. output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: |- UID is a unique id generated by the server on successful creation of a resource and is not allowed to change on PUT operations. output: true - - !ruby/object:Api::Type::String - name: namespace - required: false + - name: 'namespace' + type: String description: |- In Cloud Run the namespace must be equal to either the project ID or project number. + required: false default_from_api: true - custom_flatten: templates/terraform/custom_flatten/set_to_project.go.erb - custom_expand: 'templates/terraform/custom_expand/default_to_project.go.erb' - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + custom_flatten: 'templates/terraform/custom_flatten/set_to_project.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/default_to_project.go.tmpl' + - name: 'annotations' + type: KeyValueAnnotations description: |- Annotations is a key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. diff --git a/mmv1/products/cloudrun/go_DomainMapping.yaml b/mmv1/products/cloudrun/go_DomainMapping.yaml deleted file mode 100644 index 29402e0fe87f..000000000000 --- a/mmv1/products/cloudrun/go_DomainMapping.yaml +++ /dev/null @@ -1,230 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DomainMapping' -kind: 'DomainMapping' -description: |- - Resource to hold the state and status of a user's domain mapping. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/run/docs/mapping-custom-domains' - api: 'https://cloud.google.com/run/docs/reference/rest/v1/projects.locations.domainmappings' -docs: -id_format: 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' -base_url: 'apis/domains.cloudrun.com/v1/namespaces/{{project}}/domainmappings' -cai_base_url: 'projects/{{project}}/locations/{{location}}/DomainMappings' -immutable: true -import_format: - - 'locations/{{location}}/namespaces/{{project}}/domainmappings/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - type: 'PollAsync' - check_response_func_existence: 'PollCheckKnativeStatusFunc(res)' - check_response_func_absence: 'transport_tpg.PollCheckForAbsence' - suppress_error: false - target_occurrences: 1 - actions: ['create', 'update'] -custom_code: - constants: 'templates/terraform/constants/go/cloud_run_domain_mapping.go.tmpl' - encoder: 'templates/terraform/encoders/go/cloud_run_domain_mapping.go.tmpl' - decoder: 'templates/terraform/decoders/go/cloud_run.go.tmpl' -custom_diff: - - 'hasMetadata' -error_retry_predicates: - - - 'transport_tpg.IsCloudRunCreationConflict' -schema_version: 1 -state_upgraders: true -examples: - - name: 'cloud_run_domain_mapping_basic' - primary_resource_id: 'default' - vars: - cloud_run_service_name: 'cloudrun-srv' - test_env_vars: - namespace: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: The location of the cloud run instance. eg us-central1 - url_param_only: true - required: true -properties: - - name: 'name' - type: String - description: |- - Name should be a [verified](https://support.google.com/webmasters/answer/9008080) domain - url_param_only: true - required: true - immutable: true - - name: 'status' - type: NestedObject - description: The current status of the DomainMapping. - output: true - properties: - - name: 'conditions' - type: Array - description: |- - Array of observed DomainMappingConditions, indicating the current state - of the DomainMapping. - output: true - item_type: - type: NestedObject - properties: - - name: 'message' - type: String - description: |- - Human readable message indicating details about the current status. - output: true - - name: 'status' - type: String - description: Status of the condition, one of True, False, Unknown. - output: true - - name: 'reason' - type: String - description: |- - One-word CamelCase reason for the condition's current status. - output: true - - name: 'type' - type: String - description: Type of domain mapping condition. - output: true - - name: 'observedGeneration' - type: Integer - description: |- - ObservedGeneration is the 'Generation' of the DomainMapping that - was last processed by the controller. - output: true - - name: 'resourceRecords' - type: Array - description: |- - The resource records required to configure this domain mapping. These - records must be added to the domain's DNS configuration in order to - serve the application via this domain mapping. - item_type: - type: NestedObject - properties: - - name: 'type' - type: Enum - description: 'Resource record type. Example: `AAAA`.' - enum_values: - - 'A' - - 'AAAA' - - 'CNAME' - - name: 'rrdata' - type: String - description: |- - Data for this record. Values vary by record type, as defined in RFC 1035 - (section 5) and RFC 1034 (section 3.6.1). - output: true - - name: 'name' - type: String - description: |- - Relative name of the object affected by this record. Only applicable for - `CNAME` records. Example: 'www'. - output: true - - name: 'mappedRouteName' - type: String - description: The name of the route that the mapping currently points to. - output: true - - name: 'spec' - type: NestedObject - description: The spec for this DomainMapping. - required: true - properties: - - name: 'forceOverride' - type: Boolean - description: |- - If set, the mapping will override any mapping set before this spec was set. - It is recommended that the user leaves this empty to receive an error - warning about a potential conflict and only set it once the respective UI - has given such a warning. - custom_flatten: 'templates/terraform/custom_flatten/go/cloudrun_ignore_force_override.go.tmpl' - - name: 'routeName' - type: String - description: |- - The name of the Cloud Run Service that this DomainMapping applies to. - The route must exist. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - - name: 'certificateMode' - type: Enum - description: The mode of the certificate. - default_value: "AUTOMATIC" - enum_values: - - 'NONE' - - 'AUTOMATIC' - - name: 'metadata' - type: NestedObject - description: Metadata associated with this DomainMapping. - default_from_api: true - properties: - - name: 'labels' - type: KeyValueLabels - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and routes. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - - name: 'generation' - type: Integer - description: |- - A sequence number representing a specific generation of the desired state. - output: true - - name: 'resourceVersion' - type: String - description: |- - An opaque value that represents the internal version of this object that - can be used by clients to determine when objects have changed. May be used - for optimistic concurrency, change detection, and the watch operation on a - resource or set of resources. They may only be valid for a - particular resource or set of resources. - - More info: - https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency - output: true - - name: 'selfLink' - type: String - description: |- - SelfLink is a URL representing this object. - output: true - - name: 'uid' - type: String - description: |- - UID is a unique id generated by the server on successful creation of a resource and is not - allowed to change on PUT operations. - - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids - output: true - - name: 'namespace' - type: String - description: |- - In Cloud Run the namespace must be equal to either the - project ID or project number. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/set_to_project.go.tmpl' - - name: 'annotations' - type: KeyValueAnnotations - description: |- - Annotations is a key value map stored with a resource that - may be set by external tools to store and retrieve arbitrary metadata. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - - **Note**: The Cloud Run API may add additional annotations that were not provided in your config. - If terraform plan shows a diff where a server-side annotation is added, you can add it to your config - or apply the lifecycle.ignore_changes rule to the metadata.0.annotations field. diff --git a/mmv1/products/cloudrun/go_Service.yaml b/mmv1/products/cloudrun/go_Service.yaml deleted file mode 100644 index a6f6495bc60c..000000000000 --- a/mmv1/products/cloudrun/go_Service.yaml +++ /dev/null @@ -1,1073 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Service' -kind: 'Service' -description: |- - A Cloud Run service has a unique endpoint and autoscales containers. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/run/docs/' - api: 'https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services' -docs: - warning: | - We recommend using the `google_cloud_run_v2_service` resource which offers a better - developer experience and broader support of Cloud Run features. -id_format: 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' -base_url: 'apis/serving.knative.dev/v1/namespaces/{{project}}/services' -cai_base_url: 'projects/{{project}}/locations/{{location}}/services' -import_format: - - 'locations/{{location}}/namespaces/{{project}}/services/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - type: 'PollAsync' - check_response_func_existence: 'PollCheckKnativeStatusFunc(res)' - check_response_func_absence: 'transport_tpg.PollCheckForAbsence' - suppress_error: false - target_occurrences: 1 - actions: ['create', 'update'] -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'service' - base_url: 'v1/projects/{{project}}/locations/{{location}}/services/{{service}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/services/{{service}}' - - '{{service}}' -custom_code: - constants: 'templates/terraform/constants/go/cloud_run_service.go.tmpl' - encoder: 'templates/terraform/encoders/go/cloud_run_service.go.tmpl' - decoder: 'templates/terraform/decoders/go/cloud_run.go.tmpl' -custom_diff: - - 'revisionNameCustomizeDiff' -error_retry_predicates: - - - 'transport_tpg.IsCloudRunCreationConflict' -schema_version: 2 -state_upgrade_base_schema_version: 1 -state_upgraders: true -examples: - - name: 'cloud_run_service_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-srv' - test_env_vars: - project: 'PROJECT_NAME' - - name: 'cloud_run_service_sql' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-srv' - cloud_run_sql_name: 'cloudrun-sql' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'autogenerate_revision_name' - - name: 'cloud_run_service_noauth' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-srv' - test_env_vars: - project: 'PROJECT_NAME' - - name: 'cloud_run_service_multiple_environment_variables' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-srv' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'autogenerate_revision_name' - skip_docs: true - - name: 'cloud_run_service_secret_environment_variables' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-srv' - secret_id: 'secret' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'autogenerate_revision_name' - skip_docs: true - - name: 'cloud_run_service_secret_volumes' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-srv' - secret_id: 'secret' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'autogenerate_revision_name' - skip_docs: true - - name: 'cloud_run_service_probes' - primary_resource_id: 'default' - vars: - cloud_run_service_name: 'cloudrun-srv' - test_env_vars: - project: 'PROJECT_NAME' - - name: 'cloud_run_service_multicontainer' - primary_resource_id: 'default' - min_version: 'beta' - vars: - cloud_run_service_name: 'cloudrun-srv' - test_env_vars: - project: 'PROJECT_NAME' -virtual_fields: - - name: 'autogenerate_revision_name' - description: | - If set to `true`, the revision name (template.metadata.name) will be omitted and - autogenerated by Cloud Run. This cannot be set to `true` while `template.metadata.name` - is also set. - (For legacy support, if `template.metadata.name` is unset in state while - this field is set to false, the revision name will still autogenerate.) - type: Boolean - default_value: false -parameters: - - name: 'location' - type: String - description: The location of the cloud run instance. eg us-central1 - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: |- - Name must be unique within a Google Cloud project and region. - Is required when creating resources. Name is primarily intended - for creation idempotence and configuration definition. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - url_param_only: true - required: true - immutable: true - - name: 'spec' - type: NestedObject - description: Spec holds the desired state of the Service (from the client). - required: true - flatten_object: true - properties: - - name: 'traffic' - type: Array - description: |- - Traffic specifies how to distribute traffic over a collection of Knative Revisions - and Configurations - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'revisionName' - type: String - description: |- - RevisionName of a specific revision to which to send this portion of traffic. - - name: 'percent' - type: Integer - description: |- - Percent specifies percent of the traffic to this Revision or Configuration. - required: true - - name: 'tag' - type: String - description: |- - Tag is optionally used to expose a dedicated url for referencing this target exclusively. - - name: 'latestRevision' - type: Boolean - description: |- - LatestRevision may be optionally provided to indicate that the latest ready - Revision of the Configuration should be used for this traffic target. When - provided LatestRevision must be true if RevisionName is empty; it must be - false when RevisionName is non-empty. - - name: 'url' - type: String - description: |- - URL displays the URL for accessing tagged traffic targets. URL is displayed in status, - and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, - but may not contain anything else (e.g. basic auth, url path, etc.) - output: true - - name: 'template' - type: NestedObject - description: |- - template holds the latest specification for the Revision to - be stamped out. The template references the container image, and may also - include labels and annotations that should be attached to the Revision. - To correlate a Revision, and/or to force a Revision to be created when the - spec doesn't otherwise change, a nonce label may be provided in the - template metadata. For more details, see: - https://github.com/knative/serving/blob/main/docs/client-conventions.md#associate-modifications-with-revisions - - Cloud Run does not currently support referencing a build that is - responsible for materializing the container image from source. - properties: - - name: 'metadata' - type: NestedObject - description: |- - Optional metadata for this Revision, including labels and annotations. - Name will be generated by the Configuration. To set minimum instances - for this revision, use the "autoscaling.knative.dev/minScale" annotation - key. To set maximum instances for this revision, use the - "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL - connections for the revision, use the "run.googleapis.com/cloudsql-instances" - annotation key. - default_from_api: true - properties: - - name: 'labels' - type: KeyValuePairs - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - default_from_api: true - diff_suppress_func: 'cloudrunTemplateLabelDiffSuppress' - - name: 'generation' - type: Integer - description: |- - A sequence number representing a specific generation of the desired state. - output: true - - name: 'resourceVersion' - type: String - description: |- - An opaque value that represents the internal version of this object that - can be used by clients to determine when objects have changed. May be used - for optimistic concurrency, change detection, and the watch operation on a - resource or set of resources. They may only be valid for a - particular resource or set of resources. - output: true - - name: 'selfLink' - type: String - description: |- - SelfLink is a URL representing this object. - output: true - - name: 'uid' - type: String - description: |- - UID is a unique id generated by the server on successful creation of a resource and is not - allowed to change on PUT operations. - output: true - - name: 'namespace' - type: String - description: |- - In Cloud Run the namespace must be equal to either the - project ID or project number. It will default to the resource's project. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/default_to_project.go.tmpl' - - name: 'annotations' - type: KeyValuePairs - description: |- - Annotations is a key value map stored with a resource that - may be set by external tools to store and retrieve arbitrary metadata. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - - **Note**: The Cloud Run API may add additional annotations that were not provided in your config. - If terraform plan shows a diff where a server-side annotation is added, you can add it to your config - or apply the lifecycle.ignore_changes rule to the metadata.0.annotations field. - - Annotations with `run.googleapis.com/` and `autoscaling.knative.dev` are restricted. Use the following annotation - keys to configure features on a Revision template: - - - `autoscaling.knative.dev/maxScale` sets the [maximum number of container - instances](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--max-instances) of the Revision to run. - - `autoscaling.knative.dev/minScale` sets the [minimum number of container - instances](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--min-instances) of the Revision to run. - - `run.googleapis.com/client-name` sets the client name calling the Cloud Run API. - - `run.googleapis.com/cloudsql-instances` sets the [Cloud SQL - instances](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--add-cloudsql-instances) the Revision connects to. - - `run.googleapis.com/cpu-throttling` sets whether to throttle the CPU when the container is not actively serving - requests. See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--[no-]cpu-throttling. - - `run.googleapis.com/encryption-key-shutdown-hours` sets the number of hours to wait before an automatic shutdown - server after CMEK key revocation is detected. - - `run.googleapis.com/encryption-key` sets the [CMEK key](https://cloud.google.com/run/docs/securing/using-cmek) - reference to encrypt the container with. - - `run.googleapis.com/execution-environment` sets the [execution - environment](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--execution-environment) - where the application will run. - - `run.googleapis.com/post-key-revocation-action-type` sets the - [action type](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--post-key-revocation-action-type) - after CMEK key revocation. - - `run.googleapis.com/secrets` sets a list of key-value pairs to set as - [secrets](https://cloud.google.com/run/docs/configuring/secrets#yaml). - - `run.googleapis.com/sessionAffinity` sets whether to enable - [session affinity](https://cloud.google.com/sdk/gcloud/reference/beta/run/deploy#--[no-]session-affinity) - for connections to the Revision. - - `run.googleapis.com/startup-cpu-boost` sets whether to allocate extra CPU to containers on startup. - See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--[no-]cpu-boost. - - `run.googleapis.com/vpc-access-connector` sets a [VPC connector](https://cloud.google.com/run/docs/configuring/connecting-vpc#terraform_1) - for the Revision. - - `run.googleapis.com/vpc-access-egress` sets the outbound traffic to send through the VPC connector for this resource. - See https://cloud.google.com/sdk/gcloud/reference/run/deploy#--vpc-egress. - default_from_api: true - diff_suppress_func: 'cloudrunTemplateAnnotationDiffSuppress' - - name: 'name' - type: String - description: |- - Name must be unique within a Google Cloud project and region. - Is required when creating resources. Name is primarily intended - for creation idempotence and configuration definition. Cannot be updated. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/cloud_run_service_revision_name.tmpl' - - name: 'spec' - type: NestedObject - description: - RevisionSpec holds the desired state of the Revision (from the - client). - required: true - default_from_api: true - properties: - - name: 'containers' - type: Array - description: |- - Containers defines the unit of execution for this Revision. - required: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: Name of the container - default_from_api: true - - name: 'workingDir' - type: String - description: |- - Container's working directory. - If not specified, the container runtime's default will be used, which - might be configured in the container image. - immutable: true - deprecation_message: '`working_dir` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' - - name: 'args' - type: Array - description: |- - Arguments to the entrypoint. - The docker image's CMD is used if this is not provided. - item_type: - type: String - - name: 'envFrom' - type: Array - description: |- - List of sources to populate environment variables in the container. - All invalid keys will be reported as an event when the container is starting. - When a key exists in multiple sources, the value associated with the last source will - take precedence. Values defined by an Env with a duplicate key will take - precedence. - immutable: true - deprecation_message: '`env_from` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' - item_type: - type: NestedObject - properties: - - name: 'prefix' - type: String - description: |- - An optional identifier to prepend to each key in the ConfigMap. - - name: 'configMapRef' - type: NestedObject - description: |- - The ConfigMap to select from. - properties: - - name: 'optional' - type: Boolean - description: |- - Specify whether the ConfigMap must be defined - - name: 'localObjectReference' - type: NestedObject - description: The ConfigMap to select from. - properties: - - name: 'name' - type: String - description: |- - Name of the referent. - required: true - - name: 'secretRef' - type: NestedObject - description: |- - The Secret to select from. - properties: - - name: 'localObjectReference' - type: NestedObject - description: The Secret to select from. - properties: - - name: 'name' - type: String - description: |- - Name of the referent. - required: true - - name: 'optional' - type: Boolean - description: |- - Specify whether the Secret must be defined - - name: 'image' - type: String - description: |- - Docker image name. This is most often a reference to a container located - in the container registry, such as gcr.io/cloudrun/hello - required: true - - name: 'command' - type: Array - description: |- - Entrypoint array. Not executed within a shell. - The docker image's ENTRYPOINT is used if this is not provided. - item_type: - type: String - - name: 'env' - type: Array - description: |- - List of environment variables to set in the container. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: Name of the environment variable. - - name: 'value' - type: String - description: |- - Defaults to "". - - name: 'valueFrom' - type: NestedObject - description: |- - Source for the environment variable's value. Only supports secret_key_ref. - properties: - - name: 'secretKeyRef' - type: NestedObject - description: |- - Selects a key (version) of a secret in Secret Manager. - required: true - properties: - - name: 'key' - type: String - description: |- - A Cloud Secret Manager secret version. Must be 'latest' for the latest - version or an integer for a specific version. - required: true - - name: 'name' - type: String - description: |- - The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. - If the secret is in another project, you must define an alias. - An alias definition has the form: :projects/{project-id|project-number}/secrets/. - If multiple alias definitions are needed, they must be separated by commas. - The alias definitions must be set on the run.googleapis.com/secrets annotation. - required: true - - name: 'ports' - type: Array - description: |- - List of open ports in the container. - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: - If specified, used to specify which protocol to - use. Allowed values are "http1" (HTTP/1) and "h2c" - (HTTP/2 end-to-end). Defaults to "http1". - default_from_api: true - - name: 'protocol' - type: String - description: - Protocol for port. Must be "TCP". Defaults to - "TCP". - - name: 'containerPort' - type: Integer - description: - Port number the container listens on. This must be - a valid port number (between 1 and 65535). - Defaults to "8080". - - name: 'resources' - type: NestedObject - description: |- - Compute Resources required by this container. Used to set values such as max memory - default_from_api: true - properties: - - name: 'limits' - type: KeyValuePairs - description: |- - Limits describes the maximum amount of compute resources allowed. - The values of the map is string form of the 'quantity' k8s type: - https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go - default_from_api: true - - name: 'requests' - type: KeyValuePairs - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined value. - The values of the map is string form of the 'quantity' k8s type: - https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go - - name: 'volumeMounts' - type: Array - description: |- - Volume to mount into the container's filesystem. - Only supports SecretVolumeSources. - item_type: - type: NestedObject - properties: - - name: 'mountPath' - type: String - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - required: true - - name: 'name' - type: String - description: |- - This must match the Name of a Volume. - required: true - - name: 'startupProbe' - type: NestedObject - description: |- - Startup probe of application within the container. - All other probes are disabled if a startup probe is provided, until it - succeeds. Container will not be added to service endpoints if the probe fails. - default_from_api: true - properties: - - name: 'initialDelaySeconds' - type: Integer - description: |- - Number of seconds after the container has started before the probe is - initiated. - Defaults to 0 seconds. Minimum value is 0. Maximum value is 240. - default_value: 0 - - name: 'timeoutSeconds' - type: Integer - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. Maximum value is 3600. - Must be smaller than periodSeconds. - default_value: 1 - - name: 'periodSeconds' - type: Integer - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. Maximum value is 240. - default_value: 10 - - name: 'failureThreshold' - type: Integer - description: |- - Minimum consecutive failures for the probe to be considered failed after - having succeeded. Defaults to 3. Minimum value is 1. - default_value: 3 - - name: 'tcpSocket' - type: NestedObject - description: |- - TcpSocket specifies an action involving a TCP port. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' - - 'template.0.spec.0.containers.0.startup_probe.0.http_get' - - 'template.0.spec.0.containers.0.startup_probe.0.grpc' - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'httpGet' - type: NestedObject - description: |- - HttpGet specifies the http request to perform. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' - - 'template.0.spec.0.containers.0.startup_probe.0.http_get' - - 'template.0.spec.0.containers.0.startup_probe.0.grpc' - properties: - - name: 'path' - type: String - description: |- - Path to access on the HTTP server. If set, it should not be empty string. - default_value: "/" - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'httpHeaders' - type: Array - description: |- - Custom headers to set in the request. HTTP allows repeated headers. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - The header field name. - required: true - - name: 'value' - type: String - description: |- - The header field value. - send_empty_value: true - default_value: "" - - name: 'grpc' - type: NestedObject - description: |- - GRPC specifies an action involving a GRPC port. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'template.0.spec.0.containers.0.startup_probe.0.tcp_socket' - - 'template.0.spec.0.containers.0.startup_probe.0.http_get' - - 'template.0.spec.0.containers.0.startup_probe.0.grpc' - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'service' - type: String - description: |- - The name of the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. - - name: 'livenessProbe' - type: NestedObject - description: |- - Periodic probe of container liveness. Container will be restarted if the probe fails. - properties: - - name: 'initialDelaySeconds' - type: Integer - description: |- - Number of seconds after the container has started before the probe is - initiated. - Defaults to 0 seconds. Minimum value is 0. Maximum value is 3600. - default_value: 0 - - name: 'timeoutSeconds' - type: Integer - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. Maximum value is 3600. - Must be smaller than period_seconds. - default_value: 1 - - name: 'periodSeconds' - type: Integer - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. Maximum value is 3600. - default_value: 10 - - name: 'failureThreshold' - type: Integer - description: |- - Minimum consecutive failures for the probe to be considered failed after - having succeeded. Defaults to 3. Minimum value is 1. - default_value: 3 - - name: 'httpGet' - type: NestedObject - description: |- - HttpGet specifies the http request to perform. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'template.0.spec.0.containers.0.liveness_probe.0.http_get' - - 'template.0.spec.0.containers.0.liveness_probe.0.grpc' - properties: - - name: 'path' - type: String - description: |- - Path to access on the HTTP server. If set, it should not be empty string. - default_value: "/" - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'httpHeaders' - type: Array - description: |- - Custom headers to set in the request. HTTP allows repeated headers. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - The header field name. - required: true - - name: 'value' - type: String - description: |- - The header field value. - send_empty_value: true - default_value: "" - - name: 'grpc' - type: NestedObject - description: |- - GRPC specifies an action involving a GRPC port. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'template.0.spec.0.containers.0.liveness_probe.0.http_get' - - 'template.0.spec.0.containers.0.liveness_probe.0.grpc' - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'service' - type: String - description: |- - The name of the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. - - - name: 'containerConcurrency' - type: Integer - description: |- - ContainerConcurrency specifies the maximum allowed in-flight (concurrent) - requests per container of the Revision. If not specified or 0, defaults to 80 when - requested CPU >= 1 and defaults to 1 when requested CPU < 1. - default_from_api: true - - name: 'timeoutSeconds' - type: Integer - description: |- - TimeoutSeconds holds the max duration the instance is allowed for responding to a request. - default_from_api: true - - name: 'serviceAccountName' - type: String - description: |- - Email address of the IAM service account associated with the revision of the - service. The service account represents the identity of the running revision, - and determines what permissions the revision has. If not provided, the revision - will use the project's default service account. - default_from_api: true - - name: 'volumes' - type: Array - description: |- - Volume represents a named volume in a container. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Volume's name. - required: true - - name: 'secret' - type: NestedObject - description: |- - The secret's value will be presented as the content of a file whose - name is defined in the item path. If no items are defined, the name of - the file is the secret_name. - properties: - - name: 'secretName' - type: String - description: |- - The name of the secret in Cloud Secret Manager. By default, the secret - is assumed to be in the same project. - If the secret is in another project, you must define an alias. - An alias definition has the form: - {alias}:projects/{project-id|project-number}/secrets/{secret-name}. - If multiple alias definitions are needed, they must be separated by - commas. - The alias definitions must be set on the run.googleapis.com/secrets - annotation. - required: true - - name: 'defaultMode' - type: Integer - description: |- - Mode bits to use on created files by default. Must be a value between 0000 - and 0777. Defaults to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other mode bits set. - - name: 'items' - type: Array - description: |- - If unspecified, the volume will expose a file whose name is the - secret_name. - If specified, the key will be used as the version to fetch from Cloud - Secret Manager and the path will be the name of the file exposed in the - volume. When items are defined, they must specify a key and a path. - item_type: - type: NestedObject - properties: - - name: 'key' - type: String - description: |- - The Cloud Secret Manager secret version. - Can be 'latest' for the latest value or an integer for a specific version. - required: true - - name: 'path' - type: String - description: |- - The relative path of the file to map the key to. - May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. - required: true - - name: 'mode' - type: Integer - description: |- - Mode bits to use on this file, must be a value between 0000 and 0777. If - not specified, the volume defaultMode will be used. This might be in - conflict with other options that affect the file mode, like fsGroup, and - the result can be other mode bits set. - - name: 'emptyDir' - type: NestedObject - description: |- - Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). - min_version: 'beta' - properties: - - name: 'medium' - type: String - description: |- - The medium on which the data is stored. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. - - name: 'sizeLimit' - type: String - description: |- - Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - - name: 'csi' - type: NestedObject - description: |- - A filesystem specified by the Container Storage Interface (CSI). - properties: - - name: 'driver' - type: String - description: |- - Unique name representing the type of file system to be created. Cloud Run supports the following values: - * gcsfuse.run.googleapis.com: Mount a Google Cloud Storage bucket using GCSFuse. This driver requires the - run.googleapis.com/execution-environment annotation to be unset or set to "gen2" - required: true - - name: 'readOnly' - type: Boolean - description: |- - If true, all mounts created from this volume will be read-only. - default_from_api: true - - name: 'volumeAttributes' - type: KeyValuePairs - description: |- - Driver-specific attributes. The following options are supported for available drivers: - * gcsfuse.run.googleapis.com - * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - - name: 'nfs' - type: NestedObject - description: |- - A filesystem backed by a Network File System share. This filesystem requires the - run.googleapis.com/execution-environment annotation to be unset or set to "gen2" - properties: - - name: 'server' - type: String - description: |- - IP address or hostname of the NFS server - required: true - - name: 'path' - type: String - description: |- - Path exported by the NFS server - required: true - - name: 'readOnly' - type: Boolean - description: |- - If true, mount the NFS volume as read only in all mounts. Defaults to false. - - name: 'servingState' - type: Enum - description: |- - ServingState holds a value describing the state the resources - are in for this Revision. - It is expected - that the system will manipulate this based on routability and load. - output: true - deprecation_message: '`serving_state` is deprecated and will be removed in a future major release. This field is not supported by the Cloud Run API.' - enum_values: - - 'ACTIVE' - - 'RESERVE' - - 'RETIRED' - - name: 'status' - type: NestedObject - description: The current status of the Service. - output: true - properties: - - name: 'conditions' - type: Array - description: |- - Array of observed Service Conditions, indicating the current ready state of the service. - output: true - item_type: - type: NestedObject - properties: - - name: 'message' - type: String - description: |- - Human readable message indicating details about the current status. - output: true - - name: 'status' - type: String - description: Status of the condition, one of True, False, Unknown. - output: true - - name: 'reason' - type: String - description: |- - One-word CamelCase reason for the condition's current status. - output: true - - name: 'type' - type: String - description: Type of domain mapping condition. - output: true - - name: 'url' - type: String - description: |- - From RouteStatus. URL holds the url that will distribute traffic over the provided traffic - targets. It generally has the form - https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app - output: true - - name: 'observedGeneration' - type: Integer - description: |- - ObservedGeneration is the 'Generation' of the Route that was last processed by the - controller. - - Clients polling for completed reconciliation should poll until observedGeneration = - metadata.generation and the Ready condition's status is True or False. - output: true - - name: 'latestCreatedRevisionName' - type: String - description: |- - From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created - from this Service's Configuration. It might not be ready yet, for that use - LatestReadyRevisionName. - output: true - - name: 'latestReadyRevisionName' - type: String - description: |- - From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision - stamped out from this Service's Configuration that has had its "Ready" condition become - "True". - output: true - - name: 'traffic' - type: Array - description: |- - Traffic specifies how to distribute traffic over a collection of Knative Revisions - and Configurations - output: true - item_type: - type: NestedObject - properties: - - name: 'revisionName' - type: String - description: |- - RevisionName of a specific revision to which to send this portion of traffic. - output: true - - name: 'percent' - type: Integer - description: |- - Percent specifies percent of the traffic to this Revision or Configuration. - output: true - - name: 'tag' - type: String - description: |- - Tag is optionally used to expose a dedicated url for referencing this target exclusively. - output: true - - name: 'latestRevision' - type: Boolean - description: |- - LatestRevision may be optionally provided to indicate that the latest ready - Revision of the Configuration should be used for this traffic target. When - provided LatestRevision must be true if RevisionName is empty; it must be - false when RevisionName is non-empty. - output: true - - name: 'url' - type: String - description: |- - URL displays the URL for accessing tagged traffic targets. URL is displayed in status, - and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, - but may not contain anything else (e.g. basic auth, url path, etc.) - - output: true - - name: 'metadata' - type: NestedObject - description: |- - Metadata associated with this Service, including name, namespace, labels, - and annotations. - required: false - default_from_api: true - properties: - - name: 'labels' - type: KeyValueLabels - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and routes. - - name: 'generation' - type: Integer - description: |- - A sequence number representing a specific generation of the desired state. - output: true - - name: 'resourceVersion' - type: String - description: |- - An opaque value that represents the internal version of this object that - can be used by clients to determine when objects have changed. May be used - for optimistic concurrency, change detection, and the watch operation on a - resource or set of resources. They may only be valid for a - particular resource or set of resources. - output: true - - name: 'selfLink' - type: String - description: |- - SelfLink is a URL representing this object. - output: true - - name: 'uid' - type: String - description: |- - UID is a unique id generated by the server on successful creation of a resource and is not - allowed to change on PUT operations. - output: true - - name: 'namespace' - type: String - description: |- - In Cloud Run the namespace must be equal to either the - project ID or project number. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/set_to_project.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/default_to_project.go.tmpl' - - name: 'annotations' - type: KeyValueAnnotations - description: |- - Annotations is a key value map stored with a resource that - may be set by external tools to store and retrieve arbitrary metadata. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - - **Note**: The Cloud Run API may add additional annotations that were not provided in your config. - If terraform plan shows a diff where a server-side annotation is added, you can add it to your config - or apply the lifecycle.ignore_changes rule to the metadata.0.annotations field. - - Annotations with `run.googleapis.com/` and `autoscaling.knative.dev` are restricted. Use the following annotation - keys to configure features on a Service: - - - `run.googleapis.com/binary-authorization-breakglass` sets the [Binary Authorization breakglass](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--breakglass). - - `run.googleapis.com/binary-authorization` sets the [Binary Authorization](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--binary-authorization). - - `run.googleapis.com/client-name` sets the client name calling the Cloud Run API. - - `run.googleapis.com/custom-audiences` sets the [custom audiences](https://cloud.google.com/sdk/gcloud/reference/alpha/run/deploy#--add-custom-audiences) - that can be used in the audience field of ID token for authenticated requests. - - `run.googleapis.com/description` sets a user defined description for the Service. - - `run.googleapis.com/ingress` sets the [ingress settings](https://cloud.google.com/sdk/gcloud/reference/run/deploy#--ingress) - for the Service. For example, `"run.googleapis.com/ingress" = "all"`. - - `run.googleapis.com/launch-stage` sets the [launch stage](https://cloud.google.com/run/docs/troubleshooting#launch-stage-validation) - when a preview feature is used. For example, `"run.googleapis.com/launch-stage": "BETA"` diff --git a/mmv1/products/cloudrun/go_product.yaml b/mmv1/products/cloudrun/go_product.yaml deleted file mode 100644 index 70f12763b4f3..000000000000 --- a/mmv1/products/cloudrun/go_product.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudRun' -display_name: 'Cloud Run' -versions: - - name: 'ga' - base_url: 'https://{{location}}-run.googleapis.com/' - cai_base_url: 'https://run.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://{{location}}-run.googleapis.com/' - cai_base_url: 'https://run.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudrun/product.yaml b/mmv1/products/cloudrun/product.yaml index dd5e2128d398..d6f93af70b97 100644 --- a/mmv1/products/cloudrun/product.yaml +++ b/mmv1/products/cloudrun/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudRun -display_name: Cloud Run +--- +name: 'CloudRun' +display_name: 'Cloud Run' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://{{location}}-run.googleapis.com/ - cai_base_url: https://run.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://{{location}}-run.googleapis.com/ - cai_base_url: https://run.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://{{location}}-run.googleapis.com/' + cai_base_url: 'https://run.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudrunv2/Job.yaml b/mmv1/products/cloudrunv2/Job.yaml index 8159e8621117..eabf9ef75099 100644 --- a/mmv1/products/cloudrunv2/Job.yaml +++ b/mmv1/products/cloudrunv2/Job.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,99 +11,82 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Job' -base_url: projects/{{project}}/locations/{{location}}/jobs -self_link: projects/{{project}}/locations/{{location}}/jobs/{{name}} -create_url: projects/{{project}}/locations/{{location}}/jobs?jobId={{name}} -update_verb: :PATCH -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + A Cloud Run Job resource that references a container image which is run to completion. +references: guides: 'Official Documentation': 'https://cloud.google.com/run/docs/' api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.jobs' -description: | - A Cloud Run Job resource that references a container image which is run to completion. -taint_resource_on_failed_create: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/jobs' +self_link: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/jobs?jobId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -iam_policy: !ruby/object:Api::Resource::IamPolicy +iam_policy: method_name_separator: ':' parent_resource_attribute: 'name' - base_url: projects/{{project}}/locations/{{location}}/jobs/{{name}} + base_url: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - ['projects/{{project}}/locations/{{location}}/jobs/{{name}}', '{{name}}'] -id_format: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' -import_format: ['projects/{{project}}/locations/{{location}}/jobs/{{name}}'] -autogen_async: true -virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'deletion_protection' - default_value: true - description: | - Whether Terraform will be prevented from destroying the job. Defaults to true. - When a`terraform destroy` or `terraform apply` would delete the job, - the command will fail if this field is not set to false in Terraform state. - When the field is set to true or unset in Terraform state, a `terraform apply` - or `terraform destroy` that would delete the job will fail. - When the field is set to false, deleting the job is allowed. -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: 'templates/terraform/pre_delete/cloudrunv2_job_deletion_policy.go.erb' + - 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' + - '{{name}}' +custom_code: + pre_delete: 'templates/terraform/pre_delete/cloudrunv2_job_deletion_policy.go.tmpl' +taint_resource_on_failed_create: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_basic' + - name: 'cloudrunv2_job_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_limits' + - name: 'cloudrunv2_job_limits' primary_resource_id: 'default' vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_sql' + - name: 'cloudrunv2_job_sql' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_job_name: 'cloudrun-job' secret_id: 'secret' cloud_run_sql_name: 'cloudrun-sql' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_vpcaccess' + - name: 'cloudrunv2_job_vpcaccess' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_job_name: 'cloudrun-job' vpc_access_connector_name: 'run-vpc' @@ -111,84 +94,86 @@ examples: compute_network_name: 'run-network' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_directvpc' + - name: 'cloudrunv2_job_directvpc' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_secret' + - name: 'cloudrunv2_job_secret' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_job_name: 'cloudrun-job' secret_id: 'secret' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_emptydir' - min_version: 'beta' + - name: 'cloudrunv2_job_emptydir' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' + min_version: 'beta' vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_job_run_job' - min_version: beta + - name: 'cloudrunv2_job_run_job' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-job%s\", context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' + min_version: 'beta' vars: cloud_run_job_name: 'cloudrun-job' ignore_read_extra: - 'deletion_protection' +virtual_fields: + - name: 'deletion_protection' + description: | + Whether Terraform will be prevented from destroying the job. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the job, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the job will fail. + When the field is set to false, deleting the job is allowed. + type: Boolean + default_value: true parameters: - - !ruby/object:Api::Type::String - name: 'location' - required: true - immutable: true - url_param_only: true + - name: 'location' + type: String description: The location of the cloud run job -properties: - - !ruby/object:Api::Type::String - name: 'name' + url_param_only: true required: true immutable: true - url_param_only: true +properties: + - name: 'name' + type: String description: | Name of the Job. + url_param_only: true + required: true + immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'uid' - output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + - name: 'uid' + type: String description: | Server assigned unique identifier for the Execution. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. - - !ruby/object:Api::Type::String - name: 'generation' output: true + - name: 'generation' + type: String description: | A number that monotonically increases every time the user modifies the desired state. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 Job. - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + - name: 'annotations' + type: KeyValueAnnotations description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -196,105 +181,105 @@ properties: All system annotations in v1 now have a corresponding field in v2 Job. This field follows Kubernetes annotations' namespacing, limits, and rules. - - !ruby/object:Api::Type::Time - name: 'createTime' - output: true + - name: 'createTime' + type: Time description: |- The creation time. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: |- The last-modified time. - - !ruby/object:Api::Type::Time - name: 'deleteTime' output: true + - name: 'deleteTime' + type: Time description: |- The deletion time. - - !ruby/object:Api::Type::Time - name: 'expireTime' output: true + - name: 'expireTime' + type: Time description: |- For a deleted resource, the time after which it will be permamently deleted. - - !ruby/object:Api::Type::String - name: 'creator' output: true + - name: 'creator' + type: String description: |- Email address of the authenticated creator. - - !ruby/object:Api::Type::String - name: 'lastModifier' output: true + - name: 'lastModifier' + type: String description: |- Email address of the last authenticated modifier. - - !ruby/object:Api::Type::String - name: 'client' + output: true + - name: 'client' + type: String description: | Arbitrary identifier for the API client. - - !ruby/object:Api::Type::String - name: 'clientVersion' + - name: 'clientVersion' + type: String description: | Arbitrary version identifier for the API client. - - !ruby/object:Api::Type::Enum - name: 'launchStage' + - name: 'launchStage' + type: Enum description: | The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. - values: - - :UNIMPLEMENTED - - :PRELAUNCH - - :EARLY_ACCESS - - :ALPHA - - :BETA - - :GA - - :DEPRECATED default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'binaryAuthorization' + enum_values: + - 'UNIMPLEMENTED' + - 'PRELAUNCH' + - 'EARLY_ACCESS' + - 'ALPHA' + - 'BETA' + - 'GA' + - 'DEPRECATED' + - name: 'binaryAuthorization' + type: NestedObject description: | Settings for the Binary Authorization feature. properties: - - !ruby/object:Api::Type::String - name: 'breakglassJustification' + - name: 'breakglassJustification' + type: String description: | If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass - - !ruby/object:Api::Type::Boolean - name: 'useDefault' + - name: 'useDefault' + type: Boolean description: | If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. conflicts: - policy - - !ruby/object:Api::Type::String - name: 'policy' + - name: 'policy' + type: String description: | The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} conflicts: - use_default - - !ruby/object:Api::Type::String - name: 'startExecutionToken' + - name: 'startExecutionToken' + type: String description: |- A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully started. The sum of job name and token length must be fewer than 63 characters. + min_version: 'beta' conflicts: - run_execution_token - min_version: beta - - !ruby/object:Api::Type::String - name: 'runExecutionToken' + - name: 'runExecutionToken' + type: String description: |- A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully completed. The sum of job name and token length must be fewer than 63 characters. + min_version: 'beta' conflicts: - start_execution_token - min_version: beta - - !ruby/object:Api::Type::NestedObject - name: 'template' - required: true + - name: 'template' + type: NestedObject description: | The template used to create executions for this Job. + required: true properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + - name: 'labels' + type: KeyValuePairs description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or @@ -302,8 +287,8 @@ properties: Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 ExecutionTemplate. - - !ruby/object:Api::Type::KeyValuePairs - name: 'annotations' + - name: 'annotations' + type: KeyValuePairs description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -311,150 +296,157 @@ properties: All system annotations in v1 now have a corresponding field in v2 ExecutionTemplate. This field follows Kubernetes annotations' namespacing, limits, and rules. - - !ruby/object:Api::Type::Integer - name: 'parallelism' + - name: 'parallelism' + type: Integer description: |- Specifies the maximum desired number of tasks the execution should run at given time. Must be <= taskCount. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'taskCount' + - name: 'taskCount' + type: Integer description: |- Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'template' - required: true + - name: 'template' + type: NestedObject description: | Describes the task(s) that will be created when executing an execution + required: true properties: - - !ruby/object:Api::Type::Array - name: 'containers' + - name: 'containers' + type: Array description: |- Holds the single container that defines the unit of execution for this task. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: |- Name of the container specified as a DNS_LABEL. - - !ruby/object:Api::Type::String - name: 'image' - required: true + - name: 'image' + type: String description: |- URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images - - !ruby/object:Api::Type::Array - name: 'command' + required: true + - name: 'command' + type: Array description: |- Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'args' + item_type: + type: String + - name: 'args' + type: Array description: |- Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'env' + item_type: + type: String + - name: 'env' + type: Array description: |- List of environment variables to set in the container. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: |- Name of the environment variable. Must be a C_IDENTIFIER, and mnay not exceed 32768 characters. - - !ruby/object:Api::Type::String - name: 'value' + required: true + - name: 'value' + type: String description: |- Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. # exactly_one_of: # - template.0.template.0.containers.0.env.0.value # - template.0.template.0.containers.0.env.0.valueSource - - !ruby/object:Api::Type::NestedObject - name: 'valueSource' + - name: 'valueSource' + type: NestedObject description: |- Source for the environment variable's value. # exactly_one_of: # - template.0.template.0.containers.0.env.0.value # - template.0.template.0.containers.0.env.0.valueSource properties: - - !ruby/object:Api::Type::NestedObject - name: 'secretKeyRef' + - name: 'secretKeyRef' + type: NestedObject description: |- Selects a secret and a specific version from Cloud Secret Manager. properties: - - !ruby/object:Api::Type::String - name: 'secret' - required: true + - name: 'secret' + type: String description: |- The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. - - !ruby/object:Api::Type::String - name: 'version' required: true + - name: 'version' + type: String description: |- The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. - - !ruby/object:Api::Type::NestedObject - name: 'resources' + required: true + - name: 'resources' + type: NestedObject description: |- Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources default_from_api: true properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'limits' + - name: 'limits' + type: KeyValuePairs description: |- Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go default_from_api: true - - !ruby/object:Api::Type::Array - name: 'ports' + - name: 'ports' + type: Array description: |- List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: |- If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". - - !ruby/object:Api::Type::Integer - name: 'containerPort' + - name: 'containerPort' + type: Integer description: |- Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. - - !ruby/object:Api::Type::Array - name: 'volumeMounts' + - name: 'volumeMounts' + type: Array description: |- Volume to mount into the container's filesystem. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: |- This must match the Name of a Volume. - - !ruby/object:Api::Type::String - name: 'mountPath' required: true + - name: 'mountPath' + type: String description: |- Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run - - !ruby/object:Api::Type::String - name: 'workingDir' + required: true + - name: 'workingDir' + type: String description: |- Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. - - !ruby/object:Api::Type::Array - name: 'volumes' + - name: 'volumes' + type: Array description: |- A list of Volumes to make available to containers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: |- Volume's name. - - !ruby/object:Api::Type::NestedObject - name: 'secret' + required: true + - name: 'secret' + type: NestedObject description: |- Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret # exactly_one_of: @@ -464,37 +456,38 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: - - !ruby/object:Api::Type::String - name: 'secret' - required: true + - name: 'secret' + type: String description: |- The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. - - !ruby/object:Api::Type::Integer - name: 'defaultMode' + required: true + - name: 'defaultMode' + type: Integer description: |- Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. - - !ruby/object:Api::Type::Array - name: 'items' + - name: 'items' + type: Array description: |- If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true + - name: 'path' + type: String description: |- The relative path of the secret in the container. - - !ruby/object:Api::Type::String - name: 'version' required: true + - name: 'version' + type: String description: |- The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version - - !ruby/object:Api::Type::Integer - name: 'mode' + required: true + - name: 'mode' + type: Integer description: |- Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. - - !ruby/object:Api::Type::NestedObject - name: 'cloudSqlInstance' + - name: 'cloudSqlInstance' + type: NestedObject description: |- For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. # exactly_one_of: @@ -504,16 +497,17 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: - - !ruby/object:Api::Type::Array - name: 'instances' + - name: 'instances' + type: Array description: |- The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'emptyDir' + item_type: + type: String + - name: 'emptyDir' + type: NestedObject description: |- Ephemeral storage used as a shared volume. - min_version: beta + min_version: 'beta' # exactly_one_of: # - template.0.template.0.volumes.0.secret # - template.0.template.0.volumes.0.cloudSqlInstance @@ -521,19 +515,19 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: - - !ruby/object:Api::Type::Enum - name: 'medium' + - name: 'medium' + type: Enum description: |- The different types of medium supported for EmptyDir. - values: - - :MEMORY - default_value: :MEMORY - - !ruby/object:Api::Type::String - name: 'sizeLimit' + default_value: "MEMORY" + enum_values: + - 'MEMORY' + - name: 'sizeLimit' + type: String description: |- Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - - !ruby/object:Api::Type::NestedObject - name: 'gcs' + - name: 'gcs' + type: NestedObject description: |- Cloud Storage bucket mounted as a volume using GCSFuse. # exactly_one_of: @@ -543,17 +537,17 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: - - !ruby/object:Api::Type::String - name: 'bucket' - required: true + - name: 'bucket' + type: String description: |- Name of the cloud storage bucket to back the volume. The resource service account must have permission to access the bucket. - - !ruby/object:Api::Type::Boolean - name: 'readOnly' + required: true + - name: 'readOnly' + type: Boolean description: |- If true, mount this volume as read-only in all mounts. If false, mount this volume as read-write. - - !ruby/object:Api::Type::NestedObject - name: 'nfs' + - name: 'nfs' + type: NestedObject description: |- NFS share mounted as a volume. # exactly_one_of: @@ -563,228 +557,230 @@ properties: # - template.0.volumes.0.gcs # - template.0.volumes.0.nfs properties: - - !ruby/object:Api::Type::String - name: 'server' - required: true + - name: 'server' + type: String description: |- Hostname or IP address of the NFS server. - - !ruby/object:Api::Type::String - name: 'path' + required: true + - name: 'path' + type: String description: |- Path that is exported by the NFS server. - - !ruby/object:Api::Type::Boolean - name: 'readOnly' + - name: 'readOnly' + type: Boolean description: |- If true, mount this volume as read-only in all mounts. - - !ruby/object:Api::Type::String - name: 'timeout' + - name: 'timeout' + type: String description: |- Max allowed time duration the Task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' - - !ruby/object:Api::Type::String - name: 'serviceAccount' + - name: 'serviceAccount' + type: String description: |- Email address of the IAM service account associated with the Task of a Job. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'executionEnvironment' + - name: 'executionEnvironment' + type: Enum description: |- The execution environment being used to host this Task. - values: - - :EXECUTION_ENVIRONMENT_GEN1 - - :EXECUTION_ENVIRONMENT_GEN2 default_from_api: true - - !ruby/object:Api::Type::String - name: 'encryptionKey' + enum_values: + - 'EXECUTION_ENVIRONMENT_GEN1' + - 'EXECUTION_ENVIRONMENT_GEN2' + - name: 'encryptionKey' + type: String description: |- A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccess' + - name: 'vpcAccess' + type: NestedObject description: |- VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. properties: - - !ruby/object:Api::Type::String - name: 'connector' + - name: 'connector' + type: String description: |- VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. - - !ruby/object:Api::Type::Enum - name: 'egress' + - name: 'egress' + type: Enum description: |- Traffic VPC egress settings. - values: - - :ALL_TRAFFIC - - :PRIVATE_RANGES_ONLY default_from_api: true - - !ruby/object:Api::Type::Array - name: 'networkInterfaces' + enum_values: + - 'ALL_TRAFFIC' + - 'PRIVATE_RANGES_ONLY' + - name: 'networkInterfaces' + type: Array description: |- Direct VPC egress settings. Currently only single network interface is supported. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'network' + - name: 'network' + type: String description: |- The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be looked up from the subnetwork. default_from_api: true - - !ruby/object:Api::Type::String - name: 'subnetwork' + - name: 'subnetwork' + type: String description: |- The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the subnetwork with the same name with the network will be used. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'tags' + - name: 'tags' + type: Array description: |- Network tags applied to this Cloud Run job. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'maxRetries' + item_type: + type: String + - name: 'maxRetries' + type: Integer description: |- Number of retries allowed per Task, before marking this Task failed. send_empty_value: true default_value: 3 - - !ruby/object:Api::Type::String - name: 'observedGeneration' - output: true + - name: 'observedGeneration' + type: String description: | The generation of this Job. See comments in reconciling for additional information on reconciliation process in Cloud Run. - - !ruby/object:Api::Type::NestedObject - name: 'terminalCondition' output: true + - name: 'terminalCondition' + type: NestedObject description: | The Condition of this Job, containing its readiness status, and detailed error information in case it did not reach the desired state + output: true properties: - - !ruby/object:Api::Type::String - name: 'type' - output: true + - name: 'type' + type: String description: |- type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - - !ruby/object:Api::Type::String - name: 'state' output: true + - name: 'state' + type: String description: |- State of the condition. - - !ruby/object:Api::Type::String - name: 'message' output: true + - name: 'message' + type: String description: |- Human readable message indicating details about the current status. - - !ruby/object:Api::Type::Time - name: 'lastTransitionTime' output: true + - name: 'lastTransitionTime' + type: Time description: |- Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::String - name: 'severity' output: true + - name: 'severity' + type: String description: |- How to interpret failures of this condition, one of Error, Warning, Info - - !ruby/object:Api::Type::String - name: 'reason' output: true + - name: 'reason' + type: String description: |- A common (service-level) reason for this condition. - - !ruby/object:Api::Type::String - name: 'revisionReason' output: true + - name: 'revisionReason' + type: String description: |- A reason for the revision condition. - - !ruby/object:Api::Type::String - name: 'executionReason' output: true + - name: 'executionReason' + type: String description: |- A reason for the execution condition. - - !ruby/object:Api::Type::Array - name: 'conditions' + output: true + - name: 'conditions' + type: Array description: |- The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Job does not reach its desired state. See comments in reconciling for additional information on `reconciliation` process in Cloud Run. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'type' - output: true + - name: 'type' + type: String description: |- type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - - !ruby/object:Api::Type::String - name: 'state' output: true + - name: 'state' + type: String description: |- State of the condition. - - !ruby/object:Api::Type::String - name: 'message' output: true + - name: 'message' + type: String description: |- Human readable message indicating details about the current status. - - !ruby/object:Api::Type::Time - name: 'lastTransitionTime' output: true + - name: 'lastTransitionTime' + type: Time description: |- Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::String - name: 'severity' output: true + - name: 'severity' + type: String description: |- How to interpret failures of this condition, one of Error, Warning, Info - - !ruby/object:Api::Type::String - name: 'reason' output: true + - name: 'reason' + type: String description: |- A common (service-level) reason for this condition. - - !ruby/object:Api::Type::String - name: 'revisionReason' output: true + - name: 'revisionReason' + type: String description: |- A reason for the revision condition. - - !ruby/object:Api::Type::String - name: 'executionReason' output: true + - name: 'executionReason' + type: String description: |- A reason for the execution condition. - - !ruby/object:Api::Type::Integer - name: 'executionCount' - output: true + output: true + - name: 'executionCount' + type: Integer description: | Number of executions created for this job. - - !ruby/object:Api::Type::NestedObject - name: 'latestCreatedExecution' output: true + - name: 'latestCreatedExecution' + type: NestedObject description: | Name of the last created execution. + output: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Name of the execution. - - !ruby/object:Api::Type::Time - name: 'createTime' output: true + - name: 'createTime' + type: Time description: | Creation timestamp of the execution. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Time - name: 'completionTime' output: true + - name: 'completionTime' + type: Time description: | Completion timestamp of the execution. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::Boolean - name: 'reconciling' - output: true + output: true + - name: 'reconciling' + type: Boolean description: | Returns true if the Job is currently being acted upon by the system to bring it into the desired state. @@ -793,8 +789,9 @@ properties: If reconciliation succeeded, the following fields will match: observedGeneration and generation, latest_succeeded_execution and latestCreatedExecution. If reconciliation failed, observedGeneration and latest_succeeded_execution will have the state of the last succeeded execution or empty for newly created Job. Additional information on the failure can be found in terminalCondition and conditions - - !ruby/object:Api::Type::String - name: 'etag' output: true + - name: 'etag' + type: String description: | A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. + output: true diff --git a/mmv1/products/cloudrunv2/Service.yaml b/mmv1/products/cloudrunv2/Service.yaml index d6c36d475bbe..b13c7da10c9b 100644 --- a/mmv1/products/cloudrunv2/Service.yaml +++ b/mmv1/products/cloudrunv2/Service.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,92 +11,82 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Service' -base_url: projects/{{project}}/locations/{{location}}/services -self_link: projects/{{project}}/locations/{{location}}/services/{{name}} -create_url: projects/{{project}}/locations/{{location}}/services?serviceId={{name}} -update_verb: :PATCH -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. +references: guides: 'Official Documentation': 'https://cloud.google.com/run/docs/' api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services' -description: | - Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: ':' - parent_resource_attribute: 'name' - base_url: projects/{{project}}/locations/{{location}}/services/{{name}} - import_format: ['projects/{{project}}/locations/{{location}}/services/{{name}}', '{{name}}'] -taint_resource_on_failed_create: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/services/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/services' +self_link: 'projects/{{project}}/locations/{{location}}/services/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/services?serviceId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{location}}/services/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -id_format: 'projects/{{project}}/locations/{{location}}/services/{{name}}' -import_format: ['projects/{{project}}/locations/{{location}}/services/{{name}}'] -autogen_async: true -virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'deletion_protection' - default_value: true - description: | - Whether Terraform will be prevented from destroying the service. Defaults to true. - When a`terraform destroy` or `terraform apply` would delete the service, - the command will fail if this field is not set to false in Terraform state. - When the field is set to true or unset in Terraform state, a `terraform apply` - or `terraform destroy` that would delete the service will fail. - When the field is set to false, deleting the service is allowed. -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: 'templates/terraform/pre_delete/cloudrunv2_service_deletion_policy.go.erb' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/locations/{{location}}/services/{{name}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/services/{{name}}' + - '{{name}}' +custom_code: + pre_delete: 'templates/terraform/pre_delete/cloudrunv2_service_deletion_policy.go.tmpl' +taint_resource_on_failed_create: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_basic' + - name: 'cloudrunv2_service_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_limits' + - name: 'cloudrunv2_service_limits' primary_resource_id: 'default' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_sql' + - name: 'cloudrunv2_service_sql' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' secret_id: 'secret-1' cloud_run_sql_name: 'cloudrun-sql' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_vpcaccess' + - name: 'cloudrunv2_service_vpcaccess' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' vpc_access_connector_name: 'run-vpc' @@ -104,116 +94,125 @@ examples: compute_network_name: 'run-network' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_directvpc' + - name: 'cloudrunv2_service_directvpc' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + vars: + cloud_run_service_name: 'cloudrun-service' + ignore_read_extra: + - 'deletion_protection' + - name: 'cloudrunv2_service_gpu' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + min_version: 'beta' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_probes' + - name: 'cloudrunv2_service_probes' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_secret' + - name: 'cloudrunv2_service_secret' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-srv%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' secret_id: 'secret-1' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_multicontainer' - min_version: 'beta' + - name: 'cloudrunv2_service_multicontainer' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service%s\", context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' + min_version: 'beta' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_mount_gcs' - # Currently failing - skip_vcr: true + - name: 'cloudrunv2_service_mount_gcs' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service-%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_mount_nfs' # Currently failing skip_vcr: true + - name: 'cloudrunv2_service_mount_nfs' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service-%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' vars: cloud_run_service_name: 'cloudrun-service' ignore_read_extra: - 'deletion_protection' - - - !ruby/object:Provider::Terraform::Examples - name: 'cloudrunv2_service_mesh' - min_version: 'beta' - external_providers: ['time'] + # Currently failing + skip_vcr: true + - name: 'cloudrunv2_service_mesh' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloudrun-service-%s\", context[\"random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' + min_version: 'beta' vars: cloud_run_service_name: 'cloudrun-service' mesh_name: 'network-services-mesh' ignore_read_extra: - 'deletion_protection' - + external_providers: ["time"] +virtual_fields: + - name: 'deletion_protection' + description: | + Whether Terraform will be prevented from destroying the service. Defaults to true. + When a`terraform destroy` or `terraform apply` would delete the service, + the command will fail if this field is not set to false in Terraform state. + When the field is set to true or unset in Terraform state, a `terraform apply` + or `terraform destroy` that would delete the service will fail. + When the field is set to false, deleting the service is allowed. + type: Boolean + default_value: true parameters: - - !ruby/object:Api::Type::String - name: 'location' - required: true - immutable: true - url_param_only: true + - name: 'location' + type: String description: The location of the cloud run service -properties: - - !ruby/object:Api::Type::String - name: 'name' + url_param_only: true required: true immutable: true - url_param_only: true +properties: + - name: 'name' + type: String description: | Name of the Service. + url_param_only: true + required: true + immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: templates/terraform/custom_expand/resource_from_self_link.go.erb - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'description' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + - name: 'description' + type: String description: | User-provided description of the Service. This field currently has a 512-character limit. - - !ruby/object:Api::Type::String - name: 'uid' - output: true + - name: 'uid' + type: String description: | Server assigned unique identifier for the trigger. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. - - !ruby/object:Api::Type::String - name: 'generation' output: true + - name: 'generation' + type: String description: | A number that monotonically increases every time the user modifies the desired state. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 Service. - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + - name: 'annotations' + type: KeyValueAnnotations description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -221,131 +220,131 @@ properties: All system annotations in v1 now have a corresponding field in v2 Service. This field follows Kubernetes annotations' namespacing, limits, and rules. - - !ruby/object:Api::Type::Time - name: 'createTime' - output: true + - name: 'createTime' + type: Time description: |- The creation time. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: |- The last-modified time. - - !ruby/object:Api::Type::Time - name: 'deleteTime' output: true + - name: 'deleteTime' + type: Time description: |- The deletion time. - - !ruby/object:Api::Type::Time - name: 'expireTime' output: true + - name: 'expireTime' + type: Time description: |- For a deleted resource, the time after which it will be permamently deleted. - - !ruby/object:Api::Type::String - name: 'creator' output: true + - name: 'creator' + type: String description: |- Email address of the authenticated creator. - - !ruby/object:Api::Type::String - name: 'lastModifier' output: true + - name: 'lastModifier' + type: String description: |- Email address of the last authenticated modifier. - - !ruby/object:Api::Type::String - name: 'client' + output: true + - name: 'client' + type: String description: | Arbitrary identifier for the API client. - - !ruby/object:Api::Type::String - name: 'clientVersion' + - name: 'clientVersion' + type: String description: | Arbitrary version identifier for the API client. - - !ruby/object:Api::Type::Enum - name: 'ingress' + - name: 'ingress' + type: Enum description: | Provides the ingress settings for this Service. On output, returns the currently observed ingress settings, or INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. - values: - - :INGRESS_TRAFFIC_ALL - - :INGRESS_TRAFFIC_INTERNAL_ONLY - - :INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'launchStage' + enum_values: + - 'INGRESS_TRAFFIC_ALL' + - 'INGRESS_TRAFFIC_INTERNAL_ONLY' + - 'INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER' + - name: 'launchStage' + type: Enum description: | The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. - values: - - :UNIMPLEMENTED - - :PRELAUNCH - - :EARLY_ACCESS - - :ALPHA - - :BETA - - :GA - - :DEPRECATED default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'binaryAuthorization' + enum_values: + - 'UNIMPLEMENTED' + - 'PRELAUNCH' + - 'EARLY_ACCESS' + - 'ALPHA' + - 'BETA' + - 'GA' + - 'DEPRECATED' + - name: 'binaryAuthorization' + type: NestedObject description: | Settings for the Binary Authorization feature. properties: - - !ruby/object:Api::Type::String - name: 'breakglassJustification' + - name: 'breakglassJustification' + type: String description: | If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass - - !ruby/object:Api::Type::Boolean - name: 'useDefault' + - name: 'useDefault' + type: Boolean description: | If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. conflicts: - policy - - !ruby/object:Api::Type::String - name: 'policy' + - name: 'policy' + type: String description: | The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} conflicts: - use_default - - !ruby/object:Api::Type::Array - name: 'customAudiences' + - name: 'customAudiences' + type: Array description: | One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a string. The custom audiences are encoded in the token and used to authenticate requests. For more information, see https://cloud.google.com/run/docs/configuring/custom-audiences. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'scaling' - min_version: beta + item_type: + type: String + - name: 'scaling' + type: NestedObject description: | Scaling settings that apply to the whole service properties: - - !ruby/object:Api::Type::Integer - name: 'minInstanceCount' + - name: 'minInstanceCount' + type: Integer description: | Minimum number of instances for the service, to be divided among all revisions receiving traffic. - - !ruby/object:Api::Type::Boolean - name: 'defaultUriDisabled' - min_version: beta + - name: 'defaultUriDisabled' + type: Boolean description: |- Disables public resolution of the default URI of this service. - - !ruby/object:Api::Type::NestedObject - name: 'template' - required: true + min_version: 'beta' + - name: 'template' + type: NestedObject description: | The template used to create revisions for this Service. + required: true properties: - - !ruby/object:Api::Type::String - name: 'revision' + - name: 'revision' + type: String description: |- The unique name for the revision. If this field is omitted, it will be automatically generated based on the Service name. - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + - name: 'labels' + type: KeyValuePairs description: |- Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 RevisionTemplate. - - !ruby/object:Api::Type::KeyValuePairs - name: 'annotations' + - name: 'annotations' + type: KeyValuePairs description: |- Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. @@ -353,358 +352,368 @@ properties: All system annotations in v1 now have a corresponding field in v2 RevisionTemplate. This field follows Kubernetes annotations' namespacing, limits, and rules. - - !ruby/object:Api::Type::NestedObject - name: 'scaling' + - name: 'scaling' + type: NestedObject description: | Scaling settings for this Revision. default_from_api: true properties: - - !ruby/object:Api::Type::Integer - name: 'minInstanceCount' + - name: 'minInstanceCount' + type: Integer description: |- Minimum number of serving instances that this resource should have. - - !ruby/object:Api::Type::Integer - name: 'maxInstanceCount' + - name: 'maxInstanceCount' + type: Integer description: |- Maximum number of serving instances that this resource should have. - - !ruby/object:Api::Type::NestedObject - name: 'vpcAccess' + - name: 'vpcAccess' + type: NestedObject description: |- VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. properties: - - !ruby/object:Api::Type::String - name: 'connector' + - name: 'connector' + type: String description: |- VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. - - !ruby/object:Api::Type::Enum - name: 'egress' + - name: 'egress' + type: Enum description: |- Traffic VPC egress settings. - values: - - :ALL_TRAFFIC - - :PRIVATE_RANGES_ONLY default_from_api: true - - !ruby/object:Api::Type::Array - name: 'networkInterfaces' + enum_values: + - 'ALL_TRAFFIC' + - 'PRIVATE_RANGES_ONLY' + - name: 'networkInterfaces' + type: Array description: |- Direct VPC egress settings. Currently only single network interface is supported. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'network' + - name: 'network' + type: String description: |- The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be looked up from the subnetwork. default_from_api: true - - !ruby/object:Api::Type::String - name: 'subnetwork' + - name: 'subnetwork' + type: String description: |- The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the subnetwork with the same name with the network will be used. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'tags' + - name: 'tags' + type: Array description: |- Network tags applied to this Cloud Run service. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'timeout' + item_type: + type: String + - name: 'timeout' + type: String description: |- Max allowed time for an instance to respond to a request. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' - - !ruby/object:Api::Type::String - name: 'serviceAccount' + - name: 'serviceAccount' + type: String description: |- Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'containers' + - name: 'containers' + type: Array description: |- Holds the containers that define the unit of execution for this Service. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: |- Name of the container specified as a DNS_LABEL. - - !ruby/object:Api::Type::String - name: 'image' - required: true + - name: 'image' + type: String description: |- URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images - - !ruby/object:Api::Type::Array - name: 'command' + required: true + - name: 'command' + type: Array description: |- Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'args' + item_type: + type: String + - name: 'args' + type: Array description: |- Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'env' + item_type: + type: String + - name: 'env' + type: Array description: |- List of environment variables to set in the container. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: |- Name of the environment variable. Must be a C_IDENTIFIER, and may not exceed 32768 characters. - - !ruby/object:Api::Type::String - name: 'value' + required: true + - name: 'value' + type: String description: |- Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. # exactly_one_of: # - template.0.containers.0.env.0.value # - template.0.containers.0.env.0.valueSource - - !ruby/object:Api::Type::NestedObject - name: 'valueSource' + - name: 'valueSource' + type: NestedObject description: |- Source for the environment variable's value. # exactly_one_of: # - template.0.containers.0.env.0.value # - template.0.containers.0.env.0.valueSource properties: - - !ruby/object:Api::Type::NestedObject - name: 'secretKeyRef' + - name: 'secretKeyRef' + type: NestedObject description: |- Selects a secret and a specific version from Cloud Secret Manager. properties: - - !ruby/object:Api::Type::String - name: 'secret' - required: true + - name: 'secret' + type: String description: |- The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. - - !ruby/object:Api::Type::String - name: 'version' + required: true + - name: 'version' + type: String description: |- The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. - - !ruby/object:Api::Type::NestedObject - name: 'resources' + - name: 'resources' + type: NestedObject description: |- Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources default_from_api: true properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'limits' + - name: 'limits' + type: KeyValuePairs description: |- - Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + Only memory, CPU, and nvidia.com/gpu are supported. Use key `cpu` for CPU limit, `memory` for memory limit, `nvidia.com/gpu` for gpu limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'cpuIdle' + - name: 'cpuIdle' + type: Boolean description: |- Determines whether CPU is only allocated during requests. True by default if the parent `resources` field is not set. However, if `resources` is set, this field must be explicitly set to true to preserve the default behavior. - - !ruby/object:Api::Type::Boolean - name: 'startupCpuBoost' + - name: 'startupCpuBoost' + type: Boolean description: |- Determines whether CPU should be boosted on startup of a new container instance above the requested CPU threshold, this can help reduce cold-start latency. - - !ruby/object:Api::Type::Array - name: 'ports' - max_size: 1 + - name: 'ports' + type: Array description: |- List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: |- If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'containerPort' + - name: 'containerPort' + type: Integer description: |- Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. - - !ruby/object:Api::Type::Array - name: 'volumeMounts' + max_size: 1 + - name: 'volumeMounts' + type: Array description: |- Volume to mount into the container's filesystem. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: |- This must match the Name of a Volume. - - !ruby/object:Api::Type::String - name: 'mountPath' required: true + - name: 'mountPath' + type: String description: |- Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run - - !ruby/object:Api::Type::String - name: 'workingDir' + required: true + - name: 'workingDir' + type: String description: |- Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. - - !ruby/object:Api::Type::NestedObject - name: 'livenessProbe' + - name: 'livenessProbe' + type: NestedObject description: |- Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: - - !ruby/object:Api::Type::Integer - name: 'initialDelaySeconds' + - name: 'initialDelaySeconds' + type: Integer description: |- Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes default_value: 0 - - !ruby/object:Api::Type::Integer - name: 'timeoutSeconds' + - name: 'timeoutSeconds' + type: Integer description: |- Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes default_value: 1 - - !ruby/object:Api::Type::Integer - name: 'periodSeconds' + - name: 'periodSeconds' + type: Integer description: |- How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds default_value: 10 - - !ruby/object:Api::Type::Integer - name: 'failureThreshold' + - name: 'failureThreshold' + type: Integer description: |- Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. default_value: 3 - - !ruby/object:Api::Type::NestedObject - name: 'httpGet' + - name: 'httpGet' + type: NestedObject description: |- HTTPGet specifies the http request to perform. send_empty_value: true allow_empty_object: true + # exactly_one_of: + # - template.0.containers.0.startupProbe.0.httpGet + # - template.0.containers.0.startupProbe.0.tcpSocket + # - template.0.containers.0.startupProbe.0.grpc properties: - - !ruby/object:Api::Type::String - name: 'path' - default_value: '/' + - name: 'path' + type: String description: |- Path to access on the HTTP server. Defaults to '/'. - - !ruby/object:Api::Type::Integer - name: port + default_value: "/" + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'httpHeaders' + - name: 'httpHeaders' + type: Array description: |- Custom headers to set in the request. HTTP allows repeated headers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name - required: true + - name: 'name' + type: String description: |- The header field name - - !ruby/object:Api::Type::String - name: value + required: true + - name: 'value' + type: String description: |- The header field value - default_value: '' send_empty_value: true - - !ruby/object:Api::Type::NestedObject - name: grpc + default_value: "" + - name: 'grpc' + type: NestedObject description: |- GRPC specifies an action involving a GRPC port. send_empty_value: true allow_empty_object: true properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. - - !ruby/object:Api::Type::NestedObject - name: tcpSocket + - name: 'tcpSocket' + type: NestedObject description: TCPSocketAction describes an action based on opening a socket properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to the exposed port of the container, which is the value of container.ports[0].containerPort. required: true - - !ruby/object:Api::Type::NestedObject - name: 'startupProbe' + - name: 'startupProbe' + type: NestedObject description: |- Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes default_from_api: true properties: - - !ruby/object:Api::Type::Integer - name: 'initialDelaySeconds' + - name: 'initialDelaySeconds' + type: Integer description: |- Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes default_value: 0 - - !ruby/object:Api::Type::Integer - name: 'timeoutSeconds' + - name: 'timeoutSeconds' + type: Integer description: |- Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes default_value: 1 - - !ruby/object:Api::Type::Integer - name: 'periodSeconds' + - name: 'periodSeconds' + type: Integer description: |- How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds default_value: 10 - - !ruby/object:Api::Type::Integer - name: 'failureThreshold' + - name: 'failureThreshold' + type: Integer description: |- Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. default_value: 3 - - !ruby/object:Api::Type::NestedObject - name: 'httpGet' + - name: 'httpGet' + type: NestedObject description: |- HTTPGet specifies the http request to perform. Exactly one of HTTPGet or TCPSocket must be specified. send_empty_value: true allow_empty_object: true - # exactly_one_of: - # - template.0.containers.0.startupProbe.0.httpGet - # - template.0.containers.0.startupProbe.0.tcpSocket - # - template.0.containers.0.startupProbe.0.grpc properties: - - !ruby/object:Api::Type::String - name: 'path' - default_value: '/' + - name: 'path' + type: String description: |- Path to access on the HTTP server. Defaults to '/'. - - !ruby/object:Api::Type::Integer - name: port + default_value: "/" + - name: 'port' + type: Integer description: |- Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'httpHeaders' + - name: 'httpHeaders' + type: Array description: |- Custom headers to set in the request. HTTP allows repeated headers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name - required: true + - name: 'name' + type: String description: |- The header field name - - !ruby/object:Api::Type::String - name: value + required: true + - name: 'value' + type: String description: |- The header field value - default_value: '' send_empty_value: true - - !ruby/object:Api::Type::NestedObject - name: 'tcpSocket' + default_value: "" + - name: 'tcpSocket' + type: NestedObject description: |- TCPSocket specifies an action involving a TCP port. Exactly one of HTTPGet or TCPSocket must be specified. send_empty_value: true @@ -714,14 +723,14 @@ properties: # - template.0.containers.0.startupProbe.0.tcpSocket # - template.0.containers.0.startupProbe.0.grpc properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: grpc + - name: 'grpc' + type: NestedObject description: |- GRPC specifies an action involving a GRPC port. send_empty_value: true @@ -731,36 +740,38 @@ properties: # - template.0.containers.0.startupProbe.0.tcpSocket # - template.0.containers.0.startupProbe.0.grpc properties: - - !ruby/object:Api::Type::Integer - name: port + - name: 'port' + type: Integer description: |- Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. default_from_api: true - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: |- The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC. - - !ruby/object:Api::Type::Array - name: 'dependsOn' + - name: 'dependsOn' + type: Array description: |- Containers which should be started before this container. If specified the container will wait to start until all containers with the listed names are healthy. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'volumes' + item_type: + type: String + - name: 'volumes' + type: Array description: |- A list of Volumes to make available to containers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: |- Volume's name. - - !ruby/object:Api::Type::NestedObject - name: 'secret' + required: true + - name: 'secret' + type: NestedObject description: |- Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret # exactly_one_of: @@ -768,36 +779,37 @@ properties: # - template.0.volumes.0.cloudSqlInstance # - template.0.volumes.0.emptyDir properties: - - !ruby/object:Api::Type::String - name: 'secret' - required: true + - name: 'secret' + type: String description: |- The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. - - !ruby/object:Api::Type::Integer - name: 'defaultMode' + required: true + - name: 'defaultMode' + type: Integer description: |- Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. - - !ruby/object:Api::Type::Array - name: 'items' + - name: 'items' + type: Array description: |- If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'path' - required: true + - name: 'path' + type: String description: |- The relative path of the secret in the container. - - !ruby/object:Api::Type::String - name: 'version' + required: true + - name: 'version' + type: String description: |- The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version - - !ruby/object:Api::Type::Integer - name: 'mode' + - name: 'mode' + type: Integer description: |- Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. - - !ruby/object:Api::Type::NestedObject - name: 'cloudSqlInstance' + - name: 'cloudSqlInstance' + type: NestedObject description: |- For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. # exactly_one_of: @@ -806,36 +818,37 @@ properties: # - template.0.volumes.0.emptyDir # - template.0.volumes.0.gcs properties: - - !ruby/object:Api::Type::Array - name: 'instances' + - name: 'instances' + type: Array description: |- The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} - item_type: Api::Type::String is_set: true - - !ruby/object:Api::Type::NestedObject - name: 'emptyDir' + item_type: + type: String + - name: 'emptyDir' + type: NestedObject description: |- Ephemeral storage used as a shared volume. - min_version: beta + min_version: 'beta' # exactly_one_of: # - template.0.volumes.0.secret # - template.0.volumes.0.cloudSqlInstance # - template.0.volumes.0.emptyDir # - template.0.volumes.0.gcs properties: - - !ruby/object:Api::Type::Enum - name: 'medium' + - name: 'medium' + type: Enum description: |- The different types of medium supported for EmptyDir. - values: - - :MEMORY - default_value: :MEMORY - - !ruby/object:Api::Type::String - name: 'sizeLimit' + default_value: "MEMORY" + enum_values: + - 'MEMORY' + - name: 'sizeLimit' + type: String description: |- Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - - !ruby/object:Api::Type::NestedObject - name: 'gcs' + - name: 'gcs' + type: NestedObject description: |- Cloud Storage bucket mounted as a volume using GCSFuse. This feature is only supported in the gen2 execution environment. # exactly_one_of: @@ -844,238 +857,250 @@ properties: # - template.0.volumes.0.emptyDir # - template.0.volumes.0.gcs properties: - - !ruby/object:Api::Type::String - name: bucket + - name: 'bucket' + type: String description: GCS Bucket name required: true - - !ruby/object:Api::Type::Boolean - name: readOnly + - name: 'readOnly' + type: Boolean description: If true, mount the GCS bucket as read-only required: false - - !ruby/object:Api::Type::NestedObject - name: nfs + - name: 'nfs' + type: NestedObject description: Represents an NFS mount. properties: - - !ruby/object:Api::Type::String - name: server + - name: 'server' + type: String description: Hostname or IP address of the NFS server required: true - - !ruby/object:Api::Type::String - name: path + - name: 'path' + type: String description: Path that is exported by the NFS server. required: true - - !ruby/object:Api::Type::Boolean - name: readOnly + - name: 'readOnly' + type: Boolean description: If true, mount the NFS volume as read only required: false - - !ruby/object:Api::Type::Enum - name: 'executionEnvironment' + - name: 'executionEnvironment' + type: Enum description: |- The sandbox environment to host this Revision. - values: - - :EXECUTION_ENVIRONMENT_GEN1 - - :EXECUTION_ENVIRONMENT_GEN2 - - !ruby/object:Api::Type::String - name: 'encryptionKey' + enum_values: + - 'EXECUTION_ENVIRONMENT_GEN1' + - 'EXECUTION_ENVIRONMENT_GEN2' + - name: 'encryptionKey' + type: String description: |- A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek - - !ruby/object:Api::Type::Integer - name: 'maxInstanceRequestConcurrency' + - name: 'maxInstanceRequestConcurrency' + type: Integer description: |- Sets the maximum number of requests that each serving instance can receive. If not specified or 0, defaults to 80 when requested CPU >= 1 and defaults to 1 when requested CPU < 1. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'sessionAffinity' + - name: 'sessionAffinity' + type: Boolean description: |- Enables session affinity. For more information, go to https://cloud.google.com/run/docs/configuring/session-affinity - - !ruby/object:Api::Type::NestedObject - name: 'serviceMesh' - min_version: beta + - name: 'serviceMesh' + type: NestedObject description: |- Enables Cloud Service Mesh for this Revision. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'mesh' + - name: 'mesh' + type: String description: |- The Mesh resource name. For more information see https://cloud.google.com/service-mesh/docs/reference/network-services/rest/v1/projects.locations.meshes#resource:-mesh. - - !ruby/object:Api::Type::Array - name: 'traffic' + - name: 'nodeSelector' + type: NestedObject + description: Node Selector describes the hardware requirements of the resources. + min_version: 'beta' + properties: + - name: 'accelerator' + type: String + description: + The GPU to attach to an instance. See https://cloud.google.com/run/docs/configuring/services/gpu for configuring GPU. + required: true + - name: 'traffic' + type: Array description: |- Specifies how to distribute traffic over a collection of Revisions belonging to the Service. If traffic is empty or not provided, defaults to 100% traffic to the latest Ready Revision. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: | The allocation type for this traffic target. - values: - - :TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST - - :TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION - - !ruby/object:Api::Type::String - name: 'revision' + enum_values: + - 'TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST' + - 'TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION' + - name: 'revision' + type: String description: | Revision to which to send this portion of traffic, if traffic allocation is by revision. - - !ruby/object:Api::Type::Integer - name: 'percent' + - name: 'percent' + type: Integer description: | Specifies percent of the traffic to this Revision. This defaults to zero if unspecified. default_from_api: true - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | Indicates a string to be part of the URI to exclusively reference this target. - - !ruby/object:Api::Type::String - name: 'observedGeneration' - output: true + - name: 'observedGeneration' + type: String description: | The generation of this Service currently serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. - - !ruby/object:Api::Type::NestedObject - name: 'terminalCondition' output: true + - name: 'terminalCondition' + type: NestedObject description: | The Condition of this Service, containing its readiness status, and detailed error information in case it did not reach a serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. + output: true properties: - - !ruby/object:Api::Type::String - name: 'type' - output: true + - name: 'type' + type: String description: |- type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - - !ruby/object:Api::Type::String - name: 'state' output: true + - name: 'state' + type: String description: |- State of the condition. - - !ruby/object:Api::Type::String - name: 'message' output: true + - name: 'message' + type: String description: |- Human readable message indicating details about the current status. - - !ruby/object:Api::Type::Time - name: 'lastTransitionTime' output: true + - name: 'lastTransitionTime' + type: Time description: |- Last time the condition transitioned from one status to another. - - !ruby/object:Api::Type::String - name: 'severity' output: true + - name: 'severity' + type: String description: |- How to interpret failures of this condition, one of Error, Warning, Info - - !ruby/object:Api::Type::String - name: 'reason' output: true + - name: 'reason' + type: String description: |- A common (service-level) reason for this condition. - - !ruby/object:Api::Type::String - name: 'revisionReason' output: true + - name: 'revisionReason' + type: String description: |- A reason for the revision condition. - - !ruby/object:Api::Type::String - name: 'executionReason' output: true + - name: 'executionReason' + type: String description: |- A reason for the execution condition. - - !ruby/object:Api::Type::Array - name: 'conditions' + output: true + - name: 'conditions' + type: Array description: |- The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'type' - output: true + - name: 'type' + type: String description: |- type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - - !ruby/object:Api::Type::String - name: 'state' output: true + - name: 'state' + type: String description: |- State of the condition. - - !ruby/object:Api::Type::String - name: 'message' output: true + - name: 'message' + type: String description: |- Human readable message indicating details about the current status. - - !ruby/object:Api::Type::Time - name: 'lastTransitionTime' output: true + - name: 'lastTransitionTime' + type: Time description: |- Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - - !ruby/object:Api::Type::String - name: 'severity' output: true + - name: 'severity' + type: String description: |- How to interpret failures of this condition, one of Error, Warning, Info - - !ruby/object:Api::Type::String - name: 'reason' output: true + - name: 'reason' + type: String description: |- A common (service-level) reason for this condition. - - !ruby/object:Api::Type::String - name: 'revisionReason' output: true + - name: 'revisionReason' + type: String description: |- A reason for the revision condition. - - !ruby/object:Api::Type::String - name: 'executionReason' output: true + - name: 'executionReason' + type: String description: |- A reason for the execution condition. - - !ruby/object:Api::Type::String - name: 'latestReadyRevision' - output: true + output: true + - name: 'latestReadyRevision' + type: String description: | Name of the latest revision that is serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. - - !ruby/object:Api::Type::String - name: 'latestCreatedRevision' output: true + - name: 'latestCreatedRevision' + type: String description: | Name of the last created revision. See comments in reconciling for additional information on reconciliation process in Cloud Run. - - !ruby/object:Api::Type::Array - name: 'trafficStatuses' + output: true + - name: 'trafficStatuses' + type: Array description: |- Detailed status information for corresponding traffic targets. See comments in reconciling for additional information on reconciliation process in Cloud Run. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'type' - output: true + - name: 'type' + type: String description: |- The allocation type for this traffic target. - - !ruby/object:Api::Type::String - name: 'revision' output: true + - name: 'revision' + type: String description: |- Revision to which this traffic is sent. - - !ruby/object:Api::Type::Integer - name: 'percent' output: true + - name: 'percent' + type: Integer description: |- Specifies percent of the traffic to this Revision. - - !ruby/object:Api::Type::String - name: 'tag' output: true + - name: 'tag' + type: String description: |- Indicates the string used in the URI to exclusively reference this target. - - !ruby/object:Api::Type::String - name: 'uri' output: true + - name: 'uri' + type: String description: |- Displays the target URI. - - !ruby/object:Api::Type::String - name: 'uri' - output: true + output: true + - name: 'uri' + type: String description: | The main URI in which this Service is serving traffic. - - !ruby/object:Api::Type::Boolean - name: 'reconciling' output: true + - name: 'reconciling' + type: Boolean description: | Returns true if the Service is currently being acted upon by the system to bring it into the desired state. @@ -1084,8 +1109,9 @@ properties: If reconciliation succeeded, the following fields will match: traffic and trafficStatuses, observedGeneration and generation, latestReadyRevision and latestCreatedRevision. If reconciliation failed, trafficStatuses, observedGeneration, and latestReadyRevision will have the state of the last serving revision, or empty for newly created Services. Additional information on the failure can be found in terminalCondition and conditions. - - !ruby/object:Api::Type::String - name: 'etag' output: true + - name: 'etag' + type: String description: | A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. + output: true diff --git a/mmv1/products/cloudrunv2/go_Job.yaml b/mmv1/products/cloudrunv2/go_Job.yaml deleted file mode 100644 index 398ff9c94bb1..000000000000 --- a/mmv1/products/cloudrunv2/go_Job.yaml +++ /dev/null @@ -1,790 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Job' -description: | - A Cloud Run Job resource that references a container image which is run to completion. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/run/docs/' - api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.jobs' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/jobs' -self_link: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/jobs?jobId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/jobs/{{name}}' - - '{{name}}' -custom_code: - pre_delete: 'templates/terraform/pre_delete/go/cloudrunv2_job_deletion_policy.go.tmpl' -taint_resource_on_failed_create: true -examples: - - name: 'cloudrunv2_job_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' - vars: - cloud_run_job_name: 'cloudrun-job' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_limits' - primary_resource_id: 'default' - vars: - cloud_run_job_name: 'cloudrun-job' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_sql' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_job_name: 'cloudrun-job' - secret_id: 'secret' - cloud_run_sql_name: 'cloudrun-sql' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_vpcaccess' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_job_name: 'cloudrun-job' - vpc_access_connector_name: 'run-vpc' - vpc_compute_subnetwork_name: 'run-subnetwork' - compute_network_name: 'run-network' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_directvpc' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' - vars: - cloud_run_job_name: 'cloudrun-job' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_secret' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_job_name: 'cloudrun-job' - secret_id: 'secret' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_emptydir' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' - min_version: 'beta' - vars: - cloud_run_job_name: 'cloudrun-job' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_job_run_job' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-job%s", context["random_suffix"])' - min_version: 'beta' - vars: - cloud_run_job_name: 'cloudrun-job' - ignore_read_extra: - - 'deletion_protection' -virtual_fields: - - name: 'deletion_protection' - description: | - Whether Terraform will be prevented from destroying the job. Defaults to true. - When a`terraform destroy` or `terraform apply` would delete the job, - the command will fail if this field is not set to false in Terraform state. - When the field is set to true or unset in Terraform state, a `terraform apply` - or `terraform destroy` that would delete the job will fail. - When the field is set to false, deleting the job is allowed. - type: Boolean - default_value: true -parameters: - - name: 'location' - type: String - description: The location of the cloud run job - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Name of the Job. - url_param_only: true - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - - name: 'uid' - type: String - description: | - Server assigned unique identifier for the Execution. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. - output: true - - name: 'generation' - type: String - description: | - A number that monotonically increases every time the user modifies the desired state. - output: true - - name: 'labels' - type: KeyValueLabels - description: |- - Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, - environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. - - Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. - All system labels in v1 now have a corresponding field in v2 Job. - - name: 'annotations' - type: KeyValueAnnotations - description: |- - Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. - - Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected on new resources. - All system annotations in v1 now have a corresponding field in v2 Job. - - This field follows Kubernetes annotations' namespacing, limits, and rules. - - name: 'createTime' - type: Time - description: |- - The creation time. - output: true - - name: 'updateTime' - type: Time - description: |- - The last-modified time. - output: true - - name: 'deleteTime' - type: Time - description: |- - The deletion time. - output: true - - name: 'expireTime' - type: Time - description: |- - For a deleted resource, the time after which it will be permamently deleted. - output: true - - name: 'creator' - type: String - description: |- - Email address of the authenticated creator. - output: true - - name: 'lastModifier' - type: String - description: |- - Email address of the last authenticated modifier. - output: true - - name: 'client' - type: String - description: | - Arbitrary identifier for the API client. - - name: 'clientVersion' - type: String - description: | - Arbitrary version identifier for the API client. - - name: 'launchStage' - type: Enum - description: | - The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. - If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. - - For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. - default_from_api: true - enum_values: - - 'UNIMPLEMENTED' - - 'PRELAUNCH' - - 'EARLY_ACCESS' - - 'ALPHA' - - 'BETA' - - 'GA' - - 'DEPRECATED' - - name: 'binaryAuthorization' - type: NestedObject - description: | - Settings for the Binary Authorization feature. - properties: - - name: 'breakglassJustification' - type: String - description: | - If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass - - name: 'useDefault' - type: Boolean - description: | - If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. - conflicts: - - policy - - name: 'policy' - type: String - description: | - The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} - conflicts: - - use_default - - name: 'startExecutionToken' - type: String - description: |- - A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully started. - The sum of job name and token length must be fewer than 63 characters. - min_version: 'beta' - conflicts: - - run_execution_token - - name: 'runExecutionToken' - type: String - description: |- - A unique string used as a suffix creating a new execution upon job create or update. The Job will become ready when the execution is successfully completed. - The sum of job name and token length must be fewer than 63 characters. - min_version: 'beta' - conflicts: - - start_execution_token - - name: 'template' - type: NestedObject - description: | - The template used to create executions for this Job. - required: true - properties: - - name: 'labels' - type: KeyValuePairs - description: |- - Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, - or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or - https://cloud.google.com/run/docs/configuring/labels. - - Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. - All system labels in v1 now have a corresponding field in v2 ExecutionTemplate. - - name: 'annotations' - type: KeyValuePairs - description: |- - Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. - - Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. - All system annotations in v1 now have a corresponding field in v2 ExecutionTemplate. - - This field follows Kubernetes annotations' namespacing, limits, and rules. - - name: 'parallelism' - type: Integer - description: |- - Specifies the maximum desired number of tasks the execution should run at given time. Must be <= taskCount. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism. - default_from_api: true - - name: 'taskCount' - type: Integer - description: |- - Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ - default_from_api: true - - name: 'template' - type: NestedObject - description: | - Describes the task(s) that will be created when executing an execution - required: true - properties: - - name: 'containers' - type: Array - description: |- - Holds the single container that defines the unit of execution for this task. - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Name of the container specified as a DNS_LABEL. - - name: 'image' - type: String - description: |- - URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images - required: true - - name: 'command' - type: Array - description: |- - Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - item_type: - type: String - - name: 'args' - type: Array - description: |- - Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. - item_type: - type: String - - name: 'env' - type: Array - description: |- - List of environment variables to set in the container. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Name of the environment variable. Must be a C_IDENTIFIER, and mnay not exceed 32768 characters. - required: true - - name: 'value' - type: String - description: |- - Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. - # exactly_one_of: - # - template.0.template.0.containers.0.env.0.value - # - template.0.template.0.containers.0.env.0.valueSource - - name: 'valueSource' - type: NestedObject - description: |- - Source for the environment variable's value. - # exactly_one_of: - # - template.0.template.0.containers.0.env.0.value - # - template.0.template.0.containers.0.env.0.valueSource - properties: - - name: 'secretKeyRef' - type: NestedObject - description: |- - Selects a secret and a specific version from Cloud Secret Manager. - properties: - - name: 'secret' - type: String - description: |- - The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. - required: true - - name: 'version' - type: String - description: |- - The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. - required: true - - name: 'resources' - type: NestedObject - description: |- - Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - default_from_api: true - properties: - - name: 'limits' - type: KeyValuePairs - description: |- - Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go - default_from_api: true - - name: 'ports' - type: Array - description: |- - List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. - - If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". - - name: 'containerPort' - type: Integer - description: |- - Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. - - name: 'volumeMounts' - type: Array - description: |- - Volume to mount into the container's filesystem. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - This must match the Name of a Volume. - required: true - - name: 'mountPath' - type: String - description: |- - Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run - required: true - - name: 'workingDir' - type: String - description: |- - Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. - - name: 'volumes' - type: Array - description: |- - A list of Volumes to make available to containers. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Volume's name. - required: true - - name: 'secret' - type: NestedObject - description: |- - Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - # exactly_one_of: - # - template.0.template.0.volumes.0.secret - # - template.0.template.0.volumes.0.cloudSqlInstance - # - template.0.template.0.volumes.0.emptyDir - # - template.0.volumes.0.gcs - # - template.0.volumes.0.nfs - properties: - - name: 'secret' - type: String - description: |- - The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. - required: true - - name: 'defaultMode' - type: Integer - description: |- - Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. - - name: 'items' - type: Array - description: |- - If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. - item_type: - type: NestedObject - properties: - - name: 'path' - type: String - description: |- - The relative path of the secret in the container. - required: true - - name: 'version' - type: String - description: |- - The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version - required: true - - name: 'mode' - type: Integer - description: |- - Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. - - name: 'cloudSqlInstance' - type: NestedObject - description: |- - For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. - # exactly_one_of: - # - template.0.template.0.volumes.0.secret - # - template.0.template.0.volumes.0.cloudSqlInstance - # - template.0.template.0.volumes.0.emptyDir - # - template.0.volumes.0.gcs - # - template.0.volumes.0.nfs - properties: - - name: 'instances' - type: Array - description: |- - The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} - item_type: - type: String - - name: 'emptyDir' - type: NestedObject - description: |- - Ephemeral storage used as a shared volume. - min_version: 'beta' - properties: - - name: 'medium' - type: Enum - description: |- - The different types of medium supported for EmptyDir. - default_value: "MEMORY" - enum_values: - - 'MEMORY' - - name: 'sizeLimit' - type: String - description: |- - Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - - name: 'gcs' - type: NestedObject - description: |- - Cloud Storage bucket mounted as a volume using GCSFuse. - # exactly_one_of: - # - template.0.volumes.0.secret - # - template.0.volumes.0.cloudSqlInstance - # - template.0.volumes.0.emptyDir - # - template.0.volumes.0.gcs - # - template.0.volumes.0.nfs - properties: - - name: 'bucket' - type: String - description: |- - Name of the cloud storage bucket to back the volume. The resource service account must have permission to access the bucket. - required: true - - name: 'readOnly' - type: Boolean - description: |- - If true, mount this volume as read-only in all mounts. If false, mount this volume as read-write. - - name: 'nfs' - type: NestedObject - description: |- - NFS share mounted as a volume. - # exactly_one_of: - # - template.0.volumes.0.secret - # - template.0.volumes.0.cloudSqlInstance - # - template.0.volumes.0.emptyDir - # - template.0.volumes.0.gcs - # - template.0.volumes.0.nfs - properties: - - name: 'server' - type: String - description: |- - Hostname or IP address of the NFS server. - required: true - - name: 'path' - type: String - description: |- - Path that is exported by the NFS server. - - name: 'readOnly' - type: Boolean - description: |- - If true, mount this volume as read-only in all mounts. - - name: 'timeout' - type: String - description: |- - Max allowed time duration the Task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout. - - A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". - default_from_api: true - validation: - regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' - - name: 'serviceAccount' - type: String - description: |- - Email address of the IAM service account associated with the Task of a Job. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account. - default_from_api: true - - name: 'executionEnvironment' - type: Enum - description: |- - The execution environment being used to host this Task. - default_from_api: true - enum_values: - - 'EXECUTION_ENVIRONMENT_GEN1' - - 'EXECUTION_ENVIRONMENT_GEN2' - - name: 'encryptionKey' - type: String - description: |- - A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek - - name: 'vpcAccess' - type: NestedObject - description: |- - VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. - properties: - - name: 'connector' - type: String - description: |- - VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. - - name: 'egress' - type: Enum - description: |- - Traffic VPC egress settings. - default_from_api: true - enum_values: - - 'ALL_TRAFFIC' - - 'PRIVATE_RANGES_ONLY' - - name: 'networkInterfaces' - type: Array - description: |- - Direct VPC egress settings. Currently only single network interface is supported. - item_type: - type: NestedObject - properties: - - name: 'network' - type: String - description: |- - The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both - network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be - looked up from the subnetwork. - default_from_api: true - - name: 'subnetwork' - type: String - description: |- - The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both - network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the - subnetwork with the same name with the network will be used. - default_from_api: true - - name: 'tags' - type: Array - description: |- - Network tags applied to this Cloud Run job. - item_type: - type: String - - name: 'maxRetries' - type: Integer - description: |- - Number of retries allowed per Task, before marking this Task failed. - send_empty_value: true - default_value: 3 - - name: 'observedGeneration' - type: String - description: | - The generation of this Job. See comments in reconciling for additional information on reconciliation process in Cloud Run. - output: true - - name: 'terminalCondition' - type: NestedObject - description: | - The Condition of this Job, containing its readiness status, and detailed error information in case it did not reach the desired state - output: true - properties: - - name: 'type' - type: String - description: |- - type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - output: true - - name: 'state' - type: String - description: |- - State of the condition. - output: true - - name: 'message' - type: String - description: |- - Human readable message indicating details about the current status. - output: true - - name: 'lastTransitionTime' - type: Time - description: |- - Last time the condition transitioned from one status to another. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'severity' - type: String - description: |- - How to interpret failures of this condition, one of Error, Warning, Info - output: true - - name: 'reason' - type: String - description: |- - A common (service-level) reason for this condition. - output: true - - name: 'revisionReason' - type: String - description: |- - A reason for the revision condition. - output: true - - name: 'executionReason' - type: String - description: |- - A reason for the execution condition. - output: true - - name: 'conditions' - type: Array - description: |- - The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Job does not reach its desired state. See comments in reconciling for additional information on `reconciliation` process in Cloud Run. - output: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: String - description: |- - type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - output: true - - name: 'state' - type: String - description: |- - State of the condition. - output: true - - name: 'message' - type: String - description: |- - Human readable message indicating details about the current status. - output: true - - name: 'lastTransitionTime' - type: Time - description: |- - Last time the condition transitioned from one status to another. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'severity' - type: String - description: |- - How to interpret failures of this condition, one of Error, Warning, Info - output: true - - name: 'reason' - type: String - description: |- - A common (service-level) reason for this condition. - output: true - - name: 'revisionReason' - type: String - description: |- - A reason for the revision condition. - output: true - - name: 'executionReason' - type: String - description: |- - A reason for the execution condition. - output: true - - name: 'executionCount' - type: Integer - description: | - Number of executions created for this job. - output: true - - name: 'latestCreatedExecution' - type: NestedObject - description: | - Name of the last created execution. - output: true - properties: - - name: 'name' - type: String - description: | - Name of the execution. - output: true - - name: 'createTime' - type: Time - description: | - Creation timestamp of the execution. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'completionTime' - type: Time - description: | - Completion timestamp of the execution. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'reconciling' - type: Boolean - description: | - Returns true if the Job is currently being acted upon by the system to bring it into the desired state. - - When a new Job is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Job to the desired state. This process is called reconciliation. While reconciliation is in process, observedGeneration and latest_succeeded_execution, will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the state matches the Job, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state. - - If reconciliation succeeded, the following fields will match: observedGeneration and generation, latest_succeeded_execution and latestCreatedExecution. - - If reconciliation failed, observedGeneration and latest_succeeded_execution will have the state of the last succeeded execution or empty for newly created Job. Additional information on the failure can be found in terminalCondition and conditions - output: true - - name: 'etag' - type: String - description: | - A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. - output: true diff --git a/mmv1/products/cloudrunv2/go_Service.yaml b/mmv1/products/cloudrunv2/go_Service.yaml deleted file mode 100644 index ee98c8fe647b..000000000000 --- a/mmv1/products/cloudrunv2/go_Service.yaml +++ /dev/null @@ -1,1080 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Service' -description: | - Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/run/docs/' - api: 'https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/services/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/services' -self_link: 'projects/{{project}}/locations/{{location}}/services/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/services?serviceId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{location}}/services/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/locations/{{location}}/services/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/services/{{name}}' - - '{{name}}' -custom_code: - pre_delete: 'templates/terraform/pre_delete/go/cloudrunv2_service_deletion_policy.go.tmpl' -taint_resource_on_failed_create: true -examples: - - name: 'cloudrunv2_service_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_limits' - primary_resource_id: 'default' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_sql' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - secret_id: 'secret-1' - cloud_run_sql_name: 'cloudrun-sql' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_vpcaccess' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - vpc_access_connector_name: 'run-vpc' - vpc_compute_subnetwork_name: 'run-subnetwork' - compute_network_name: 'run-network' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_directvpc' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_probes' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_secret' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - secret_id: 'secret-1' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_multicontainer' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service%s", context["random_suffix"])' - min_version: 'beta' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - - name: 'cloudrunv2_service_mount_gcs' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - skip_vcr: true - - name: 'cloudrunv2_service_mount_nfs' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' - vars: - cloud_run_service_name: 'cloudrun-service' - ignore_read_extra: - - 'deletion_protection' - skip_vcr: true - - name: 'cloudrunv2_service_mesh' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-service-%s", context["random_suffix"])' - min_version: 'beta' - vars: - cloud_run_service_name: 'cloudrun-service' - mesh_name: 'network-services-mesh' - ignore_read_extra: - - 'deletion_protection' - external_providers: ["time"] -virtual_fields: - - name: 'deletion_protection' - description: | - Whether Terraform will be prevented from destroying the service. Defaults to true. - When a`terraform destroy` or `terraform apply` would delete the service, - the command will fail if this field is not set to false in Terraform state. - When the field is set to true or unset in Terraform state, a `terraform apply` - or `terraform destroy` that would delete the service will fail. - When the field is set to false, deleting the service is allowed. - type: Boolean - default_value: true -parameters: - - name: 'location' - type: String - description: The location of the cloud run service - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Name of the Service. - url_param_only: true - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - - name: 'description' - type: String - description: | - User-provided description of the Service. This field currently has a 512-character limit. - - name: 'uid' - type: String - description: | - Server assigned unique identifier for the trigger. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. - output: true - - name: 'generation' - type: String - description: | - A number that monotonically increases every time the user modifies the desired state. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. - output: true - - name: 'labels' - type: KeyValueLabels - description: |- - Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, - environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. - - Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. - All system labels in v1 now have a corresponding field in v2 Service. - - name: 'annotations' - type: KeyValueAnnotations - description: |- - Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. - - Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected in new resources. - All system annotations in v1 now have a corresponding field in v2 Service. - - This field follows Kubernetes annotations' namespacing, limits, and rules. - - name: 'createTime' - type: Time - description: |- - The creation time. - output: true - - name: 'updateTime' - type: Time - description: |- - The last-modified time. - output: true - - name: 'deleteTime' - type: Time - description: |- - The deletion time. - output: true - - name: 'expireTime' - type: Time - description: |- - For a deleted resource, the time after which it will be permamently deleted. - output: true - - name: 'creator' - type: String - description: |- - Email address of the authenticated creator. - output: true - - name: 'lastModifier' - type: String - description: |- - Email address of the last authenticated modifier. - output: true - - name: 'client' - type: String - description: | - Arbitrary identifier for the API client. - - name: 'clientVersion' - type: String - description: | - Arbitrary version identifier for the API client. - - name: 'ingress' - type: Enum - description: | - Provides the ingress settings for this Service. On output, returns the currently observed ingress settings, or INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. - default_from_api: true - enum_values: - - 'INGRESS_TRAFFIC_ALL' - - 'INGRESS_TRAFFIC_INTERNAL_ONLY' - - 'INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER' - - name: 'launchStage' - type: Enum - description: | - The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA. - If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features. - - For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output. - default_from_api: true - enum_values: - - 'UNIMPLEMENTED' - - 'PRELAUNCH' - - 'EARLY_ACCESS' - - 'ALPHA' - - 'BETA' - - 'GA' - - 'DEPRECATED' - - name: 'binaryAuthorization' - type: NestedObject - description: | - Settings for the Binary Authorization feature. - properties: - - name: 'breakglassJustification' - type: String - description: | - If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass - - name: 'useDefault' - type: Boolean - description: | - If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled. - conflicts: - - policy - - name: 'policy' - type: String - description: | - The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name} - conflicts: - - use_default - - name: 'customAudiences' - type: Array - description: | - One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a string. The custom audiences are encoded in the token and used to authenticate requests. - For more information, see https://cloud.google.com/run/docs/configuring/custom-audiences. - item_type: - type: String - - name: 'scaling' - type: NestedObject - description: | - Scaling settings that apply to the whole service - min_version: 'beta' - properties: - - name: 'minInstanceCount' - type: Integer - description: | - Minimum number of instances for the service, to be divided among all revisions receiving traffic. - - name: 'defaultUriDisabled' - type: Boolean - description: |- - Disables public resolution of the default URI of this service. - min_version: 'beta' - - name: 'template' - type: NestedObject - description: | - The template used to create revisions for this Service. - required: true - properties: - - name: 'revision' - type: String - description: |- - The unique name for the revision. If this field is omitted, it will be automatically generated based on the Service name. - - name: 'labels' - type: KeyValuePairs - description: |- - Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. - For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. - - Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. - All system labels in v1 now have a corresponding field in v2 RevisionTemplate. - - name: 'annotations' - type: KeyValuePairs - description: |- - Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. - - Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. - All system annotations in v1 now have a corresponding field in v2 RevisionTemplate. - - This field follows Kubernetes annotations' namespacing, limits, and rules. - - name: 'scaling' - type: NestedObject - description: | - Scaling settings for this Revision. - default_from_api: true - properties: - - name: 'minInstanceCount' - type: Integer - description: |- - Minimum number of serving instances that this resource should have. - - name: 'maxInstanceCount' - type: Integer - description: |- - Maximum number of serving instances that this resource should have. - - name: 'vpcAccess' - type: NestedObject - description: |- - VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. - properties: - - name: 'connector' - type: String - description: |- - VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. - - name: 'egress' - type: Enum - description: |- - Traffic VPC egress settings. - default_from_api: true - enum_values: - - 'ALL_TRAFFIC' - - 'PRIVATE_RANGES_ONLY' - - name: 'networkInterfaces' - type: Array - description: |- - Direct VPC egress settings. Currently only single network interface is supported. - item_type: - type: NestedObject - properties: - - name: 'network' - type: String - description: |- - The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both - network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be - looked up from the subnetwork. - default_from_api: true - - name: 'subnetwork' - type: String - description: |- - The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both - network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the - subnetwork with the same name with the network will be used. - default_from_api: true - - name: 'tags' - type: Array - description: |- - Network tags applied to this Cloud Run service. - item_type: - type: String - - name: 'timeout' - type: String - description: |- - Max allowed time for an instance to respond to a request. - - A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". - default_from_api: true - validation: - regex: '^[0-9]+(?:\.[0-9]{1,9})?s$' - - name: 'serviceAccount' - type: String - description: |- - Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. - default_from_api: true - - name: 'containers' - type: Array - description: |- - Holds the containers that define the unit of execution for this Service. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Name of the container specified as a DNS_LABEL. - - name: 'image' - type: String - description: |- - URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images - required: true - - name: 'command' - type: Array - description: |- - Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - item_type: - type: String - - name: 'args' - type: Array - description: |- - Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references are not supported in Cloud Run. - item_type: - type: String - - name: 'env' - type: Array - description: |- - List of environment variables to set in the container. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Name of the environment variable. Must be a C_IDENTIFIER, and may not exceed 32768 characters. - required: true - - name: 'value' - type: String - description: |- - Literal value of the environment variable. Defaults to "" and the maximum allowed length is 32768 characters. Variable references are not supported in Cloud Run. - # exactly_one_of: - # - template.0.containers.0.env.0.value - # - template.0.containers.0.env.0.valueSource - - name: 'valueSource' - type: NestedObject - description: |- - Source for the environment variable's value. - # exactly_one_of: - # - template.0.containers.0.env.0.value - # - template.0.containers.0.env.0.valueSource - properties: - - name: 'secretKeyRef' - type: NestedObject - description: |- - Selects a secret and a specific version from Cloud Secret Manager. - properties: - - name: 'secret' - type: String - description: |- - The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. - required: true - - name: 'version' - type: String - description: |- - The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. - - name: 'resources' - type: NestedObject - description: |- - Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - default_from_api: true - properties: - - name: 'limits' - type: KeyValuePairs - description: |- - Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go - default_from_api: true - - name: 'cpuIdle' - type: Boolean - description: |- - Determines whether CPU is only allocated during requests. True by default if the parent `resources` field is not set. However, if - `resources` is set, this field must be explicitly set to true to preserve the default behavior. - - name: 'startupCpuBoost' - type: Boolean - description: |- - Determines whether CPU should be boosted on startup of a new container instance above the requested CPU threshold, this can help reduce cold-start latency. - - name: 'ports' - type: Array - description: |- - List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. - - If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". - default_from_api: true - - name: 'containerPort' - type: Integer - description: |- - Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536. - max_size: 1 - - name: 'volumeMounts' - type: Array - description: |- - Volume to mount into the container's filesystem. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - This must match the Name of a Volume. - required: true - - name: 'mountPath' - type: String - description: |- - Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run - required: true - - name: 'workingDir' - type: String - description: |- - Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. - - name: 'livenessProbe' - type: NestedObject - description: |- - Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - properties: - - name: 'initialDelaySeconds' - type: Integer - description: |- - Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - default_value: 0 - - name: 'timeoutSeconds' - type: Integer - description: |- - Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - default_value: 1 - - name: 'periodSeconds' - type: Integer - description: |- - How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds - default_value: 10 - - name: 'failureThreshold' - type: Integer - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - default_value: 3 - - name: 'httpGet' - type: NestedObject - description: |- - HTTPGet specifies the http request to perform. - send_empty_value: true - allow_empty_object: true - properties: - - name: 'path' - type: String - description: |- - Path to access on the HTTP server. Defaults to '/'. - default_value: "/" - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'httpHeaders' - type: Array - description: |- - Custom headers to set in the request. HTTP allows repeated headers. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - The header field name - required: true - - name: 'value' - type: String - description: |- - The header field value - send_empty_value: true - default_value: "" - - name: 'grpc' - type: NestedObject - description: |- - GRPC specifies an action involving a GRPC port. - send_empty_value: true - allow_empty_object: true - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'service' - type: String - description: |- - The name of the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. - - name: 'tcpSocket' - type: NestedObject - description: TCPSocketAction describes an action based on opening a socket - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Must be in the range 1 to 65535. - If not specified, defaults to the exposed port of the container, which - is the value of container.ports[0].containerPort. - required: true - - name: 'startupProbe' - type: NestedObject - description: |- - Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - default_from_api: true - properties: - - name: 'initialDelaySeconds' - type: Integer - description: |- - Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - default_value: 0 - - name: 'timeoutSeconds' - type: Integer - description: |- - Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - default_value: 1 - - name: 'periodSeconds' - type: Integer - description: |- - How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds - default_value: 10 - - name: 'failureThreshold' - type: Integer - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - default_value: 3 - - name: 'httpGet' - type: NestedObject - description: |- - HTTPGet specifies the http request to perform. Exactly one of HTTPGet or TCPSocket must be specified. - send_empty_value: true - allow_empty_object: true - properties: - - name: 'path' - type: String - description: |- - Path to access on the HTTP server. Defaults to '/'. - default_value: "/" - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'httpHeaders' - type: Array - description: |- - Custom headers to set in the request. HTTP allows repeated headers. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - The header field name - required: true - - name: 'value' - type: String - description: |- - The header field value - send_empty_value: true - default_value: "" - - name: 'tcpSocket' - type: NestedObject - description: |- - TCPSocket specifies an action involving a TCP port. Exactly one of HTTPGet or TCPSocket must be specified. - send_empty_value: true - allow_empty_object: true - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'grpc' - type: NestedObject - description: |- - GRPC specifies an action involving a GRPC port. - send_empty_value: true - allow_empty_object: true - properties: - - name: 'port' - type: Integer - description: |- - Port number to access on the container. Number must be in the range 1 to 65535. - If not specified, defaults to the same value as container.ports[0].containerPort. - default_from_api: true - - name: 'service' - type: String - description: |- - The name of the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. - - name: 'dependsOn' - type: Array - description: |- - Containers which should be started before this container. If specified the container will wait to start until all containers with the listed names are healthy. - item_type: - type: String - - name: 'volumes' - type: Array - description: |- - A list of Volumes to make available to containers. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: |- - Volume's name. - required: true - - name: 'secret' - type: NestedObject - description: |- - Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - # exactly_one_of: - # - template.0.volumes.0.secret - # - template.0.volumes.0.cloudSqlInstance - # - template.0.volumes.0.emptyDir - properties: - - name: 'secret' - type: String - description: |- - The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. - required: true - - name: 'defaultMode' - type: Integer - description: |- - Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. - - name: 'items' - type: Array - description: |- - If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. - item_type: - type: NestedObject - properties: - - name: 'path' - type: String - description: |- - The relative path of the secret in the container. - required: true - - name: 'version' - type: String - description: |- - The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version - - name: 'mode' - type: Integer - description: |- - Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. - - name: 'cloudSqlInstance' - type: NestedObject - description: |- - For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. - # exactly_one_of: - # - template.0.volumes.0.secret - # - template.0.volumes.0.cloudSqlInstance - # - template.0.volumes.0.emptyDir - # - template.0.volumes.0.gcs - properties: - - name: 'instances' - type: Array - description: |- - The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} - is_set: true - item_type: - type: String - - name: 'emptyDir' - type: NestedObject - description: |- - Ephemeral storage used as a shared volume. - min_version: 'beta' - properties: - - name: 'medium' - type: Enum - description: |- - The different types of medium supported for EmptyDir. - default_value: "MEMORY" - enum_values: - - 'MEMORY' - - name: 'sizeLimit' - type: String - description: |- - Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. - - name: 'gcs' - type: NestedObject - description: |- - Cloud Storage bucket mounted as a volume using GCSFuse. This feature is only supported in the gen2 execution environment. - # exactly_one_of: - # - template.0.volumes.0.secret - # - template.0.volumes.0.cloudSqlInstance - # - template.0.volumes.0.emptyDir - # - template.0.volumes.0.gcs - properties: - - name: 'bucket' - type: String - description: GCS Bucket name - required: true - - name: 'readOnly' - type: Boolean - description: If true, mount the GCS bucket as read-only - required: false - - name: 'nfs' - type: NestedObject - description: Represents an NFS mount. - properties: - - name: 'server' - type: String - description: Hostname or IP address of the NFS server - required: true - - name: 'path' - type: String - description: Path that is exported by the NFS server. - required: true - - name: 'readOnly' - type: Boolean - description: If true, mount the NFS volume as read only - required: false - - name: 'executionEnvironment' - type: Enum - description: |- - The sandbox environment to host this Revision. - enum_values: - - 'EXECUTION_ENVIRONMENT_GEN1' - - 'EXECUTION_ENVIRONMENT_GEN2' - - name: 'encryptionKey' - type: String - description: |- - A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek - - name: 'maxInstanceRequestConcurrency' - type: Integer - description: |- - Sets the maximum number of requests that each serving instance can receive. - If not specified or 0, defaults to 80 when requested CPU >= 1 and defaults to 1 when requested CPU < 1. - default_from_api: true - - name: 'sessionAffinity' - type: Boolean - description: |- - Enables session affinity. For more information, go to https://cloud.google.com/run/docs/configuring/session-affinity - - name: 'serviceMesh' - type: NestedObject - description: |- - Enables Cloud Service Mesh for this Revision. - min_version: 'beta' - properties: - - name: 'mesh' - type: String - description: |- - The Mesh resource name. For more information see https://cloud.google.com/service-mesh/docs/reference/network-services/rest/v1/projects.locations.meshes#resource:-mesh. - - name: 'traffic' - type: Array - description: |- - Specifies how to distribute traffic over a collection of Revisions belonging to the Service. If traffic is empty or not provided, defaults to 100% traffic to the latest Ready Revision. - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: Enum - description: | - The allocation type for this traffic target. - enum_values: - - 'TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST' - - 'TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION' - - name: 'revision' - type: String - description: | - Revision to which to send this portion of traffic, if traffic allocation is by revision. - - name: 'percent' - type: Integer - description: | - Specifies percent of the traffic to this Revision. This defaults to zero if unspecified. - default_from_api: true - - name: 'tag' - type: String - description: | - Indicates a string to be part of the URI to exclusively reference this target. - - name: 'observedGeneration' - type: String - description: | - The generation of this Service currently serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. - output: true - - name: 'terminalCondition' - type: NestedObject - description: | - The Condition of this Service, containing its readiness status, and detailed error information in case it did not reach a serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. - output: true - properties: - - name: 'type' - type: String - description: |- - type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - output: true - - name: 'state' - type: String - description: |- - State of the condition. - output: true - - name: 'message' - type: String - description: |- - Human readable message indicating details about the current status. - output: true - - name: 'lastTransitionTime' - type: Time - description: |- - Last time the condition transitioned from one status to another. - output: true - - name: 'severity' - type: String - description: |- - How to interpret failures of this condition, one of Error, Warning, Info - output: true - - name: 'reason' - type: String - description: |- - A common (service-level) reason for this condition. - output: true - - name: 'revisionReason' - type: String - description: |- - A reason for the revision condition. - output: true - - name: 'executionReason' - type: String - description: |- - A reason for the execution condition. - output: true - - name: 'conditions' - type: Array - description: |- - The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. - output: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: String - description: |- - type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - output: true - - name: 'state' - type: String - description: |- - State of the condition. - output: true - - name: 'message' - type: String - description: |- - Human readable message indicating details about the current status. - output: true - - name: 'lastTransitionTime' - type: Time - description: |- - Last time the condition transitioned from one status to another. - - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'severity' - type: String - description: |- - How to interpret failures of this condition, one of Error, Warning, Info - output: true - - name: 'reason' - type: String - description: |- - A common (service-level) reason for this condition. - output: true - - name: 'revisionReason' - type: String - description: |- - A reason for the revision condition. - output: true - - name: 'executionReason' - type: String - description: |- - A reason for the execution condition. - output: true - - name: 'latestReadyRevision' - type: String - description: | - Name of the latest revision that is serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. - output: true - - name: 'latestCreatedRevision' - type: String - description: | - Name of the last created revision. See comments in reconciling for additional information on reconciliation process in Cloud Run. - output: true - - name: 'trafficStatuses' - type: Array - description: |- - Detailed status information for corresponding traffic targets. See comments in reconciling for additional information on reconciliation process in Cloud Run. - output: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: String - description: |- - The allocation type for this traffic target. - output: true - - name: 'revision' - type: String - description: |- - Revision to which this traffic is sent. - output: true - - name: 'percent' - type: Integer - description: |- - Specifies percent of the traffic to this Revision. - output: true - - name: 'tag' - type: String - description: |- - Indicates the string used in the URI to exclusively reference this target. - output: true - - name: 'uri' - type: String - description: |- - Displays the target URI. - output: true - - name: 'uri' - type: String - description: | - The main URI in which this Service is serving traffic. - output: true - - name: 'reconciling' - type: Boolean - description: | - Returns true if the Service is currently being acted upon by the system to bring it into the desired state. - - When a new Service is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Service to the desired serving state. This process is called reconciliation. While reconciliation is in process, observedGeneration, latest_ready_revison, trafficStatuses, and uri will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the serving state matches the Service, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state. - - If reconciliation succeeded, the following fields will match: traffic and trafficStatuses, observedGeneration and generation, latestReadyRevision and latestCreatedRevision. - - If reconciliation failed, trafficStatuses, observedGeneration, and latestReadyRevision will have the state of the last serving revision, or empty for newly created Services. Additional information on the failure can be found in terminalCondition and conditions. - output: true - - name: 'etag' - type: String - description: | - A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. - output: true diff --git a/mmv1/products/cloudrunv2/go_product.yaml b/mmv1/products/cloudrunv2/go_product.yaml deleted file mode 100644 index f565c2f94e2e..000000000000 --- a/mmv1/products/cloudrunv2/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudRunV2' -display_name: 'Cloud Run (v2 API)' -versions: - - name: 'ga' - base_url: 'https://run.googleapis.com/v2/' - - name: 'beta' - base_url: 'https://run.googleapis.com/v2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudrunv2/product.yaml b/mmv1/products/cloudrunv2/product.yaml index 62b66cb326c8..758fbefa5922 100644 --- a/mmv1/products/cloudrunv2/product.yaml +++ b/mmv1/products/cloudrunv2/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudRunV2 -display_name: Cloud Run (v2 API) -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'CloudRunV2' +display_name: 'Cloud Run (v2 API)' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://run.googleapis.com/v2/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://run.googleapis.com/v2/ + - name: 'ga' + base_url: 'https://run.googleapis.com/v2/' + - name: 'beta' + base_url: 'https://run.googleapis.com/v2/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudscheduler/Job.yaml b/mmv1/products/cloudscheduler/Job.yaml index bd22c694415c..8350da41d56d 100644 --- a/mmv1/products/cloudscheduler/Job.yaml +++ b/mmv1/products/cloudscheduler/Job.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,115 +11,113 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Job' -base_url: projects/{{project}}/locations/{{region}}/jobs -self_link: projects/{{project}}/locations/{{region}}/jobs/{{name}} -update_verb: :PATCH description: | A scheduled job that can publish a PubSub message or an HTTP request every X interval of time, using a crontab format string. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/scheduler/' api: 'https://cloud.google.com/scheduler/docs/reference/rest/' +docs: id_format: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/scheduler.erb - encoder: templates/terraform/encoders/cloud_scheduler.go.erb - update_encoder: templates/terraform/update_encoder/cloud_scheduler.go.erb - post_create: templates/terraform/post_create/cloud_scheduler.go.erb - post_update: templates/terraform/post_update/cloud_scheduler.go.erb -custom_diff: [ - 'validateAuthHeaders', -] +base_url: 'projects/{{project}}/locations/{{region}}/jobs' +self_link: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/scheduler.tmpl' + encoder: 'templates/terraform/encoders/cloud_scheduler.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/cloud_scheduler.go.tmpl' + post_create: 'templates/terraform/post_create/cloud_scheduler.go.tmpl' + post_update: 'templates/terraform/post_update/cloud_scheduler.go.tmpl' +custom_diff: + - 'validateAuthHeaders' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'scheduler_job_pubsub' + - name: 'scheduler_job_pubsub' primary_resource_id: 'job' vars: job_name: 'test-job' topic_name: 'job-topic' - - !ruby/object:Provider::Terraform::Examples - name: 'scheduler_job_http' + - name: 'scheduler_job_http' primary_resource_id: 'job' vars: job_name: 'test-job' - - !ruby/object:Provider::Terraform::Examples - name: 'scheduler_job_paused' + - name: 'scheduler_job_paused' primary_resource_id: 'job' vars: job_name: 'test-job' - - !ruby/object:Provider::Terraform::Examples - name: 'scheduler_job_app_engine' + - name: 'scheduler_job_app_engine' primary_resource_id: 'job' vars: job_name: 'test-job' - - !ruby/object:Provider::Terraform::Examples - name: 'scheduler_job_oauth' + - name: 'scheduler_job_oauth' primary_resource_id: 'job' vars: job_name: 'test-job' test_env_vars: - project_name: :PROJECT_NAME - region: :REGION - - !ruby/object:Provider::Terraform::Examples - name: 'scheduler_job_oidc' + project_name: 'PROJECT_NAME' + region: 'REGION' + - name: 'scheduler_job_oidc' primary_resource_id: 'job' vars: job_name: 'test-job' parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: | Region where the scheduler job resides. If it is not provided, Terraform will use the provider default. + url_param_only: true required: false immutable: true - url_param_only: true - default_from_api: true ignore_read: true + default_from_api: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The name of the job. required: true immutable: true - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: description + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'description' + type: String description: | A human-readable description for the job. This string must not contain more than 500 characters. required: false - - !ruby/object:Api::Type::String - name: schedule + - name: 'schedule' + type: String description: | Describes the schedule on which the job will be executed. required: false - - !ruby/object:Api::Type::String - name: timeZone + - name: 'timeZone' + type: String description: | Specifies the time zone to be used in interpreting schedule. The value of this field must be a time zone name from the tz database. required: false - default_value: 'Etc/UTC' - - !ruby/object:Api::Type::String - name: state + default_value: "Etc/UTC" + - name: 'state' + type: String description: | State of the job. output: true - - !ruby/object:Api::Type::Boolean - name: paused + - name: 'paused' + type: Boolean description: | Sets the job to a paused state. Jobs default to being enabled when this property is not set. required: false default_from_api: true - custom_flatten: templates/terraform/custom_flatten/cloud_scheduler_paused.go.erb - - !ruby/object:Api::Type::String - name: attemptDeadline + custom_flatten: 'templates/terraform/custom_flatten/cloud_scheduler_paused.go.tmpl' + - name: 'attemptDeadline' + type: String description: | The deadline for job attempts. If the request handler does not respond by this deadline then the request is cancelled and the attempt is marked as a DEADLINE_EXCEEDED failure. The failed attempt can be viewed in @@ -130,175 +128,175 @@ properties: * **Note**: For PubSub targets, this field is ignored - setting it will introduce an unresolvable diff. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s" required: false - default_value: '180s' diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("180s")' - - !ruby/object:Api::Type::NestedObject - name: retryConfig + default_value: "180s" + - name: 'retryConfig' + type: NestedObject description: | By default, if a job does not complete successfully, meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings required: false properties: - - !ruby/object:Api::Type::Integer - name: retryCount + - name: 'retryCount' + type: Integer description: | The number of attempts that the system will make to run a job using the exponential backoff procedure described by maxDoublings. Values greater than 5 and negative values are not allowed. required: false - at_least_one_of: - - retry_config.0.retry_count - - retry_config.0.max_retry_duration - - retry_config.0.min_backoff_duration - - retry_config.0.max_backoff_duration - - retry_config.0.max_doublings default_from_api: true - - !ruby/object:Api::Type::String - name: maxRetryDuration + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'maxRetryDuration' + type: String description: | The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retryCount, the job will be retried until both limits are reached. A duration in seconds with up to nine fractional digits, terminated by 's'. required: false - at_least_one_of: - - retry_config.0.retry_count - - retry_config.0.max_retry_duration - - retry_config.0.min_backoff_duration - - retry_config.0.max_backoff_duration - - retry_config.0.max_doublings default_from_api: true - - !ruby/object:Api::Type::String - name: minBackoffDuration + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'minBackoffDuration' + type: String description: | The minimum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits, terminated by 's'. required: false - at_least_one_of: - - retry_config.0.retry_count - - retry_config.0.max_retry_duration - - retry_config.0.min_backoff_duration - - retry_config.0.max_backoff_duration - - retry_config.0.max_doublings default_from_api: true - - !ruby/object:Api::Type::String - name: maxBackoffDuration + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'maxBackoffDuration' + type: String description: | The maximum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits, terminated by 's'. required: false - at_least_one_of: - - retry_config.0.retry_count - - retry_config.0.max_retry_duration - - retry_config.0.min_backoff_duration - - retry_config.0.max_backoff_duration - - retry_config.0.max_doublings default_from_api: true - - !ruby/object:Api::Type::Integer - name: maxDoublings + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'maxDoublings' + type: Integer description: | The time between retries will double maxDoublings times. A job's retry interval starts at minBackoffDuration, then doubles maxDoublings times, then increases linearly, and finally retries retries at intervals of maxBackoffDuration up to retryCount times. required: false - at_least_one_of: - - retry_config.0.retry_count - - retry_config.0.max_retry_duration - - retry_config.0.min_backoff_duration - - retry_config.0.max_backoff_duration - - retry_config.0.max_doublings default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: pubsubTarget + at_least_one_of: + - 'retry_config.0.retry_count' + - 'retry_config.0.max_retry_duration' + - 'retry_config.0.min_backoff_duration' + - 'retry_config.0.max_backoff_duration' + - 'retry_config.0.max_doublings' + - name: 'pubsubTarget' + type: NestedObject description: | Pub/Sub target If the job providers a Pub/Sub target the cron will publish a message to the provided topic exactly_one_of: - - pubsub_target - - http_target - - app_engine_http_target + - 'pubsub_target' + - 'http_target' + - 'app_engine_http_target' properties: - - !ruby/object:Api::Type::String - name: topicName + - name: 'topicName' + type: String description: | The full resource name for the Cloud Pub/Sub topic to which messages will be published when a job is delivered. ~>**NOTE:** The topic name must be in the same format as required by PubSub's PublishRequest.name, e.g. `projects/my-project/topics/my-topic`. required: true - - !ruby/object:Api::Type::String - name: data + - name: 'data' + type: String description: | The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute. A base64-encoded string. required: false - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateBase64String' - - !ruby/object:Api::Type::KeyValuePairs - name: attributes + - name: 'attributes' + type: KeyValuePairs description: | Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute. required: false - - !ruby/object:Api::Type::NestedObject - name: appEngineHttpTarget + - name: 'appEngineHttpTarget' + type: NestedObject description: | App Engine HTTP target. If the job providers a App Engine HTTP target the cron will send a request to the service instance exactly_one_of: - - pubsub_target - - http_target - - app_engine_http_target + - 'pubsub_target' + - 'http_target' + - 'app_engine_http_target' properties: - - !ruby/object:Api::Type::String - name: httpMethod + - name: 'httpMethod' + type: String description: | Which HTTP method to use for the request. required: false - - !ruby/object:Api::Type::NestedObject - name: appEngineRouting + - name: 'appEngineRouting' + type: NestedObject description: | App Engine Routing setting for the job. required: false - custom_flatten: templates/terraform/custom_flatten/cloudscheduler_job_appenginerouting.go.erb + custom_flatten: 'templates/terraform/custom_flatten/cloudscheduler_job_appenginerouting.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: service + - name: 'service' + type: String description: | App service. By default, the job is sent to the service which is the default service when the job is attempted. - at_least_one_of: - - app_engine_http_target.0.app_engine_routing.0.service - - app_engine_http_target.0.app_engine_routing.0.version - - app_engine_http_target.0.app_engine_routing.0.instance required: false - - !ruby/object:Api::Type::String - name: version + at_least_one_of: + - 'app_engine_http_target.0.app_engine_routing.0.service' + - 'app_engine_http_target.0.app_engine_routing.0.version' + - 'app_engine_http_target.0.app_engine_routing.0.instance' + - name: 'version' + type: String description: | App version. By default, the job is sent to the version which is the default version when the job is attempted. - at_least_one_of: - - app_engine_http_target.0.app_engine_routing.0.service - - app_engine_http_target.0.app_engine_routing.0.version - - app_engine_http_target.0.app_engine_routing.0.instance required: false - - !ruby/object:Api::Type::String - name: instance + at_least_one_of: + - 'app_engine_http_target.0.app_engine_routing.0.service' + - 'app_engine_http_target.0.app_engine_routing.0.version' + - 'app_engine_http_target.0.app_engine_routing.0.instance' + - name: 'instance' + type: String description: | App instance. By default, the job is sent to an instance which is available when the job is attempted. - at_least_one_of: - - app_engine_http_target.0.app_engine_routing.0.service - - app_engine_http_target.0.app_engine_routing.0.version - - app_engine_http_target.0.app_engine_routing.0.instance required: false - - !ruby/object:Api::Type::String - name: relativeUri + at_least_one_of: + - 'app_engine_http_target.0.app_engine_routing.0.service' + - 'app_engine_http_target.0.app_engine_routing.0.version' + - 'app_engine_http_target.0.app_engine_routing.0.instance' + - name: 'relativeUri' + type: String description: | The relative URI. The relative URL must begin with "/" and must be a valid HTTP relative URL. @@ -306,8 +304,8 @@ properties: If the relative URL is empty, then the root path "/" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters required: true - - !ruby/object:Api::Type::String - name: body + - name: 'body' + type: String description: | HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. @@ -315,42 +313,42 @@ properties: A base64-encoded string. required: false - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateBase64String' - - !ruby/object:Api::Type::KeyValuePairs - name: headers + - name: 'headers' + type: KeyValuePairs description: | HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. required: false - custom_flatten: 'templates/terraform/custom_flatten/http_headers.erb' - validation: !ruby/object:Provider::Terraform::Validation + custom_flatten: 'templates/terraform/custom_flatten/http_headers.tmpl' + validation: function: 'validateHttpHeaders()' - - !ruby/object:Api::Type::NestedObject - name: httpTarget + - name: 'httpTarget' + type: NestedObject description: | HTTP target. If the job providers a http_target the cron will send a request to the targeted url exactly_one_of: - - pubsub_target - - http_target - - app_engine_http_target + - 'pubsub_target' + - 'http_target' + - 'app_engine_http_target' properties: - - !ruby/object:Api::Type::String - name: uri + - name: 'uri' + type: String description: | The full URI path that the request will be sent to. required: true diff_suppress_func: 'LastSlashDiffSuppress' - - !ruby/object:Api::Type::String - name: httpMethod + - name: 'httpMethod' + type: String description: | Which HTTP method to use for the request. required: false - - !ruby/object:Api::Type::String - name: body + - name: 'body' + type: String description: | HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. @@ -358,50 +356,50 @@ properties: A base64-encoded string. required: false - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateBase64String' - - !ruby/object:Api::Type::KeyValuePairs - name: headers + - name: 'headers' + type: KeyValuePairs description: | This map contains the header field names and values. Repeated headers are not supported, but a header value can contain commas. required: false - custom_flatten: 'templates/terraform/custom_flatten/http_headers.erb' - validation: !ruby/object:Provider::Terraform::Validation + custom_flatten: 'templates/terraform/custom_flatten/http_headers.tmpl' + validation: function: 'validateHttpHeaders()' - - !ruby/object:Api::Type::NestedObject - name: 'oauthToken' + - name: 'oauthToken' + type: NestedObject description: | Contains information needed for generating an OAuth token. This type of authorization should be used when sending requests to a GCP endpoint. diff_suppress_func: 'authHeaderDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: serviceAccountEmail - required: true + - name: 'serviceAccountEmail' + type: String description: | Service account email to be used for generating OAuth token. The service account must be within the same project as the job. - - !ruby/object:Api::Type::String - name: scope + required: true + - name: 'scope' + type: String description: | OAuth scope to be used for generating OAuth access token. If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. - - !ruby/object:Api::Type::NestedObject - name: 'oidcToken' + - name: 'oidcToken' + type: NestedObject description: | Contains information needed for generating an OpenID Connect token. This type of authorization should be used when sending requests to third party endpoints or Cloud Run. diff_suppress_func: 'authHeaderDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: serviceAccountEmail - required: true + - name: 'serviceAccountEmail' + type: String description: | Service account email to be used for generating OAuth token. The service account must be within the same project as the job. - - !ruby/object:Api::Type::String - name: audience + required: true + - name: 'audience' + type: String description: | Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. diff --git a/mmv1/products/cloudscheduler/go_Job.yaml b/mmv1/products/cloudscheduler/go_Job.yaml deleted file mode 100644 index 4644e7ab4b1a..000000000000 --- a/mmv1/products/cloudscheduler/go_Job.yaml +++ /dev/null @@ -1,406 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Job' -description: | - A scheduled job that can publish a PubSub message or an HTTP request - every X interval of time, using a crontab format string. - -references: - guides: - 'Official Documentation': 'https://cloud.google.com/scheduler/' - api: 'https://cloud.google.com/scheduler/docs/reference/rest/' -docs: -id_format: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' -base_url: 'projects/{{project}}/locations/{{region}}/jobs' -self_link: 'projects/{{project}}/locations/{{region}}/jobs/{{name}}' -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/scheduler.tmpl' - encoder: 'templates/terraform/encoders/go/cloud_scheduler.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/cloud_scheduler.go.tmpl' - post_create: 'templates/terraform/post_create/go/cloud_scheduler.go.tmpl' - post_update: 'templates/terraform/post_update/go/cloud_scheduler.go.tmpl' -custom_diff: - - 'validateAuthHeaders' -examples: - - name: 'scheduler_job_pubsub' - primary_resource_id: 'job' - vars: - job_name: 'test-job' - topic_name: 'job-topic' - - name: 'scheduler_job_http' - primary_resource_id: 'job' - vars: - job_name: 'test-job' - - name: 'scheduler_job_paused' - primary_resource_id: 'job' - vars: - job_name: 'test-job' - - name: 'scheduler_job_app_engine' - primary_resource_id: 'job' - vars: - job_name: 'test-job' - - name: 'scheduler_job_oauth' - primary_resource_id: 'job' - vars: - job_name: 'test-job' - test_env_vars: - project_name: 'PROJECT_NAME' - region: 'REGION' - - name: 'scheduler_job_oidc' - primary_resource_id: 'job' - vars: - job_name: 'test-job' -parameters: - - name: 'region' - type: String - description: | - Region where the scheduler job resides. If it is not provided, Terraform will use the provider default. - url_param_only: true - required: false - immutable: true - ignore_read: true - default_from_api: true -properties: - - name: 'name' - type: String - description: | - The name of the job. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'description' - type: String - description: | - A human-readable description for the job. - This string must not contain more than 500 characters. - required: false - - name: 'schedule' - type: String - description: | - Describes the schedule on which the job will be executed. - required: false - - name: 'timeZone' - type: String - description: | - Specifies the time zone to be used in interpreting schedule. - The value of this field must be a time zone name from the tz database. - required: false - default_value: "Etc/UTC" - - name: 'state' - type: String - description: | - State of the job. - output: true - - name: 'paused' - type: Boolean - description: | - Sets the job to a paused state. Jobs default to being enabled when this property is not set. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/cloud_scheduler_paused.go.tmpl' - - name: 'attemptDeadline' - type: String - description: | - The deadline for job attempts. If the request handler does not respond by this deadline then the request is - cancelled and the attempt is marked as a DEADLINE_EXCEEDED failure. The failed attempt can be viewed in - execution logs. Cloud Scheduler will retry the job according to the RetryConfig. - The allowed duration for this deadline is: - * For HTTP targets, between 15 seconds and 30 minutes. - * For App Engine HTTP targets, between 15 seconds and 24 hours. - * **Note**: For PubSub targets, this field is ignored - setting it will introduce an unresolvable diff. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s" - required: false - diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("180s")' - default_value: "180s" - - name: 'retryConfig' - type: NestedObject - description: | - By default, if a job does not complete successfully, - meaning that an acknowledgement is not received from the handler, - then it will be retried with exponential backoff according to the settings - required: false - properties: - - name: 'retryCount' - type: Integer - description: | - The number of attempts that the system will make to run a - job using the exponential backoff procedure described by maxDoublings. - Values greater than 5 and negative values are not allowed. - required: false - default_from_api: true - at_least_one_of: - - 'retry_config.0.retry_count' - - 'retry_config.0.max_retry_duration' - - 'retry_config.0.min_backoff_duration' - - 'retry_config.0.max_backoff_duration' - - 'retry_config.0.max_doublings' - - name: 'maxRetryDuration' - type: String - description: | - The time limit for retrying a failed job, measured from time when an execution was first attempted. - If specified with retryCount, the job will be retried until both limits are reached. - A duration in seconds with up to nine fractional digits, terminated by 's'. - required: false - default_from_api: true - at_least_one_of: - - 'retry_config.0.retry_count' - - 'retry_config.0.max_retry_duration' - - 'retry_config.0.min_backoff_duration' - - 'retry_config.0.max_backoff_duration' - - 'retry_config.0.max_doublings' - - name: 'minBackoffDuration' - type: String - description: | - The minimum amount of time to wait before retrying a job after it fails. - A duration in seconds with up to nine fractional digits, terminated by 's'. - required: false - default_from_api: true - at_least_one_of: - - 'retry_config.0.retry_count' - - 'retry_config.0.max_retry_duration' - - 'retry_config.0.min_backoff_duration' - - 'retry_config.0.max_backoff_duration' - - 'retry_config.0.max_doublings' - - name: 'maxBackoffDuration' - type: String - description: | - The maximum amount of time to wait before retrying a job after it fails. - A duration in seconds with up to nine fractional digits, terminated by 's'. - required: false - default_from_api: true - at_least_one_of: - - 'retry_config.0.retry_count' - - 'retry_config.0.max_retry_duration' - - 'retry_config.0.min_backoff_duration' - - 'retry_config.0.max_backoff_duration' - - 'retry_config.0.max_doublings' - - name: 'maxDoublings' - type: Integer - description: | - The time between retries will double maxDoublings times. - A job's retry interval starts at minBackoffDuration, - then doubles maxDoublings times, then increases linearly, - and finally retries retries at intervals of maxBackoffDuration up to retryCount times. - required: false - default_from_api: true - at_least_one_of: - - 'retry_config.0.retry_count' - - 'retry_config.0.max_retry_duration' - - 'retry_config.0.min_backoff_duration' - - 'retry_config.0.max_backoff_duration' - - 'retry_config.0.max_doublings' - - name: 'pubsubTarget' - type: NestedObject - description: | - Pub/Sub target - If the job providers a Pub/Sub target the cron will publish - a message to the provided topic - exactly_one_of: - - 'pubsub_target' - - 'http_target' - - 'app_engine_http_target' - properties: - - name: 'topicName' - type: String - description: | - The full resource name for the Cloud Pub/Sub topic to which - messages will be published when a job is delivered. ~>**NOTE:** - The topic name must be in the same format as required by PubSub's - PublishRequest.name, e.g. `projects/my-project/topics/my-topic`. - required: true - - name: 'data' - type: String - description: | - The message payload for PubsubMessage. - Pubsub message must contain either non-empty data, or at least one attribute. - - A base64-encoded string. - required: false - validation: - function: 'verify.ValidateBase64String' - - name: 'attributes' - type: KeyValuePairs - description: | - Attributes for PubsubMessage. - Pubsub message must contain either non-empty data, or at least one attribute. - required: false - - name: 'appEngineHttpTarget' - type: NestedObject - description: | - App Engine HTTP target. - If the job providers a App Engine HTTP target the cron will - send a request to the service instance - exactly_one_of: - - 'pubsub_target' - - 'http_target' - - 'app_engine_http_target' - properties: - - name: 'httpMethod' - type: String - description: | - Which HTTP method to use for the request. - required: false - - name: 'appEngineRouting' - type: NestedObject - description: | - App Engine Routing setting for the job. - required: false - custom_flatten: 'templates/terraform/custom_flatten/go/cloudscheduler_job_appenginerouting.go.tmpl' - properties: - - name: 'service' - type: String - description: | - App service. - By default, the job is sent to the service which is the default service when the job is attempted. - required: false - at_least_one_of: - - 'app_engine_http_target.0.app_engine_routing.0.service' - - 'app_engine_http_target.0.app_engine_routing.0.version' - - 'app_engine_http_target.0.app_engine_routing.0.instance' - - name: 'version' - type: String - description: | - App version. - By default, the job is sent to the version which is the default version when the job is attempted. - required: false - at_least_one_of: - - 'app_engine_http_target.0.app_engine_routing.0.service' - - 'app_engine_http_target.0.app_engine_routing.0.version' - - 'app_engine_http_target.0.app_engine_routing.0.instance' - - name: 'instance' - type: String - description: | - App instance. - By default, the job is sent to an instance which is available when the job is attempted. - required: false - at_least_one_of: - - 'app_engine_http_target.0.app_engine_routing.0.service' - - 'app_engine_http_target.0.app_engine_routing.0.version' - - 'app_engine_http_target.0.app_engine_routing.0.instance' - - name: 'relativeUri' - type: String - description: | - The relative URI. - The relative URL must begin with "/" and must be a valid HTTP relative URL. - It can contain a path, query string arguments, and \# fragments. - If the relative URL is empty, then the root path "/" will be used. - No spaces are allowed, and the maximum length allowed is 2083 characters - required: true - - name: 'body' - type: String - description: | - HTTP request body. - A request body is allowed only if the HTTP method is POST or PUT. - It will result in invalid argument error to set a body on a job with an incompatible HttpMethod. - - A base64-encoded string. - required: false - validation: - function: 'verify.ValidateBase64String' - - name: 'headers' - type: KeyValuePairs - description: | - HTTP request headers. - This map contains the header field names and values. - Headers can be set when the job is created. - required: false - custom_flatten: 'templates/terraform/custom_flatten/go/http_headers.tmpl' - validation: - function: 'validateHttpHeaders()' - - name: 'httpTarget' - type: NestedObject - description: | - HTTP target. - If the job providers a http_target the cron will - send a request to the targeted url - exactly_one_of: - - 'pubsub_target' - - 'http_target' - - 'app_engine_http_target' - properties: - - name: 'uri' - type: String - description: | - The full URI path that the request will be sent to. - required: true - diff_suppress_func: 'LastSlashDiffSuppress' - - name: 'httpMethod' - type: String - description: | - Which HTTP method to use for the request. - required: false - - name: 'body' - type: String - description: | - HTTP request body. - A request body is allowed only if the HTTP method is POST, PUT, or PATCH. - It is an error to set body on a job with an incompatible HttpMethod. - - A base64-encoded string. - required: false - validation: - function: 'verify.ValidateBase64String' - - name: 'headers' - type: KeyValuePairs - description: | - This map contains the header field names and values. - Repeated headers are not supported, but a header value can contain commas. - required: false - custom_flatten: 'templates/terraform/custom_flatten/go/http_headers.tmpl' - validation: - function: 'validateHttpHeaders()' - - name: 'oauthToken' - type: NestedObject - description: | - Contains information needed for generating an OAuth token. - This type of authorization should be used when sending requests to a GCP endpoint. - diff_suppress_func: 'authHeaderDiffSuppress' - properties: - - name: 'serviceAccountEmail' - type: String - description: | - Service account email to be used for generating OAuth token. - The service account must be within the same project as the job. - required: true - - name: 'scope' - type: String - description: | - OAuth scope to be used for generating OAuth access token. If not specified, - "https://www.googleapis.com/auth/cloud-platform" will be used. - - name: 'oidcToken' - type: NestedObject - description: | - Contains information needed for generating an OpenID Connect token. - This type of authorization should be used when sending requests to third party endpoints or Cloud Run. - diff_suppress_func: 'authHeaderDiffSuppress' - properties: - - name: 'serviceAccountEmail' - type: String - description: | - Service account email to be used for generating OAuth token. - The service account must be within the same project as the job. - required: true - - name: 'audience' - type: String - description: | - Audience to be used when generating OIDC token. If not specified, - the URI specified in target will be used. diff --git a/mmv1/products/cloudscheduler/go_product.yaml b/mmv1/products/cloudscheduler/go_product.yaml deleted file mode 100644 index 7ccc2903ab10..000000000000 --- a/mmv1/products/cloudscheduler/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudScheduler' -display_name: 'Cloud Scheduler' -versions: - - name: 'ga' - base_url: 'https://cloudscheduler.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudscheduler/product.yaml b/mmv1/products/cloudscheduler/product.yaml index 66e60b0e5433..c3ccdfdadc09 100644 --- a/mmv1/products/cloudscheduler/product.yaml +++ b/mmv1/products/cloudscheduler/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudScheduler -display_name: Cloud Scheduler +--- +name: 'CloudScheduler' +display_name: 'Cloud Scheduler' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudscheduler.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://cloudscheduler.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudtasks/Queue.yaml b/mmv1/products/cloudtasks/Queue.yaml index c657680d3571..0170f4eabbe1 100644 --- a/mmv1/products/cloudtasks/Queue.yaml +++ b/mmv1/products/cloudtasks/Queue.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,95 +11,96 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Queue' -base_url: projects/{{project}}/locations/{{location}}/queues -update_verb: :PATCH -update_mask: true description: | A named resource to which messages are sent by publishers. -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/locations/{{location}}/queues/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/queues' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'name' - fetch_iam_policy_verb: :POST + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - ['projects/{{project}}/locations/{{location}}/queues/{{name}}', '{{name}}'] -id_format: 'projects/{{project}}/locations/{{location}}/queues/{{name}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/cloud_tasks_retry_config_custom_diff.go.erb' + - 'projects/{{project}}/locations/{{location}}/queues/{{name}}' + - '{{name}}' +custom_code: + constants: 'templates/terraform/constants/cloud_tasks_retry_config_custom_diff.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'queue_basic' + - name: 'queue_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-cloud-tasks-queue-test%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-cloud-tasks-queue-test%s", context["random_suffix"])' vars: name: 'cloud-tasks-queue-test' - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_tasks_queue_advanced' + - name: 'cloud_tasks_queue_advanced' primary_resource_id: 'advanced_configuration' + vars: + name: 'instance-name' ignore_read_extra: - 'app_engine_routing_override.0.service' - 'app_engine_routing_override.0.version' - 'app_engine_routing_override.0.instance' - vars: - name: 'instance-name' - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_tasks_queue_http_target_oidc' + - name: 'cloud_tasks_queue_http_target_oidc' primary_resource_id: 'http_target_oidc' vars: name: 'cloud-tasks-queue-http-target-oidc' - - !ruby/object:Provider::Terraform::Examples - name: 'cloud_tasks_queue_http_target_oauth' + - name: 'cloud_tasks_queue_http_target_oauth' primary_resource_id: 'http_target_oauth' vars: name: 'cloud-tasks-queue-http-target-oauth' parameters: - - !ruby/object:Api::Type::String - name: 'location' - required: true - immutable: true + - name: 'location' + type: String description: The location of the queue url_param_only: true -properties: - - !ruby/object:Api::Type::String - name: 'name' + required: true immutable: true +properties: + - name: 'name' + type: String description: The queue name. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - custom_expand: templates/terraform/custom_expand/qualify_queue_name.go.erb - - !ruby/object:Api::Type::NestedObject - name: 'appEngineRoutingOverride' + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/qualify_queue_name.go.tmpl' + - name: 'appEngineRoutingOverride' + type: NestedObject description: | Overrides for task-level appEngineRouting. These settings apply only to App Engine tasks in this queue - custom_flatten: templates/terraform/custom_flatten/cloudtasks_queue_appenginerouting.go.erb + custom_flatten: 'templates/terraform/custom_flatten/cloudtasks_queue_appenginerouting.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'service' + - name: 'service' + type: String description: | App service. By default, the task is sent to the service which is the default service when the task is attempted. - - !ruby/object:Api::Type::String - name: 'version' + - name: 'version' + type: String description: | App version. By default, the task is sent to the version which is the default version when the task is attempted. - - !ruby/object:Api::Type::String - name: 'instance' + - name: 'instance' + type: String description: | App instance. By default, the task is sent to an instance which is available when the task is attempted. - - !ruby/object:Api::Type::String - name: 'host' - output: true + - name: 'host' + type: String description: The host that the task is sent to. - - !ruby/object:Api::Type::NestedObject - name: 'rateLimits' + output: true + - name: 'rateLimits' + type: NestedObject description: | Rate limits for task dispatches. @@ -112,24 +113,23 @@ properties: smooth sudden large traffic spikes. default_from_api: true properties: - - !ruby/object:Api::Type::Double - name: 'maxDispatchesPerSecond' + - name: 'maxDispatchesPerSecond' + type: Double description: | The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentDispatches' + - name: 'maxConcurrentDispatches' + type: Integer description: | The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxBurstSize' - output: true + - name: 'maxBurstSize' + type: Integer description: | The max burst size. @@ -137,13 +137,14 @@ properties: in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. - - !ruby/object:Api::Type::NestedObject - name: 'retryConfig' + output: true + - name: 'retryConfig' + type: NestedObject description: Settings that determine the retry behavior. default_from_api: true properties: - - !ruby/object:Api::Type::Integer - name: 'maxAttempts' + - name: 'maxAttempts' + type: Integer description: | Number of attempts per task. @@ -156,8 +157,8 @@ properties: -1 indicates unlimited attempts. default_from_api: true - - !ruby/object:Api::Type::String - name: 'maxRetryDuration' + - name: 'maxRetryDuration' + type: String description: | If positive, maxRetryDuration specifies the time limit for retrying a failed task, measured from when the task was first @@ -168,24 +169,24 @@ properties: If zero, then the task age is unlimited. default_from_api: true diff_suppress_func: 'suppressOmittedMaxDuration' - - !ruby/object:Api::Type::String - name: 'minBackoff' + - name: 'minBackoff' + type: String description: | A task will be scheduled for retry between minBackoff and maxBackoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. default_from_api: true diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - !ruby/object:Api::Type::String - name: 'maxBackoff' + - name: 'maxBackoff' + type: String description: | A task will be scheduled for retry between minBackoff and maxBackoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. default_from_api: true diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - !ruby/object:Api::Type::Integer - name: 'maxDoublings' + - name: 'maxDoublings' + type: Integer description: | The time between retries will double maxDoublings times. @@ -193,58 +194,58 @@ properties: then increases linearly, and finally retries retries at intervals of maxBackoff up to maxAttempts times. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'stackdriverLoggingConfig' + - name: 'stackdriverLoggingConfig' + type: NestedObject description: | Configuration options for writing logs to Stackdriver Logging. properties: - - !ruby/object:Api::Type::Double - name: 'samplingRatio' - required: true + - name: 'samplingRatio' + type: Double description: | Specifies the fraction of operations to write to Stackdriver Logging. This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the default and means that no operations are logged. - - !ruby/object:Api::Type::NestedObject - name: 'httpTarget' + required: true + - name: 'httpTarget' + type: NestedObject description: Modifies HTTP target for HTTP tasks. properties: - - !ruby/object:Api::Type::Enum - name: 'httpMethod' + - name: 'httpMethod' + type: Enum description: | The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to GET the body of the task will be ignored at execution time. - values: - - HTTP_METHOD_UNSPECIFIED - - POST - - GET - - HEAD - - PUT - - DELETE - - PATCH - - OPTIONS default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'uriOverride' + enum_values: + - 'HTTP_METHOD_UNSPECIFIED' + - 'POST' + - 'GET' + - 'HEAD' + - 'PUT' + - 'DELETE' + - 'PATCH' + - 'OPTIONS' + - name: 'uriOverride' + type: NestedObject description: | URI override. When specified, overrides the execution URI for all the tasks in the queue. properties: - - !ruby/object:Api::Type::Enum - name: 'scheme' + - name: 'scheme' + type: Enum description: | Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS). - values: + default_from_api: true + enum_values: - 'HTTP' - 'HTTPS' - default_from_api: true - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | Host override. @@ -252,8 +253,8 @@ properties: For example, if the task URL is "https://www.google.com", and host value is set to "example.net", the overridden URI will be changed to "https://example.net". Host value cannot be an empty string (INVALID_ARGUMENT). - - !ruby/object:Api::Type::String - name: 'port' + - name: 'port' + type: String description: | Port override. @@ -261,41 +262,41 @@ properties: For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port. - - !ruby/object:Api::Type::NestedObject - name: 'pathOverride' + - name: 'pathOverride' + type: NestedObject description: | URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment. properties: - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: The URI path (e.g., /users/1234). Default is an empty string. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'queryOverride' + - name: 'queryOverride' + type: NestedObject description: | URI query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment. properties: - - !ruby/object:Api::Type::String - name: 'queryParams' + - name: 'queryParams' + type: String description: The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'uriOverrideEnforceMode' + - name: 'uriOverrideEnforceMode' + type: Enum description: | URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS. - values: - - ALWAYS - - IF_NOT_EXISTS default_from_api: true - - !ruby/object:Api::Type::Array - name: 'headerOverrides' + enum_values: + - 'ALWAYS' + - 'IF_NOT_EXISTS' + - name: 'headerOverrides' + type: Array description: | HTTP target headers. @@ -308,64 +309,65 @@ properties: Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'header' + - name: 'header' + type: NestedObject description: | Header embodying a key and a value. required: true properties: - - !ruby/object:Api::Type::String - name: 'key' - required: true + - name: 'key' + type: String description: The Key of the header. - - !ruby/object:Api::Type::String - name: 'value' required: true + - name: 'value' + type: String description: The Value of the header. - - !ruby/object:Api::Type::NestedObject - name: 'oauthToken' + required: true + - name: 'oauthToken' + type: NestedObject description: | If specified, an OAuth token is generated and attached as the Authorization header in the HTTP request. This type of authorization should generally be used only when calling Google APIs hosted on *.googleapis.com. Note that both the service account email and the scope MUST be specified when using the queue-level authorization override. conflicts: - - 'oidcToken' + - oidcToken properties: - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' + - name: 'serviceAccountEmail' + type: String description: | Service account email to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account. required: true - - !ruby/object:Api::Type::String - name: 'scope' + - name: 'scope' + type: String description: | OAuth scope to be used for generating OAuth access token. If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'oidcToken' + - name: 'oidcToken' + type: NestedObject description: | If specified, an OIDC token is generated and attached as an Authorization header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself. Note that both the service account email and the audience MUST be specified when using the queue-level authorization override. conflicts: - - 'oauthToken' + - oauthToken properties: - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' + - name: 'serviceAccountEmail' + type: String description: | Service account email to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account. required: true - - !ruby/object:Api::Type::String - name: 'audience' + - name: 'audience' + type: String description: | Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. default_from_api: true diff --git a/mmv1/products/cloudtasks/go_Queue.yaml b/mmv1/products/cloudtasks/go_Queue.yaml deleted file mode 100644 index 870d58be1384..000000000000 --- a/mmv1/products/cloudtasks/go_Queue.yaml +++ /dev/null @@ -1,374 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Queue' -description: | - A named resource to which messages are sent by publishers. -docs: -id_format: 'projects/{{project}}/locations/{{location}}/queues/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/queues' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'name' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/queues/{{name}}' - - '{{name}}' -custom_code: - constants: 'templates/terraform/constants/go/cloud_tasks_retry_config_custom_diff.go.tmpl' -examples: - - name: 'queue_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-cloud-tasks-queue-test%s", context["random_suffix"])' - vars: - name: 'cloud-tasks-queue-test' - - name: 'cloud_tasks_queue_advanced' - primary_resource_id: 'advanced_configuration' - vars: - name: 'instance-name' - ignore_read_extra: - - 'app_engine_routing_override.0.service' - - 'app_engine_routing_override.0.version' - - 'app_engine_routing_override.0.instance' - - name: 'cloud_tasks_queue_http_target_oidc' - primary_resource_id: 'http_target_oidc' - vars: - name: 'cloud-tasks-queue-http-target-oidc' - - name: 'cloud_tasks_queue_http_target_oauth' - primary_resource_id: 'http_target_oauth' - vars: - name: 'cloud-tasks-queue-http-target-oauth' -parameters: - - name: 'location' - type: String - description: The location of the queue - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: The queue name. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/qualify_queue_name.go.tmpl' - - name: 'appEngineRoutingOverride' - type: NestedObject - description: | - Overrides for task-level appEngineRouting. These settings apply only - to App Engine tasks in this queue - custom_flatten: 'templates/terraform/custom_flatten/go/cloudtasks_queue_appenginerouting.go.tmpl' - properties: - - name: 'service' - type: String - description: | - App service. - - By default, the task is sent to the service which is the default service when the task is attempted. - - name: 'version' - type: String - description: | - App version. - - By default, the task is sent to the version which is the default version when the task is attempted. - - name: 'instance' - type: String - description: | - App instance. - - By default, the task is sent to an instance which is available when the task is attempted. - - name: 'host' - type: String - description: The host that the task is sent to. - output: true - - name: 'rateLimits' - type: NestedObject - description: | - Rate limits for task dispatches. - - The queue's actual dispatch rate is the result of: - - * Number of tasks in the queue - * User-specified throttling: rateLimits, retryConfig, and the queue's state. - * System throttling due to 429 (Too Many Requests) or 503 (Service - Unavailable) responses from the worker, high error rates, or to - smooth sudden large traffic spikes. - default_from_api: true - properties: - - name: 'maxDispatchesPerSecond' - type: Double - description: | - The maximum rate at which tasks are dispatched from this queue. - - If unspecified when the queue is created, Cloud Tasks will pick the default. - default_from_api: true - - name: 'maxConcurrentDispatches' - type: Integer - description: | - The maximum number of concurrent tasks that Cloud Tasks allows to - be dispatched for this queue. After this threshold has been - reached, Cloud Tasks stops dispatching tasks until the number of - concurrent requests decreases. - default_from_api: true - - name: 'maxBurstSize' - type: Integer - description: | - The max burst size. - - Max burst size limits how fast tasks in queue are processed when many tasks are - in the queue and the rate is high. This field allows the queue to have a high - rate so processing starts shortly after a task is enqueued, but still limits - resource usage when many tasks are enqueued in a short period of time. - output: true - - name: 'retryConfig' - type: NestedObject - description: Settings that determine the retry behavior. - default_from_api: true - properties: - - name: 'maxAttempts' - type: Integer - description: | - Number of attempts per task. - - Cloud Tasks will attempt the task maxAttempts times (that is, if - the first attempt fails, then there will be maxAttempts - 1 - retries). Must be >= -1. - - If unspecified when the queue is created, Cloud Tasks will pick - the default. - - -1 indicates unlimited attempts. - default_from_api: true - - name: 'maxRetryDuration' - type: String - description: | - If positive, maxRetryDuration specifies the time limit for - retrying a failed task, measured from when the task was first - attempted. Once maxRetryDuration time has passed and the task has - been attempted maxAttempts times, no further attempts will be - made and the task will be deleted. - - If zero, then the task age is unlimited. - default_from_api: true - diff_suppress_func: 'suppressOmittedMaxDuration' - - name: 'minBackoff' - type: String - description: | - A task will be scheduled for retry between minBackoff and - maxBackoff duration after it fails, if the queue's RetryConfig - specifies that the task should be retried. - default_from_api: true - diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - name: 'maxBackoff' - type: String - description: | - A task will be scheduled for retry between minBackoff and - maxBackoff duration after it fails, if the queue's RetryConfig - specifies that the task should be retried. - default_from_api: true - diff_suppress_func: 'tpgresource.DurationDiffSuppress' - - name: 'maxDoublings' - type: Integer - description: | - The time between retries will double maxDoublings times. - - A task's retry interval starts at minBackoff, then doubles maxDoublings times, - then increases linearly, and finally retries retries at intervals of maxBackoff - up to maxAttempts times. - default_from_api: true - - name: 'stackdriverLoggingConfig' - type: NestedObject - description: | - Configuration options for writing logs to Stackdriver Logging. - properties: - - name: 'samplingRatio' - type: Double - description: | - Specifies the fraction of operations to write to Stackdriver Logging. - This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the - default and means that no operations are logged. - required: true - - name: 'httpTarget' - type: NestedObject - description: Modifies HTTP target for HTTP tasks. - properties: - - name: 'httpMethod' - type: Enum - description: | - The HTTP method to use for the request. - - When specified, it overrides HttpRequest for the task. - Note that if the value is set to GET the body of the task will be ignored at execution time. - default_from_api: true - enum_values: - - 'HTTP_METHOD_UNSPECIFIED' - - 'POST' - - 'GET' - - 'HEAD' - - 'PUT' - - 'DELETE' - - 'PATCH' - - 'OPTIONS' - - name: 'uriOverride' - type: NestedObject - description: | - URI override. - - When specified, overrides the execution URI for all the tasks in the queue. - properties: - - name: 'scheme' - type: Enum - description: | - Scheme override. - - When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS). - default_from_api: true - enum_values: - - 'HTTP' - - 'HTTPS' - - name: 'host' - type: String - description: | - Host override. - - When specified, replaces the host part of the task URL. - For example, if the task URL is "https://www.google.com", and host value - is set to "example.net", the overridden URI will be changed to "https://example.net". - Host value cannot be an empty string (INVALID_ARGUMENT). - - name: 'port' - type: String - description: | - Port override. - - When specified, replaces the port part of the task URI. - For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. - Note that the port value must be a positive integer. - Setting the port to 0 (Zero) clears the URI port. - - name: 'pathOverride' - type: NestedObject - description: | - URI path. - - When specified, replaces the existing path of the task URL. - Setting the path value to an empty string clears the URI path segment. - properties: - - name: 'path' - type: String - description: The URI path (e.g., /users/1234). Default is an empty string. - default_from_api: true - - name: 'queryOverride' - type: NestedObject - description: | - URI query. - - When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment. - properties: - - name: 'queryParams' - type: String - description: The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string. - default_from_api: true - - name: 'uriOverrideEnforceMode' - type: Enum - description: | - URI Override Enforce Mode - - When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS. - default_from_api: true - enum_values: - - 'ALWAYS' - - 'IF_NOT_EXISTS' - - name: 'headerOverrides' - type: Array - description: | - HTTP target headers. - - This map contains the header field names and values. - Headers will be set when running the CreateTask and/or BufferTask. - - These headers represent a subset of the headers that will be configured for the task's HTTP request. - Some HTTP request headers will be ignored or replaced. - - Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. - - The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue. - item_type: - type: NestedObject - properties: - - name: 'header' - type: NestedObject - description: | - Header embodying a key and a value. - required: true - properties: - - name: 'key' - type: String - description: The Key of the header. - required: true - - name: 'value' - type: String - description: The Value of the header. - required: true - - name: 'oauthToken' - type: NestedObject - description: | - If specified, an OAuth token is generated and attached as the Authorization header in the HTTP request. - - This type of authorization should generally be used only when calling Google APIs hosted on *.googleapis.com. - Note that both the service account email and the scope MUST be specified when using the queue-level authorization override. - conflicts: - - oidcToken - properties: - - name: 'serviceAccountEmail' - type: String - description: | - Service account email to be used for generating OAuth token. - The service account must be within the same project as the queue. - The caller must have iam.serviceAccounts.actAs permission for the service account. - required: true - - name: 'scope' - type: String - description: | - OAuth scope to be used for generating OAuth access token. - If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. - default_from_api: true - - name: 'oidcToken' - type: NestedObject - description: | - If specified, an OIDC token is generated and attached as an Authorization header in the HTTP request. - - This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself. - Note that both the service account email and the audience MUST be specified when using the queue-level authorization override. - conflicts: - - oauthToken - properties: - - name: 'serviceAccountEmail' - type: String - description: | - Service account email to be used for generating OIDC token. - The service account must be within the same project as the queue. - The caller must have iam.serviceAccounts.actAs permission for the service account. - required: true - - name: 'audience' - type: String - description: | - Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. - default_from_api: true diff --git a/mmv1/products/cloudtasks/go_product.yaml b/mmv1/products/cloudtasks/go_product.yaml deleted file mode 100644 index a9b433bcb3ab..000000000000 --- a/mmv1/products/cloudtasks/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'CloudTasks' -display_name: 'Cloud Tasks' -versions: - - name: 'ga' - base_url: 'https://cloudtasks.googleapis.com/v2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/cloudtasks/product.yaml b/mmv1/products/cloudtasks/product.yaml index bd5687ce1488..ae300a15d493 100644 --- a/mmv1/products/cloudtasks/product.yaml +++ b/mmv1/products/cloudtasks/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2017 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: CloudTasks -display_name: Cloud Tasks +--- +name: 'CloudTasks' +display_name: 'Cloud Tasks' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://cloudtasks.googleapis.com/v2/ + - name: 'ga' + base_url: 'https://cloudtasks.googleapis.com/v2/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/composer/UserWorkloadsConfigMap.yaml b/mmv1/products/composer/UserWorkloadsConfigMap.yaml index 2547f63aca1c..9835430077f0 100644 --- a/mmv1/products/composer/UserWorkloadsConfigMap.yaml +++ b/mmv1/products/composer/UserWorkloadsConfigMap.yaml @@ -11,65 +11,66 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'UserWorkloadsConfigMap' description: | User workloads ConfigMap used by Airflow tasks that run with Kubernetes Executor or KubernetesPodOperator. Intended for Composer 3 Environments. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: + guides: # TODO: add v1 reference when this is moved to ga - api: https://cloud.google.com/composer/docs/reference/rest/v1beta1/projects.locations.environments.userWorkloadsConfigMaps - -min_version: beta - -base_url: projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps -self_link: projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps/{{name}} - + api: 'https://cloud.google.com/composer/docs/reference/rest/v1beta1/projects.locations.environments.userWorkloadsConfigMaps' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps' +self_link: 'projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps/{{name}}' # Overrides one or more timeouts, in minutes. All timeouts default to 20. -timeouts: !ruby/object:Api::Timeouts +timeouts: insert_minutes: 1 update_minutes: 1 delete_minutes: 1 - +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "composer_user_workloads_config_map_basic" - primary_resource_id: "config_map" + - name: 'composer_user_workloads_config_map_basic' + primary_resource_id: 'config_map' vars: - environment_name: "test-environment" - config_map_name: "test-config-map" - + environment_name: 'test-environment' + config_map_name: 'test-config-map' parameters: - - !ruby/object:Api::Type::String - name: 'region' - immutable: true - default_from_api: true - url_param_only: true + - name: 'region' + type: String description: | The location or Compute Engine region for the environment. - - !ruby/object:Api::Type::String - name: 'environment' - required: true - immutable: true + min_version: 'beta' url_param_only: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'verify.ValidateGCEName' + immutable: true + default_from_api: true + - name: 'environment' + type: String description: | Environment where the Kubernetes ConfigMap will be stored and used. -properties: - - !ruby/object:Api::Type::String - name: 'name' + min_version: 'beta' + url_param_only: true required: true immutable: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' +properties: + - name: 'name' + type: String description: | Name of the Kubernetes ConfigMap. - - !ruby/object:Api::Type::KeyValuePairs - name: 'data' - immutable: false + min_version: 'beta' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + validation: + function: 'verify.ValidateGCEName' + - name: 'data' + type: KeyValuePairs description: | The "data" field of Kubernetes ConfigMap, organized in key-value pairs. For details see: https://kubernetes.io/docs/concepts/configuration/configmap/ + min_version: 'beta' + immutable: false diff --git a/mmv1/products/composer/go_UserWorkloadsConfigMap.yaml b/mmv1/products/composer/go_UserWorkloadsConfigMap.yaml deleted file mode 100644 index 3fbf966eb003..000000000000 --- a/mmv1/products/composer/go_UserWorkloadsConfigMap.yaml +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'UserWorkloadsConfigMap' -description: | - User workloads ConfigMap used by Airflow tasks that run with Kubernetes Executor or KubernetesPodOperator. - Intended for Composer 3 Environments. -min_version: 'beta' -references: - guides: - api: 'https://cloud.google.com/composer/docs/reference/rest/v1beta1/projects.locations.environments.userWorkloadsConfigMaps' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps' -self_link: 'projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsConfigMaps/{{name}}' -timeouts: - insert_minutes: 1 - update_minutes: 1 - delete_minutes: 1 -custom_code: -examples: - - name: 'composer_user_workloads_config_map_basic' - primary_resource_id: 'config_map' - vars: - environment_name: 'test-environment' - config_map_name: 'test-config-map' -parameters: - - name: 'region' - type: String - description: | - The location or Compute Engine region for the environment. - min_version: 'beta' - url_param_only: true - immutable: true - default_from_api: true - - name: 'environment' - type: String - description: | - Environment where the Kubernetes ConfigMap will be stored and used. - min_version: 'beta' - url_param_only: true - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' -properties: - - name: 'name' - type: String - description: | - Name of the Kubernetes ConfigMap. - min_version: 'beta' - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - validation: - function: 'verify.ValidateGCEName' - - name: 'data' - type: KeyValuePairs - description: | - The "data" field of Kubernetes ConfigMap, organized in key-value pairs. - For details see: https://kubernetes.io/docs/concepts/configuration/configmap/ - min_version: 'beta' - immutable: false diff --git a/mmv1/products/composer/go_product.yaml b/mmv1/products/composer/go_product.yaml deleted file mode 100644 index b31aa785cd7c..000000000000 --- a/mmv1/products/composer/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Composer' -display_name: 'Cloud Composer' -versions: - - name: 'ga' - base_url: 'https://composer.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://composer.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/composer/product.yaml b/mmv1/products/composer/product.yaml index d8184e1643c5..228454423590 100644 --- a/mmv1/products/composer/product.yaml +++ b/mmv1/products/composer/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Composer -display_name: Cloud Composer -scopes: - - https://www.googleapis.com/auth/cloud-platform +--- +name: 'Composer' +display_name: 'Cloud Composer' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://composer.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://composer.googleapis.com/v1beta1/ + - name: 'ga' + base_url: 'https://composer.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://composer.googleapis.com/v1beta1/' +scopes: + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/compute/Address.yaml b/mmv1/products/compute/Address.yaml index 334a8b209f07..a65b502166f7 100644 --- a/mmv1/products/compute/Address.yaml +++ b/mmv1/products/compute/Address.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Address' kind: 'compute#address' -base_url: projects/{{project}}/regions/{{region}}/addresses -collection_url_key: 'items' -has_self_link: true -immutable: true description: | Represents an Address resource. @@ -32,108 +28,107 @@ description: | the instance is assigned a new internal IP address, either by Compute Engine or by you. External IP addresses can be either ephemeral or static. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/instances-and-network' 'Reserving a Static Internal IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address' api: 'https://cloud.google.com/compute/docs/reference/beta/addresses' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/addresses' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + post_create: 'templates/terraform/post_create/labels.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'address_basic' + - name: 'address_basic' primary_resource_id: 'ip_address' vars: address_name: 'my-address' - - !ruby/object:Provider::Terraform::Examples - name: 'address_with_subnetwork' + - name: 'address_with_subnetwork' primary_resource_id: 'internal_with_subnet_and_address' vars: address_name: 'my-internal-address' network_name: 'my-network' subnetwork_name: 'my-subnet' - - !ruby/object:Provider::Terraform::Examples - name: 'address_with_gce_endpoint' + - name: 'address_with_gce_endpoint' primary_resource_id: 'internal_with_gce_endpoint' vars: address_name: 'my-internal-address-' - - !ruby/object:Provider::Terraform::Examples - name: 'address_with_shared_loadbalancer_vip' + - name: 'address_with_shared_loadbalancer_vip' primary_resource_id: 'internal_with_shared_loadbalancer_vip' vars: address_name: 'my-internal-address' - skip_docs: - true # It is almost identical to internal_with_gce_endpoint + # It is almost identical to internal_with_gce_endpoint + exclude_docs: true # TODO(rileykarson): Remove this example when instance is supported - - !ruby/object:Provider::Terraform::Examples - name: 'instance_with_ip' + - name: 'instance_with_ip' primary_resource_id: 'static' vars: address_name: 'ipv4-address' instance_name: 'vm-instance' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_address_ipsec_interconnect' + - name: 'compute_address_ipsec_interconnect' primary_resource_id: 'ipsec-interconnect-address' vars: address_name: 'test-address' network_name: 'test-network' -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/labels.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | The Region in which the created address should reside. If it is not provided, the provider region is used. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'address' + - name: 'address' + type: String description: | The static external IP address represented by this resource. The IP address must be inside the specified subnetwork, if any. Set by the API if undefined. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'addressType' + - name: 'addressType' + type: Enum description: | The type of address to reserve. Note: if you set this argument's value as `INTERNAL` you need to leave the `network_tier` argument unset in that resource block. - values: - - :INTERNAL - - :EXTERNAL - default_value: :EXTERNAL - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "EXTERNAL" + enum_values: + - 'INTERNAL' + - 'EXTERNAL' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -142,10 +137,10 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - - !ruby/object:Api::Type::String - name: 'purpose' + - name: 'purpose' + type: String description: | The purpose of this resource, which can be one of the following values. @@ -167,73 +162,76 @@ properties: This should only be set when using an Internal address. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'networkTier' + - name: 'networkTier' + type: Enum description: | The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM. This argument should not be used when configuring Internal addresses, because [network tier cannot be set for internal traffic; it's always Premium](https://cloud.google.com/network-tiers/docs/overview). - values: - - :PREMIUM - - :STANDARD default_from_api: true - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' - imports: 'selfLink' + enum_values: + - 'PREMIUM' + - 'STANDARD' + - name: 'subnetwork' + type: ResourceRef description: | The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes. default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'users' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'users' + type: Array description: 'The URLs of the resources that are using this address.' - item_type: Api::Type::String output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + item_type: + type: String + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this address. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + update_verb: 'POST' + key_expander: '' + - name: 'network' + type: ResourceRef description: | The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING and IPSEC_INTERCONNECT purposes. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: prefixLength + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'prefixLength' + type: Integer description: | The prefix length if the resource represents an IP range. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'ipVersion' + - name: 'ipVersion' + type: Enum description: | The IP Version that will be used by this address. The default value is `IPV4`. - values: - - :IPV4 - - :IPV6 diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' - - !ruby/object:Api::Type::Enum - name: 'ipv6EndpointType' + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'ipv6EndpointType' + type: Enum description: | The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation. - values: - - :VM - - :NETLB + enum_values: + - 'VM' + - 'NETLB' diff --git a/mmv1/products/compute/Autoscaler.yaml b/mmv1/products/compute/Autoscaler.yaml index 048c3d999169..b8dadbe531b0 100644 --- a/mmv1/products/compute/Autoscaler.yaml +++ b/mmv1/products/compute/Autoscaler.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,64 +11,63 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Autoscaler' kind: 'compute#autoscaler' -base_url: projects/{{project}}/zones/{{zone}}/autoscalers -update_url: projects/{{project}}/zones/{{zone}}/autoscalers?autoscaler={{name}} -collection_url_key: 'items' -has_self_link: true description: | Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/autoscalers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/autoscalers' +has_self_link: true +update_url: 'projects/{{project}}/zones/{{zone}}/autoscalers?autoscaler={{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'autoscaler_single_instance' + - name: 'autoscaler_single_instance' primary_resource_id: 'default' min_version: 'beta' vars: autoscaler_name: 'my-autoscaler' instance_template_name: 'my-instance-template' target_pool_name: 'my-target-pool' - igm_name: - 'my-igm' + igm_name: 'my-igm' # Add test_vars_overrides and oics_vars_overrides to fix the failing test, # which is caused by upgradting terraform-plugin-sdk to 2.24.0. provider_name: 'google-beta' provider_alias: '' test_vars_overrides: - provider_name: '"google-beta.us-central1"' - provider_alias: '"alias = \"us-central1\""' + 'provider_name': '"google-beta.us-central1"' + 'provider_alias': '"alias = \"us-central1\""' oics_vars_overrides: - provider_name: 'google-beta' - provider_alias: '' - - !ruby/object:Provider::Terraform::Examples - name: 'autoscaler_basic' + 'provider_name': 'google-beta' + 'provider_alias': '' + - name: 'autoscaler_basic' primary_resource_id: 'foobar' vars: autoscaler_name: 'my-autoscaler' @@ -76,24 +75,24 @@ examples: target_pool_name: 'my-target-pool' igm_name: 'my-igm' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | URL of the zone where the instance group resides. required: false immutable: true ignore_read: true default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the @@ -102,14 +101,14 @@ properties: character, which cannot be a dash. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::NestedObject - name: 'autoscalingPolicy' + - name: 'autoscalingPolicy' + type: NestedObject description: | The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, @@ -119,29 +118,28 @@ properties: on cpuUtilization to 0.6 or 60%. required: true properties: - - !ruby/object:Api::Type::Integer - name: 'minReplicas' - api_name: minNumReplicas + - name: 'minReplicas' + type: Integer description: | The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed. - send_empty_value: true + api_name: minNumReplicas required: true - - !ruby/object:Api::Type::Integer - name: 'maxReplicas' - api_name: maxNumReplicas + send_empty_value: true + - name: 'maxReplicas' + type: Integer description: | The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas. - send_empty_value: true + api_name: maxNumReplicas required: true - - !ruby/object:Api::Type::Integer - name: 'cooldownPeriod' - api_name: 'coolDownPeriodSec' + send_empty_value: true + - name: 'cooldownPeriod' + type: Integer description: | The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents @@ -153,99 +151,98 @@ properties: numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process. + api_name: coolDownPeriodSec default_value: 60 - - !ruby/object:Api::Type::String - name: 'mode' - default_value: 'ON' + - name: 'mode' + type: String description: | Defines operating mode for this policy. - - !ruby/object:Api::Type::NestedObject - name: 'scaleDownControl' - min_version: beta + default_value: "ON" + - name: 'scaleDownControl' + type: NestedObject description: | Defines scale down controls to reduce the risk of response latency and outages due to abrupt scale-in events + min_version: 'beta' required: false default_from_api: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'maxScaledDownReplicas' + - name: 'maxScaledDownReplicas' + type: NestedObject at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas - - autoscaling_policy.0.scale_down_control.0.time_window_sec + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' properties: - - !ruby/object:Api::Type::Integer - name: 'fixed' - at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + - name: 'fixed' + type: Integer description: | Specifies a fixed number of VM instances. This must be a positive integer. - - !ruby/object:Api::Type::Integer - name: 'percent' at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'percent' + type: Integer description: | Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. - - !ruby/object:Api::Type::Integer - name: 'timeWindowSec' - at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas - - autoscaling_policy.0.scale_down_control.0.time_window_sec + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer description: | How long back autoscaling should look when computing recommendations to include directives regarding slower scale down, as described above. - - !ruby/object:Api::Type::NestedObject - name: 'scaleInControl' + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' + - name: 'scaleInControl' + type: NestedObject description: | Defines scale in controls to reduce the risk of response latency and outages due to abrupt scale-in events properties: - - !ruby/object:Api::Type::NestedObject - name: 'maxScaledInReplicas' + - name: 'maxScaledInReplicas' + type: NestedObject at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas - - autoscaling_policy.0.scale_in_control.0.time_window_sec + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' properties: - - !ruby/object:Api::Type::Integer - name: 'fixed' - at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + - name: 'fixed' + type: Integer description: | Specifies a fixed number of VM instances. This must be a positive integer. - - !ruby/object:Api::Type::Integer - name: 'percent' at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'percent' + type: Integer description: | Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. - - !ruby/object:Api::Type::Integer - name: 'timeWindowSec' - at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas - - autoscaling_policy.0.scale_in_control.0.time_window_sec + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer description: | How long back autoscaling should look when computing recommendations to include directives regarding slower scale down, as described above. - - !ruby/object:Api::Type::NestedObject - name: 'cpuUtilization' + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' + - name: 'cpuUtilization' + type: NestedObject description: | Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group. default_from_api: true properties: - - !ruby/object:Api::Type::Double - name: 'target' - api_name: 'utilizationTarget' - required: true + - name: 'target' + type: Double description: | The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the @@ -260,35 +257,37 @@ properties: scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization. - - !ruby/object:Api::Type::String - name: 'predictiveMethod' - default_value: NONE + api_name: utilizationTarget + required: true + - name: 'predictiveMethod' + type: String description: | Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Array - name: 'metric' - api_name: 'customMetricUtilizations' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "NONE" + - name: 'metric' + type: Array description: | Configuration parameters of autoscaling based on a custom metric. - item_type: !ruby/object:Api::Type::NestedObject + api_name: customMetricUtilizations + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - api_name: 'metric' + - name: 'name' + type: String description: | The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE. + api_name: metric required: true - - !ruby/object:Api::Type::Double - name: 'singleInstanceAssignment' - min_version: beta + - name: 'singleInstanceAssignment' + type: Double description: | If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to @@ -306,9 +305,9 @@ properties: latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead. - - !ruby/object:Api::Type::Double - name: 'target' - api_name: utilizationTarget + min_version: 'beta' + - name: 'target' + type: Double description: | The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization @@ -319,18 +318,19 @@ properties: www.googleapis.com/compute/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances. - - !ruby/object:Api::Type::Enum - name: 'type' - api_name: 'utilizationTargetType' + api_name: utilizationTarget + - name: 'type' + type: Enum description: | Defines how target utilization value is expressed for a Stackdriver Monitoring metric. - values: - - :GAUGE - - :DELTA_PER_SECOND - - :DELTA_PER_MINUTE - - !ruby/object:Api::Type::String - name: 'filter' + api_name: utilizationTargetType + enum_values: + - 'GAUGE' + - 'DELTA_PER_SECOND' + - 'DELTA_PER_MINUTE' + - name: 'filter' + type: String description: | A filter string to be used as the filter string for a Stackdriver Monitoring TimeSeries.list API call. @@ -364,66 +364,67 @@ properties: (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value. - min_version: beta - default_value: 'resource.type = gce_instance' - - !ruby/object:Api::Type::NestedObject - name: 'loadBalancingUtilization' + min_version: 'beta' + default_value: "resource.type = gce_instance" + - name: 'loadBalancingUtilization' + type: NestedObject description: | Configuration parameters of autoscaling based on a load balancer. properties: - - !ruby/object:Api::Type::Double - name: 'target' - api_name: utilizationTarget - required: true + - name: 'target' + type: Double description: | Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8. - - !ruby/object:Api::Type::Map - name: 'scalingSchedules' + api_name: utilizationTarget + required: true + - name: 'scalingSchedules' + type: Map description: | Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. - key_name: name + key_name: 'name' key_description: | A name for the schedule. - value_type: !ruby/object:Api::Type::NestedObject + value_type: name: scalingSchedule + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'minRequiredReplicas' + - name: 'minRequiredReplicas' + type: Integer description: | Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. required: true send_empty_value: true - - !ruby/object:Api::Type::String - name: 'schedule' + - name: 'schedule' + type: String description: | The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). required: true - - !ruby/object:Api::Type::String - name: 'timeZone' - default_value: UTC + - name: 'timeZone' + type: String description: | The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. - - !ruby/object:Api::Type::Integer - name: 'durationSec' + default_value: "UTC" + - name: 'durationSec' + type: Integer description: | The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. required: true - - !ruby/object:Api::Type::Boolean - name: 'disabled' + - name: 'disabled' + type: Boolean description: | A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. default_value: false - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A description of a scaling schedule. - - !ruby/object:Api::Type::ResourceRef - name: 'target' - resource: 'InstanceGroupManager' - imports: 'selfLink' + - name: 'target' + type: ResourceRef description: | URL of the managed instance group that this autoscaler will scale. required: true - custom_expand: 'templates/terraform/custom_expand/compute_full_url.erb' + custom_expand: 'templates/terraform/custom_expand/compute_full_url.tmpl' + resource: 'InstanceGroupManager' + imports: 'selfLink' diff --git a/mmv1/products/compute/BackendBucket.yaml b/mmv1/products/compute/BackendBucket.yaml index 4fbaace74a5a..400b44bf1986 100644 --- a/mmv1/products/compute/BackendBucket.yaml +++ b/mmv1/products/compute/BackendBucket.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BackendBucket' kind: 'compute#backendBucket' -base_url: projects/{{project}}/global/backendBuckets -collection_url_key: 'items' -has_self_link: true description: | Backend buckets allow you to use Google Cloud Storage buckets with HTTP(S) load balancing. @@ -25,69 +22,70 @@ description: | backend bucket rather than a backend service. It can send requests for static content to a Cloud Storage bucket and requests for dynamic content to a virtual machine instance. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using a Cloud Storage bucket as a load balancer backend': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket' api: 'https://cloud.google.com/compute/docs/reference/v1/backendBuckets' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/backendBuckets' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -iam_policy: !ruby/object:Api::Resource::IamPolicy - min_version: beta +collection_url_key: 'items' +iam_policy: parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - ['projects/{{project}}/global/backendBuckets/{{name}}', '{{name}}'] + - 'projects/{{project}}/global/backendBuckets/{{name}}' + - '{{name}}' + min_version: 'beta' +custom_code: + encoder: 'templates/terraform/encoders/compute_backend_bucket.go.tmpl' + post_create: 'templates/terraform/post_create/compute_backend_bucket_security_policy.go.tmpl' + post_update: 'templates/terraform/post_create/compute_backend_bucket_security_policy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_basic' + - name: 'backend_bucket_basic' primary_resource_id: 'image_backend' - primary_resource_name: "fmt.Sprintf(\"tf-test-image-backend-bucket%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-image-backend-bucket%s", context["random_suffix"])' vars: backend_bucket_name: 'image-backend-bucket' bucket_name: 'image-store-bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_full' + - name: 'backend_bucket_full' primary_resource_id: 'image_backend_full' - skip_docs: true vars: backend_bucket_name: 'image-backend-bucket-full' bucket_name: 'image-store-bucket-full' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_security_policy' + exclude_docs: true + - name: 'backend_bucket_security_policy' primary_resource_id: 'image_backend' vars: backend_bucket_name: 'image-backend-bucket' bucket_name: 'image-store-bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_query_string_whitelist' + - name: 'backend_bucket_query_string_whitelist' primary_resource_id: 'image_backend' vars: backend_bucket_name: 'image-backend-bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_include_http_headers' + - name: 'backend_bucket_include_http_headers' primary_resource_id: 'image_backend' vars: backend_bucket_name: 'image-backend-bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'external_cdn_lb_with_backend_bucket' - primary_resource_type: 'google_compute_backend_bucket' + - name: 'external_cdn_lb_with_backend_bucket' primary_resource_id: 'default' vars: my_bucket: 'my-bucket' @@ -99,62 +97,59 @@ examples: http_lb_proxy: 'http-lb-proxy' http_lb: 'http-lb' cat_backend_bucket: 'cat-backend-bucket' - skip_docs: true - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_bypass_cache' + exclude_docs: true + - name: 'backend_bucket_bypass_cache' primary_resource_id: 'image_backend' - skip_docs: true vars: backend_bucket_name: 'image-backend-bucket' bucket_name: 'image-store-bucket' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_coalescing' + exclude_docs: true + - name: 'backend_bucket_coalescing' primary_resource_id: 'image_backend' - skip_docs: true vars: backend_bucket_name: 'image-backend-bucket' bucket_name: 'image-store-bucket' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: 'templates/terraform/encoders/compute_backend_bucket.go.erb' - post_create: 'templates/terraform/post_create/compute_backend_bucket_security_policy.go.erb' - post_update: 'templates/terraform/post_create/compute_backend_bucket_security_policy.go.erb' + exclude_docs: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'bucketName' + - name: 'bucketName' + type: String description: 'Cloud Storage bucket name.' required: true - - !ruby/object:Api::Type::NestedObject - name: 'cdnPolicy' + - name: 'cdnPolicy' + type: NestedObject description: 'Cloud CDN configuration for this Backend Bucket.' default_from_api: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'cacheKeyPolicy' + - name: 'cacheKeyPolicy' + type: NestedObject description: 'The CacheKeyPolicy for this CdnPolicy.' properties: - - !ruby/object:Api::Type::Array - send_empty_value: true - name: 'queryStringWhitelist' - at_least_one_of: - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers + - name: 'queryStringWhitelist' + type: Array description: | Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array send_empty_value: true - name: 'includeHttpHeaders' at_least_one_of: - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + item_type: + type: String + - name: 'includeHttpHeaders' + type: Array description: | Allows HTTP request headers (by name) to be used in the cache key. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'signedUrlCacheMaxAgeSec' + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + item_type: + type: String + - name: 'signedUrlCacheMaxAgeSec' + type: Integer description: | Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, @@ -165,111 +160,114 @@ properties: max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. send_empty_value: true - - !ruby/object:Api::Type::Integer - name: 'defaultTtl' + - name: 'defaultTtl' + type: Integer description: | Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). default_from_api: true send_empty_value: true - - !ruby/object:Api::Type::Integer - name: 'maxTtl' + - name: 'maxTtl' + type: Integer description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'clientTtl' + - name: 'clientTtl' + type: Integer description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true send_empty_value: true - - !ruby/object:Api::Type::Boolean - name: 'negativeCaching' - send_empty_value: true + - name: 'negativeCaching' + type: Boolean description: | Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'negativeCachingPolicy' + send_empty_value: true + - name: 'negativeCachingPolicy' + type: Array description: | Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'code' + - name: 'code' + type: Integer description: | The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once. - - !ruby/object:Api::Type::Integer - name: 'ttl' + - name: 'ttl' + type: Integer description: | The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. send_empty_value: true - - !ruby/object:Api::Type::Enum - name: 'cacheMode' + - name: 'cacheMode' + type: Enum description: | Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC - values: - - :USE_ORIGIN_HEADERS - - :FORCE_CACHE_ALL - - :CACHE_ALL_STATIC default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'serveWhileStale' - send_empty_value: true + enum_values: + - 'USE_ORIGIN_HEADERS' + - 'FORCE_CACHE_ALL' + - 'CACHE_ALL_STATIC' + - name: 'serveWhileStale' + type: Integer description: | Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'requestCoalescing' send_empty_value: true + - name: 'requestCoalescing' + type: Boolean description: | If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin. - - !ruby/object:Api::Type::Array - name: 'bypassCacheOnRequestHeaders' + send_empty_value: true + - name: 'bypassCacheOnRequestHeaders' + type: Array description: | Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. - max_size: 5 - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: | The header field name to match on when bypassing cache. Values are case-insensitive. - - !ruby/object:Api::Type::Enum - name: 'compressionMode' + max_size: 5 + - name: 'compressionMode' + type: Enum description: | Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. - values: - - :AUTOMATIC - - :DISABLED - - !ruby/object:Api::Type::String - name: 'edgeSecurityPolicy' + enum_values: + - 'AUTOMATIC' + - 'DISABLED' + - name: 'edgeSecurityPolicy' + type: String description: | The security policy associated with this backend bucket. diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::Array - name: 'customResponseHeaders' + - name: 'customResponseHeaders' + type: Array description: | Headers that the HTTP/S load balancer should add to proxied responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + item_type: + type: String + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional textual description of the resource; provided by the client when the resource is created. - - !ruby/object:Api::Type::Boolean - name: 'enableCdn' + - name: 'enableCdn' + type: Boolean description: 'If true, enable Cloud CDN for this BackendBucket.' - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -278,7 +276,7 @@ properties: the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - validation: !ruby/object:Provider::Terraform::Validation + immutable: true + validation: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' diff --git a/mmv1/products/compute/BackendBucketSignedUrlKey.yaml b/mmv1/products/compute/BackendBucketSignedUrlKey.yaml index 386de144a9e4..860df8a14ba9 100644 --- a/mmv1/products/compute/BackendBucketSignedUrlKey.yaml +++ b/mmv1/products/compute/BackendBucketSignedUrlKey.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,87 +11,88 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BackendBucketSignedUrlKey' kind: 'compute#BackendBucketSignedUrlKey' -immutable: true -base_url: projects/{{project}}/global/backendBuckets/{{backend_bucket}} -create_url: projects/{{project}}/global/backendBuckets/{{backend_bucket}}/addSignedUrlKey -create_verb: :POST -delete_url: projects/{{project}}/global/backendBuckets/{{backend_bucket}}/deleteSignedUrlKey?keyName={{name}} -delete_verb: :POST -self_link: projects/{{project}}/global/backendBuckets/{{backend_bucket}} -identity: - - name -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - cdnPolicy - - signedUrlKeyNames - is_list_of_ids: true description: | A key for signing Cloud CDN signed URLs for BackendBuckets. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendBuckets' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}' +self_link: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}' +create_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}/addSignedUrlKey' +delete_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}/deleteSignedUrlKey?keyName={{name}}' +delete_verb: 'POST' +immutable: true +mutex: 'signedUrlKey/{{project}}/backendBuckets/{{backend_bucket}}/' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -exclude_import: true +identity: + - name +nested_query: + keys: + - cdnPolicy + - signedUrlKeyNames + is_list_of_ids: true + modify_by_patch: false +custom_code: exclude_tgc: true -mutex: signedUrlKey/{{project}}/backendBuckets/{{backend_bucket}}/ examples: - - !ruby/object:Provider::Terraform::Examples - name: 'backend_bucket_signed_url_key' - external_providers: ["random", "time"] + - name: 'backend_bucket_signed_url_key' primary_resource_id: 'backend_key' vars: key_name: 'test-key' backend_name: 'test-signed-backend-bucket' bucket_name: 'test-storage-bucket' - skip_test: true + external_providers: ["random", "time"] + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'backendBucket' - resource: 'BackendBucket' - imports: 'name' + - name: 'backendBucket' + type: ResourceRef description: | The backend bucket this signed URL key belongs. required: true immutable: true ignore_read: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'BackendBucket' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' - api_name: 'keyName' + - name: 'name' + type: String description: | Name of the signed URL key. + api_name: keyName required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - - !ruby/object:Api::Type::String - name: 'keyValue' + - name: 'keyValue' + type: String description: | 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. required: true immutable: true - sensitive: true ignore_read: true + sensitive: true diff --git a/mmv1/products/compute/BackendService.yaml b/mmv1/products/compute/BackendService.yaml index c1084ed96ddb..5bb6764e9975 100644 --- a/mmv1/products/compute/BackendService.yaml +++ b/mmv1/products/compute/BackendService.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BackendService' kind: 'compute#backendService' -base_url: projects/{{project}}/global/backendServices -collection_url_key: 'items' -has_self_link: true description: | A Backend Service defines a group of virtual machines that will serve traffic for load balancing. This resource is a global backend service, @@ -24,115 +21,112 @@ description: | For managed internal load balancing, use a regional backend service instead. Currently self-managed internal load balancing is only available in beta. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-service' api: 'https://cloud.google.com/compute/docs/reference/v1/backendServices' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/backendServices' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.admin' + parent_resource_attribute: 'name' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + min_version: 'beta' +custom_code: + constants: 'templates/terraform/constants/backend_service.go.tmpl' + encoder: 'templates/terraform/encoders/backend_service.go.tmpl' + decoder: 'templates/terraform/decoders/backend_service.go.tmpl' + post_create: 'templates/terraform/post_create/compute_backend_service_security_policy.go.tmpl' + post_update: 'templates/terraform/post_create/compute_backend_service_security_policy.go.tmpl' +schema_version: 1 examples: - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_basic' + - name: 'backend_service_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-backend-service%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-backend-service%s", context["random_suffix"])' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_external_iap' + - name: 'backend_service_external_iap' primary_resource_id: 'default' vars: backend_service_name: 'tf-test-backend-service-external' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_cache_simple' + - name: 'backend_service_cache_simple' primary_resource_id: 'default' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_cache_include_http_headers' + - name: 'backend_service_cache_include_http_headers' primary_resource_id: 'default' vars: backend_service_name: 'backend-service' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_cache_include_named_cookies' + - name: 'backend_service_cache_include_named_cookies' primary_resource_id: 'default' vars: backend_service_name: 'backend-service' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_cache' + - name: 'backend_service_cache' primary_resource_id: 'default' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_cache_bypass_cache_on_request_headers' + - name: 'backend_service_cache_bypass_cache_on_request_headers' primary_resource_id: 'default' vars: backend_service_name: 'backend-service' http_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_traffic_director_round_robin' - min_version: beta + - name: 'backend_service_traffic_director_round_robin' primary_resource_id: 'default' + min_version: 'beta' vars: backend_service_name: 'backend-service' health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_traffic_director_ring_hash' - min_version: beta + - name: 'backend_service_traffic_director_ring_hash' primary_resource_id: 'default' + min_version: 'beta' vars: backend_service_name: 'backend-service' health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_network_endpoint' - min_version: beta + - name: 'backend_service_stateful_session_affinity' primary_resource_id: 'default' + min_version: 'beta' + vars: + backend_service_name: 'backend-service' + health_check_name: 'health-check' + - name: 'backend_service_network_endpoint' + primary_resource_id: 'default' + min_version: 'beta' vars: backend_service_name: 'backend-service' neg_name: 'network-endpoint' - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_external_managed' + - name: 'backend_service_external_managed' primary_resource_id: 'default' vars: backend_service_name: 'backend-service' health_check_name: 'health-check' -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: '/' - fetch_iam_policy_verb: :GET - min_version: beta - iam_conditions_request_type: :QUERY_PARAM - parent_resource_attribute: 'name' - allowed_iam_role: 'roles/compute.admin' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/backend_service.go.erb' - encoder: 'templates/terraform/encoders/backend_service.go.erb' - decoder: 'templates/terraform/decoders/backend_service.go.erb' - post_create: 'templates/terraform/post_create/compute_backend_service_security_policy.go.erb' - post_update: 'templates/terraform/post_create/compute_backend_service_security_policy.go.erb' -schema_version: 1 +parameters: properties: - - !ruby/object:Api::Type::Integer - name: 'affinityCookieTtlSec' + - name: 'affinityCookieTtlSec' + type: Integer description: | Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts @@ -140,22 +134,18 @@ properties: maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used. - - !ruby/object:Api::Type::Array - name: 'backend' - api_name: 'backends' - is_set: true - set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + - name: 'backend' + type: Array description: | The set of backends that serve this BackendService. - item_type: !ruby/object:Api::Type::NestedObject + api_name: backends + is_set: true + set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'balancingMode' - default_value: :UTILIZATION - values: - - :UTILIZATION - - :RATE - - :CONNECTION + - name: 'balancingMode' + type: Enum description: | Specifies the balancing mode for this backend. @@ -165,10 +155,13 @@ properties: See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) for an explanation of load balancing modes. - - !ruby/object:Api::Type::Double - name: 'capacityScaler' - send_empty_value: true - default_value: 1.0 + default_value: "UTILIZATION" + enum_values: + - 'UTILIZATION' + - 'RATE' + - 'CONNECTION' + - name: 'capacityScaler' + type: Double description: | A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). @@ -177,13 +170,15 @@ properties: of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. - - !ruby/object:Api::Type::String - name: 'description' + send_empty_value: true + default_value: 1.0 + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::String - name: 'group' + - name: 'group' + type: String description: | The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list @@ -203,11 +198,10 @@ properties: Group resource using the fully-qualified URL, rather than a partial URL. required: true - custom_flatten: templates/terraform/custom_flatten/guard_self_link.go.erb diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Integer - name: 'maxConnections' - default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/guard_self_link.go.tmpl' + - name: 'maxConnections' + type: Integer description: | The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. @@ -215,9 +209,9 @@ properties: For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set. - - !ruby/object:Api::Type::Integer - name: 'maxConnectionsPerInstance' default_from_api: true + - name: 'maxConnectionsPerInstance' + type: Integer description: | The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the @@ -226,9 +220,9 @@ properties: For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set. - - !ruby/object:Api::Type::Integer - name: 'maxConnectionsPerEndpoint' default_from_api: true + - name: 'maxConnectionsPerEndpoint' + type: Integer description: | The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the @@ -237,9 +231,9 @@ properties: For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set. - - !ruby/object:Api::Type::Integer - name: 'maxRate' default_from_api: true + - name: 'maxRate' + type: Integer description: | The max requests per second (RPS) of the group. @@ -247,135 +241,136 @@ properties: but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set. - - !ruby/object:Api::Type::Double - name: 'maxRatePerInstance' default_from_api: true + - name: 'maxRatePerInstance' + type: Double description: | The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set. - - !ruby/object:Api::Type::Double - name: 'maxRatePerEndpoint' default_from_api: true + - name: 'maxRatePerEndpoint' + type: Double description: | The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set. - - !ruby/object:Api::Type::Double - name: 'maxUtilization' default_from_api: true + - name: 'maxUtilization' + type: Double description: | Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0]. - - !ruby/object:Api::Type::NestedObject - name: 'circuitBreakers' + default_from_api: true + - name: 'circuitBreakers' + type: NestedObject description: | Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. properties: - - !ruby/object:Api::Type::NestedObject - name: 'connectTimeout' - min_version: beta - at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - name: 'connectTimeout' + type: NestedObject description: | The timeout for new network connections to hosts. + min_version: 'beta' + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Integer - name: 'maxRequestsPerConnection' - at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - name: 'maxRequestsPerConnection' + type: Integer description: | Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. - - !ruby/object:Api::Type::Integer - name: 'maxConnections' - default_value: 1024 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + - name: 'maxConnections' + type: Integer description: | The maximum number of connections to the backend cluster. Defaults to 1024. - - !ruby/object:Api::Type::Integer - name: 'maxPendingRequests' - default_value: 1024 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxPendingRequests' + type: Integer description: | The maximum number of pending requests to the backend cluster. Defaults to 1024. - - !ruby/object:Api::Type::Integer - name: 'maxRequests' - default_value: 1024 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRequests' + type: Integer description: | The maximum number of parallel requests to the backend cluster. Defaults to 1024. - - !ruby/object:Api::Type::Integer - name: 'maxRetries' - default_value: 3 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRetries' + type: Integer description: | The maximum number of parallel retries to the backend cluster. Defaults to 3. - - !ruby/object:Api::Type::Enum - name: 'compressionMode' + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 3 + - name: 'compressionMode' + type: Enum description: | Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. - values: - - :AUTOMATIC - - :DISABLED - - !ruby/object:Api::Type::NestedObject - name: 'consistentHash' + enum_values: + - 'AUTOMATIC' + - 'DISABLED' + - name: 'consistentHash' + type: NestedObject description: | Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing @@ -386,72 +381,67 @@ properties: INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. properties: - - !ruby/object:Api::Type::NestedObject - name: 'httpCookie' - at_least_one_of: - - consistent_hash.0.http_cookie - - consistent_hash.0.http_header_name - - consistent_hash.0.minimum_ring_size + - name: 'httpCookie' + type: NestedObject description: | Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' properties: - - !ruby/object:Api::Type::NestedObject - name: 'ttl' - at_least_one_of: - - consistent_hash.0.http_cookie.0.ttl - - consistent_hash.0.http_cookie.0.name - - consistent_hash.0.http_cookie.0.path + - name: 'ttl' + type: NestedObject description: | Lifetime of the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'name' - at_least_one_of: - - consistent_hash.0.http_cookie.0.ttl - - consistent_hash.0.http_cookie.0.name - - consistent_hash.0.http_cookie.0.path + - name: 'name' + type: String description: | Name of the cookie. - - !ruby/object:Api::Type::String - name: 'path' at_least_one_of: - - consistent_hash.0.http_cookie.0.ttl - - consistent_hash.0.http_cookie.0.name - - consistent_hash.0.http_cookie.0.path + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'path' + type: String description: | Path to set for the cookie. - - !ruby/object:Api::Type::String - name: 'httpHeaderName' - at_least_one_of: - - consistent_hash.0.http_cookie - - consistent_hash.0.http_header_name - - consistent_hash.0.minimum_ring_size + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'httpHeaderName' + type: String description: | The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD. - - !ruby/object:Api::Type::Integer - name: 'minimumRingSize' - default_value: 1024 at_least_one_of: - - consistent_hash.0.http_cookie - - consistent_hash.0.http_header_name - - consistent_hash.0.minimum_ring_size + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + - name: 'minimumRingSize' + type: Integer description: | The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load @@ -459,55 +449,51 @@ properties: is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024. - - !ruby/object:Api::Type::NestedObject - name: 'cdnPolicy' + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + default_value: 1024 + - name: 'cdnPolicy' + type: NestedObject description: 'Cloud CDN configuration for this BackendService.' default_from_api: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'cacheKeyPolicy' + - name: 'cacheKeyPolicy' + type: NestedObject description: 'The CacheKeyPolicy for this CdnPolicy.' at_least_one_of: - - cdn_policy.0.cache_key_policy - - cdn_policy.0.signed_url_cache_max_age_sec + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' properties: - - !ruby/object:Api::Type::Boolean - name: 'includeHost' - send_empty_value: true - at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - name: 'includeHost' + type: Boolean description: | If true requests to different hosts will be cached separately. - - !ruby/object:Api::Type::Boolean - name: 'includeProtocol' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeProtocol' + type: Boolean description: | If true, http and https requests will be cached separately. - - !ruby/object:Api::Type::Boolean - name: 'includeQueryString' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeQueryString' + type: Boolean description: | If true, include query string parameters in the cache key according to query_string_whitelist and @@ -516,17 +502,17 @@ properties: If false, the query string will be excluded from the cache key entirely. - - !ruby/object:Api::Type::Array - name: 'queryStringBlacklist' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'queryStringBlacklist' + type: Array description: | Names of query string parameters to exclude in cache keys. @@ -535,18 +521,19 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array send_empty_value: true - name: 'queryStringWhitelist' at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'queryStringWhitelist' + type: Array description: | Names of query string parameters to include in cache keys. @@ -555,42 +542,50 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'includeHttpHeaders' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'includeHttpHeaders' + type: Array description: | Allows HTTP request headers (by name) to be used in the cache key. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'includeNamedCookies' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_http_headers - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'includeNamedCookies' + type: Array description: | Names of cookies to include in cache keys. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'signedUrlCacheMaxAgeSec' - default_value: 3600 - at_least_one_of: - - cdn_policy.0.cache_key_policy - - cdn_policy.0.signed_url_cache_max_age_sec + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_http_headers' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'signedUrlCacheMaxAgeSec' + type: Integer description: | Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this @@ -602,124 +597,130 @@ properties: "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. - - !ruby/object:Api::Type::Integer - name: 'defaultTtl' + at_least_one_of: + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' + default_value: 3600 + - name: 'defaultTtl' + type: Integer description: | Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxTtl' + - name: 'maxTtl' + type: Integer description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'clientTtl' + - name: 'clientTtl' + type: Integer description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'negativeCaching' - send_empty_value: true + - name: 'negativeCaching' + type: Boolean description: | Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'negativeCachingPolicy' + send_empty_value: true + - name: 'negativeCachingPolicy' + type: Array description: | Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'code' + - name: 'code' + type: Integer description: | The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once. - - !ruby/object:Api::Type::Integer - name: 'ttl' + - name: 'ttl' + type: Integer description: | The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. send_empty_value: true - - !ruby/object:Api::Type::Enum - name: 'cacheMode' + - name: 'cacheMode' + type: Enum description: | Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC - values: - - :USE_ORIGIN_HEADERS - - :FORCE_CACHE_ALL - - :CACHE_ALL_STATIC default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'serveWhileStale' - send_empty_value: true + enum_values: + - 'USE_ORIGIN_HEADERS' + - 'FORCE_CACHE_ALL' + - 'CACHE_ALL_STATIC' + - name: 'serveWhileStale' + type: Integer description: | Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'bypassCacheOnRequestHeaders' + send_empty_value: true + - name: 'bypassCacheOnRequestHeaders' + type: Array description: | Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The header field name to match on when bypassing cache. Values are case-insensitive. - - !ruby/object:Api::Type::NestedObject - name: 'connectionDraining' + required: true + - name: 'connectionDraining' + type: NestedObject description: | Settings for connection draining flatten_object: true properties: - - !ruby/object:Api::Type::Integer - name: 'connection_draining_timeout_sec' - api_name: 'drainingTimeoutSec' - default_value: 300 + - name: 'connection_draining_timeout_sec' + type: Integer description: | Time for which instance will be drained (not accept new connections, but still work to finish started). - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + api_name: drainingTimeoutSec + default_value: 300 + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::Array - name: 'customRequestHeaders' + - name: 'customRequestHeaders' + type: Array description: | Headers that the HTTP/S load balancer should add to proxied requests. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'customResponseHeaders' + item_type: + type: String + - name: 'customResponseHeaders' + type: Array description: | Headers that the HTTP/S load balancer should add to proxied responses. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' - output: true + item_type: + type: String + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::Boolean - name: 'enableCDN' + - name: 'enableCDN' + type: Boolean description: | If true, enable Cloud CDN for this BackendService. - - !ruby/object:Api::Type::Array - name: 'healthChecks' - min_size: 1 - max_size: 1 + - name: 'healthChecks' + type: Array description: | The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health @@ -731,68 +732,64 @@ properties: For internal load balancing, a URL to a HealthCheck resource must be specified instead. is_set: true set_hash_func: 'tpgresource.SelfLinkRelativePathHash' - custom_flatten: templates/terraform/custom_flatten/guard_self_link_array.go.erb - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'generated_id' - api_name: 'id' + custom_flatten: 'templates/terraform/custom_flatten/guard_self_link_array.go.tmpl' + item_type: + type: String + min_size: 1 + max_size: 1 + - name: 'generated_id' + type: Integer description: 'The unique identifier for the resource. This identifier is defined by the server.' + api_name: id output: true - - !ruby/object:Api::Type::NestedObject - name: 'iap' + - name: 'iap' + type: NestedObject description: Settings for enabling Cloud Identity Aware Proxy + default_from_api: true send_empty_value: true properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' - required: true + - name: 'enabled' + type: Boolean description: Whether the serving infrastructure will authenticate and authorize all incoming requests. - - !ruby/object:Api::Type::String - name: 'oauth2ClientId' + required: true + - name: 'oauth2ClientId' + type: String description: | OAuth2 Client ID for IAP - - !ruby/object:Api::Type::String - name: 'oauth2ClientSecret' + - name: 'oauth2ClientSecret' + type: String description: | OAuth2 Client Secret for IAP - send_empty_value: true ignore_read: true sensitive: true - - !ruby/object:Api::Type::String - name: 'oauth2ClientSecretSha256' - output: true + send_empty_value: true + - name: 'oauth2ClientSecretSha256' + type: String description: | OAuth2 Client Secret SHA-256 for IAP sensitive: true - - !ruby/object:Api::Type::Enum - name: 'loadBalancingScheme' - immutable: true + output: true + - name: 'loadBalancingScheme' + type: Enum description: | Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). - default_value: :EXTERNAL + immutable: true + default_value: "EXTERNAL" # If you're modifying this value, it probably means Global ILB is now # an option. If that's the case, all of the documentation is based on # this resource supporting external load balancing only. - values: - - :EXTERNAL - - :INTERNAL_SELF_MANAGED - - :INTERNAL_MANAGED - - :EXTERNAL_MANAGED - - !ruby/object:Api::Type::Enum - name: 'localityLbPolicy' - values: - - :ROUND_ROBIN - - :LEAST_REQUEST - - :RING_HASH - - :RANDOM - - :ORIGINAL_DESTINATION - - :MAGLEV - - :WEIGHTED_MAGLEV + enum_values: + - 'EXTERNAL' + - 'INTERNAL_SELF_MANAGED' + - 'INTERNAL_MANAGED' + - 'EXTERNAL_MANAGED' + - name: 'localityLbPolicy' + type: Enum description: | The load balancing algorithm used within the scope of the locality. The possible values are: @@ -822,7 +819,8 @@ properties: Maglev, refer to https://ai.google/research/pubs/pub44824 * `WEIGHTED_MAGLEV`: Per-instance weighted Load Balancing via health check - reported weights. If set, the Backend Service must + reported weights. Only applicable to loadBalancingScheme + EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field @@ -834,7 +832,7 @@ properties: UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. - This field is applicable to either: + locality_lb_policy is applicable to either: * A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED. @@ -843,14 +841,22 @@ properties: Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. - If session_affinity is not NONE, and this field is not set to MAGLEV, WEIGHTED_MAGLEV, + If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. - - !ruby/object:Api::Type::Array - name: 'localityLbPolicies' + enum_values: + - 'ROUND_ROBIN' + - 'LEAST_REQUEST' + - 'RING_HASH' + - 'RANDOM' + - 'ORIGINAL_DESTINATION' + - 'MAGLEV' + - 'WEIGHTED_MAGLEV' + - name: 'localityLbPolicies' + type: Array description: | A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. @@ -859,30 +865,22 @@ properties: localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. - item_type: !ruby/object:Api::Type::NestedObject - name: 'localityLbPolicyConfig' + item_type: description: | Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user. + type: NestedObject properties: - - !ruby/object:Api::Type::NestedObject - name: 'policy' - exactly_one_of: - - policy - - customPolicy + - name: 'policy' + type: NestedObject description: | The configuration for a built-in load balancing policy. + exactly_one_of: + - 'policy' + - 'customPolicy' properties: - - !ruby/object:Api::Type::Enum - name: 'name' - required: true - values: - - :ROUND_ROBIN - - :LEAST_REQUEST - - :RING_HASH - - :RANDOM - - :ORIGINAL_DESTINATION - - :MAGLEV + - name: 'name' + type: Enum description: | The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, @@ -919,18 +917,25 @@ properties: Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 - - !ruby/object:Api::Type::NestedObject - name: 'customPolicy' - exactly_one_of: - - policy - - customPolicy + required: true + enum_values: + - 'ROUND_ROBIN' + - 'LEAST_REQUEST' + - 'RING_HASH' + - 'RANDOM' + - 'ORIGINAL_DESTINATION' + - 'MAGLEV' + - name: 'customPolicy' + type: NestedObject description: | The configuration for a custom policy implemented by the user and deployed with the client. + exactly_one_of: + - 'policy' + - 'customPolicy' properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Identifies the custom policy. @@ -941,15 +946,14 @@ properties: Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected. - - !ruby/object:Api::Type::String - name: 'data' + required: true + - name: 'data' + type: String description: | An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation. - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -958,234 +962,224 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::NestedObject - name: 'outlierDetection' + required: true + immutable: true + - name: 'outlierDetection' + type: NestedObject description: | Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. properties: - - !ruby/object:Api::Type::NestedObject - name: 'baseEjectionTime' - at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - name: 'baseEjectionTime' + type: NestedObject description: | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Integer - name: 'consecutiveErrors' - at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - name: 'consecutiveErrors' + type: Integer description: | Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5. - - !ruby/object:Api::Type::Integer - name: 'consecutiveGatewayFailure' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'consecutiveGatewayFailure' + type: Integer description: | The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5. - - !ruby/object:Api::Type::Integer - name: 'enforcingConsecutiveErrors' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveErrors' + type: Integer description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. - - !ruby/object:Api::Type::Integer - name: 'enforcingConsecutiveGatewayFailure' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveGatewayFailure' + type: Integer description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0. - - !ruby/object:Api::Type::Integer - name: 'enforcingSuccessRate' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingSuccessRate' + type: Integer description: | The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. - - !ruby/object:Api::Type::NestedObject - name: 'interval' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'interval' + type: NestedObject description: | Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Integer - name: 'maxEjectionPercent' - at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - name: 'maxEjectionPercent' + type: Integer description: | Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%. - - !ruby/object:Api::Type::Integer - name: 'successRateMinimumHosts' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateMinimumHosts' + type: Integer description: | The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5. - - !ruby/object:Api::Type::Integer - name: 'successRateRequestVolume' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateRequestVolume' + type: Integer description: | The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100. - - !ruby/object:Api::Type::Integer - name: 'successRateStdevFactor' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateStdevFactor' + type: Integer description: | This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success @@ -1193,144 +1187,201 @@ properties: success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' # 'port' is deprecated - - !ruby/object:Api::Type::String - name: 'portName' + - name: 'portName' + type: String description: | Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'protocol' + - name: 'protocol' + type: Enum description: | The protocol this BackendService uses to communicate with backends. The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. **NOTE**: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. - values: - - :HTTP - - :HTTPS - - :HTTP2 - - :TCP - - :SSL - - :GRPC - - :UNSPECIFIED # TODO: make a ResourceRef to Security Policy default_from_api: true - - !ruby/object:Api::Type::String - name: 'securityPolicy' + enum_values: + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - 'TCP' + - 'SSL' + - 'GRPC' + - 'UNSPECIFIED' + - name: 'securityPolicy' + type: String description: | The security policy associated with this backend service. diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: 'edgeSecurityPolicy' + - name: 'edgeSecurityPolicy' + type: String description: | The resource URL for the edge security policy associated with this backend service. diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::NestedObject - name: 'securitySettings' + - name: 'securitySettings' + type: NestedObject description: | The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. properties: - - !ruby/object:Api::Type::ResourceRef - name: 'clientTlsPolicy' - resource: 'ClientTlsPolicy' - imports: 'name' + - name: 'clientTlsPolicy' + type: ResourceRef description: | ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource. diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - !ruby/object:Api::Type::Array - name: 'subjectAltNames' + resource: 'ClientTlsPolicy' + imports: 'name' + - name: 'subjectAltNames' + type: Array description: | A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'awsV4Authentication' + item_type: + type: String + - name: 'awsV4Authentication' + type: NestedObject description: | The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. properties: - - !ruby/object:Api::Type::String - name: 'accessKeyId' + - name: 'accessKeyId' + type: String description: | The identifier of an access key used for s3 bucket authentication. - - !ruby/object:Api::Type::String - name: 'accessKey' - ignore_read: true - sensitive: true - send_empty_value: true + - name: 'accessKey' + type: String description: | The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. - - !ruby/object:Api::Type::String - name: 'accessKeyVersion' + ignore_read: true + sensitive: true + send_empty_value: true + - name: 'accessKeyVersion' + type: String description: | The optional version identifier for the access key. You can use this to keep track of different iterations of your access key. - - !ruby/object:Api::Type::String - name: 'originRegion' + - name: 'originRegion' + type: String description: | The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI. - - !ruby/object:Api::Type::Enum - name: 'sessionAffinity' + - name: 'sessionAffinity' + type: Enum description: | Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. - values: - - :NONE - - :CLIENT_IP - - :CLIENT_IP_PORT_PROTO - - :CLIENT_IP_PROTO - - :GENERATED_COOKIE - - :HEADER_FIELD - - :HTTP_COOKIE default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'timeoutSec' + enum_values: + - 'NONE' + - 'CLIENT_IP' + - 'CLIENT_IP_PORT_PROTO' + - 'CLIENT_IP_PROTO' + - 'GENERATED_COOKIE' + - 'HEADER_FIELD' + - 'HTTP_COOKIE' + - 'STRONG_COOKIE_AFFINITY' + - name: 'strongSessionAffinityCookie' + type: NestedObject + description: | + Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. + properties: + - name: 'ttl' + type: NestedObject + description: | + Lifetime of the cookie. + at_least_one_of: + - 'strong_session_affinity_cookie.0.ttl' + - 'strong_session_affinity_cookie.0.name' + - 'strong_session_affinity_cookie.0.path' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond + resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must + be from 0 to 999,999,999 inclusive. + - name: 'name' + type: String + description: | + Name of the cookie. + at_least_one_of: + - 'strong_session_affinity_cookie.0.ttl' + - 'strong_session_affinity_cookie.0.name' + - 'strong_session_affinity_cookie.0.path' + - name: 'path' + type: String + description: | + Path to set for the cookie. + at_least_one_of: + - 'strong_session_affinity_cookie.0.ttl' + - 'strong_session_affinity_cookie.0.name' + - 'strong_session_affinity_cookie.0.path' + - name: 'timeoutSec' + type: Integer description: | The backend service timeout has a different meaning depending on the type of load balancer. For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'logConfig' + - name: 'logConfig' + type: NestedObject description: | This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. default_from_api: true properties: - - !ruby/object:Api::Type::Boolean - name: 'enable' - at_least_one_of: - - log_config.0.enable - - log_config.0.sample_rate + - name: 'enable' + type: Boolean description: | Whether to enable logging for the load balancer traffic served by this backend service. send_empty_value: true - - !ruby/object:Api::Type::Double - name: 'sampleRate' at_least_one_of: - - log_config.0.enable - - log_config.0.sample_rate + - 'log_config.0.enable' + - 'log_config.0.sample_rate' + - name: 'sampleRate' + type: Double description: | This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0. - default_value: 1.0 + at_least_one_of: + - 'log_config.0.enable' + - 'log_config.0.sample_rate' diff_suppress_func: 'suppressWhenDisabled' - - !ruby/object:Api::Type::String - name: 'serviceLbPolicy' + default_value: 1.0 + - name: 'serviceLbPolicy' + type: String description: | URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global. diff --git a/mmv1/products/compute/BackendServiceSignedUrlKey.yaml b/mmv1/products/compute/BackendServiceSignedUrlKey.yaml index eb79f2b52027..b19dc02e4b55 100644 --- a/mmv1/products/compute/BackendServiceSignedUrlKey.yaml +++ b/mmv1/products/compute/BackendServiceSignedUrlKey.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,87 +11,88 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'BackendServiceSignedUrlKey' kind: 'compute#BackendServiceSignedUrlKey' -immutable: true -base_url: projects/{{project}}/global/backendServices/{{backend_service}} -create_url: projects/{{project}}/global/backendServices/{{backend_service}}/addSignedUrlKey -create_verb: :POST -delete_url: projects/{{project}}/global/backendServices/{{backend_service}}/deleteSignedUrlKey?keyName={{name}} -delete_verb: :POST -self_link: projects/{{project}}/global/backendServices/{{backend_service}} -identity: - - name -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - cdnPolicy - - signedUrlKeyNames - is_list_of_ids: true description: | A key for signing Cloud CDN signed URLs for Backend Services. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendServices' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/backendServices/{{backend_service}}' +self_link: 'projects/{{project}}/global/backendServices/{{backend_service}}' +create_url: 'projects/{{project}}/global/backendServices/{{backend_service}}/addSignedUrlKey' +delete_url: 'projects/{{project}}/global/backendServices/{{backend_service}}/deleteSignedUrlKey?keyName={{name}}' +delete_verb: 'POST' +immutable: true +mutex: 'signedUrlKey/{{project}}/backendServices/{{backend_service}}/' +exclude_import: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -exclude_import: true +identity: + - name +nested_query: + keys: + - cdnPolicy + - signedUrlKeyNames + is_list_of_ids: true + modify_by_patch: false +custom_code: exclude_tgc: true -mutex: signedUrlKey/{{project}}/backendServices/{{backend_service}}/ examples: - - !ruby/object:Provider::Terraform::Examples - name: 'backend_service_signed_url_key' - external_providers: ["random", "time"] + - name: 'backend_service_signed_url_key' primary_resource_id: 'backend_key' vars: key_name: 'test-key' backend_name: 'my-backend-service' igm_name: 'my-webservers' - skip_test: true + external_providers: ["random", "time"] + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'BackendService' - imports: 'name' + - name: 'backendService' + type: ResourceRef description: | The backend service this signed URL key belongs. required: true immutable: true ignore_read: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'BackendService' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' - api_name: 'keyName' + - name: 'name' + type: String description: | Name of the signed URL key. + api_name: keyName required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - - !ruby/object:Api::Type::String - name: 'keyValue' + - name: 'keyValue' + type: String description: | 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. required: true immutable: true - sensitive: true ignore_read: true + sensitive: true diff --git a/mmv1/products/compute/Disk.yaml b/mmv1/products/compute/Disk.yaml index 9092f921ad3a..1e2e8ba7b787 100644 --- a/mmv1/products/compute/Disk.yaml +++ b/mmv1/products/compute/Disk.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Disk' kind: 'compute#disk' -immutable: true -base_url: projects/{{project}}/zones/{{zone}}/disks -collection_url_key: 'items' -has_self_link: true description: | Persistent disks are durable storage devices that function similarly to the physical disks in a desktop or a server. Compute Engine manages the @@ -34,117 +30,112 @@ description: | Add a persistent disk to your instance when you need reliable and affordable storage with consistent performance characteristics. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Adding a persistent disk': 'https://cloud.google.com/compute/docs/disks/add-persistent-disk' api: 'https://cloud.google.com/compute/docs/reference/v1/disks' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/disks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: templates/terraform/pre_delete/detach_disk.erb - constants: templates/terraform/constants/disk.erb - encoder: templates/terraform/encoders/disk.erb - decoder: templates/terraform/decoders/disk.erb - update_encoder: templates/terraform/update_encoder/hyper_disk.go.erb -custom_diff: [ - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)', - 'hyperDiskIopsUpdateDiffSupress', -] +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' + - '{{name}}' +custom_code: + constants: 'templates/terraform/constants/disk.tmpl' + encoder: 'templates/terraform/encoders/disk.tmpl' + update_encoder: 'templates/terraform/update_encoder/hyper_disk.go.tmpl' + decoder: 'templates/terraform/decoders/disk.tmpl' + pre_delete: 'templates/terraform/pre_delete/detach_disk.tmpl' +custom_diff: + - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)' + - 'hyperDiskIopsUpdateDiffSupress' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'disk_basic' + - name: 'disk_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-test-disk%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' vars: disk_name: 'test-disk' - - !ruby/object:Provider::Terraform::Examples - name: 'disk_async' + - name: 'disk_async' primary_resource_id: 'primary' - primary_resource_name: "fmt.Sprintf(\"tf-test-test-disk%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' vars: disk_name: 'async-test-disk' secondary_disk_name: 'async-secondary-test-disk' - - !ruby/object:Provider::Terraform::Examples - name: 'disk_features' + - name: 'disk_features' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-test-disk%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' vars: disk_name: 'test-disk-features' -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: '/' - fetch_iam_policy_verb: :GET - parent_resource_attribute: 'name' - import_format: - ['projects/{{project}}/zones/{{zone}}/disks/{{name}}', '{{name}}'] - base_url: projects/{{project}}/zones/{{zone}}/disks/{{name}} parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the disk resides.' required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'sourceImageEncryptionKey' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' + - name: 'sourceImageEncryptionKey' + type: NestedObject description: | The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. - - !ruby/object:Api::Type::String - name: 'sha256' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - !ruby/object:Api::Type::String - name: 'kmsKeySelfLink' - api_name: 'kmsKeyName' + - name: 'kmsKeySelfLink' + type: String description: | The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys + api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + - name: 'kmsKeyServiceAccount' + type: String description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. - immutable: true - - !ruby/object:Api::Type::String - name: 'sourceImageId' + - name: 'sourceImageId' + type: String description: | The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent @@ -152,8 +143,8 @@ parameters: that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used. output: true - - !ruby/object:Api::Type::NestedObject - name: 'diskEncryptionKey' + - name: 'diskEncryptionKey' + type: NestedObject description: | Encrypts the disk using a customer-supplied encryption key. @@ -167,48 +158,44 @@ parameters: If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. sensitive: true - - !ruby/object:Api::Type::String - name: 'rsaEncryptedKey' + - name: 'rsaEncryptedKey' + type: String description: | Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. sensitive: true - - !ruby/object:Api::Type::String - name: 'sha256' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true - # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - !ruby/object:Api::Type::String - name: 'kmsKeySelfLink' - api_name: 'kmsKeyName' + - name: 'kmsKeySelfLink' + type: String description: | The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys + api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + - name: 'kmsKeyServiceAccount' + type: String description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. - immutable: true - - !ruby/object:Api::Type::ResourceRef - name: 'snapshot' - api_name: 'sourceSnapshot' - resource: 'Snapshot' - imports: 'selfLink' + - name: 'snapshot' + type: ResourceRef description: | The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another @@ -219,44 +206,47 @@ parameters: * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` * `snapshot` - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'sourceSnapshotEncryptionKey' + api_name: sourceSnapshot + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Snapshot' + imports: 'selfLink' + - name: 'sourceSnapshotEncryptionKey' + type: NestedObject description: | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - !ruby/object:Api::Type::String - name: 'kmsKeySelfLink' - api_name: 'kmsKeyName' + - name: 'kmsKeySelfLink' + type: String description: | The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys + api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::String - name: 'sha256' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + - name: 'kmsKeyServiceAccount' + type: String description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. - immutable: true - - !ruby/object:Api::Type::String - name: 'sourceSnapshotId' + - name: 'sourceSnapshotId' + type: String description: | The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent @@ -266,38 +256,40 @@ parameters: used. output: true properties: - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + update_verb: 'POST' + key_expander: '' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Time - name: 'lastAttachTimestamp' + - name: 'lastAttachTimestamp' + type: Time description: 'Last attach timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Time - name: 'lastDetachTimestamp' + - name: 'lastDetachTimestamp' + type: Time description: 'Last detach timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this disk. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' - - !ruby/object:Api::Type::String - name: 'name' + update_verb: 'POST' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -306,12 +298,10 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Integer - name: 'size' - api_name: sizeGb - default_from_api: true + immutable: true + - name: 'size' + type: Integer description: | Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the `image` or @@ -326,22 +316,25 @@ properties: if upsizing is detected but recreates the disk if downsizing is requested. You can add `lifecycle.prevent_destroy` in the config to prevent destroying and recreating. - update_verb: :POST + api_name: sizeGb + default_from_api: true update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/resize' - - !ruby/object:Api::Type::Array - name: 'users' + update_verb: 'POST' + - name: 'users' + type: Array description: | Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance - item_type: !ruby/object:Api::Type::ResourceRef + output: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'user' + type: ResourceRef + description: 'A reference to a user of this disk' resource: 'Instance' imports: 'selfLink' - description: 'A reference to a user of this disk' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - output: true - - !ruby/object:Api::Type::Integer - name: 'physicalBlockSizeBytes' + - name: 'physicalBlockSizeBytes' + type: Integer description: | Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes @@ -349,22 +342,19 @@ properties: If an unsupported value is requested, the error message will list the supported values for the caller's project. default_from_api: true - - !ruby/object:Api::Type::String - name: 'interface' + - name: 'interface' + type: String + description: | + Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. min_version: 'beta' # interface is removed using url_param_only to preserve schema definition # and prevent sending or reading in API requests url_param_only: true - default_value: 'SCSI' - deprecation_message: >- - `interface` is deprecated and will be removed in a future major release. - This field is no longer used and can be safely removed from your configurations; - disk interfaces are automatically determined on attachment. - description: | - Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. - diff_suppress_func: AlwaysDiffSuppress - - !ruby/object:Api::Type::String - name: 'sourceDisk' + diff_suppress_func: 'AlwaysDiffSuppress' + default_value: "SCSI" + deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' + - name: 'sourceDisk' + type: String description: | The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: @@ -376,34 +366,32 @@ properties: * zones/{zone}/disks/{disk} * regions/{region}/disks/{disk} diff_suppress_func: 'sourceDiskDiffSupress' - - !ruby/object:Api::Type::String - name: 'sourceDiskId' + - name: 'sourceDiskId' + type: String description: | The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name. output: true - - !ruby/object:Api::Type::String - name: 'DiskId' + - name: 'DiskId' + type: String description: | The unique identifier for the resource. This identifier is defined by the server. - output: true api_name: id - - !ruby/object:Api::Type::ResourceRef - name: 'type' - resource: 'DiskType' - imports: 'selfLink' - diff_suppress_func: 'tpgresource.CompareResourceNames' + output: true + - name: 'type' + type: ResourceRef description: | URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - default_value: 'pd-standard' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'image' - api_name: 'sourceImage' - diff_suppress_func: 'DiskImageDiffSuppress' + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + default_value: "pd-standard" + resource: 'DiskType' + imports: 'selfLink' + - name: 'image' + type: String description: | The image from which to initialize this disk. This can be one of: the image's `self_link`, `projects/{project}/global/images/{image}`, @@ -414,10 +402,11 @@ properties: [google_compute_image data source](/docs/providers/google/d/compute_image.html). For instance, the image `centos-6-v20180104` includes its family name `centos-6`. These images can be referred by family name here. + api_name: sourceImage immutable: true - - !ruby/object:Api::Type::Array - name: 'resourcePolicies' - min_version: beta + diff_suppress_func: 'DiskImageDiffSuppress' + - name: 'resourcePolicies' + type: Array description: | Resource policies applied to this disk for automatic snapshot creations. @@ -426,101 +415,105 @@ properties: one at a time. Use [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) to allow for updating the resource policy attached to the disk. + min_version: 'beta' default_from_api: true - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'resourcePolicy' - resource: 'ResourcePolicy' - imports: 'selfLink' + type: ResourceRef description: 'A resource policy applied to this disk for automatic snapshot creations.' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: 'enableConfidentialCompute' + resource: 'ResourcePolicy' + imports: 'selfLink' + - name: 'enableConfidentialCompute' + type: Boolean description: | Whether this disk is using confidential compute mode. Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true required: false default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'multiWriter' + - name: 'multiWriter' + type: Boolean description: | Indicates whether or not the disk can be read/write attached to more than one instance. - min_version: beta - - !ruby/object:Api::Type::Integer - name: 'provisionedIops' + min_version: 'beta' + - name: 'provisionedIops' + type: Integer description: | Indicates how many IOPS must be provisioned for the disk. Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk allows for an update of IOPS every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it required: false default_from_api: true - update_verb: :PATCH update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedIops' - - !ruby/object:Api::Type::Integer - name: 'provisionedThroughput' + update_verb: 'PATCH' + - name: 'provisionedThroughput' + type: Integer description: | Indicates how much Throughput must be provisioned for the disk. Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk allows for an update of Throughput every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it default_from_api: true - update_verb: :PATCH update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedThroughput' - - !ruby/object:Api::Type::NestedObject - name: 'asyncPrimaryDisk' + update_verb: 'PATCH' + - name: 'asyncPrimaryDisk' + type: NestedObject + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' properties: - - !ruby/object:Api::Type::String - name: 'disk' + - name: 'disk' + type: String description: | Primary disk for asynchronous disk replication. required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Array - name: 'guestOsFeatures' + - name: 'guestOsFeatures' + type: Array description: | A list of features to enable on the guest operating system. Applicable only for bootable disks. - default_from_api: true is_set: true - item_type: !ruby/object:Api::Type::NestedObject + default_from_api: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'type' - required: true + - name: 'type' + type: String description: | The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - - !ruby/object:Api::Type::Array - name: 'licenses' + required: true + - name: 'licenses' + type: Array description: Any applicable license URI. - default_from_api: true immutable: true - item_type: !ruby/object:Api::Type::ResourceRef + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'license' + type: ResourceRef description: 'An applicable license URI' resource: 'License' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'storagePool' - required: false - immutable: true + - name: 'storagePool' + type: String description: | The URL of the storage pool in which the new disk is created. For example: * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} * /projects/{project}/zones/{zone}/storagePools/{storagePool} - diff_suppress_func: 'tpgresource.CompareResourceNames' - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: 'accessMode' required: false - immutable: false + immutable: true + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'accessMode' + type: String description: | The accessMode of the disk. For example: * READ_WRITE_SINGLE * READ_WRITE_MANY * READ_ONLY_SINGLE + required: false + immutable: false default_from_api: true - update_verb: :PATCH update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=accessMode' + update_verb: 'PATCH' diff --git a/mmv1/products/compute/DiskResourcePolicyAttachment.yaml b/mmv1/products/compute/DiskResourcePolicyAttachment.yaml index 60ef55f5988f..8f088c140896 100644 --- a/mmv1/products/compute/DiskResourcePolicyAttachment.yaml +++ b/mmv1/products/compute/DiskResourcePolicyAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,77 +11,77 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DiskResourcePolicyAttachment' -immutable: true -base_url: projects/{{project}}/zones/{{zone}}/disks/{{disk}} -create_verb: :POST -create_url: projects/{{project}}/zones/{{zone}}/disks/{{disk}}/addResourcePolicies -delete_verb: :POST -delete_url: projects/{{project}}/zones/{{zone}}/disks/{{disk}}/removeResourcePolicies -self_link: projects/{{project}}/zones/{{zone}}/disks/{{disk}} -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - resourcePolicies - is_list_of_ids: true -identity: - - name description: | Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation. ~> **Note:** This resource does not support regional disks (`google_compute_region_disk`). For regional disks, please refer to [`google_compute_region_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_disk_resource_policy_attachment) -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{zone}}/{{disk}}/{{name}}' +base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' +self_link: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' +create_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}/addResourcePolicies' +delete_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}/removeResourcePolicies' +delete_verb: 'POST' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +identity: + - name +nested_query: + keys: + - resourcePolicies + is_list_of_ids: true + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_disk_resource_policies_attachment.go.tmpl' + decoder: 'templates/terraform/decoders/compute_disk_resource_policies_attachment.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_disk_resource_policies_attachment.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'disk_resource_policy_attachment_basic' + - name: 'disk_resource_policy_attachment_basic' primary_resource_id: 'attachment' vars: disk_name: 'my-disk' policy_name: 'my-resource-policy' -id_format: '{{project}}/{{zone}}/{{disk}}/{{name}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/compute_disk_resource_policies_attachment.go.erb - decoder: templates/terraform/decoders/compute_disk_resource_policies_attachment.go.erb - pre_delete: templates/terraform/pre_delete/compute_disk_resource_policies_attachment.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'disk' - resource: 'Disk' - imports: 'name' + - name: 'disk' + type: ResourceRef description: | The name of the disk in which the resource policies are attached to. - required: true url_param_only: true - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' + required: true + resource: 'Disk' imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the disk resides.' - required: false url_param_only: true + required: false ignore_read: true default_from_api: true + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link. diff --git a/mmv1/products/compute/DiskType.yaml b/mmv1/products/compute/DiskType.yaml index ac1407bc5700..a9dfe0d19ab9 100644 --- a/mmv1/products/compute/DiskType.yaml +++ b/mmv1/products/compute/DiskType.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,11 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'DiskType' kind: 'compute#diskType' -base_url: projects/{{project}}/zones/{{zone}}/diskTypes -collection_url_key: 'items' # TODO(nelsonjr): Search all documentation for references of using URL (like # the description below) and replace with the proper reference to the # corresponding type. @@ -23,62 +21,70 @@ description: | Represents a DiskType resource. A DiskType resource represents the type of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a disk type, use the disk type's full or partial URL. +exclude: true # TODO(nelsonjr): Temporarily make DiskType virtual so no tests gets # triggered for create. Implement support for read only objects, and delete # the virtual tag # | readonly: true readonly: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/diskTypes' has_self_link: true -exclude: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the disk type resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Integer - name: 'defaultDiskSizeGb' + - name: 'defaultDiskSizeGb' + type: Integer description: 'Server-defined default disk size in GB.' output: true - - !ruby/object:Api::Type::NestedObject - name: 'deprecated' + - name: 'deprecated' + type: NestedObject description: 'The deprecation status associated with this disk type.' output: true properties: - - !ruby/object:Api::Type::Time - name: 'deleted' + - name: 'deleted' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DELETED. output: true - - !ruby/object:Api::Type::Time - name: 'deprecated' + - name: 'deprecated' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DEPRECATED. output: true - - !ruby/object:Api::Type::Time - name: 'obsolete' + - name: 'obsolete' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to OBSOLETE. output: true - - !ruby/object:Api::Type::String - name: 'replacement' + - name: 'replacement' + type: String description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true - - !ruby/object:Api::Type::Enum - name: 'state' + - name: 'state' + type: Enum description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a @@ -86,24 +92,24 @@ properties: indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. - values: - - :DEPRECATED - - :OBSOLETE - - :DELETED output: true - - !ruby/object:Api::Type::String - name: 'description' + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String description: 'An optional description of this resource.' output: true - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'The unique identifier for the resource.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the resource.' - - !ruby/object:Api::Type::String - name: 'validDiskSize' + - name: 'validDiskSize' + type: String description: | An optional textual description of the valid disk size, such as "10GB-10TB". diff --git a/mmv1/products/compute/ExternalVpnGateway.yaml b/mmv1/products/compute/ExternalVpnGateway.yaml index d14ebecb470e..5f5c69ef9546 100644 --- a/mmv1/products/compute/ExternalVpnGateway.yaml +++ b/mmv1/products/compute/ExternalVpnGateway.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,72 +11,75 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ExternalVpnGateway' kind: 'compute#externalVpnGateway' -base_url: projects/{{project}}/global/externalVpnGateways -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a VPN gateway managed outside of GCP. -references: !ruby/object:Api::Resource::ReferenceLinks - api: https://cloud.google.com/compute/docs/reference/rest/v1/externalVpnGateways -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/externalVpnGateways' +docs: +base_url: 'projects/{{project}}/global/externalVpnGateways' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'external_vpn_gateway' - primary_resource_id: - 'external_gateway' - # Multiple fine-grained resources - skip_vcr: true + - name: 'external_vpn_gateway' + primary_resource_id: 'external_gateway' vars: ha_vpn_gateway_name: 'ha-vpn' network_name: 'network-1' external_gateway_name: 'external-gateway' global_address_name: 'global-address' router_name: 'ha-vpn-router1' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - name: 'only_external_vpn_gateway_full' + # Multiple fine-grained resources + skip_vcr: true + - name: 'only_external_vpn_gateway_full' primary_resource_id: 'external_gateway' vars: external_gateway_name: 'external-gateway' + exclude_docs: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: 'Labels for the external VPN gateway resource.' - update_verb: :POST update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::String - name: 'name' + update_verb: 'POST' + key_expander: '' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -86,32 +89,33 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::Enum - name: 'redundancyType' + - name: 'redundancyType' + type: Enum description: | Indicates the redundancy type of this external VPN gateway - values: - - :FOUR_IPS_REDUNDANCY - - :SINGLE_IP_INTERNALLY_REDUNDANT - - :TWO_IPS_REDUNDANCY - - !ruby/object:Api::Type::Array - name: 'interface' - api_name: 'interfaces' + enum_values: + - 'FOUR_IPS_REDUNDANCY' + - 'SINGLE_IP_INTERNALLY_REDUNDANT' + - 'TWO_IPS_REDUNDANCY' + - name: 'interface' + type: Array description: | A list of interfaces on this external VPN gateway. - item_type: !ruby/object:Api::Type::NestedObject + api_name: interfaces + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'id' - send_empty_value: true + - name: 'id' + type: Integer description: | The numeric ID for this interface. Allowed values are based on the redundancy type of this external VPN gateway * `0 - SINGLE_IP_INTERNALLY_REDUNDANT` * `0, 1 - TWO_IPS_REDUNDANCY` * `0, 1, 2, 3 - FOUR_IPS_REDUNDANCY` - - !ruby/object:Api::Type::String - name: 'ipAddress' + send_empty_value: true + - name: 'ipAddress' + type: String description: | IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from diff --git a/mmv1/products/compute/Firewall.yaml b/mmv1/products/compute/Firewall.yaml index b71b7460c51d..c048c0a918e2 100644 --- a/mmv1/products/compute/Firewall.yaml +++ b/mmv1/products/compute/Firewall.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Firewall' kind: 'compute#firewall' -base_url: projects/{{project}}/global/firewalls -collection_url_key: 'items' -update_verb: :PATCH -has_self_link: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/vpc/docs/firewalls' - api: 'https://cloud.google.com/compute/docs/reference/v1/firewalls' description: | Each network has its own firewall controlling access to and from the instances. @@ -35,85 +27,91 @@ description: | outgoing traffic and a default "deny" for incoming traffic. For all networks except the default network, you must create any firewall rules you need. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Official Documentation': 'https://cloud.google.com/vpc/docs/firewalls' + api: 'https://cloud.google.com/compute/docs/reference/v1/firewalls' +docs: + optional_properties: | + * `enable_logging` - (Optional, Deprecated) This field denotes whether to enable logging for a particular firewall rule. + If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config` +base_url: 'projects/{{project}}/global/firewalls' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs - optional_properties: | - * `enable_logging` - (Optional, Deprecated) This field denotes whether to enable logging for a particular firewall rule. - If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config` +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/firewall.tmpl' + constants: 'templates/terraform/constants/firewall.tmpl' +custom_diff: + - 'resourceComputeFirewallEnableLoggingCustomizeDiff' + - 'resourceComputeFirewallSourceFieldsCustomizeDiff' +schema_version: 1 +migrate_state: 'resourceComputeFirewallMigrateState' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'firewall_basic' + - name: 'firewall_basic' primary_resource_id: 'default' vars: firewall_name: 'test-firewall' network_name: 'test-network' - - !ruby/object:Provider::Terraform::Examples - name: 'firewall_with_target_tags' + - name: 'firewall_with_target_tags' primary_resource_id: 'rules' vars: firewall_name: 'my-firewall-rule' test_env_vars: - project: :PROJECT_NAME -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/firewall.erb - extra_schema_entry: templates/terraform/extra_schema_entry/firewall.erb -custom_diff: [ - 'resourceComputeFirewallEnableLoggingCustomizeDiff', - 'resourceComputeFirewallSourceFieldsCustomizeDiff', -] -migrate_state: 'resourceComputeFirewallMigrateState' -schema_version: 1 + project: 'PROJECT_NAME' +parameters: properties: # TODO(nelsonjr): [nice to have] Make the format here simpler to use, in # the form of # 22/tcp, [12345-23456]/tcp. It requires a conversion # function to the # final JSON format expected by the API for this # proposal to work. - - !ruby/object:Api::Type::Array - name: 'allow' - api_name: 'allowed' - is_set: true - set_hash_func: 'resourceComputeFirewallRuleHash' + - name: 'allow' + type: Array description: | The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. + api_name: allowed + is_set: true exactly_one_of: - - allow - - deny - item_type: !ruby/object:Api::Type::NestedObject + - 'allow' + - 'deny' + set_hash_func: 'resourceComputeFirewallRuleHash' + item_type: + type: NestedObject properties: # IPProtocol has to be string, instead of Enum because user can # specify the protocol by number as well. - - !ruby/object:Api::Type::String - name: 'protocol' + - name: 'protocol' + type: String description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, sctp, ipip, all), or the IP protocol number. - api_name: 'IPProtocol' + api_name: IPProtocol required: true diff_suppress_func: 'tpgresource.CaseDiffSuppress' - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'ports' + - name: 'ports' + type: Array description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -122,38 +120,40 @@ properties: Example inputs include: [22], [80, 443], and ["12345-12349"]. - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + item_type: + type: String + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Array - name: 'deny' - api_name: 'denied' - is_set: true - set_hash_func: 'resourceComputeFirewallRuleHash' - exactly_one_of: - - allow - - deny + - name: 'deny' + type: Array description: | The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection. - item_type: !ruby/object:Api::Type::NestedObject + api_name: denied + is_set: true + exactly_one_of: + - 'allow' + - 'deny' + set_hash_func: 'resourceComputeFirewallRuleHash' + item_type: + type: NestedObject properties: # IPProtocol has to be string, instead of Enum because user can # specify the protocol by number as well. - - !ruby/object:Api::Type::String - name: 'protocol' + - name: 'protocol' + type: String description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, sctp, ipip, all), or the IP protocol number. - api_name: 'IPProtocol' - diff_suppress_func: 'tpgresource.CaseDiffSuppress' + api_name: IPProtocol required: true - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'ports' + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + - name: 'ports' + type: Array description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -162,62 +162,63 @@ properties: Example inputs include: [22], [80, 443], and ["12345-12349"]. - - !ruby/object:Api::Type::String - name: 'description' + item_type: + type: String + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. send_empty_value: true - - !ruby/object:Api::Type::Array - name: 'destinationRanges' + - name: 'destinationRanges' + type: Array description: | If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. IPv4 or IPv6 ranges are supported. is_set: true default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: 'direction' + item_type: + type: String + - name: 'direction' + type: Enum description: | Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, one of `source_ranges`, `source_tags` or `source_service_accounts` is required. - values: - - :INGRESS - - :EGRESS - default_from_api: true immutable: true - - !ruby/object:Api::Type::Boolean - name: 'disabled' + default_from_api: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'disabled' + type: Boolean description: | Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled. send_empty_value: true - - !ruby/object:Api::Type::NestedObject - name: 'logConfig' + - name: 'logConfig' + type: NestedObject description: | This field denotes the logging options for a particular firewall rule. If defined, logging is enabled, and logs will be exported to Cloud Logging. send_empty_value: true - custom_expand: 'templates/terraform/custom_expand/firewall_log_config.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/firewall_log_config.go.erb' diff_suppress_func: 'diffSuppressEnableLogging' + custom_flatten: 'templates/terraform/custom_flatten/firewall_log_config.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/firewall_log_config.go.tmpl' properties: - - !ruby/object:Api::Type::Enum - name: 'metadata' + - name: 'metadata' + type: Enum description: | This field denotes whether to include or exclude metadata for firewall logs. - values: - - :EXCLUDE_ALL_METADATA - - :INCLUDE_ALL_METADATA required: true - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + enum_values: + - 'EXCLUDE_ALL_METADATA' + - 'INCLUDE_ALL_METADATA' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -226,18 +227,20 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - validation: !ruby/object:Provider::Terraform::Validation - function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' required: true + immutable: true + validation: + function: 'verify.ValidateGCEName' + - name: 'network' + type: ResourceRef description: | The name or self_link of the network to attach this firewall to. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'priority' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'priority' + type: Integer description: | Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative @@ -245,12 +248,12 @@ properties: priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority. - default_value: 1000 send_empty_value: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.IntBetween(0, 65535)' - - !ruby/object:Api::Type::Array - name: 'sourceRanges' + default_value: 1000 + - name: 'sourceRanges' + type: Array description: | If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must @@ -263,9 +266,10 @@ properties: `source_ranges`, `source_tags` or `source_service_accounts` is required. is_set: true diff_suppress_func: 'diffSuppressSourceRanges' - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'sourceServiceAccounts' + item_type: + type: String + - name: 'sourceServiceAccounts' + type: Array description: | If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this @@ -279,14 +283,15 @@ properties: properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags. For INGRESS traffic, one of `source_ranges`, `source_tags` or `source_service_accounts` is required. - max_size: 10 + is_set: true conflicts: - source_tags - target_tags - is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'sourceTags' + item_type: + type: String + max_size: 10 + - name: 'sourceTags' + type: Array description: | If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags. Source @@ -298,13 +303,14 @@ properties: a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. For INGRESS traffic, one of `source_ranges`, `source_tags` or `source_service_accounts` is required. + is_set: true conflicts: - source_service_accounts - target_service_accounts - is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'targetServiceAccounts' + item_type: + type: String + - name: 'targetServiceAccounts' + type: Array description: | A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. @@ -312,21 +318,23 @@ properties: sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network. - max_size: 10 + is_set: true conflicts: - source_tags - target_tags - is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'targetTags' + item_type: + type: String + max_size: 10 + - name: 'targetTags' + type: Array description: | A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network. + is_set: true conflicts: - source_service_accounts - target_service_accounts - is_set: true - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/compute/FirewallPolicyWithRules.yaml b/mmv1/products/compute/FirewallPolicyWithRules.yaml new file mode 100644 index 000000000000..2af81138de81 --- /dev/null +++ b/mmv1/products/compute/FirewallPolicyWithRules.yaml @@ -0,0 +1,548 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'FirewallPolicyWithRules' +description: | + The Compute FirewallPolicy with rules resource. It declaratively manges all + rules in the firewall policy. +min_version: 'beta' +docs: +id_format: 'locations/global/firewallPolicies/{{policy_id}}' +base_url: 'locations/global/firewallPolicies?parentId={{parent}}' +self_link: 'locations/global/firewallPolicies/{{policy_id}}' +create_url: 'locations/global/firewallPolicies?parentId={{parent}}' +update_verb: 'PATCH' +import_format: + - 'locations/global/firewallPolicies/{{policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/resource_compute_firewall_policy_with_rules.go.tmpl' + encoder: 'templates/terraform/encoders/resource_compute_firewall_policy_with_rules.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/resource_compute_firewall_policy_with_rules.go.tmpl' + decoder: 'templates/terraform/decoders/resource_compute_firewall_policy_with_rules.go.tmpl' + post_create: 'templates/terraform/post_create/resource_compute_firewall_policy_with_rules.go.tmpl' + post_delete: 'templates/terraform/post_delete/resource_compute_firewall_policy_with_rules.go.tmpl' + post_update: 'templates/terraform/post_update/resource_compute_firewall_policy_with_rules.go.tmpl' +examples: + - name: 'compute_firewall_policy_with_rules_full' + primary_resource_id: 'firewall-policy-with-rules' + vars: + policy_name: 'tf-fw-org-policy-with-rules' + address_group_name: 'tf-address-group' + security_profile_group_name: 'tf-security-profile-group' + security_profile_name: 'tf-security-profile' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'parent' + type: String + description: | + The parent of this FirewallPolicy in the Cloud Resource Hierarchy. + Format: organizations/{organization_id} or folders/{folder_id} + min_version: 'beta' + required: true + immutable: true +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'shortName' + type: String + description: A textual name of the security policy. + min_version: 'beta' + required: true + immutable: true + - name: 'policyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'description' + type: String + description: An optional description of this resource. + min_version: 'beta' + - name: 'rule' + type: Array + description: A list of firewall policy rules. + api_name: rules + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + required: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + required: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + required: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + item_type: + type: String + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + required: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + - name: 'targetResources' + type: Array + description: | + A list of network resource URLs to which this rule applies. + This field allows you to control which network's VMs get + this rule. If this field is left blank, all VMs + within the organization will receive the rule. + min_version: 'beta' + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + - name: 'predefinedRules' + type: Array + description: A list of pre-define firewall policy rules. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + output: true + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + output: true + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + output: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + output: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + output: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + output: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + output: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + output: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + output: true + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + output: true + - name: 'targetResources' + type: Array + description: | + A list of network resource URLs to which this rule applies. + This field allows you to control which network's VMs get + this rule. If this field is left blank, all VMs + within the organization will receive the rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + min_version: 'beta' + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + min_version: 'beta' + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/ForwardingRule.yaml b/mmv1/products/compute/ForwardingRule.yaml index 798d15d68a6f..5dfc75b43ed6 100644 --- a/mmv1/products/compute/ForwardingRule.yaml +++ b/mmv1/products/compute/ForwardingRule.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,46 +11,53 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ForwardingRule' kind: 'compute#forwardingRule' -base_url: projects/{{project}}/regions/{{region}}/forwardingRules -collection_url_key: 'items' -has_self_link: true -# Has a separate endpoint for labels -skip_attribution_label: true description: | A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, portRange] tuple. -references: !ruby/object:Api::Resource::ReferenceLinks +# Has a separate endpoint for labels +exclude_attribution_label: true +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules' api: 'https://cloud.google.com/compute/docs/reference/v1/forwardingRules' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/forwardingRules' +has_self_link: true immutable: true -legacy_long_form_project: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/compute_forwarding_rule.go.tmpl' + pre_create: 'templates/terraform/pre_create/compute_forwarding_rule.go.tmpl' + post_create: 'templates/terraform/post_create/labels.tmpl' +custom_diff: + - 'forwardingRuleCustomizeDiff' +legacy_long_form_project: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'internal_http_lb_with_mig_backend' + - name: 'internal_http_lb_with_mig_backend' primary_resource_id: 'google_compute_forwarding_rule' + min_version: 'beta' vars: ilb_network_name: 'l7-ilb-network' proxy_subnet_name: 'l7-ilb-proxy-subnet' @@ -65,13 +72,12 @@ examples: fw_allow_iap_hc_name: 'l7-ilb-fw-allow-iap-hc' fw_allow_ilb_to_backends_name: 'l7-ilb-fw-allow-ilb-to-backends' vm_test_name: 'l7-ilb-test-vm' - min_version: beta ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'internal_tcp_udp_lb_with_mig_backend' + - name: 'internal_tcp_udp_lb_with_mig_backend' primary_resource_id: 'google_compute_forwarding_rule' + min_version: 'beta' vars: ilb_network_name: 'l4-ilb-network' backend_subnet_name: 'l4-ilb-subnet' @@ -84,26 +90,22 @@ examples: fw_allow_ilb_to_backends_name: 'l4-ilb-fw-allow-ilb-to-backends' fw_allow_ilb_ssh_name: 'l4-ilb-fw-ssh' vm_test_name: 'l4-ilb-test-vm' - min_version: beta - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_externallb' + - name: 'forwarding_rule_externallb' primary_resource_id: 'default' + min_version: 'beta' vars: forwarding_rule_name: 'website-forwarding-rule' backend_name: 'website-backend' network_name: 'website-net' - min_version: beta ignore_read_extra: - 'port_range' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_global_internallb' + - name: 'forwarding_rule_global_internallb' primary_resource_id: 'default' vars: forwarding_rule_name: 'website-forwarding-rule' backend_name: 'website-backend' network_name: 'website-net' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_basic' + - name: 'forwarding_rule_basic' primary_resource_id: 'default' vars: forwarding_rule_name: 'website-forwarding-rule' @@ -111,16 +113,14 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_l3_default' + - name: 'forwarding_rule_l3_default' primary_resource_id: 'fwd_rule' + min_version: 'beta' vars: forwarding_rule_name: 'l3-forwarding-rule' service_name: 'service' health_check_name: 'health-check' - min_version: beta - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_internallb' + - name: 'forwarding_rule_internallb' primary_resource_id: 'default' vars: forwarding_rule_name: 'website-forwarding-rule' @@ -129,10 +129,9 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_http_lb' - min_version: 'beta' + - name: 'forwarding_rule_http_lb' primary_resource_id: 'default' + min_version: 'beta' vars: forwarding_rule_name: 'website-forwarding-rule' region_target_http_proxy_name: 'website-proxy' @@ -145,10 +144,9 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_regional_http_xlb' - min_version: 'beta' + - name: 'forwarding_rule_regional_http_xlb' primary_resource_id: 'default' + min_version: 'beta' vars: forwarding_rule_name: 'website-forwarding-rule' region_target_http_proxy_name: 'website-proxy' @@ -163,8 +161,7 @@ examples: - 'port_range' - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_vpc_psc' + - name: 'forwarding_rule_vpc_psc' primary_resource_id: 'default' vars: forwarding_rule_name: 'psc-endpoint' @@ -180,8 +177,7 @@ examples: - 'port_range' - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_vpc_psc_no_automate_dns' + - name: 'forwarding_rule_vpc_psc_no_automate_dns' primary_resource_id: 'default' vars: forwarding_rule_name: 'psc-endpoint' @@ -197,58 +193,49 @@ examples: - 'port_range' - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'forwarding_rule_regional_steering' + - name: 'forwarding_rule_regional_steering' primary_resource_id: 'steering' vars: forwarding_rule_name: 'steering-rule' ip_name: 'website-ip' backend_name: 'service-backend' external_forwarding_rule_name: 'external-forwarding-rule' - - !ruby/object:Provider::Terraform::Examples - name: "forwarding_rule_internallb_ipv6" - primary_resource_id: "default" + - name: 'forwarding_rule_internallb_ipv6' + primary_resource_id: 'default' vars: - forwarding_rule_name: "ilb-ipv6-forwarding-rule" - backend_name: "ilb-ipv6-backend" - network_name: "net-ipv6" - subnet_name: "subnet-internal-ipv6" + forwarding_rule_name: 'ilb-ipv6-forwarding-rule' + backend_name: 'ilb-ipv6-backend' + network_name: 'net-ipv6' + subnet_name: 'subnet-internal-ipv6' ignore_read_extra: - - "port_range" - - "target" -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/compute_forwarding_rule.go.erb - post_create: templates/terraform/post_create/labels.erb - constants: 'templates/terraform/constants/compute_forwarding_rule.go.erb' -custom_diff: [ - 'forwardingRuleCustomizeDiff', -] + - 'port_range' + - 'target' virtual_fields: - - !ruby/object:Api::Type::Boolean - name: recreate_closed_psc + - name: 'recreate_closed_psc' description: This is used in PSC consumer ForwardingRule to make terraform recreate the ForwardingRule when the status is closed + type: Boolean default_value: false parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Boolean - name: 'isMirroringCollector' + - name: 'isMirroringCollector' + type: Boolean description: | Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this @@ -257,30 +244,30 @@ properties: This can only be set to true for load balancers that have their `loadBalancingScheme` set to `INTERNAL`. - - !ruby/object:Api::Type::Integer - name: 'forwardingRuleId' + - name: 'forwardingRuleId' + type: Integer description: | The unique identifier number for the resource. This identifier is defined by the server. api_name: id output: true - - !ruby/object:Api::Type::String - name: 'pscConnectionId' + - name: 'pscConnectionId' + type: String description: 'The PSC connection id of the PSC Forwarding Rule.' output: true - - !ruby/object:Api::Type::String - name: 'pscConnectionStatus' + - name: 'pscConnectionStatus' + type: String description: 'The PSC connection status of the PSC Forwarding Rule. Possible values: `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. # This is a multi-resource resource reference (Address, GlobalAddress) - - !ruby/object:Api::Type::String - name: 'IPAddress' + - name: 'IPAddress' + type: String description: | IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic @@ -321,9 +308,9 @@ properties: When reading an `IPAddress`, the API always returns the IP address number. default_from_api: true - diff_suppress_func: InternalIpDiffSuppress - - !ruby/object:Api::Type::Enum - name: 'IPProtocol' + diff_suppress_func: 'InternalIpDiffSuppress' + - name: 'IPProtocol' + type: Enum description: | The IP protocol to which this rule applies. @@ -339,43 +326,43 @@ properties: A Forwarding Rule with protocol L3_DEFAULT can attach with target instance or backend service with UNSPECIFIED protocol. A forwarding rule with "L3_DEFAULT" IPProtocal cannot be attached to a backend service with TCP or UDP. - values: - - :TCP - - :UDP - - :ESP - - :AH - - :SCTP - - :ICMP - - :L3_DEFAULT - diff_suppress_func: 'tpgresource.CaseDiffSuppress' default_from_api: true + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + enum_values: + - 'TCP' + - 'UDP' + - 'ESP' + - 'AH' + - 'SCTP' + - 'ICMP' + - 'L3_DEFAULT' # This is a multi-resource resource reference (BackendService (global), RegionBackendService) # We have custom expands that manage this. - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'BackendService' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types. - custom_expand: 'templates/terraform/custom_expand/self_link_from_name.erb' - - !ruby/object:Api::Type::Enum - name: 'loadBalancingScheme' + custom_expand: 'templates/terraform/custom_expand/self_link_from_name.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'loadBalancingScheme' + type: Enum description: | Specifies the forwarding rule type. For more information about forwarding rules, refer to [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). - values: - - :EXTERNAL - - :EXTERNAL_MANAGED - - :INTERNAL - - :INTERNAL_MANAGED - default_value: :EXTERNAL - - !ruby/object:Api::Type::String - name: 'name' + default_value: "EXTERNAL" + enum_values: + - 'EXTERNAL' + - 'EXTERNAL_MANAGED' + - 'INTERNAL' + - 'INTERNAL_MANAGED' + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -391,10 +378,8 @@ properties: APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter. required: true - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | This field is not used for external load balancing. @@ -411,9 +396,11 @@ properties: # manifest input from a single value to a range of form NN-NN. The API # accepts a single value, e.g. '80', but the API stores and returns # '80-80'. This causes idempotency false positive. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'portRange' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'portRange' + type: String description: | The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded @@ -439,11 +426,10 @@ properties: cannot have overlapping `portRange`s. @pattern: \d+(?:-\d+)? - diff_suppress_func: PortRangeDiffSuppress default_from_api: true - - !ruby/object:Api::Type::Array - name: 'ports' - max_size: 5 + diff_suppress_func: 'PortRangeDiffSuppress' + - name: 'ports' + type: Array description: | The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded @@ -468,12 +454,12 @@ properties: @pattern: \d+(?:-\d+)? is_set: true - custom_expand: 'templates/terraform/custom_expand/set_to_list.erb' - item_type: Api::Type::String - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' - imports: 'selfLink' + custom_expand: 'templates/terraform/custom_expand/set_to_list.tmpl' + item_type: + type: String + max_size: 5 + - name: 'subnetwork' + type: ResourceRef description: | This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and @@ -486,9 +472,11 @@ properties: # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, # TargetInstance) default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'target' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'target' + type: String description: | The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the @@ -502,19 +490,21 @@ properties: * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setTarget' + update_verb: 'POST' diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - custom_expand: 'templates/terraform/custom_expand/self_link_from_name.erb' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + custom_expand: 'templates/terraform/custom_expand/self_link_from_name.tmpl' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::Boolean - name: 'allowGlobalAccess' + update_verb: 'POST' + key_expander: '' + - name: 'allowGlobalAccess' + type: Boolean description: | This field is used along with the `backend_service` field for internal load balancing or with the `target` field for internal @@ -526,16 +516,16 @@ properties: Otherwise only allows access from clients in the same region as the internal load balancer. send_empty_value: true - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/forwardingRules/{{name}} - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' + update_verb: 'PATCH' + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this forwarding rule. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' - - !ruby/object:Api::Type::Boolean - name: 'allPorts' + update_verb: 'POST' + - name: 'allPorts' + type: Boolean description: | The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded @@ -552,8 +542,8 @@ properties: first fragment) to be forwarded to the backends configured with this forwarding rule. The L3_DEFAULT protocol requires `allPorts` be set to true. - - !ruby/object:Api::Type::Enum - name: 'networkTier' + - name: 'networkTier' + type: Enum description: | This signifies the networking tier used for configuring this load balancer and can only take the following values: @@ -566,36 +556,37 @@ properties: If this field is not specified, it is assumed to be `PREMIUM`. If `IPAddress` is specified, this value must be equal to the networkTier of the Address. - values: - - :PREMIUM - - :STANDARD immutable: true default_from_api: true - - !ruby/object:Api::Type::Array - name: 'serviceDirectoryRegistrations' + enum_values: + - 'PREMIUM' + - 'STANDARD' + - name: 'serviceDirectoryRegistrations' + type: Array description: | Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. - min_size: 0 - max_size: 1 immutable: true default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'namespace' + - name: 'namespace' + type: String description: | Service Directory namespace to register the forwarding rule under. immutable: true default_from_api: true - - !ruby/object:Api::Type::String - name: 'service' + - name: 'service' + type: String description: | Service Directory service to register the forwarding rule under. immutable: true - - !ruby/object:Api::Type::String - name: 'serviceLabel' + min_size: 0 + max_size: 1 + - name: 'serviceLabel' + type: String description: | An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service @@ -609,17 +600,17 @@ properties: character, which cannot be a dash. This field is only used for INTERNAL load balancing. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'serviceName' + - name: 'serviceName' + type: String description: | The internal fully qualified service name for this Forwarding Rule. This field is only used for INTERNAL load balancing. output: true - - !ruby/object:Api::Type::Array - name: sourceIpRanges + - name: 'sourceIpRanges' + type: Array description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. @@ -628,9 +619,10 @@ properties: is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). immutable: true - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: baseForwardingRule + item_type: + type: String + - name: 'baseForwardingRule' + type: String description: '[Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, @@ -638,33 +630,33 @@ properties: sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.' output: true - - !ruby/object:Api::Type::Boolean - name: allowPscGlobalAccess + - name: 'allowPscGlobalAccess' + type: Boolean description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. send_empty_value: true - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/forwardingRules/{{name}} + update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' + update_verb: 'PATCH' update_id: 'allowPscGlobalAccess' fingerprint_name: 'fingerprint' - - !ruby/object:Api::Type::Boolean - name: noAutomateDnsZone + - name: 'noAutomateDnsZone' + type: Boolean description: This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field. - send_empty_value: true immutable: true ignore_read: true - - !ruby/object:Api::Type::Enum - name: 'ipVersion' + send_empty_value: true + - name: 'ipVersion' + type: Enum description: | The IP address version that will be used by this forwarding rule. Valid options are IPV4 and IPV6. If not set, the IPv4 address will be used by default. - values: - - :IPV4 - - :IPV6 immutable: true default_from_api: true + enum_values: + - 'IPV4' + - 'IPV6' diff --git a/mmv1/products/compute/GlobalAddress.yaml b/mmv1/products/compute/GlobalAddress.yaml index 6ee244e5bb53..89679209a73c 100644 --- a/mmv1/products/compute/GlobalAddress.yaml +++ b/mmv1/products/compute/GlobalAddress.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,73 +11,73 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'GlobalAddress' kind: 'compute#address' -base_url: projects/{{project}}/global/addresses -collection_url_key: 'items' -has_self_link: true description: | Represents a Global Address resource. Global addresses are used for HTTP(S) load balancing. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address' api: 'https://cloud.google.com/compute/docs/reference/v1/globalAddresses' +docs: +base_url: 'projects/{{project}}/global/addresses' +has_self_link: true immutable: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + pre_create: 'templates/terraform/pre_create/compute_global_address.go.tmpl' + post_create: 'templates/terraform/post_create/labels.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'global_address_basic' + - name: 'global_address_basic' primary_resource_id: 'default' vars: global_address_name: 'global-appserver-ip' - - !ruby/object:Provider::Terraform::Examples - name: 'global_address_private_services_connect' - min_version: beta + - name: 'global_address_private_services_connect' primary_resource_id: 'default' + min_version: 'beta' vars: global_address_name: 'global-psconnect-ip' network_name: 'my-network-name' -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/labels.erb - pre_create: templates/terraform/pre_create/compute_global_address.go.erb +parameters: properties: - - !ruby/object:Api::Type::String - name: 'address' + - name: 'address' + type: String description: | The IP address or beginning of the address range represented by this resource. This can be supplied as an input to reserve a specific address or omitted to allow GCP to choose a valid one for you. default_from_api: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -87,29 +87,31 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this address. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::Enum - name: 'ipVersion' + update_verb: 'POST' + key_expander: '' + - name: 'ipVersion' + type: Enum description: | The IP Version that will be used by this address. The default value is `IPV4`. - values: - - :IPV4 - - :IPV6 diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' - - !ruby/object:Api::Type::Integer - name: 'prefixLength' + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'prefixLength' + type: Integer description: | The prefix length of the IP range. If not present, it means the address field is a single IP address. @@ -117,34 +119,34 @@ properties: This field is not applicable to addresses with addressType=INTERNAL when purpose=PRIVATE_SERVICE_CONNECT default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'addressType' + - name: 'addressType' + type: Enum description: | The type of the address to reserve. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network. - values: - - :EXTERNAL - - :INTERNAL - default_value: :EXTERNAL diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("EXTERNAL")' - - !ruby/object:Api::Type::String - name: 'purpose' + default_value: "EXTERNAL" + enum_values: + - 'EXTERNAL' + - 'INTERNAL' + - name: 'purpose' + type: String description: | The purpose of the resource. Possible values include: * VPC_PEERING - for peer networks * PRIVATE_SERVICE_CONNECT - for ([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html) only) Private Service Connect networks - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | The URL of the network in which to reserve the IP range. The IP range must be in RFC1918 space. The network cannot be deleted if there are any reserved IP ranges referring to it. This should only be set when using an Internal address. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' diff --git a/mmv1/products/compute/GlobalForwardingRule.yaml b/mmv1/products/compute/GlobalForwardingRule.yaml index d39c85bf8da5..3c816753c7e2 100644 --- a/mmv1/products/compute/GlobalForwardingRule.yaml +++ b/mmv1/products/compute/GlobalForwardingRule.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'GlobalForwardingRule' kind: 'compute#forwardingRule' -base_url: projects/{{project}}/global/forwardingRules -immutable: true -has_self_link: true -# Has a separate endpoint for labels -skip_attribution_label: true -legacy_long_form_project: true -collection_url_key: 'items' description: | Represents a GlobalForwardingRule resource. Global forwarding rules are used to forward traffic to the correct load balancer for HTTP load @@ -28,29 +21,37 @@ description: | balancing. For more information, see https://cloud.google.com/compute/docs/load-balancing/http/ -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +# Has a separate endpoint for labels +exclude_attribution_label: true +docs: +base_url: 'projects/{{project}}/global/forwardingRules' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + post_create: 'templates/terraform/post_create/labels.tmpl' +legacy_long_form_project: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'external_ssl_proxy_lb_mig_backend' + - name: 'external_ssl_proxy_lb_mig_backend' primary_resource_id: 'default' - skip_test: true vars: ssl_proxy_xlb_network: 'ssl-proxy-xlb-network' ssl_proxy_xlb_subnet: 'ssl-proxy-xlb-subnet' @@ -67,9 +68,10 @@ examples: - 'port_range' - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'external_tcp_proxy_lb_mig_backend' + exclude_test: true + - name: 'external_tcp_proxy_lb_mig_backend' primary_resource_id: 'default' + min_version: 'beta' vars: tcp_proxy_xlb_network: 'tcp-proxy-xlb-network' tcp_proxy_xlb_subnet: 'tcp-proxy-xlb-subnet' @@ -81,14 +83,13 @@ examples: tcp_proxy_xlb_mig_template: 'tcp-proxy-xlb-mig-template' tcp_proxy_xlb_mig1: 'tcp-proxy-xlb-mig1' tcp_proxy_xlb_fw_allow_hc: 'tcp-proxy-xlb-fw-allow-hc' - min_version: beta ignore_read_extra: - 'port_range' - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'external_http_lb_mig_backend_custom_header' + - name: 'external_http_lb_mig_backend_custom_header' primary_resource_id: 'default' + min_version: 'beta' vars: xlb_network_name: 'l7-xlb-network' backend_subnet_name: 'l7-xlb-subnet' @@ -101,13 +102,11 @@ examples: hc_name: 'l7-xlb-hc' mig_name: 'l7-xlb-mig1' fw_allow_hc_name: 'l7-xlb-fw-allow-hc' - min_version: beta ignore_read_extra: - 'port_range' - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'global_forwarding_rule_http' + - name: 'global_forwarding_rule_http' primary_resource_id: 'default' vars: forwarding_rule_name: 'global-rule' @@ -116,10 +115,9 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'global_forwarding_rule_internal' - min_version: beta + - name: 'global_forwarding_rule_internal' primary_resource_id: 'default' + min_version: 'beta' vars: forwarding_rule_name: 'global-rule' http_proxy_name: 'target-proxy' @@ -128,8 +126,7 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'global_forwarding_rule_external_managed' + - name: 'global_forwarding_rule_external_managed' primary_resource_id: 'default' vars: forwarding_rule_name: 'global-rule' @@ -138,8 +135,7 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'global_forwarding_rule_hybrid' + - name: 'global_forwarding_rule_hybrid' primary_resource_id: 'default' vars: forwarding_rule_name: 'global-rule' @@ -157,9 +153,9 @@ examples: ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'global_internal_http_lb_with_mig_backend' + - name: 'global_internal_http_lb_with_mig_backend' primary_resource_id: 'google_compute_forwarding_rule' + min_version: 'beta' vars: gilb_network_name: 'l7-gilb-network' proxy_subnet_name: 'l7-gilb-proxy-subnet' @@ -174,57 +170,53 @@ examples: fw_allow_iap_hc_name: 'l7-gilb-fw-allow-iap-hc' fw_allow_gilb_to_backends_name: 'l7-gilb-fw-allow-gilb-to-backends' vm_test_name: 'l7-gilb-test-vm' - min_version: beta ignore_read_extra: - 'port_range' - 'target' - - !ruby/object:Provider::Terraform::Examples - name: 'private_service_connect_google_apis' - min_version: beta + - name: 'private_service_connect_google_apis' primary_resource_id: 'default' + min_version: 'beta' vars: network_name: 'my-network' subnetwork_name: 'my-subnetwork' global_address_name: 'global-psconnect-ip' forwarding_rule_name: 'globalrule' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'private_service_connect_google_apis_no_automate_dns' - min_version: beta + - name: 'private_service_connect_google_apis_no_automate_dns' primary_resource_id: 'default' + min_version: 'beta' vars: network_name: 'my-network' subnetwork_name: 'my-subnetwork' global_address_name: 'global-psconnect-ip' forwarding_rule_name: 'globalrule' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' ignore_read_extra: - 'ip_address' -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/labels.erb +parameters: properties: - - !ruby/object:Api::Type::String - name: 'pscConnectionId' + - name: 'pscConnectionId' + type: String description: 'The PSC connection id of the PSC Forwarding Rule.' output: true - - !ruby/object:Api::Type::String - name: 'pscConnectionStatus' + - name: 'pscConnectionStatus' + type: String description: 'The PSC connection status of the PSC Forwarding Rule. Possible values: `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. # This is a multi-resource resource reference (Address, GlobalAddress) - - !ruby/object:Api::Type::String - name: 'IPAddress' + - name: 'IPAddress' + type: String description: | IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic @@ -265,9 +257,9 @@ properties: When reading an `IPAddress`, the API always returns the IP address number. default_from_api: true - diff_suppress_func: InternalIpDiffSuppress - - !ruby/object:Api::Type::Enum - name: 'IPProtocol' + diff_suppress_func: 'InternalIpDiffSuppress' + - name: 'IPProtocol' + type: Enum description: | The IP protocol to which this rule applies. @@ -279,50 +271,52 @@ properties: The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). - values: - - :TCP - - :UDP - - :ESP - - :AH - - :SCTP - - :ICMP - diff_suppress_func: 'tpgresource.CaseDiffSuppress' default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'ipVersion' + diff_suppress_func: 'tpgresource.CaseDiffSuppress' + enum_values: + - 'TCP' + - 'UDP' + - 'ESP' + - 'AH' + - 'SCTP' + - 'ICMP' + - name: 'ipVersion' + type: Enum description: | The IP Version that will be used by this global forwarding rule. - values: - - :IPV4 - - :IPV6 - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this forwarding rule. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::Enum - name: 'loadBalancingScheme' + update_verb: 'POST' + key_expander: '' + - name: 'loadBalancingScheme' + type: Enum description: | Specifies the forwarding rule type. For more information about forwarding rules, refer to [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). - default_value: :EXTERNAL - values: - - :EXTERNAL - - :EXTERNAL_MANAGED - - :INTERNAL_MANAGED - - :INTERNAL_SELF_MANAGED - - !ruby/object:Api::Type::Array - name: 'metadataFilters' + default_value: "EXTERNAL" + enum_values: + - 'EXTERNAL' + - 'EXTERNAL_MANAGED' + - 'INTERNAL_MANAGED' + - 'INTERNAL_SELF_MANAGED' + - name: 'metadataFilters' + type: Array description: | Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS @@ -341,10 +335,11 @@ properties: metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'filterMatchCriteria' + - name: 'filterMatchCriteria' + type: Enum description: | Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. @@ -354,35 +349,36 @@ properties: MATCH_ALL - All filterLabels must have matching labels in the provided metadata. required: true - values: - - :MATCH_ANY - - :MATCH_ALL - - !ruby/object:Api::Type::Array - name: 'filterLabels' + enum_values: + - 'MATCH_ANY' + - 'MATCH_ALL' + - name: 'filterLabels' + type: Array description: | The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. - min_size: 1 - max_size: 64 required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the metadata label. The length must be between 1 and 1024 characters, inclusive. required: true - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The value that the label must match. The value has a maximum length of 1024 characters. required: true - - !ruby/object:Api::Type::String - name: 'name' + min_size: 1 + max_size: 64 + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -398,10 +394,8 @@ properties: APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter. required: true - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | This field is not used for external load balancing. @@ -418,9 +412,11 @@ properties: # manifest input from a single value to a range of form NN-NN. The API # accepts a single value, e.g. '80', but the API stores and returns # '80-80'. This causes idempotency false positive. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'portRange' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'portRange' + type: String description: | The `portRange` field has the following limitations: * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, @@ -442,14 +438,12 @@ properties: cannot have overlapping `portRange`s. @pattern: \d+(?:-\d+)? - diff_suppress_func: PortRangeDiffSuppress + diff_suppress_func: 'PortRangeDiffSuppress' # This is a multi-resource resource reference (TargetHttp(s)Proxy, # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, # TargetInstance) - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' - imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef description: | This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and @@ -462,10 +456,11 @@ properties: # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, # TargetInstance) default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'target' - required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'target' + type: String description: | The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the @@ -479,53 +474,56 @@ properties: * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. - update_verb: :POST + required: true update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setTarget' + update_verb: 'POST' diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Array - name: 'serviceDirectoryRegistrations' + - name: 'serviceDirectoryRegistrations' + type: Array description: | Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. - min_size: 0 - max_size: 1 immutable: true default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'namespace' + - name: 'namespace' + type: String description: | Service Directory namespace to register the forwarding rule under. immutable: true default_from_api: true - - !ruby/object:Api::Type::String - name: 'serviceDirectoryRegion' + - name: 'serviceDirectoryRegion' + type: String description: | [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region. immutable: true - - !ruby/object:Api::Type::Array - name: sourceIpRanges + min_size: 0 + max_size: 1 + - name: 'sourceIpRanges' + type: Array description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). immutable: true - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: baseForwardingRule + item_type: + type: String + - name: 'baseForwardingRule' + type: String description: '[Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.' output: true - - !ruby/object:Api::Type::Boolean - name: allowPscGlobalAccess + - name: 'allowPscGlobalAccess' + type: Boolean description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. - min_version: beta - - !ruby/object:Api::Type::Boolean - name: noAutomateDnsZone + min_version: 'beta' + - name: 'noAutomateDnsZone' + type: Boolean description: This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field. - send_empty_value: true immutable: true ignore_read: true + send_empty_value: true diff --git a/mmv1/products/compute/GlobalNetworkEndpoint.yaml b/mmv1/products/compute/GlobalNetworkEndpoint.yaml index f4c06d006db4..2f267d0fd921 100644 --- a/mmv1/products/compute/GlobalNetworkEndpoint.yaml +++ b/mmv1/products/compute/GlobalNetworkEndpoint.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,99 +11,99 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'GlobalNetworkEndpoint' kind: 'compute#networkEndpoint' -base_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}' description: | A Global Network endpoint represents a IP address and port combination that exists outside of GCP. **NOTE**: Global network endpoints cannot be created outside of a global network endpoint group. -immutable: true -create_verb: :POST -create_url: projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/attachNetworkEndpoints -delete_verb: :POST -delete_url: projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/detachNetworkEndpoints -read_verb: :POST -self_link: projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/listNetworkEndpoints -identity: - - ipAddress - - fqdn - - port -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - items -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{global_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' +base_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}' +self_link: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/attachNetworkEndpoints' +read_verb: 'POST' +delete_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +immutable: true +mutex: 'networkEndpoint/{{project}}/{{global_network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{global_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' -mutex: networkEndpoint/{{project}}/{{global_network_endpoint_group}} +identity: + - ipAddress + - fqdn + - port +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_global_network_endpoint.go.tmpl' + decoder: 'templates/terraform/decoders/network_endpoint.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_global_network_endpoint.go.tmpl' + custom_import: 'templates/terraform/custom_import/compute_global_network_endpoint.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'global_network_endpoint' - primary_resource_id: - 'default-endpoint' + - name: 'global_network_endpoint' + primary_resource_id: 'default-endpoint' + vars: + neg_name: 'my-lb-neg' # Fine-grained resource need different autogenerated tests, as # we need to check destroy during a test step where the parent resource # still exists, rather than during CheckDestroy (when read returns # nothing because the parent resource has then also been destroyed) - skip_test: true - vars: - neg_name: 'my-lb-neg' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: templates/terraform/pre_delete/compute_global_network_endpoint.go.erb - decoder: templates/terraform/decoders/network_endpoint.go.erb - encoder: templates/terraform/encoders/compute_global_network_endpoint.go.erb - custom_import: templates/terraform/custom_import/compute_global_network_endpoint.go.erb + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'globalNetworkEndpointGroup' - resource: 'GlobalNetworkEndpointGroup' - imports: 'name' + - name: 'globalNetworkEndpointGroup' + type: ResourceRef description: | The global network endpoint group this endpoint is part of. - required: true url_param_only: true + required: true ignore_read: true - diff_suppress_func: tpgresource.CompareResourceNames + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'GlobalNetworkEndpointGroup' + imports: 'name' properties: - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | Port number of the external endpoint. required: true - custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb - validation: !ruby/object:Provider::Terraform::Validation + custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' + validation: function: 'validation.IntAtLeast(1)' - - !ruby/object:Api::Type::String - name: 'ipAddress' + - name: 'ipAddress' + type: String description: | IPv4 address external endpoint. - - !ruby/object:Api::Type::String - name: 'fqdn' - at_least_one_of: - - fqdn - - ip_address + - name: 'fqdn' + type: String description: | Fully qualified domain name of network endpoint. This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. + at_least_one_of: + - 'fqdn' + - 'ip_address' diff --git a/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml b/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml index 78a0ed2d6f74..d3d7af7da059 100644 --- a/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml +++ b/mmv1/products/compute/GlobalNetworkEndpointGroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'GlobalNetworkEndpointGroup' kind: 'compute#networkEndpointGroup' -base_url: 'projects/{{project}}/global/networkEndpointGroups' -immutable: true -has_self_link: true -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' description: | A global network endpoint group contains endpoints that reside outside of Google Cloud. Currently a global network endpoint group can only support a single endpoint. @@ -29,38 +21,47 @@ description: | Recreating a global network endpoint group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` to avoid this type of error. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +base_url: 'projects/{{project}}/global/networkEndpointGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'global_network_endpoint_group' + - name: 'global_network_endpoint_group' primary_resource_id: 'neg' vars: neg_name: 'my-lb-neg' - - !ruby/object:Provider::Terraform::Examples - name: 'global_network_endpoint_group_ip_address' + - name: 'global_network_endpoint_group_ip_address' primary_resource_id: 'neg' vars: neg_name: 'my-lb-neg' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -70,23 +71,23 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Enum - name: 'networkEndpointType' - required: true + - name: 'networkEndpointType' + type: Enum description: | Type of network endpoints in this network endpoint group. - values: - - :INTERNET_IP_PORT - - :INTERNET_FQDN_PORT - - !ruby/object:Api::Type::Integer - name: 'defaultPort' + required: true + enum_values: + - 'INTERNET_IP_PORT' + - 'INTERNET_FQDN_PORT' + - name: 'defaultPort' + type: Integer description: | The default port used if the port number is not specified in the network endpoint. diff --git a/mmv1/products/compute/HaVpnGateway.yaml b/mmv1/products/compute/HaVpnGateway.yaml index 04f461395c42..1c12ffc5d8f1 100644 --- a/mmv1/products/compute/HaVpnGateway.yaml +++ b/mmv1/products/compute/HaVpnGateway.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,61 +11,55 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'HaVpnGateway' kind: 'compute#vpnGateway' -base_url: projects/{{project}}/regions/{{region}}/vpnGateways -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a VPN gateway running in GCP. This virtual device is managed by Google, but used only by you. This type of VPN Gateway allows for the creation of VPN solutions with higher availability than classic Target VPN Gateways. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - 'Choosing a VPN': https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn + 'Choosing a VPN': 'https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn' 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' - api: https://cloud.google.com/compute/docs/reference/rest/v1/vpnGateways -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnGateways' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/vpnGateways' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'ha_vpn_gateway_basic' + - name: 'ha_vpn_gateway_basic' primary_resource_id: 'ha_gateway1' vars: ha_vpn_gateway1_name: 'ha-vpn-1' network1_name: 'network1' - - !ruby/object:Provider::Terraform::Examples - name: 'ha_vpn_gateway_ipv6' + - name: 'ha_vpn_gateway_ipv6' primary_resource_id: 'ha_gateway1' vars: ha_vpn_gateway1_name: 'ha-vpn-1' network1_name: 'network1' - - !ruby/object:Provider::Terraform::Examples - name: 'ha_vpn_gateway_gcp_to_gcp' - primary_resource_id: - 'ha_gateway1' - # Multiple fine-grained resources - skip_vcr: true - skip_test: true - skip_docs: true + - name: 'ha_vpn_gateway_gcp_to_gcp' + primary_resource_id: 'ha_gateway1' vars: ha_vpn_gateway1_name: 'ha-vpn-1' network1_name: 'network1' @@ -73,12 +67,12 @@ examples: ha_vpn_gateway2_name: 'ha-vpn-2' network2_name: 'network2' router2_name: 'ha-vpn-router2' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_ha_vpn_gateway_encrypted_interconnect' - primary_resource_id: - 'vpn-gateway' - # TODO: https://github.com/hashicorp/terraform-provider-google/issues/11504 - skip_test: true + exclude_test: true + exclude_docs: true + # Multiple fine-grained resources + skip_vcr: true + - name: 'compute_ha_vpn_gateway_encrypted_interconnect' + primary_resource_id: 'vpn-gateway' vars: ha_vpn_gateway_name: 'test-ha-vpngw' interconnect_attachment1_name: 'test-interconnect-attachment1' @@ -87,24 +81,26 @@ examples: address2_name: 'test-address2' router_name: 'test-router' network_name: 'test-network' + # TODO: https://github.com/hashicorp/terraform-provider-google/issues/11504 + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | The region this gateway should sit in. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -115,57 +111,56 @@ properties: character, which cannot be a dash. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | The network this VPN gateway is accepting traffic for. required: true immutable: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Enum - name: 'stackType' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'stackType' + type: Enum description: | The stack type for this VPN gateway to identify the IP protocols that are enabled. If not specified, IPV4_ONLY will be used. - default_value: :IPV4_ONLY - values: - - :IPV4_ONLY - - :IPV4_IPV6 - - :IPV6_ONLY immutable: true - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Enum - name: 'gatewayIpVersion' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "IPV4_ONLY" + enum_values: + - 'IPV4_ONLY' + - 'IPV4_IPV6' + - 'IPV6_ONLY' + - name: 'gatewayIpVersion' + type: Enum description: | The IP family of the gateway IPs for the HA-VPN gateway interfaces. If not specified, IPV4 will be used. - default_value: :IPV4 - values: - - :IPV4 - - :IPV6 immutable: true - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Array - name: 'vpnInterfaces' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "IPV4" + enum_values: + - 'IPV4' + - 'IPV6' + - name: 'vpnInterfaces' + type: Array description: | A list of interfaces on this VPN gateway. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'The numeric ID of this VPN gateway interface.' - - !ruby/object:Api::Type::String - name: 'ipAddress' + - name: 'ipAddress' + type: String description: 'The external IP address for this VPN gateway interface.' output: true - - !ruby/object:Api::Type::ResourceRef - name: 'interconnectAttachment' - resource: 'InterconnectAttachment' - imports: 'selfLink' + - name: 'interconnectAttachment' + type: ResourceRef description: | URL of the interconnect attachment resource. When the value of this field is present, the VPN Gateway will be used for @@ -174,5 +169,7 @@ properties: specified interconnect attachment resource. Not currently available publicly. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'InterconnectAttachment' + imports: 'selfLink' diff --git a/mmv1/products/compute/HealthCheck.yaml b/mmv1/products/compute/HealthCheck.yaml index f01c0bfac5f1..7b5c40e635b3 100644 --- a/mmv1/products/compute/HealthCheck.yaml +++ b/mmv1/products/compute/HealthCheck.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'HealthCheck' kind: 'compute#healthCheck' -base_url: projects/{{project}}/global/healthChecks -collection_url_key: 'items' -has_self_link: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks' description: | Health Checks determine whether instances are responsive and able to do work. They are an important part of a comprehensive load balancing configuration, @@ -37,139 +30,129 @@ description: | ~>**NOTE**: Legacy HTTP(S) health checks must be used for target pool-based network load balancers. See the [official guide](https://cloud.google.com/load-balancing/docs/health-check-concepts#selecting_hc) for choosing a type of health check. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks' +docs: +base_url: 'projects/{{project}}/global/healthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/health_check.tmpl' + encoder: 'templates/terraform/encoders/health_check_type.tmpl' +custom_diff: + - 'healthCheckCustomizeDiff' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_tcp' + - name: 'health_check_tcp' primary_resource_id: 'tcp-health-check' vars: health_check_name: 'tcp-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_tcp_full' + - name: 'health_check_tcp_full' primary_resource_id: 'tcp-health-check' vars: health_check_name: 'tcp-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_ssl' + - name: 'health_check_ssl' primary_resource_id: 'ssl-health-check' vars: health_check_name: 'ssl-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_ssl_full' + - name: 'health_check_ssl_full' primary_resource_id: 'ssl-health-check' vars: health_check_name: 'ssl-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_http' + - name: 'health_check_http' primary_resource_id: 'http-health-check' vars: health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_http_full' + - name: 'health_check_http_full' primary_resource_id: 'http-health-check' vars: health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_https' + - name: 'health_check_https' primary_resource_id: 'https-health-check' vars: health_check_name: 'https-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_https_full' + - name: 'health_check_https_full' primary_resource_id: 'https-health-check' vars: health_check_name: 'https-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_http2' + - name: 'health_check_http2' primary_resource_id: 'http2-health-check' vars: health_check_name: 'http2-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_http2_full' + - name: 'health_check_http2_full' primary_resource_id: 'http2-health-check' vars: health_check_name: 'http2-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_grpc' + - name: 'health_check_grpc' primary_resource_id: 'grpc-health-check' vars: health_check_name: 'grpc-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_grpc_full' + - name: 'health_check_grpc_full' primary_resource_id: 'grpc-health-check' vars: health_check_name: 'grpc-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'health_check_with_logging' + - name: 'health_check_with_logging' primary_resource_id: 'health-check-with-logging' - min_version: beta + min_version: 'beta' vars: health_check_name: 'tcp-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_health_check_http_source_regions' + - name: 'compute_health_check_http_source_regions' primary_resource_id: 'http-health-check-with-source-regions' vars: health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_health_check_https_source_regions' + - name: 'compute_health_check_https_source_regions' primary_resource_id: 'https-health-check-with-source-regions' vars: health_check_name: 'https-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_health_check_tcp_source_regions' + - name: 'compute_health_check_tcp_source_regions' primary_resource_id: 'tcp-health-check-with-source-regions' vars: health_check_name: 'tcp-health-check' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/health_check_type.erb - constants: templates/terraform/constants/health_check.erb -custom_diff: [ - 'healthCheckCustomizeDiff', -] +parameters: properties: - - !ruby/object:Api::Type::Integer - name: 'checkIntervalSec' + - name: 'checkIntervalSec' + type: Integer description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. send_empty_value: true - - !ruby/object:Api::Type::Integer - name: 'healthyThreshold' + - name: 'healthyThreshold' + type: Integer description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -178,18 +161,17 @@ properties: the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::Integer - name: 'timeoutSec' + required: true + immutable: true + - name: 'timeoutSec' + type: Integer description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 - - !ruby/object:Api::Type::Array - name: 'sourceRegions' - item_type: Api::Type::String - min_size: 3 - max_size: 3 + - name: 'sourceRegions' + type: Array description: | The list of cloud regions from which health checks are performed. If any regions are specified, then exactly 3 regions should be specified. @@ -208,129 +190,125 @@ properties: * The health check cannot be used with BackendService nor with managed instance group auto-healing. - - !ruby/object:Api::Type::Integer - name: 'unhealthyThreshold' + item_type: + type: String + min_size: 3 + max_size: 3 + - name: 'unhealthyThreshold' + type: Integer description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. default_value: 2 - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: |- The type of the health check. One of HTTP, HTTPS, TCP, or SSL. - values: - - :TCP - - :SSL - - :HTTP - - :HTTPS - - :HTTP2 output: true - - !ruby/object:Api::Type::NestedObject - name: 'httpHealthCheck' + enum_values: + - 'TCP' + - 'SSL' + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - name: 'httpHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'host' - at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - name: 'host' + type: String description: | The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'requestPath' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'requestPath' + type: String description: | The request path of the HTTP health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::String - name: 'response' - at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the HTTP health check request. The default value is 80. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -346,116 +324,116 @@ properties: If not specified, HTTP health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'httpsHealthCheck' + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'httpsHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'host' - at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - name: 'host' + type: String description: | The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'requestPath' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'requestPath' + type: String description: | The request path of the HTTPS health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::String - name: 'response' - at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the HTTPS health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -471,97 +449,98 @@ properties: If not specified, HTTPS health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'tcpHealthCheck' + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'tcpHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'request' - at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - name: 'request' + type: String description: | The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. - - !ruby/object:Api::Type::String - name: 'response' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the TCP health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -577,97 +556,97 @@ properties: If not specified, TCP health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'sslHealthCheck' + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'sslHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'request' - at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - name: 'request' + type: String description: | The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. - - !ruby/object:Api::Type::String - name: 'response' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the SSL health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -683,116 +662,115 @@ properties: If not specified, SSL health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'http2HealthCheck' + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'http2HealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'host' - at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - name: 'host' + type: String description: | The value of the host header in the HTTP2 health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'requestPath' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'requestPath' + type: String description: | The request path of the HTTP2 health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::String - name: 'response' - at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the HTTP2 health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -808,49 +786,52 @@ properties: If not specified, HTTP2 health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'grpcHealthCheck' + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::Integer - name: 'port' - at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + - name: 'port' + type: Integer description: | The port number for the health check request. Must be specified if portName and portSpecification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'portSpecification' at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -866,32 +847,37 @@ properties: If not specified, gRPC health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::String - name: 'grpcServiceName' - at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcServiceName' + type: String description: | The gRPC service name for the health check. The value of grpcServiceName has the following meanings by convention: - Empty serviceName means the overall status of all services at the backend. - Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. The grpcServiceName can only be ASCII. - - !ruby/object:Api::Type::NestedObject - name: 'logConfig' + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'logConfig' + type: NestedObject description: | Configure logging on this health check. default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/health_check_log_config.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/health_check_log_config.go.tmpl' properties: - - !ruby/object:Api::Type::Boolean - name: 'enable' + - name: 'enable' + type: Boolean description: | Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. diff --git a/mmv1/products/compute/HttpHealthCheck.yaml b/mmv1/products/compute/HttpHealthCheck.yaml index 519a25f1cd6e..7621f6547b61 100644 --- a/mmv1/products/compute/HttpHealthCheck.yaml +++ b/mmv1/products/compute/HttpHealthCheck.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'HttpHealthCheck' kind: 'compute#httpHealthCheck' -base_url: projects/{{project}}/global/httpHealthChecks -collection_url_key: 'items' -has_self_link: true description: | An HttpHealthCheck resource. This resource defines a template for how individual VMs should be checked for health, via HTTP. @@ -26,64 +23,69 @@ description: | should be preferred for all uses except [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) which still require the legacy version. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' api: 'https://cloud.google.com/compute/docs/reference/v1/httpHealthChecks' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/httpHealthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'http_health_check_basic' + - name: 'http_health_check_basic' primary_resource_id: 'default' vars: http_health_check_name: 'authentication-health-check' +parameters: properties: - - !ruby/object:Api::Type::Integer - name: 'checkIntervalSec' + - name: 'checkIntervalSec' + type: Integer description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Integer - name: 'healthyThreshold' + - name: 'healthyThreshold' + type: Integer description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -94,27 +96,27 @@ properties: last character, which cannot be a dash. required: true immutable: true - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | The TCP port number for the HTTP health check request. The default value is 80. default_value: 80 - - !ruby/object:Api::Type::String - name: 'requestPath' + - name: 'requestPath' + type: String description: | The request path of the HTTP health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::Integer - name: 'timeoutSec' + default_value: "/" + - name: 'timeoutSec' + type: Integer description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 - - !ruby/object:Api::Type::Integer - name: 'unhealthyThreshold' + - name: 'unhealthyThreshold' + type: Integer description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. diff --git a/mmv1/products/compute/HttpsHealthCheck.yaml b/mmv1/products/compute/HttpsHealthCheck.yaml index 5c00b61730cd..7b43e3ea112c 100644 --- a/mmv1/products/compute/HttpsHealthCheck.yaml +++ b/mmv1/products/compute/HttpsHealthCheck.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'HttpsHealthCheck' kind: 'compute#httpsHealthCheck' -base_url: projects/{{project}}/global/httpsHealthChecks -collection_url_key: 'items' -has_self_link: true description: | An HttpsHealthCheck resource. This resource defines a template for how individual VMs should be checked for health, via HTTPS. @@ -26,64 +23,69 @@ description: | should be preferred for all uses except [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) which still require the legacy version. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' api: 'https://cloud.google.com/compute/docs/reference/v1/httpsHealthChecks' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/httpsHealthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'https_health_check_basic' + - name: 'https_health_check_basic' primary_resource_id: 'default' vars: https_health_check_name: 'authentication-health-check' +parameters: properties: - - !ruby/object:Api::Type::Integer - name: 'checkIntervalSec' + - name: 'checkIntervalSec' + type: Integer description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Integer - name: 'healthyThreshold' + - name: 'healthyThreshold' + type: Integer description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String description: | The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -94,27 +96,27 @@ properties: last character, which cannot be a dash. required: true immutable: true - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | The TCP port number for the HTTPS health check request. The default value is 443. default_value: 443 - - !ruby/object:Api::Type::String - name: 'requestPath' + - name: 'requestPath' + type: String description: | The request path of the HTTPS health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::Integer - name: 'timeoutSec' + default_value: "/" + - name: 'timeoutSec' + type: Integer description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 - - !ruby/object:Api::Type::Integer - name: 'unhealthyThreshold' + - name: 'unhealthyThreshold' + type: Integer description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. diff --git a/mmv1/products/compute/Image.yaml b/mmv1/products/compute/Image.yaml index 9857d739664a..46036e51e7ff 100644 --- a/mmv1/products/compute/Image.yaml +++ b/mmv1/products/compute/Image.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Image' kind: 'compute#image' -base_url: projects/{{project}}/global/images -immutable: true -has_self_link: true -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/images' - api: 'https://cloud.google.com/compute/docs/reference/v1/images' description: | Represents an Image resource. @@ -39,117 +31,125 @@ description: | images are available only to your project. You can create a custom image from root persistent disks and other images. Then, use the custom image to create an instance. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/images' + api: 'https://cloud.google.com/compute/docs/reference/v1/images' +docs: +base_url: 'projects/{{project}}/global/images' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -iam_policy: !ruby/object:Api::Resource::IamPolicy +collection_url_key: 'items' +iam_policy: allowed_iam_role: 'roles/compute.imageUser' parent_resource_attribute: 'image' - iam_conditions_request_type: :QUERY_PARAM + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'image_basic' + - name: 'image_basic' primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-example-image%s", context["random_suffix"])' vars: image_name: 'example-image' - primary_resource_name: "fmt.Sprintf(\"tf-test-example-image%s\", - context[\"random_suffix\"\ - ])" - - !ruby/object:Provider::Terraform::Examples - name: 'image_guest_os' + - name: 'image_guest_os' primary_resource_id: 'example' vars: image_name: 'example-image' - - !ruby/object:Provider::Terraform::Examples - name: 'image_basic_storage_location' + - name: 'image_basic_storage_location' primary_resource_id: 'example' vars: image_name: 'example-sl-image' - primary_resource_name: - 'fmt.Sprintf("tf-test-sl-example-image%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-sl-example-image%s", context["random_suffix"])' +parameters: properties: - - !ruby/object:Api::Type::Integer - name: 'archiveSizeBytes' + - name: 'archiveSizeBytes' + type: Integer description: | Size of the image tar.gz archive stored in Google Cloud Storage (in bytes). output: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Array - name: 'storageLocations' + - name: 'storageLocations' + type: Array description: | Cloud Storage bucket storage location of the image (regional or multi-regional). Reference link: https://cloud.google.com/compute/docs/reference/rest/v1/images - item_type: Api::Type::String default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'diskSizeGb' + item_type: + type: String + - name: 'diskSizeGb' + type: Integer description: | Size of the image when restored onto a persistent disk (in GB). # TODO(alexstephen): Build family support. # Families use a different API default_from_api: true - - !ruby/object:Api::Type::String - name: 'family' + - name: 'family' + type: String description: | The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035. - - !ruby/object:Api::Type::Array - name: 'guestOsFeatures' + - name: 'guestOsFeatures' + type: Array description: | A list of features to enable on the guest operating system. Applicable only for bootable images. - default_from_api: true is_set: true - item_type: !ruby/object:Api::Type::NestedObject + default_from_api: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'type' - required: true + - name: 'type' + type: Enum description: | The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - values: - - :MULTI_IP_SUBNET - - :SECURE_BOOT - - :SEV_CAPABLE - - :UEFI_COMPATIBLE - - :VIRTIO_SCSI_MULTIQUEUE - - :WINDOWS - - :GVNIC - - :SEV_LIVE_MIGRATABLE - - :SEV_SNP_CAPABLE - - :SUSPEND_RESUME_COMPATIBLE - - :TDX_CAPABLE - - :SEV_LIVE_MIGRATABLE_V2 - - !ruby/object:Api::Type::NestedObject - name: 'imageEncryptionKey' + required: true + enum_values: + - 'MULTI_IP_SUBNET' + - 'SECURE_BOOT' + - 'SEV_CAPABLE' + - 'UEFI_COMPATIBLE' + - 'VIRTIO_SCSI_MULTIQUEUE' + - 'WINDOWS' + - 'GVNIC' + - 'SEV_LIVE_MIGRATABLE' + - 'SEV_SNP_CAPABLE' + - 'SUSPEND_RESUME_COMPATIBLE' + - 'TDX_CAPABLE' + - 'SEV_LIVE_MIGRATABLE_V2' + - name: 'imageEncryptionKey' + type: NestedObject description: | Encrypts the image using a customer-supplied encryption key. @@ -157,44 +157,47 @@ properties: provide the same key if you use the image later (e.g. to create a disk from the image) properties: - - !ruby/object:Api::Type::String - name: 'kmsKeySelfLink' - api_name: 'kmsKeyName' + - name: 'kmsKeySelfLink' + type: String description: | The self link of the encryption key that is stored in Google Cloud KMS. - custom_flatten: 'templates/terraform/custom_flatten/image_kms_key_name.go.erb' + api_name: kmsKeyName diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + custom_flatten: 'templates/terraform/custom_flatten/image_kms_key_name.go.tmpl' + - name: 'kmsKeyServiceAccount' + type: String description: | The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: Labels to apply to this Image. - update_verb: :POST update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::Array - name: 'licenses' + update_verb: 'POST' + key_expander: '' + - name: 'licenses' + type: Array description: Any applicable license URI. default_from_api: true - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'license' + type: ResourceRef description: 'An applicable license URI' resource: 'License' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -204,46 +207,46 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::NestedObject - name: 'rawDisk' + - name: 'rawDisk' + type: NestedObject description: The parameters of the raw disk image. ignore_read: true properties: - - !ruby/object:Api::Type::Enum - name: 'containerType' + - name: 'containerType' + type: Enum description: | The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created. - values: - - :TAR - default_value: :TAR - - !ruby/object:Api::Type::String - name: 'sha1' - api_name: 'sha1Checksum' + default_value: "TAR" + enum_values: + - 'TAR' + - name: 'sha1' + type: String description: | An optional SHA1 checksum of the disk image before unpackaging. This is provided by the client when the disk image is created. + api_name: sha1Checksum # TODO(alexstephen): Figure out cross-module ResourceRefs - - !ruby/object:Api::Type::String - name: 'source' - required: true + - name: 'source' + type: String description: | The full Google Cloud Storage URL where disk storage is stored You must provide either this property or the sourceDisk property but not both. - - !ruby/object:Api::Type::ResourceRef - name: 'sourceDisk' + required: true + - name: 'sourceDisk' + type: ResourceRef description: | The source disk to create this image based on. You must provide either this property or the rawDisk.source property but not both to create an image. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Disk' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'sourceImage' + - name: 'sourceImage' + type: ResourceRef description: | URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: @@ -252,11 +255,11 @@ properties: * This property * The rawDisk.source URL * The sourceDisk URL + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Image' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'sourceSnapshot' + - name: 'sourceSnapshot' + type: ResourceRef description: | URL of the source snapshot used to create this image. @@ -267,7 +270,6 @@ properties: * The sourceImage URL * The rawDisk.source URL * The sourceDisk URL + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Snapshot' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' -# State is not applicable for state convergence. diff --git a/mmv1/products/compute/Instance.yaml b/mmv1/products/compute/Instance.yaml index e37cd0ff436c..4963847e1c07 100644 --- a/mmv1/products/compute/Instance.yaml +++ b/mmv1/products/compute/Instance.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,87 +11,88 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Instance' kind: 'compute#instance' -base_url: projects/{{project}}/zones/{{zone}}/instances -collection_url_key: 'items' -immutable: true -has_self_link: true description: | An instance is a virtual machine (VM) hosted on Google's infrastructure. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +exclude_resource: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instances' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -iam_policy: !ruby/object:Api::Resource::IamPolicy +collection_url_key: 'items' +iam_policy: allowed_iam_role: 'roles/compute.osLogin' parent_resource_attribute: 'instance_name' - iam_conditions_request_type: :QUERY_PARAM -exclude_resource: true + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'instance_basic' + - name: 'instance_basic' primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' vars: instance_name: 'my-instance' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-instance%s\", - context[\"random_suffix\"\ - ])" parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the machine resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::Boolean - name: 'canIpForward' + - name: 'canIpForward' + type: Boolean description: | Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. - - !ruby/object:Api::Type::String - name: 'cpuPlatform' + - name: 'cpuPlatform' + type: String description: The CPU platform used by this instance. output: true - - !ruby/object:Api::Type::String - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: String description: Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::Boolean - name: 'deletionProtection' + - name: 'deletionProtection' + type: Boolean description: Whether the resource should be protected against deletion. + update_url: '/projects/{{project}}/zones/{{zone}}/instances/{resourceId}/setDeletionProtection' # The code for this update is custom because MM doesn't support # sending empty bodies + the new option as a request parameter. - update_verb: :POST - update_url: /projects/{{project}}/zones/{{zone}}/instances/{resourceId}/setDeletionProtection - - !ruby/object:Api::Type::Array - name: 'disks' + update_verb: 'POST' + - name: 'disks' + type: Array description: | An array of disks that are associated with the instances that are created from this template. immutable: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Boolean - name: 'autoDelete' + - name: 'autoDelete' + type: Boolean description: | Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from @@ -100,54 +101,54 @@ properties: Tip: Disks should be set to autoDelete=true so that leftover disks are not left behind on machine deletion. - - !ruby/object:Api::Type::Boolean - name: 'boot' + - name: 'boot' + type: Boolean description: | Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem. - - !ruby/object:Api::Type::String - name: 'deviceName' + - name: 'deviceName' + type: String description: | Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. - - !ruby/object:Api::Type::NestedObject - name: 'diskEncryptionKey' + - name: 'diskEncryptionKey' + type: NestedObject description: | Encrypts or decrypts a disk using a customer-supplied encryption key. properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. - - !ruby/object:Api::Type::String - name: 'rsaEncryptedKey' + - name: 'rsaEncryptedKey' + type: String description: | Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. - - !ruby/object:Api::Type::String - name: 'sha256' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true - - !ruby/object:Api::Type::Integer - name: 'index' + - name: 'index' + type: Integer description: | Assigns a zero-based index to this disk, where 0 is reserved for the boot disk. For example, if you have many disks attached to an instance, each disk would have a unique index number. If not specified, the server will choose an appropriate value. - - !ruby/object:Api::Type::NestedObject - name: 'initializeParams' + - name: 'initializeParams' + type: NestedObject description: | Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization @@ -155,34 +156,34 @@ properties: the new instance. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'diskName' + - name: 'diskName' + type: String description: | Specifies the disk name. If not specified, the default is to use the name of the instance. - - !ruby/object:Api::Type::Integer - name: 'diskSizeGb' + - name: 'diskSizeGb' + type: Integer description: Specifies the size of the disk in base-2 GB. # diskStorageType - deprecated - - !ruby/object:Api::Type::ResourceRef - name: 'diskType' + - name: 'diskType' + type: ResourceRef description: | Reference to a disk type. Specifies the disk type to use to create the instance. If not specified, the default is pd-standard. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'DiskType' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'sourceImage' + - name: 'sourceImage' + type: String description: | The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required. To create a disk with one of the public operating system images, specify the image by its family name. - - !ruby/object:Api::Type::Integer - name: 'provisionedIops' + - name: 'provisionedIops' + type: Integer description: | Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the @@ -191,8 +192,8 @@ properties: delete and recreate the disk, hyperdisk allows for an update of IOPS every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it. - - !ruby/object:Api::Type::Integer - name: 'provisionedThroughput' + - name: 'provisionedThroughput' + type: Integer description: | Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that @@ -201,14 +202,14 @@ properties: to delete and recreate the disk, hyperdisk allows for an update of throughput every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it. - - !ruby/object:Api::Type::Boolean - name: 'enableConfidentialCompute' + - name: 'enableConfidentialCompute' + type: Boolean description: | Whether this disk is using confidential compute mode. Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true. - - !ruby/object:Api::Type::NestedObject - name: 'sourceImageEncryptionKey' + - name: 'sourceImageEncryptionKey' + type: NestedObject description: | The customer-supplied encryption key of the source image. Required if the source image is protected by a @@ -219,56 +220,54 @@ properties: instances in a managed instance group if the source images are encrypted with your own keys. properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. - - !ruby/object:Api::Type::String - name: 'sha256' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true - - !ruby/object:Api::Type::String - name: 'storagePool' - required: false - immutable: true + - name: 'storagePool' + type: String description: | The URL of the storage pool in which the new disk is created. For example: * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} * /projects/{project}/zones/{zone}/storagePools/{storagePool} - - !ruby/object:Api::Type::Enum - name: 'interface' + required: false + immutable: true + - name: 'interface' + type: Enum description: | Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. - values: - - :SCSI - - :NVME + enum_values: + - 'SCSI' + - 'NVME' # Ignoring kind - It's a constant and we don't need it. # TODO(alexstephen): Place in licenses - it's a Array of # ResourceRefs - - !ruby/object:Api::Type::Enum - name: 'mode' + - name: 'mode' + type: Enum description: | The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode. - values: - - :READ_WRITE - - :READ_ONLY + enum_values: + - 'READ_WRITE' + - 'READ_ONLY' # This is the name, not selfLink of a disk. - - !ruby/object:Api::Type::ResourceRef - name: 'source' - resource: 'Disk' - imports: 'selfLink' + - name: 'source' + type: ResourceRef description: | Reference to a disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required. @@ -276,66 +275,72 @@ properties: If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Enum - name: 'type' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Disk' + imports: 'selfLink' + - name: 'type' + type: Enum description: | Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT. - values: - - :SCRATCH - - :PERSISTENT - - !ruby/object:Api::Type::Array - name: 'licenses' + enum_values: + - 'SCRATCH' + - 'PERSISTENT' + - name: 'licenses' + type: Array description: 'Any applicable publicly visible licenses.' - item_type: Api::Type::String output: true - - !ruby/object:Api::Type::Array - name: 'guestAccelerators' + item_type: + type: String + - name: 'guestAccelerators' + type: Array description: | List of the type and count of accelerator cards attached to the instance - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'acceleratorCount' + - name: 'acceleratorCount' + type: Integer description: | The number of the guest accelerator cards exposed to this instance. # TODO(alexstephen): Change to ResourceRef once AcceleratorType is # created. - - !ruby/object:Api::Type::String - name: 'acceleratorType' + - name: 'acceleratorType' + type: String description: | Full or partial URL of the accelerator type resource to expose to this instance. - - !ruby/object:Api::Type::String - name: 'hostname' + - name: 'hostname' + type: String description: | The hostname of the instance to be created. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS. - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: | The unique identifier for the resource. This identifier is defined by the server. output: true - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + update_verb: 'POST' + key_expander: '' + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this instance. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' + update_verb: 'POST' # TODO(nelsonjr): Implement updating metadata *after* resource is created. # Expose instance 'metadata' as a simple name/value pair hash. However the API @@ -356,28 +361,28 @@ properties: # adding the 'fingerprint' of the last metadata to allow update. # # To comply with the API please add an encoder: and decoder: to the provider. - - !ruby/object:Api::Type::KeyValuePairs - name: 'metadata' + - name: 'metadata' + type: KeyValuePairs description: | The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. - - !ruby/object:Api::Type::ResourceRef - name: 'machineType' - resource: 'MachineType' - imports: 'selfLink' + - name: 'machineType' + type: ResourceRef description: 'A reference to a machine type which defines VM kind.' - update_url: projects/{{project}}/zones/{{zone}}/instances/{{name}}/setMachineType - update_verb: :POST + update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setMachineType' + update_verb: 'POST' # TODO(alexstephen): Add metadata - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'minCpuPlatform' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'MachineType' + imports: 'selfLink' + - name: 'minCpuPlatform' + type: String description: | Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, @@ -387,37 +392,37 @@ properties: lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::Array - name: 'networkInterfaces' + - name: 'networkInterfaces' + type: Array description: | An array of configurations for this interface. This specifies how this interface is configured to interact with other network services, such as connecting to the internet. Only one network interface is supported per instance. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'accessConfigs' + - name: 'accessConfigs' + type: Array description: | An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: # 'kind' is not needed for object convergence - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access. required: true - - !ruby/object:Api::Type::ResourceRef - name: 'natIP' - resource: 'Address' - imports: 'address' + - name: 'natIP' + type: ResourceRef description: | Reference to an address. An external IP address associated with this instance. @@ -426,29 +431,31 @@ properties: from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Enum - name: 'type' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'address' + - name: 'type' + type: Enum description: | The type of configuration. The default and only option is ONE_TO_ONE_NAT. - values: - - :ONE_TO_ONE_NAT required: true - - !ruby/object:Api::Type::Boolean - name: 'setPublicPtr' + enum_values: + - 'ONE_TO_ONE_NAT' + - name: 'setPublicPtr' + type: Boolean description: | Specifies whether a public DNS PTR record should be created to map the external IP address of the instance to a DNS domain name. - - !ruby/object:Api::Type::String - name: 'publicPtrDomainName' + - name: 'publicPtrDomainName' + type: String description: | The DNS domain name for the public PTR record. You can set this field only if the setPublicPtr field is enabled. - - !ruby/object:Api::Type::Enum - name: 'networkTier' + - name: 'networkTier' + type: Enum description: | This signifies the networking tier used for configuring this access configuration. If an AccessConfig is @@ -457,19 +464,20 @@ properties: AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP. - values: - - :PREMIUM - - :STANDARD - - !ruby/object:Api::Type::Array - name: 'aliasIpRanges' + enum_values: + - 'PREMIUM' + - 'STANDARD' + - name: 'aliasIpRanges' + type: Array description: | An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'ipCidrRange' + - name: 'ipCidrRange' + type: String description: | The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified @@ -477,52 +485,50 @@ properties: system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24). - - !ruby/object:Api::Type::String - name: 'subnetworkRangeName' + - name: 'subnetworkRangeName' + type: String description: | Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used. - - !ruby/object:Api::Type::String - name: 'internalIpv6PrefixLength' + - name: 'internalIpv6PrefixLength' + type: String description: | The prefix length of the primary internal IPv6 range. - - !ruby/object:Api::Type::String - name: 'ipv6Address' + - name: 'ipv6Address' + type: String description: | An IPv6 internal network address for this network interface. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc output: true - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | Specifies the title of an existing network. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'networkIP' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'networkIP' + type: String description: | An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system. - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' - imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef description: | Reference to a VPC network. If the network resource is in legacy mode, do not @@ -531,110 +537,114 @@ properties: the network is in custom subnet mode, then this field should be specified. # networkInterfaces.kind is not necessary for convergence. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'networkAttachment' - resource: 'networkAttachment' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' imports: 'selfLink' + - name: 'networkAttachment' + type: ResourceRef description: | The URL of the network attachment that this interface should connect to in the following format: projects/{projectNumber}/regions/{region_name}/networkAttachments/{network_attachment_name}. - - !ruby/object:Api::Type::NestedObject - name: 'scheduling' + resource: 'networkAttachment' + imports: 'selfLink' + - name: 'scheduling' + type: NestedObject description: Sets the scheduling options for this instance. properties: - - !ruby/object:Api::Type::Boolean - name: 'automaticRestart' + - name: 'automaticRestart' + type: Boolean description: | Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. - - !ruby/object:Api::Type::String - name: 'onHostMaintenance' + - name: 'onHostMaintenance' + type: String description: | Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options. - - !ruby/object:Api::Type::Boolean - name: 'preemptible' + - name: 'preemptible' + type: Boolean description: | Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created. - - !ruby/object:Api::Type::Array - name: 'serviceAccounts' + - name: 'serviceAccounts' + type: Array description: | A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'email' + - name: 'email' + type: String description: Email address of the service account. - - !ruby/object:Api::Type::Array - name: scopes + - name: 'scopes' + type: Array description: | The list of scopes to be made available for this service account. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'shieldedInstanceConfig' + item_type: + type: String + - name: 'shieldedInstanceConfig' + type: NestedObject description: Configuration for various parameters related to shielded instances. + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' # The code for this update method is custom because MM does not support # sending just the nested properties - update_verb: :PATCH - update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig + update_verb: 'PATCH' properties: - - !ruby/object:Api::Type::Boolean - name: 'enableSecureBoot' + - name: 'enableSecureBoot' + type: Boolean description: Defines whether the instance has Secure Boot enabled. - update_verb: :PATCH - update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig - - !ruby/object:Api::Type::Boolean - name: 'enableVtpm' + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + update_verb: 'PATCH' + - name: 'enableVtpm' + type: Boolean description: Defines whether the instance has the vTPM enabled - update_verb: :PATCH - update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig - - !ruby/object:Api::Type::Boolean - name: 'enableIntegrityMonitoring' + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + update_verb: 'PATCH' + - name: 'enableIntegrityMonitoring' + type: Boolean description: Defines whether the instance has integrity monitoring enabled. - update_verb: :PATCH - update_url: projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig - - !ruby/object:Api::Type::NestedObject - name: 'confidentialInstanceConfig' + update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' + update_verb: 'PATCH' + - name: 'confidentialInstanceConfig' + type: NestedObject description: 'Configuration for confidential computing (requires setting the machine type to any of the n2d-* types and a boot disk of type pd-ssd).' properties: - - !ruby/object:Api::Type::Boolean - name: 'enableConfidentialCompute' + - name: 'enableConfidentialCompute' + type: Boolean description: Enables confidential computing with AMD SEV. at_least_one_of: - - confidential_instance_config.0.enable_confidential_compute - - confidential_instance_config.0.confidential_instance_type - deprecation_message: "`enableConfidentialCompute` is deprecated and will be removed in a future major release. Use `confidentialInstanceType: SEV` instead." - - !ruby/object:Api::Type::Enum - name: 'confidentialInstanceType' + - 'confidential_instance_config.0.enable_confidential_compute' + - 'confidential_instance_config.0.confidential_instance_type' + deprecation_message: '`enableConfidentialCompute` is deprecated and will be removed in a future major release. Use `confidentialInstanceType: SEV` instead.' + - name: 'confidentialInstanceType' + type: Enum description: | The confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = - "AMD Milan" is currently required. TDX is only available in beta. - values: - - :SEV - - :SEV_SNP - - :TDX + "AMD Milan" is currently required. at_least_one_of: - - confidential_instance_config.0.enable_confidential_compute - - confidential_instance_config.0.confidential_instance_type - - !ruby/object:Api::Type::Enum - name: 'status' + - 'confidential_instance_config.0.enable_confidential_compute' + - 'confidential_instance_config.0.confidential_instance_type' + enum_values: + - 'SEV' + - 'SEV_SNP' + - 'TDX' + - name: 'status' + type: Enum description: | The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, @@ -646,21 +656,20 @@ properties: # This is incorrect because you can make actions on the Instance (start, stop) # In an idempotent world, the best way to express these actions is to # change the status value. - output: false - values: - - :PROVISIONING - - :STAGING - - :RUNNING - - :STOPPING - - :SUSPENDING - - :SUSPENDED - - :TERMINATED - - !ruby/object:Api::Type::String - name: 'statusMessage' + enum_values: + - 'PROVISIONING' + - 'STAGING' + - 'RUNNING' + - 'STOPPING' + - 'SUSPENDING' + - 'SUSPENDED' + - 'TERMINATED' + - name: 'statusMessage' + type: String description: An optional, human-readable explanation of the status. output: true - - !ruby/object:Api::Type::NestedObject - name: 'tags' + - name: 'tags' + type: NestedObject description: | A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by @@ -669,8 +678,8 @@ properties: RFC1035. properties: # TODO(alexstephen) Investigate bytes type - - !ruby/object:Api::Type::String - name: 'fingerprint' + - name: 'fingerprint' + type: String description: | Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. @@ -678,9 +687,10 @@ properties: changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata. - - !ruby/object:Api::Type::Array - name: 'items' + - name: 'items' + type: Array description: | An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035. - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/compute/InstanceGroup.yaml b/mmv1/products/compute/InstanceGroup.yaml index d99c309f8f04..67c902e29936 100644 --- a/mmv1/products/compute/InstanceGroup.yaml +++ b/mmv1/products/compute/InstanceGroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,67 +11,69 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'InstanceGroup' kind: 'compute#instanceGroup' -base_url: projects/{{project}}/zones/{{zone}}/instanceGroups -collection_url_key: 'items' -has_self_link: true description: | Represents an Instance Group resource. Instance groups are self-managed and can contain identical or different instances. Instance groups do not use an instance template. Unlike managed instance groups, you must create and add instances to an instance group manually. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +exclude: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -immutable: true -exclude: true +collection_url_key: 'items' +custom_code: parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the instance group resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. # 'fingerprint' not applicable to state convergence. - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'A unique identifier for this instance group.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035. - - !ruby/object:Api::Type::Array - name: 'namedPorts' + - name: 'namedPorts' + type: Array description: | Assigns a name to a port number. For example: {name: "http", port: 80}. @@ -83,36 +85,37 @@ properties: For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name for this named port. The name must be 1-63 characters long, and comply with RFC1035. - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | The port number, which can be a value between 1 and 65535. - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | The network to which all instances in the instance group belong. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' imports: 'selfLink' + - name: 'region' + type: ResourceRef description: | The region where the instance group is located (for regional resources). - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef description: | The subnetwork to which all instances in the instance group belong. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' diff --git a/mmv1/products/compute/InstanceGroupManager.yaml b/mmv1/products/compute/InstanceGroupManager.yaml index 648e91b72d3c..ec957fa1924e 100644 --- a/mmv1/products/compute/InstanceGroupManager.yaml +++ b/mmv1/products/compute/InstanceGroupManager.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'InstanceGroupManager' kind: 'compute#instanceGroupManager' -base_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers -collection_url_key: 'items' -has_self_link: true -# Used as a resource reference -exclude: true description: | Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create @@ -28,62 +23,70 @@ description: | verify the status of the individual instances. A managed instance group can have up to 1000 VM instances per group. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +# Used as a resource reference +exclude: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'The zone the managed instance group resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'baseInstanceName' + - name: 'baseInstanceName' + type: String description: | The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035. required: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: | The creation timestamp for this managed instance group in RFC3339 text format. output: true - - !ruby/object:Api::Type::NestedObject - name: 'currentActions' + - name: 'currentActions' + type: NestedObject description: | The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions. + output: true properties: - - !ruby/object:Api::Type::Integer - name: 'abandoning' + - name: 'abandoning' + type: Integer description: | The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it. output: true - - !ruby/object:Api::Type::Integer - name: 'creating' + - name: 'creating' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the @@ -94,28 +97,28 @@ properties: populated; instead, the creatingWithoutRetries field will be populated. output: true - - !ruby/object:Api::Type::Integer - name: 'creatingWithoutRetries' + - name: 'creatingWithoutRetries' + type: Integer description: | The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly. output: true - - !ruby/object:Api::Type::Integer - name: 'deleting' + - name: 'deleting' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted. output: true - - !ruby/object:Api::Type::Integer - name: 'none' + - name: 'none' + type: Integer description: | The number of instances in the managed instance group that are running and have no scheduled actions. output: true - - !ruby/object:Api::Type::Integer - name: 'recreating' + - name: 'recreating' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. @@ -123,96 +126,97 @@ properties: and creates a new disk from the image that is defined in the instance template. output: true - - !ruby/object:Api::Type::Integer - name: 'refreshing' + - name: 'refreshing' + type: Integer description: | The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance. output: true - - !ruby/object:Api::Type::Integer - name: 'restarting' + - name: 'restarting' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted. output: true - output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. immutable: true # fingerprint ignored as it is an internal locking detail - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'A unique identifier for this resource' output: true - - !ruby/object:Api::Type::ResourceRef - name: 'instanceGroup' - resource: 'InstanceGroup' - imports: 'selfLink' + - name: 'instanceGroup' + type: ResourceRef description: 'The instance group being managed' output: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'instanceTemplate' - resource: 'InstanceTemplate' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'InstanceGroup' imports: 'selfLink' + - name: 'instanceTemplate' + type: ResourceRef description: | The instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. required: true # kind is internal transport detail - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'name' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'InstanceTemplate' + imports: 'selfLink' + - name: 'name' + type: String description: | The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035. required: true # TODO(nelsonjr): Make namedPorts a NameValue(name[string], port[integer]) - - !ruby/object:Api::Type::Array - name: 'namedPorts' + - name: 'namedPorts' + type: Array description: Named ports configured for the Instance Groups complementary to this Instance Group Manager. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name for this named port. The name must be 1-63 characters long, and comply with RFC1035. - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: The port number, which can be a value between 1 and 65535. - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'selfLink' + - name: 'region' + type: ResourceRef description: | The region this managed instance group resides (for regional resources). output: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'targetPools' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' + - name: 'targetPools' + type: Array description: | TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group. - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'targetPool' + type: ResourceRef description: 'The targetPool to receive managed instances.' resource: 'TargetPool' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'targetSize' + - name: 'targetSize' + type: Integer description: | The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing diff --git a/mmv1/products/compute/InstanceGroupMembership.yaml b/mmv1/products/compute/InstanceGroupMembership.yaml index 22e233abab39..0236c91b9ec6 100644 --- a/mmv1/products/compute/InstanceGroupMembership.yaml +++ b/mmv1/products/compute/InstanceGroupMembership.yaml @@ -11,10 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'InstanceGroupMembership' kind: 'compute#instanceGroup' -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}' description: | Represents the Instance membership to the Instance Group. @@ -26,81 +25,83 @@ description: | Instance is recreated, it's removed from Instance Group and it's needed to perform `apply` twice. To avoid situations like this, please use this resource with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. -immutable: true -create_verb: :POST -create_url: projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/addInstances -delete_verb: :POST -delete_url: projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/removeInstances -read_verb: :POST -self_link: projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/listInstances -identity: - - instance -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - items -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Add instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/addInstances' 'Remove instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/removeInstances' 'List instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{zone}}/{{instance_group}}/{{instance}}' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/listInstances' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/addInstances' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/removeInstances' +delete_verb: 'POST' +immutable: true +mutex: 'instanceGroups/{{project}}/zones/{{zone}}/{{instance_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{zone}}/{{instance_group}}/{{instance}}' -mutex: instanceGroups/{{project}}/zones/{{zone}}/{{instance_group}} +identity: + - instance +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_instance_group_membership.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_instance_group_membership.go.tmpl' + custom_import: 'templates/terraform/custom_import/compute_instance_group_membership.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'instance_group_membership' - skip_test: true + - name: 'instance_group_membership' vars: network_name: 'network' instance_group_name: 'instance-group' instance_name: 'instance' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: templates/terraform/pre_delete/compute_instance_group_membership.go.erb - custom_import: templates/terraform/custom_import/compute_instance_group_membership.go.erb - encoder: templates/terraform/encoders/compute_instance_group_membership.go.erb + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the instance group resides.' url_param_only: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'instanceGroup' - resource: 'InstanceGroup' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' imports: 'name' + - name: 'instanceGroup' + type: ResourceRef description: | Represents an Instance Group resource name that the instance belongs to. - required: true url_param_only: true + required: true ignore_read: true - diff_suppress_func: tpgresource.CompareResourceNames + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'InstanceGroup' + imports: 'name' properties: - - !ruby/object:Api::Type::ResourceRef - name: 'instance' + - name: 'instance' + type: ResourceRef description: 'An instance being added to the InstanceGroup' + required: true + custom_flatten: 'templates/terraform/custom_flatten/full_to_relative_path.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Instance' imports: 'selfLink' - required: true - custom_flatten: 'templates/terraform/custom_flatten/full_to_relative_path.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' diff --git a/mmv1/products/compute/InstanceGroupNamedPort.yaml b/mmv1/products/compute/InstanceGroupNamedPort.yaml index 46a003eede48..73def1eff8cd 100644 --- a/mmv1/products/compute/InstanceGroupNamedPort.yaml +++ b/mmv1/products/compute/InstanceGroupNamedPort.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,101 +11,98 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'InstanceGroupNamedPort' -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' -self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' -immutable: true description: | Mange the named ports setting for a managed instance group without managing the group as whole. This resource is primarily intended for use with GKE-generated groups that shouldn't otherwise be managed by other tools. -create_verb: :POST -create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' -delete_verb: :POST -delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' -identity: - - port - - name -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - keys: - - namedPorts -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroup' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' +delete_verb: 'POST' +immutable: true +mutex: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +import_format: + - 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' -import_format: - [ - 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}', - ] -mutex: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' +identity: + - port + - name +nested_query: + keys: + - namedPorts + is_list_of_ids: false + modify_by_patch: true +custom_code: + encoder: 'templates/terraform/encoders/normalize_group.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'instance_group_named_port_gke' - primary_resource_id: - 'my_port' - # Multiple fine-grained resources - skip_vcr: true + - name: 'instance_group_named_port_gke' + primary_resource_id: 'my_port' vars: network_name: 'container-network' subnetwork_name: 'container-subnetwork' gke_cluster_name: 'my-cluster' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: 'templates/terraform/encoders/normalize_group.go.erb' + 'deletion_protection': 'false' + # Multiple fine-grained resources + skip_vcr: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'group' - resource: 'InstanceGroup' - imports: 'name' - required: true - url_param_only: true + - name: 'group' + type: ResourceRef description: | The name of the instance group. + url_param_only: true + required: true diff_suppress_func: 'tpgresource.CompareResourceNames' - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' + resource: 'InstanceGroup' imports: 'name' - required: false - url_param_only: true + - name: 'zone' + type: ResourceRef description: | The zone of the instance group. - default_from_api: true + url_param_only: true + required: false ignore_read: true + default_from_api: true + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | The name for this named port. The name must be 1-63 characters long, and comply with RFC1035. - - !ruby/object:Api::Type::Integer - name: 'port' required: true + - name: 'port' + type: Integer description: The port number, which can be a value between 1 and 65535. + required: true diff --git a/mmv1/products/compute/InstanceSettings.yaml b/mmv1/products/compute/InstanceSettings.yaml index af53539a40e1..b702e25879ed 100644 --- a/mmv1/products/compute/InstanceSettings.yaml +++ b/mmv1/products/compute/InstanceSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,68 +11,70 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'InstanceSettings' kind: 'compute#instanceSettings' -base_url: projects/{{project}}/zones/{{zone}}/instanceSettings -self_link: projects/{{project}}/zones/{{zone}}/instanceSettings description: | Represents an Instance Settings resource. Instance settings are centralized configuration parameters that allow users to configure the default values for specific VM parameters that are normally set using GCE instance API methods. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Update Instance Settings': 'https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/instanceSettings' -create_verb: :PATCH +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceSettings' create_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' -update_verb: :PATCH +create_verb: 'PATCH' update_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' -import_format: ['projects/{{project}}/zones/{{zone}}/instanceSettings'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/zones/{{zone}}/instanceSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: + custom_delete: 'templates/terraform/custom_delete/clear_instance_settings.go.tmpl' + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'instance_settings_basic' + - name: 'instance_settings_basic' primary_resource_id: 'gce_instance_settings' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_instance_settings.go.erb - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the machine resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + - name: 'fingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. - custom_expand: 'templates/terraform/custom_expand/compute_instance_settings_fingerprint.erb' - - !ruby/object:Api::Type::NestedObject - name: 'metadata' + output: true + custom_expand: 'templates/terraform/custom_expand/compute_instance_settings_fingerprint.tmpl' + - name: 'metadata' + type: NestedObject description: | The metadata key/value pairs assigned to all the instances in the corresponding scope. properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'items' + - name: 'items' + type: KeyValuePairs description: | A metadata key/value items map. The total size of all keys and values must be less than 512KB diff --git a/mmv1/products/compute/Interconnect.yaml b/mmv1/products/compute/Interconnect.yaml index 809df72e6e80..308ec75e4fc3 100644 --- a/mmv1/products/compute/Interconnect.yaml +++ b/mmv1/products/compute/Interconnect.yaml @@ -11,68 +11,69 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Interconnect' kind: 'compute#Interconnect' description: | Represents an Interconnect resource. The Interconnect resource is a dedicated connection between Google's network and your on-premises network. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Create a Dedicated Interconnect': 'https://cloud.google.com/network-connectivity/docs/interconnect/concepts/dedicated-overview' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/interconnects' +docs: base_url: 'projects/{{project}}/global/interconnects' self_link: 'projects/{{project}}/global/interconnects/{{name}}' -immutable: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 10000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: + constants: 'templates/terraform/constants/interconnect.go.tmpl' + post_create: 'templates/terraform/post_create/labels.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'compute_interconnect_basic' - skip_test: true + - name: 'compute_interconnect_basic' primary_resource_id: 'example-interconnect' vars: interconnect_name: 'example-interconnect' customer_name: 'example_customer' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_interconnect_basic_test' - skip_docs: true + 'deletion_protection': 'false' + exclude_test: true + - name: 'compute_interconnect_basic_test' primary_resource_id: 'example-interconnect' vars: interconnect_name: 'example-interconnect' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/interconnect.go.erb + exclude_docs: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -81,73 +82,73 @@ properties: lowercase letter, or digit, except the last character, which cannot be a dash. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - !ruby/object:Api::Type::ResourceRef - name: 'location' + - name: 'location' + type: ResourceRef description: | URL of the InterconnectLocation object that represents where this connection is to be provisioned. + Specifies the location inside Google's Networks, should not be passed in case of cross-cloud interconnect. + immutable: true resource: 'InterconnectLocations' imports: 'selfLink' - required: true - immutable: true - - !ruby/object:Api::Type::Enum - name: 'linkType' + - name: 'linkType' + type: Enum description: | Type of link requested. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle. Can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics. - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. - values: - - :LINK_TYPE_ETHERNET_10G_LR - - :LINK_TYPE_ETHERNET_100G_LR required: true immutable: true - - !ruby/object:Api::Type::Integer - name: 'requestedLinkCount' + enum_values: + - 'LINK_TYPE_ETHERNET_10G_LR' + - 'LINK_TYPE_ETHERNET_100G_LR' + - name: 'requestedLinkCount' + type: Integer description: | Target number of physical links in the link bundle, as requested by the customer. required: true immutable: true - - !ruby/object:Api::Type::Enum - name: 'interconnectType' + - name: 'interconnectType' + type: Enum description: | Type of interconnect. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED. Can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. - values: - - :DEDICATED - - :PARTNER - - :IT_PRIVATE required: true immutable: true - diff_suppress_func: InterconnectTypeDiffSuppress - - !ruby/object:Api::Type::Boolean - name: 'adminEnabled' - send_empty_value: true - default_value: true + diff_suppress_func: 'InterconnectTypeDiffSuppress' + enum_values: + - 'DEDICATED' + - 'PARTNER' + - 'IT_PRIVATE' + - name: 'adminEnabled' + type: Boolean description: | Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true. - - !ruby/object:Api::Type::String - name: 'nocContactEmail' + send_empty_value: true + default_value: true + - name: 'nocContactEmail' + type: String description: | Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Cloud Monitoring logs alerting and Cloud Notifications. This field is required for users who sign up for Cloud Interconnect using workforce identity federation. - - !ruby/object:Api::Type::String - name: 'customerName' + - name: 'customerName' + type: String description: | Customer name, to put in the Letter of Authorization as the party authorized to request a - crossconnect. + crossconnect. This field is required for Dedicated and Partner Interconnect, should not be specified + for cross-cloud interconnect. immutable: true - required: true - - !ruby/object:Api::Type::Enum - name: 'operationalStatus' + - name: 'operationalStatus' + type: Enum description: | The current status of this Interconnect's functionality, which can take one of the following: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may @@ -156,69 +157,70 @@ properties: provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect. - values: - - :OS_ACTIVE - - :OS_UNPROVISIONED - - :OS_UNDER_MAINTENANCE output: true - - !ruby/object:Api::Type::Integer - name: 'provisionedLinkCount' + enum_values: + - 'OS_ACTIVE' + - 'OS_UNPROVISIONED' + - 'OS_UNDER_MAINTENANCE' + - name: 'provisionedLinkCount' + type: Integer description: | Number of links actually provisioned in this interconnect. output: true - - !ruby/object:Api::Type::Array - name: 'interconnectAttachments' - item_type: Api::Type::String + - name: 'interconnectAttachments' + type: Array description: | A list of the URLs of all InterconnectAttachments configured to use this Interconnect. output: true - - !ruby/object:Api::Type::String - name: 'peerIpAddress' + item_type: + type: String + - name: 'peerIpAddress' + type: String description: | IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests. output: true - - !ruby/object:Api::Type::String - name: 'googleIpAddress' + - name: 'googleIpAddress' + type: String description: | IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. output: true - - !ruby/object:Api::Type::String - name: 'googleReferenceId' + - name: 'googleReferenceId' + type: String description: | Google reference ID to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. output: true - - !ruby/object:Api::Type::Array - name: 'expectedOutages' - output: true + - name: 'expectedOutages' + type: Array description: A list of outages expected for this Interconnect. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Unique identifier for this outage notification. - - !ruby/object:Api::Type::String - name: 'description' output: true + - name: 'description' + type: String description: | A description about the purpose of the outage. - - !ruby/object:Api::Type::Enum - name: 'source' output: true + - name: 'source' + type: Enum description: | The party that generated this notification. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE. Can take the following value: - GOOGLE: this notification as generated by Google. - values: - - :GOOGLE - - !ruby/object:Api::Type::Enum - name: 'state' output: true + enum_values: + - 'GOOGLE' + - name: 'state' + type: Enum description: | State of this notification. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. Can take one of the following values: @@ -227,13 +229,13 @@ properties: - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. - values: - - :ACTIVE - - :CANCELLED - - :COMPLETED - - !ruby/object:Api::Type::Enum - name: 'issueType' output: true + enum_values: + - 'ACTIVE' + - 'CANCELLED' + - 'COMPLETED' + - name: 'issueType' + type: Enum description: | Form this outage is expected to take. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values. Can take one of the @@ -242,63 +244,71 @@ properties: specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. - values: - - :OUTAGE - - :PARTIAL_OUTAGE - - !ruby/object:Api::Type::Array - name: 'affectedCircuits' output: true - item_type: Api::Type::String + enum_values: + - 'OUTAGE' + - 'PARTIAL_OUTAGE' + - name: 'affectedCircuits' + type: Array description: | If issueType is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected. - - !ruby/object:Api::Type::String - name: 'startTime' output: true + item_type: + type: String + - name: 'startTime' + type: String description: | Scheduled start time for the outage (milliseconds since Unix epoch). - - !ruby/object:Api::Type::String - name: 'endTime' output: true + - name: 'endTime' + type: String description: | Scheduled end time for the outage (milliseconds since Unix epoch). - - !ruby/object:Api::Type::Array - name: 'circuitInfos' - output: true + output: true + - name: 'circuitInfos' + type: Array description: A list of CircuitInfo objects, that describe the individual circuits in this LAG. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'googleCircuitId' - output: true + - name: 'googleCircuitId' + type: String description: | Google-assigned unique ID for this circuit. Assigned at circuit turn-up. - - !ruby/object:Api::Type::String - name: 'googleDemarcId' output: true + - name: 'googleDemarcId' + type: String description: | Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA. - - !ruby/object:Api::Type::String - name: 'customerDemarcId' output: true + - name: 'customerDemarcId' + type: String description: | Customer-side demarc ID for this circuit. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels + update_url: 'projects/{{project}}/global/interconnects/{{name}}/setLabels' + update_verb: 'POST' description: | Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty. - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + - name: 'labelFingerprint' + type: Fingerprint + update_url: 'projects/{{project}}/global/interconnects/{{name}}/setLabels' + update_verb: 'POST' description: | A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. - - !ruby/object:Api::Type::Enum - name: 'state' + output: true + - name: 'state' + type: Enum description: | The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. @@ -307,89 +317,102 @@ properties: provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect. - values: - - :ACTIVE - - :UNPROVISIONED - - :UNDER_MAINTENANCE output: true - - !ruby/object:Api::Type::Boolean - name: 'satisfiesPzs' + enum_values: + - 'ACTIVE' + - 'UNPROVISIONED' + - 'UNDER_MAINTENANCE' + - name: 'satisfiesPzs' + type: Boolean description: Reserved for future use. output: true - - !ruby/object:Api::Type::NestedObject - name: 'macsec' + - name: 'macsec' + type: NestedObject description: | Configuration that enables Media Access Control security (MACsec) on the Cloud Interconnect connection between Google and your on-premises router. properties: - - !ruby/object:Api::Type::Array - name: 'preSharedKeys' + - name: 'preSharedKeys' + type: Array description: | A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link. required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - !ruby/object:Api::Type::String - name: 'startTime' + - name: 'startTime' + type: String description: | A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart. - - !ruby/object:Api::Type::Boolean - name: 'failOpen' + - name: 'failOpen' + type: Boolean description: | If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router. - - !ruby/object:Api::Type::Boolean - name: 'macsecEnabled' + deprecation_message: '`failOpen` is deprecated and will be removed in a future major release. Use other `failOpen` instead.' + - name: 'failOpen' + type: Boolean + description: | + If set to true, the Interconnect connection is configured with a should-secure + MACsec security policy, that allows the Google router to fallback to cleartext + traffic if the MKA session cannot be established. By default, the Interconnect + connection is configured with a must-secure security policy that drops all traffic + if the MKA session cannot be established with your router. + - name: 'macsecEnabled' + type: Boolean description: | Enable or disable MACsec on this Interconnect connection. MACsec enablement fails if the MACsec object is not specified. - - !ruby/object:Api::Type::String - name: 'remoteLocation' + - name: 'remoteLocation' + type: String description: | Indicates that this is a Cross-Cloud Interconnect. This field specifies the location outside of Google's network that the interconnect is connected to. - - !ruby/object:Api::Type::Array - name: 'requestedFeatures' + immutable: true + - name: 'requestedFeatures' + type: Array description: | interconnects.list of features requested for this Interconnect connection. Options: IF_MACSEC ( If specified then the connection is created on MACsec capable hardware ports. If not specified, the default value is false, which allocates non-MACsec capable ports first if available). Note that MACSEC is still technically allowed for compatibility reasons, but it does not work with the API, and will be removed in an upcoming major version. - item_type: !ruby/object:Api::Type::Enum - name: 'requestedFeatures' + immutable: true + item_type: + type: Enum description: | interconnects.list of features requested for this Interconnect connection - values: - - :MACSEC - - :IF_MACSEC - - !ruby/object:Api::Type::Array - name: 'availableFeatures' + enum_values: + - 'MACSEC' + - 'IF_MACSEC' + - name: 'availableFeatures' + type: Array description: | interconnects.list of features available for this Interconnect connection. Can take the value: MACSEC. If present then the Interconnect connection is provisioned on MACsec capable hardware ports. If not present then the Interconnect connection is provisioned on non-MACsec capable ports and MACsec isn't supported and enabling MACsec fails). output: true - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/compute/InterconnectAttachment.yaml b/mmv1/products/compute/InterconnectAttachment.yaml index 6735a5bdde71..2dc641ba7ced 100644 --- a/mmv1/products/compute/InterconnectAttachment.yaml +++ b/mmv1/products/compute/InterconnectAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,137 +10,135 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource + +--- name: 'InterconnectAttachment' kind: 'compute#interconnectAttachment' -base_url: 'projects/{{project}}/regions/{{region}}/interconnectAttachments' -collection_url_key: 'items' -update_verb: :PATCH -has_self_link: true description: | Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see Creating VLAN Attachments. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/interconnectAttachments' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/interconnect_attachment.go.tmpl' + post_create: 'templates/terraform/post_create/interconnect_attachment.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/interconnect_attachment.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'interconnect_attachment_basic' + - name: 'interconnect_attachment_basic' primary_resource_id: 'on_prem' vars: interconnect_attachment_name: 'on-prem-attachment' router_name: 'router-1' network_name: 'network-1' - - !ruby/object:Provider::Terraform::Examples - name: 'interconnect_attachment_dedicated' - skip_docs: true + - name: 'interconnect_attachment_dedicated' primary_resource_id: 'on_prem' vars: interconnect_name: 'interconenct-1' interconnect_attachment_name: 'on-prem-attachment' router_name: 'router-1' network_name: 'network-1' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_interconnect_attachment_ipsec_encryption' + exclude_docs: true + - name: 'compute_interconnect_attachment_ipsec_encryption' primary_resource_id: 'ipsec-encrypted-interconnect-attachment' vars: interconnect_attachment_name: 'test-interconnect-attachment' address_name: 'test-address' router_name: 'test-router' network_name: 'test-network' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/interconnect_attachment.go.erb - post_create: templates/terraform/post_create/interconnect_attachment.go.erb - pre_delete: templates/terraform/pre_delete/interconnect_attachment.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'selfLink' - required: false + - name: 'region' + type: ResourceRef description: | Region where the regional interconnect attachment resides. + required: false default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' properties: - - !ruby/object:Api::Type::Boolean - name: 'adminEnabled' - send_empty_value: true - default_value: true + - name: 'adminEnabled' + type: Boolean description: | Whether the VLAN attachment is enabled or disabled. When using PARTNER type this will Pre-Activate the interconnect attachment - - !ruby/object:Api::Type::String - name: 'cloudRouterIpAddress' + send_empty_value: true + default_value: true + - name: 'cloudRouterIpAddress' + type: String description: | IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment. output: true - - !ruby/object:Api::Type::String - name: 'customerRouterIpAddress' + - name: 'customerRouterIpAddress' + type: String description: | IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment. output: true - - !ruby/object:Api::Type::String - name: 'interconnect' - immutable: true + - name: 'interconnect' + type: String description: | URL of the underlying Interconnect object that this attachment's traffic will traverse through. Required if type is DEDICATED, must not be set if type is PARTNER. + immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::String - name: 'mtu' + - name: 'mtu' + type: String description: | Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. - custom_flatten: templates/terraform/custom_flatten/float64_to_int_to_string.go.erb default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'bandwidth' + custom_flatten: 'templates/terraform/custom_flatten/float64_to_int_to_string.go.tmpl' + - name: 'bandwidth' + type: Enum description: | Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, Defaults to BPS_10G - values: - - :BPS_50M - - :BPS_100M - - :BPS_200M - - :BPS_300M - - :BPS_400M - - :BPS_500M - - :BPS_1G - - :BPS_2G - - :BPS_5G - - :BPS_10G - - :BPS_20G - - :BPS_50G default_from_api: true - - !ruby/object:Api::Type::String - name: 'edgeAvailabilityDomain' - immutable: true + enum_values: + - 'BPS_50M' + - 'BPS_100M' + - 'BPS_200M' + - 'BPS_300M' + - 'BPS_400M' + - 'BPS_500M' + - 'BPS_1G' + - 'BPS_2G' + - 'BPS_5G' + - 'BPS_10G' + - 'BPS_20G' + - 'BPS_50G' + - name: 'edgeAvailabilityDomain' + type: String description: | Desired availability domain for the attachment. Only available for type PARTNER, at creation time. For improved reliability, customers should @@ -148,67 +146,66 @@ properties: selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. + immutable: true default_from_api: true - - !ruby/object:Api::Type::String - name: 'pairingKey' + - name: 'pairingKey' + type: String description: | [Output only for type PARTNER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain" output: true - - !ruby/object:Api::Type::String - name: 'partnerAsn' + - name: 'partnerAsn' + type: String description: | [Output only for type PARTNER. Not present for DEDICATED]. Optional BGP ASN for the router that should be supplied by a layer 3 Partner if they configured BGP on behalf of the customer. output: true - - !ruby/object:Api::Type::NestedObject - name: 'privateInterconnectInfo' + - name: 'privateInterconnectInfo' + type: NestedObject description: | Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED. output: true properties: - - !ruby/object:Api::Type::Integer - name: tag8021q + - name: 'tag8021q' + type: Integer description: | 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region. output: true - - !ruby/object:Api::Type::Enum - name: 'type' - immutable: true + - name: 'type' + type: Enum description: | The type of InterconnectAttachment you wish to create. Defaults to DEDICATED. - values: - - :DEDICATED - - :PARTNER - - :PARTNER_PROVIDER + immutable: true default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'state' + enum_values: + - 'DEDICATED' + - 'PARTNER' + - 'PARTNER_PROVIDER' + - name: 'state' + type: Enum description: | [Output Only] The current state of this attachment's functionality. - values: - - :ACTIVE - - :DEFUNCT - - :PARTNER_REQUEST_RECEIVED - - :PENDING_CUSTOMER - - :PENDING_PARTNER - - :STATE_UNSPECIFIED output: true - - !ruby/object:Api::Type::String - name: 'googleReferenceId' + enum_values: + - 'ACTIVE' + - 'DEFUNCT' + - 'PARTNER_REQUEST_RECEIVED' + - 'PENDING_CUSTOMER' + - 'PENDING_PARTNER' + - 'STATE_UNSPECIFIED' + - name: 'googleReferenceId' + type: String description: | Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. output: true - - !ruby/object:Api::Type::ResourceRef - name: 'router' - resource: 'Router' - imports: 'selfLink' + - name: 'router' + type: ResourceRef description: | URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will @@ -217,14 +214,16 @@ properties: required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Router' + imports: 'selfLink' + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the @@ -234,11 +233,10 @@ properties: letter, or digit, except the last character, which cannot be a dash. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - !ruby/object:Api::Type::Array - name: candidateSubnets - immutable: true + - name: 'candidateSubnets' + type: Array description: | Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. @@ -247,17 +245,19 @@ properties: an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space. - ignore_read: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: vlanTag8021q immutable: true + ignore_read: true + item_type: + type: String + - name: 'vlanTag8021q' + type: Integer description: | The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When using PARTNER type this will be managed upstream. + immutable: true default_from_api: true - - !ruby/object:Api::Type::Array - name: 'ipsecInternalAddresses' + - name: 'ipsecInternalAddresses' + type: Array description: | URL of addresses that have been reserved for the interconnect attachment, Used only for interconnect attachment that has the encryption option as @@ -275,16 +275,17 @@ properties: interconnect attachment, the HA VPN gateway's IP address will be allocated from regional external IP address pool. immutable: true - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'ipsecInternalAddress' - resource: 'Address' - imports: 'selfLink' + type: ResourceRef description: | URL of an address that has been reserved for the interconnect attachment. - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Enum - name: 'encryption' + resource: 'Address' + imports: 'selfLink' + - name: 'encryption' + type: Enum description: | Indicates the user-supplied encryption option of this interconnect attachment. Can only be specified at attachment creation for PARTNER or @@ -298,36 +299,36 @@ properties: such a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN attachment must be created with this option. immutable: true - values: - - :NONE - - :IPSEC - default_value: :NONE - custom_flatten: templates/terraform/custom_flatten/default_if_empty.erb - - !ruby/object:Api::Type::Enum - name: 'stackType' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "NONE" + enum_values: + - 'NONE' + - 'IPSEC' + - name: 'stackType' + type: Enum description: | The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations. - values: - - :IPV4_IPV6 - - :IPV4_ONLY default_from_api: true - - !ruby/object:Api::Type::String - name: 'cloudRouterIpv6Address' + enum_values: + - 'IPV4_IPV6' + - 'IPV4_ONLY' + - name: 'cloudRouterIpv6Address' + type: String description: | IPv6 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment. output: true - - !ruby/object:Api::Type::String - name: 'customerRouterIpv6Address' + - name: 'customerRouterIpv6Address' + type: String description: | IPv6 address + prefix length to be configured on the customer router subinterface for this interconnect attachment. output: true - - !ruby/object:Api::Type::Integer - name: 'subnetLength' + - name: 'subnetLength' + type: Integer description: | Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a diff --git a/mmv1/products/compute/License.yaml b/mmv1/products/compute/License.yaml index 17dee0d0e027..a5c05f43a681 100644 --- a/mmv1/products/compute/License.yaml +++ b/mmv1/products/compute/License.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,28 +11,35 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'License' kind: 'compute#license' -base_url: /projects/{{project}}/global/licenses -collection_url_key: 'items' -readonly: true -has_self_link: true description: | A License resource represents a software license. Licenses are used to track software usage in images, persistent disks, snapshots, and virtual machine instances. # Used as a resource reference exclude: true +readonly: true +docs: +base_url: '/projects/{{project}}/global/licenses' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name is 1-63 characters long and complies with RFC1035. output: true - - !ruby/object:Api::Type::Boolean - name: 'chargesUseFee' + - name: 'chargesUseFee' + type: Boolean description: | If true, the customer will be charged license fee for running software that contains this license on an instance. diff --git a/mmv1/products/compute/MachineImage.yaml b/mmv1/products/compute/MachineImage.yaml index 45dab113639f..1e5ff5de1b54 100644 --- a/mmv1/products/compute/MachineImage.yaml +++ b/mmv1/products/compute/MachineImage.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,123 +11,131 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'MachineImage' kind: 'compute#machineImage' -base_url: projects/{{project}}/global/machineImages -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a Machine Image resource. Machine images store all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/machine-images' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/machineImages' -min_version: beta -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/machineImages' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -iam_policy: !ruby/object:Api::Resource::IamPolicy +collection_url_key: 'items' +iam_policy: allowed_iam_role: 'roles/compute.admin' parent_resource_attribute: 'machine_image' - iam_conditions_request_type: :QUERY_PARAM + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'machine_image_basic' + - name: 'machine_image_basic' primary_resource_id: 'image' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' vars: vm_name: 'my-vm' image_name: 'my-image' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_machine_image_kms' + - name: 'compute_machine_image_kms' primary_resource_id: 'image' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' vars: vm_name: 'my-vm' image_name: 'my-image' key_name: 'key' keyring_name: 'keyring' test_vars_overrides: - policyChanged: - 'acctest.BootstrapPSARole(t, "service-", "compute-system", - "roles/cloudkms.cryptoKeyEncrypterDecrypter")' - + 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "compute-system", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: 'Name of the resource.' + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: 'A text description of the resource.' - - !ruby/object:Api::Type::ResourceRef - name: sourceInstance + min_version: 'beta' + - name: 'sourceInstance' + type: ResourceRef description: 'The source instance used to create the machine image. You can provide this as a partial or full URL to the resource.' + min_version: 'beta' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'Instance' imports: 'selfLink' - required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'storageLocations' + - name: 'storageLocations' + type: Array description: | The regional or multi-regional Cloud Storage bucket location where the machine image is stored. - item_type: Api::Type::String + min_version: 'beta' output: true - - !ruby/object:Api::Type::Boolean - name: guestFlush + item_type: + type: String + - name: 'guestFlush' + type: Boolean description: | Specify this to create an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS). - - !ruby/object:Api::Type::NestedObject - name: 'machineImageEncryptionKey' + min_version: 'beta' + - name: 'machineImageEncryptionKey' + type: NestedObject description: | Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image with a customer-supplied key, you must provide the same key if you use the machine image later (e.g. to create a instance from the image) + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. - - !ruby/object:Api::Type::String - name: 'sha256' + min_version: 'beta' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | The name of the encryption key that is stored in Google Cloud KMS. - diff_suppress_func: tpgresource.CompareCryptoKeyVersions - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + min_version: 'beta' + diff_suppress_func: 'tpgresource.CompareCryptoKeyVersions' + - name: 'kmsKeyServiceAccount' + type: String description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. + min_version: 'beta' diff --git a/mmv1/products/compute/MachineType.yaml b/mmv1/products/compute/MachineType.yaml index 9a61bb4474f5..bcd1d421c889 100644 --- a/mmv1/products/compute/MachineType.yaml +++ b/mmv1/products/compute/MachineType.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,60 +11,68 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'MachineType' kind: 'compute#machineType' -base_url: projects/{{project}}/zones/{{zone}}/machineTypes -collection_url_key: 'items' -has_self_link: true -readonly: true description: | Represents a MachineType resource. Machine types determine the virtualized hardware specifications of your virtual machine instances, such as the amount of memory or number of virtual CPUs. exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/machineTypes' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::NestedObject - name: 'deprecated' + - name: 'deprecated' + type: NestedObject description: 'The deprecation status associated with this machine type.' + output: true properties: - - !ruby/object:Api::Type::Time - name: 'deleted' + - name: 'deleted' + type: Time description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it. output: true - - !ruby/object:Api::Type::Time - name: 'deprecated' + - name: 'deprecated' + type: Time description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it. output: true - - !ruby/object:Api::Type::Time - name: 'obsolete' + - name: 'obsolete' + type: Time description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it. output: true - - !ruby/object:Api::Type::String - name: 'replacement' + - name: 'replacement' + type: String description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true - - !ruby/object:Api::Type::Enum - name: 'state' + - name: 'state' + type: Enum description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource @@ -72,52 +80,51 @@ properties: warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. - values: - - :DEPRECATED - - :OBSOLETE - - :DELETED output: true - output: true - - !ruby/object:Api::Type::String - name: 'description' + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String description: 'An optional textual description of the resource.' output: true - - !ruby/object:Api::Type::Integer - name: 'guestCpus' + - name: 'guestCpus' + type: Integer description: | The number of virtual CPUs that are available to the instance. output: true - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'The unique identifier for the resource.' output: true - - !ruby/object:Api::Type::Boolean - name: 'isSharedCpu' + - name: 'isSharedCpu' + type: Boolean description: | Whether this machine type has a shared CPU. See Shared-core machine types for more information. output: true - - !ruby/object:Api::Type::Integer - name: 'maximumPersistentDisks' + - name: 'maximumPersistentDisks' + type: Integer description: 'Maximum persistent disks allowed.' output: true - - !ruby/object:Api::Type::Integer - name: 'maximumPersistentDisksSizeGb' + - name: 'maximumPersistentDisksSizeGb' + type: Integer description: 'Maximum total persistent disks size (GB) allowed.' output: true - - !ruby/object:Api::Type::Integer - name: 'memoryMb' + - name: 'memoryMb' + type: Integer description: | The amount of physical memory available to the instance, defined in MB. output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the resource.' - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: 'The zone the machine type is defined.' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' diff --git a/mmv1/products/compute/ManagedSslCertificate.yaml b/mmv1/products/compute/ManagedSslCertificate.yaml index 517e59977122..20403b646bd0 100644 --- a/mmv1/products/compute/ManagedSslCertificate.yaml +++ b/mmv1/products/compute/ManagedSslCertificate.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ManagedSslCertificate' kind: 'compute#sslCertificate' -base_url: projects/{{project}}/global/sslCertificates -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' -immutable: true -has_self_link: true description: | An SslCertificate resource, used for HTTPS load balancing. This resource represents a certificate for which the certificate secrets are created and @@ -29,38 +21,11 @@ description: | For a resource where you provide the key, see the SSL Certificate resource. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - kind: 'compute#operation' - path: 'name' - base_url: '{{op_id}}' - wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - update_minutes: 30 - # Deletes can take 20-30 minutes to complete, since they depend - # on the provisioning process either succeeding or failing completely. - delete_minutes: 30 - result: !ruby/object:Api::OpAsync::Result - path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error - path: 'error/errors' - message: 'message' -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 30 - update_minutes: - 30 - # Deletes can take 20-30 minutes to complete, since they depend - # on the provisioning process either succeeding or failing completely. - delete_minutes: 30 -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' +docs: warning: | This resource should be used with extreme caution! Provisioning an SSL certificate is complex. Ensure that you understand the lifecycle of a @@ -74,11 +39,40 @@ docs: !ruby/object:Provider::Terraform::Docs certificates may entail some downtime while the certificate provisions. In conclusion: Be extremely cautious. -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/compute_managed_ssl_certificate.go.erb +base_url: 'projects/{{project}}/global/sslCertificates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 30 + update_minutes: 30 + # Deletes can take 20-30 minutes to complete, since they depend + # on the provisioning process either succeeding or failing completely. + delete_minutes: 30 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 30 + update_minutes: 30 + # Deletes can take 20-30 minutes to complete, since they depend + # on the provisioning process either succeeding or failing completely. + delete_minutes: 30 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/compute_managed_ssl_certificate.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'managed_ssl_certificate_basic' + - name: 'managed_ssl_certificate_basic' primary_resource_id: 'default' vars: cert_name: 'test-cert' @@ -88,27 +82,27 @@ examples: dns_zone_name: 'dnszone' forwarding_rule_name: 'forwarding-rule' http_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'managed_ssl_certificate_recreation' + - name: 'managed_ssl_certificate_recreation' primary_resource_id: 'cert' external_providers: ["random", "time"] # Random provider skip_vcr: true +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::Integer - name: 'certificate_id' - api_name: 'id' + - name: 'certificate_id' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -119,37 +113,39 @@ properties: character, which cannot be a dash. These are in the same namespace as the managed SSL certificates. - - !ruby/object:Api::Type::NestedObject - name: 'managed' + - name: 'managed' + type: NestedObject description: | Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of `MANAGED` in `type`). properties: - - !ruby/object:Api::Type::Array - name: 'domains' + - name: 'domains' + type: Array description: | Domains for which a managed SSL certificate will be valid. Currently, there can be up to 100 domains in this list. - max_size: 100 required: true diff_suppress_func: 'AbsoluteDomainSuppress' - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: 'type' + item_type: + type: String + max_size: 100 + - name: 'type' + type: Enum description: | Enum field whose value is always `MANAGED` - used to signal to the API which type this is. - values: - - :MANAGED - default_value: :MANAGED - - !ruby/object:Api::Type::Array - name: 'subjectAlternativeNames' + default_value: "MANAGED" + enum_values: + - 'MANAGED' + - name: 'subjectAlternativeNames' + type: Array description: | Domains associated with the certificate via Subject Alternative Name. - item_type: Api::Type::String output: true - - !ruby/object:Api::Type::Time - name: 'expireTime' + item_type: + type: String + - name: 'expireTime' + type: Time description: | Expire time of the certificate in RFC3339 text format. output: true diff --git a/mmv1/products/compute/Network.yaml b/mmv1/products/compute/Network.yaml index 31f097d2b77d..53d35d980a7a 100644 --- a/mmv1/products/compute/Network.yaml +++ b/mmv1/products/compute/Network.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,86 +11,106 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Network' kind: 'compute#network' -base_url: projects/{{project}}/global/networks -collection_url_key: 'items' -immutable: true -has_self_link: true -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + Manages a VPC network or legacy network resource on GCP. +references: guides: 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks' -description: | - Manages a VPC network or legacy network resource on GCP. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/networks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + encoder: 'templates/terraform/encoders/compute_network.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/compute_network.go.tmpl' + decoder: 'templates/terraform/decoders/compute_network.go.tmpl' + post_create: 'templates/terraform/post_create/compute_network_delete_default_route.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_basic' + - name: 'network_basic' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + - name: 'network_custom_mtu' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'network_custom_firewall_enforcement_order' + primary_resource_id: 'vpc_network' + vars: + network_name: 'vpc-network' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'network_bgp_best_path_selection_mode' primary_resource_id: 'vpc_network' + min_version: 'beta' vars: network_name: 'vpc-network' - - !ruby/object:Provider::Terraform::Examples - name: 'network_custom_mtu' + test_env_vars: + project: 'PROJECT_NAME' + - name: 'network_bgp_best_path_selection_mode_standard' primary_resource_id: 'vpc_network' + min_version: 'beta' vars: network_name: 'vpc-network' test_env_vars: - project: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'network_custom_firewall_enforcement_order' + project: 'PROJECT_NAME' + - name: 'network_bgp_best_path_selection_mode_standard_custom_fields' primary_resource_id: 'vpc_network' + min_version: 'beta' vars: network_name: 'vpc-network' test_env_vars: - project: :PROJECT_NAME + project: 'PROJECT_NAME' virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'delete_default_routes_on_create' - default_value: false + - name: 'delete_default_routes_on_create' description: | If set to `true`, default routes (`0.0.0.0/0`) will be deleted immediately after network creation. Defaults to `false`. -custom_code: !ruby/object:Provider::Terraform::CustomCode - decoder: templates/terraform/decoders/compute_network.go.erb - encoder: templates/terraform/encoders/compute_network.go.erb - update_encoder: templates/terraform/update_encoder/compute_network.go.erb - post_create: templates/terraform/post_create/compute_network_delete_default_route.erb + type: Boolean + default_value: false +parameters: properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. The resource must be recreated to modify this field. immutable: true - - !ruby/object:Api::Type::String - name: 'gateway_ipv4' - # We override this here so that the name is more aesthetic - api_name: 'gatewayIPv4' - output: true + - name: 'gateway_ipv4' + type: String description: | The gateway address for default routing out of the network. This value is selected by GCP. - - !ruby/object:Api::Type::String - name: 'name' + # We override this here so that the name is more aesthetic + api_name: gatewayIPv4 + output: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -99,17 +119,17 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - validation: !ruby/object:Provider::Terraform::Validation + immutable: true + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'numericId' + - name: 'numericId' + type: String description: | The unique identifier for the resource. This identifier is defined by the server. output: true - - !ruby/object:Api::Type::Boolean - name: 'autoCreateSubnetworks' + - name: 'autoCreateSubnetworks' + type: Boolean description: | When set to `true`, the network is created in "auto subnet mode" and it will create a subnet for each region automatically across the @@ -118,36 +138,68 @@ properties: When set to `false`, the network is created in "custom subnet mode" so the user can explicitly connect subnetwork resources. immutable: true - default_value: true send_empty_value: true - conflicts: [] - - !ruby/object:Api::Type::NestedObject - name: 'routingConfig' - update_verb: :PATCH - update_url: projects/{{project}}/global/networks/{{name}} + default_value: true + - name: 'routingConfig' + type: NestedObject description: | The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce. + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' flatten_object: true properties: - - !ruby/object:Api::Type::Enum - name: 'routingMode' - required: false + - name: 'routingMode' + type: Enum description: | The network-wide routing mode to use. If set to `REGIONAL`, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to `GLOBAL`, this network's cloud routers will advertise routes with all subnetworks of this network, across regions. - values: - - :REGIONAL - - :GLOBAL - update_verb: :PATCH - update_url: projects/{{project}}/global/networks/{{name}} + required: false + default_from_api: true + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + enum_values: + - 'REGIONAL' + - 'GLOBAL' + - name: 'bgpBestPathSelectionMode' + type: Enum + description: | + The BGP best selection algorithm to be employed. MODE can be LEGACY or STANDARD. + min_version: 'beta' + default_from_api: true + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + enum_values: + - 'LEGACY' + - 'STANDARD' + - name: 'bgpAlwaysCompareMed' + type: Boolean + description: | + Enables/disables the comparison of MED across routes with different Neighbor ASNs. + This value can only be set if the --bgp-best-path-selection-mode is STANDARD + min_version: 'beta' + required: false + default_from_api: true + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + - name: 'bgpInterRegionCost' + type: Enum + description: | + Choice of the behavior of inter-regional cost and MED in the BPS algorithm. + min_version: 'beta' + required: false default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'mtu' + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + enum_values: + - 'DEFAULT' + - 'ADD_COST_TO_MED' + - name: 'mtu' + type: Integer description: | Maximum Transmission Unit in bytes. The default value is 1460 bytes. The minimum value for this field is 1300 and the maximum value is 8896 bytes (jumbo frames). @@ -156,14 +208,14 @@ properties: with varying MTUs. immutable: true default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'enableUlaInternalIpv6' + - name: 'enableUlaInternalIpv6' + type: Boolean description: | Enable ULA internal ipv6 on this network. Enabling this feature will assign a /48 from google defined ULA prefix fd20::/20. immutable: true - - !ruby/object:Api::Type::String - name: 'internalIpv6Range' + - name: 'internalIpv6Range' + type: String description: | When enabling ula internal ipv6, caller optionally can specify the /48 range they want from the google defined ULA prefix fd20::/20. The input must be a @@ -172,13 +224,13 @@ properties: If the field is not speficied, then a /48 range will be randomly allocated from fd20::/20 and returned via this field. immutable: true default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'networkFirewallPolicyEnforcementOrder' - update_verb: :PATCH - update_url: projects/{{project}}/global/networks/{{name}} + - name: 'networkFirewallPolicyEnforcementOrder' + type: Enum description: | Set the order that Firewall Rules and Firewall Policies are evaluated. - values: - - :BEFORE_CLASSIC_FIREWALL - - :AFTER_CLASSIC_FIREWALL - default_value: :AFTER_CLASSIC_FIREWALL + update_url: 'projects/{{project}}/global/networks/{{name}}' + update_verb: 'PATCH' + default_value: "AFTER_CLASSIC_FIREWALL" + enum_values: + - 'BEFORE_CLASSIC_FIREWALL' + - 'AFTER_CLASSIC_FIREWALL' diff --git a/mmv1/products/compute/NetworkAttachment.yaml b/mmv1/products/compute/NetworkAttachment.yaml index dbe41ddb2572..6e1859398910 100644 --- a/mmv1/products/compute/NetworkAttachment.yaml +++ b/mmv1/products/compute/NetworkAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,39 +11,40 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NetworkAttachment' kind: 'compute#networkAttachment' description: | A network attachment is a resource that lets a producer Virtual Private Cloud (VPC) network initiate connections to a consumer VPC network through a Private Service Connect interface. -base_url: 'projects/{{project}}/regions/{{region}}/networkAttachments' -immutable: true -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/vpc/docs/about-network-attachments' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkAttachments' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/networkAttachments' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_attachment_basic' + - name: 'network_attachment_basic' primary_resource_id: 'default' vars: resource_name: 'basic-network-attachment' @@ -52,130 +53,134 @@ examples: accepted_producer_project_name: 'prj-accepted' rejected_producer_project_name: 'prj-rejected' test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - - !ruby/object:Provider::Terraform::Examples - name: 'network_attachment_instance_usage' - min_version: beta + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + - name: 'network_attachment_instance_usage' primary_resource_id: 'default' + min_version: 'beta' vars: resource_name: 'basic-network-attachment' network_name: 'basic-network' subnetwork_name: 'basic-subnetwork' instance_name: 'basic-instance' parameters: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - required: true - immutable: true + - name: 'region' + type: ResourceRef description: | URL of the region where the network attachment resides. This field applies only to the region resource. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body. + required: true + immutable: true default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'kind' + - name: 'kind' + type: String description: 'Type of the resource.' output: true - - !ruby/object:Api::Type::String - name: 'id' + - name: 'id' + type: String description: 'The unique identifier for the resource type. The server generates this identifier.' output: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::String - name: 'selfLink' + - name: 'selfLink' + type: String description: 'Server-defined URL for the resource.' output: true - - !ruby/object:Api::Type::String - name: 'selfLinkWithId' + - name: 'selfLinkWithId' + type: String description: | Server-defined URL for this resource's resource id. output: true - - !ruby/object:Api::Type::Enum - name: 'connectionPreference' + - name: 'connectionPreference' + type: Enum description: | The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules. required: true - values: - - :ACCEPT_AUTOMATIC - - :ACCEPT_MANUAL - - :INVALID - - !ruby/object:Api::Type::Array - name: 'connectionEndpoints' - output: true + enum_values: + - 'ACCEPT_AUTOMATIC' + - 'ACCEPT_MANUAL' + - 'INVALID' + - name: 'connectionEndpoints' + type: Array description: | An array of connections for all the producers connected to this network attachment. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'status' - output: true + - name: 'status' + type: String description: | The status of a connected endpoint to this network attachment. - - !ruby/object:Api::Type::String - name: 'projectIdOrNum' output: true + - name: 'projectIdOrNum' + type: String description: | The project id or number of the interface to which the IP was assigned. - - !ruby/object:Api::Type::String - name: 'subnetwork' output: true + - name: 'subnetwork' + type: String description: | The subnetwork used to assign the IP to the producer instance network interface. - - !ruby/object:Api::Type::String - name: 'ipAddress' output: true + - name: 'ipAddress' + type: String description: | The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless. - - !ruby/object:Api::Type::String - name: 'secondaryIpCidrRanges' output: true + - name: 'secondaryIpCidrRanges' + type: String description: | Alias IP ranges from the same subnetwork. - - !ruby/object:Api::Type::Array - name: 'subnetworks' - required: true + output: true + - name: 'subnetworks' + type: Array description: | An array of URLs where each entry is the URL of a subnet provided by the service consumer to use for endpoints in the producers that connect to this network attachment. - item_type: !ruby/object:Api::Type::ResourceRef + required: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'subnet' - resource: 'Subnetwork' - imports: 'selfLink' + type: ResourceRef description: | A subnet that is provided to set this network attachment. - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'producerRejectLists' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'producerRejectLists' + type: Array description: | Projects that are not allowed to connect to this network attachment. The project can be specified using its id or number. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'producerAcceptLists' + item_type: + type: String + - name: 'producerAcceptLists' + type: Array description: | Projects that are allowed to connect to this network attachment. The project can be specified using its id or number. - item_type: Api::Type::String - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + item_type: + type: String + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. An up-to-date fingerprint must be provided in order to patch. - - !ruby/object:Api::Type::String - name: 'network' output: true + - name: 'network' + type: String description: | The URL of the network which the Network Attachment belongs to. Practically it is inferred by fetching the network of the first subnetwork associated. Because it is required that all the subnetworks must be from the same network, it is assured that the Network Attachment belongs to the same network as all the subnetworks. + output: true diff --git a/mmv1/products/compute/NetworkEdgeSecurityService.yaml b/mmv1/products/compute/NetworkEdgeSecurityService.yaml index 8e2ba7f79302..14594bcb1ef7 100644 --- a/mmv1/products/compute/NetworkEdgeSecurityService.yaml +++ b/mmv1/products/compute/NetworkEdgeSecurityService.yaml @@ -1,112 +1,121 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the 'License'); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an 'AS IS' BASIS, +# distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- -!ruby/object:Api::Resource name: 'NetworkEdgeSecurityService' -min_version: beta kind: 'compute#networkEdgeSecurityService' -base_url: projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices -create_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices?networkEdgeSecurityService={{name}}' -self_link: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' -update_verb: :PATCH -update_mask: true -# Skipping the sweeper since we need to sweep multiple regions -skip_sweeper: true -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + Google Cloud Armor network edge security service resource. +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/armor/docs/advanced-network-ddos' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkEdgeSecurityServices' -description: | - Google Cloud Armor network edge security service resource. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices' +self_link: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices?networkEdgeSecurityService={{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -import_format: - ['projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}'] +custom_code: +# Skipping the sweeper since we need to sweep multiple regions +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'compute_network_edge_security_service_basic' + - name: 'compute_network_edge_security_service_basic' primary_resource_id: 'default' vars: resource_name: 'my-edge-security-service' test_env_vars: - project_id: :PROJECT_NAME + project_id: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - required: false - immutable: true + - name: 'region' + type: ResourceRef description: | The region of the gateway security policy. + min_version: 'beta' url_param_only: true -properties: - - !ruby/object:Api::Type::String - name: 'name' + required: false immutable: true + resource: 'Region' + imports: 'name' +properties: + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: 'description' + immutable: true + - name: 'description' + type: String description: | Free-text description of the resource. - - !ruby/object:Api::Type::String - name: 'serviceId' - api_name: 'id' - output: true + min_version: 'beta' + - name: 'serviceId' + type: String description: | The unique identifier for the resource. This identifier is defined by the server. - - !ruby/object:Api::Type::String - name: 'creationTimestamp' + api_name: id + min_version: 'beta' output: true + - name: 'creationTimestamp' + type: String description: | Creation timestamp in RFC3339 text format. - - !ruby/object:Api::Type::String - name: 'selfLink' + min_version: 'beta' output: true + - name: 'selfLink' + type: String description: | Server-defined URL for the resource. - - !ruby/object:Api::Type::String - name: 'selfLinkWithServiceId' - api_name: 'selfLinkWithId' + min_version: 'beta' output: true + - name: 'selfLinkWithServiceId' + type: String description: | Server-defined URL for this resource with the resource id. - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + api_name: selfLinkWithId + min_version: 'beta' output: true + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. - - !ruby/object:Api::Type::String - name: 'securityPolicy' + min_version: 'beta' + output: true + - name: 'securityPolicy' + type: String description: | The resource URL for the network edge security service associated with this network edge security service. + min_version: 'beta' diff --git a/mmv1/products/compute/NetworkEndpoint.yaml b/mmv1/products/compute/NetworkEndpoint.yaml index 48cee33c87f9..3cdd5904786d 100644 --- a/mmv1/products/compute/NetworkEndpoint.yaml +++ b/mmv1/products/compute/NetworkEndpoint.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,10 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NetworkEndpoint' kind: 'compute#networkEndpoint' -base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' description: | A Network endpoint represents a IP address and port combination that is part of a specific network endpoint group (NEG). NEGs are zonal @@ -25,105 +24,106 @@ description: | -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. -immutable: true -create_verb: :POST -create_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints -delete_verb: :POST -delete_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints -read_verb: :POST -self_link: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints -identity: - - instance - - ipAddress - - port -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - items -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +immutable: true +mutex: 'networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}' -mutex: networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}} +identity: + - instance + - ipAddress + - port +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_network_endpoint.go.tmpl' + decoder: 'templates/terraform/decoders/unwrap_resource.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_network_endpoint.go.tmpl' + custom_import: 'templates/terraform/custom_import/compute_network_endpoint.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_endpoint' - primary_resource_id: - 'default-endpoint' - # Fine-grained resource need different autogenerated tests, as - # we need to check destroy during a test step where the parent resource - # still exists, rather than during CheckDestroy (when read returns - # nothing because the parent resource has then also been destroyed) - skip_test: true + - name: 'network_endpoint' + primary_resource_id: 'default-endpoint' vars: neg_name: 'my-lb-neg' instance_name: 'endpoint-instance' network_name: 'neg-network' subnetwork_name: 'neg-subnetwork' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: templates/terraform/pre_delete/compute_network_endpoint.go.erb - custom_import: templates/terraform/custom_import/compute_network_endpoint.go.erb - decoder: templates/terraform/decoders/unwrap_resource.go.erb - encoder: templates/terraform/encoders/compute_network_endpoint.go.erb + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | Zone where the containing network endpoint group is located. - required: false url_param_only: true - default_from_api: true + required: false ignore_read: true - - !ruby/object:Api::Type::ResourceRef - name: 'networkEndpointGroup' - resource: 'NetworkEndpointGroup' + default_from_api: true + resource: 'Zone' imports: 'name' + - name: 'networkEndpointGroup' + type: ResourceRef description: | The network endpoint group this endpoint is part of. - required: true url_param_only: true + required: true ignore_read: true - diff_suppress_func: tpgresource.CompareResourceNames -properties: - - !ruby/object:Api::Type::ResourceRef - name: 'instance' - resource: 'Instance' + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'NetworkEndpointGroup' imports: 'name' +properties: + - name: 'instance' + type: ResourceRef description: | The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. - custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.erb' - - !ruby/object:Api::Type::Integer - name: 'port' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + resource: 'Instance' + imports: 'name' + - name: 'port' + type: Integer description: | Port number of network endpoint. **Note** `port` is required unless the Network Endpoint Group is created with the type of `GCE_VM_IP` - custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb - - !ruby/object:Api::Type::String - name: 'ipAddress' + custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' + - name: 'ipAddress' + type: String description: | IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP diff --git a/mmv1/products/compute/NetworkEndpointGroup.yaml b/mmv1/products/compute/NetworkEndpointGroup.yaml index 37ffa5e15a38..90adf726d926 100644 --- a/mmv1/products/compute/NetworkEndpointGroup.yaml +++ b/mmv1/products/compute/NetworkEndpointGroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NetworkEndpointGroup' kind: 'compute#networkEndpointGroup' -base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups' -immutable: true -has_self_link: true -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' description: | Network endpoint groups (NEGs) are zonal resources that represent collections of IP address and port combinations for GCP resources within a @@ -37,54 +29,61 @@ description: | Recreating a network endpoint group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` to avoid this type of error. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/compute_network_endpoint_group.go.erb +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/compute_network_endpoint_group.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_endpoint_group' + - name: 'network_endpoint_group' primary_resource_id: 'neg' vars: neg_name: 'my-lb-neg' network_name: 'neg-network' subnetwork_name: 'neg-subnetwork' - - !ruby/object:Provider::Terraform::Examples - name: 'network_endpoint_group_non_gcp' + - name: 'network_endpoint_group_non_gcp' primary_resource_id: 'neg' vars: neg_name: 'my-lb-neg' network_name: 'neg-network' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | Zone where the network endpoint group is located. required: false - default_from_api: true ignore_read: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -94,15 +93,15 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Enum - name: 'networkEndpointType' + - name: 'networkEndpointType' + type: Enum description: | Type of network endpoints in this network endpoint group. NON_GCP_PRIVATE_IP_PORT is used for hybrid connectivity network @@ -113,38 +112,38 @@ properties: CONNECTION balancing modes. Possible values include: GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_IP_PORT, INTERNET_FQDN_PORT, SERVERLESS, and PRIVATE_SERVICE_CONNECT. - values: - - :GCE_VM_IP - - :GCE_VM_IP_PORT - - :NON_GCP_PRIVATE_IP_PORT - - :INTERNET_IP_PORT - - :INTERNET_FQDN_PORT - - :SERVERLESS - - :PRIVATE_SERVICE_CONNECT - default_value: :GCE_VM_IP_PORT - - !ruby/object:Api::Type::Integer - name: 'size' + default_value: "GCE_VM_IP_PORT" + enum_values: + - 'GCE_VM_IP' + - 'GCE_VM_IP_PORT' + - 'NON_GCP_PRIVATE_IP_PORT' + - 'INTERNET_IP_PORT' + - 'INTERNET_FQDN_PORT' + - 'SERVERLESS' + - 'PRIVATE_SERVICE_CONNECT' + - name: 'size' + type: Integer description: Number of network endpoints in the network endpoint group. output: true - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | The network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified. required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef description: | Optional subnetwork to which all network endpoints in the NEG belong. diff_suppress_func: 'compareOptionalSubnet' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'defaultPort' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'defaultPort' + type: Integer description: | The default port used if the port number is not specified in the network endpoint. diff --git a/mmv1/products/compute/NetworkEndpoints.yaml b/mmv1/products/compute/NetworkEndpoints.yaml index 0c3f4a2bbc6d..5fce56f2aeec 100644 --- a/mmv1/products/compute/NetworkEndpoints.yaml +++ b/mmv1/products/compute/NetworkEndpoints.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,10 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NetworkEndpoints' kind: 'compute#networkEndpoints' -base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' description: | A set of network endpoints belonging to a network endpoint group (NEG). A single network endpoint represents a IP address and port combination that is @@ -28,114 +27,114 @@ description: | -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. -create_verb: :POST -create_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints -update_verb: :POST -update_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints -delete_verb: :POST -delete_url: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints -read_verb: :POST -self_link: projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints -identity: - - networkEndpointGroup -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}' +base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +self_link: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' +update_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' +update_verb: 'POST' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +mutex: 'networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}}' +import_format: + - 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}' -import_format: - - 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' -mutex: networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}} +identity: + - networkEndpointGroup +custom_code: + constants: 'templates/terraform/constants/network_endpoints.go.tmpl' + encoder: 'templates/terraform/encoders/compute_network_endpoints.go.tmpl' + decoder: 'templates/terraform/decoders/network_endpoints.go.tmpl' + pre_create: 'templates/terraform/pre_create/network_endpoints.go.tmpl' + pre_update: 'templates/terraform/pre_update/network_endpoints.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_network_endpoints.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_endpoints' - primary_resource_id: - 'default-endpoints' - # Fine-grained resource need different autogenerated tests, as - # we need to check destroy during a test step where the parent resource - # still exists, rather than during CheckDestroy (when read returns - # nothing because the parent resource has then also been destroyed) - skip_test: true + - name: 'network_endpoints' + primary_resource_id: 'default-endpoints' vars: neg_name: 'my-lb-neg' instance_name: 'endpoint-instance' network_name: 'neg-network' subnetwork_name: 'neg-subnetwork' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/network_endpoints.go.erb - pre_create: templates/terraform/pre_create/network_endpoints.go.erb - pre_update: templates/terraform/pre_update/network_endpoints.go.erb - pre_delete: templates/terraform/pre_delete/compute_network_endpoints.go.erb - decoder: templates/terraform/decoders/network_endpoints.go.erb - encoder: templates/terraform/encoders/compute_network_endpoints.go.erb + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | Zone where the containing network endpoint group is located. - required: false url_param_only: true - default_from_api: true + required: false ignore_read: true - - !ruby/object:Api::Type::ResourceRef - name: 'networkEndpointGroup' - resource: 'NetworkEndpointGroup' + default_from_api: true + resource: 'Zone' imports: 'name' + - name: 'networkEndpointGroup' + type: ResourceRef description: | The network endpoint group these endpoints are part of. - required: true url_param_only: true + required: true ignore_read: true - diff_suppress_func: tpgresource.CompareResourceNames + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'NetworkEndpointGroup' + imports: 'name' properties: - - !ruby/object:Api::Type::Array - name: 'networkEndpoints' - is_set: true + - name: 'networkEndpoints' + type: Array description: | The network endpoints to be added to the enclosing network endpoint group (NEG). Each endpoint specifies an IP address and port, along with additional information depending on the NEG type. - item_type: !ruby/object:Api::Type::NestedObject + is_set: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'instance' - resource: 'Instance' - imports: 'name' + - name: 'instance' + type: ResourceRef description: | The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone as the network endpoint group. - custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.erb' - - !ruby/object:Api::Type::Integer - name: 'port' + custom_expand: 'templates/terraform/custom_expand/resource_from_self_link.go.tmpl' + resource: 'Instance' + imports: 'name' + - name: 'port' + type: Integer description: | Port number of network endpoint. **Note** `port` is required unless the Network Endpoint Group is created with the type of `GCE_VM_IP` - custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb - - !ruby/object:Api::Type::String - name: 'ipAddress' + custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' + - name: 'ipAddress' + type: String description: | IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP diff --git a/mmv1/products/compute/NetworkFirewallPolicy.yaml b/mmv1/products/compute/NetworkFirewallPolicy.yaml index 60dd60ff8696..1792ee6bc09c 100644 --- a/mmv1/products/compute/NetworkFirewallPolicy.yaml +++ b/mmv1/products/compute/NetworkFirewallPolicy.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,69 +11,71 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: NetworkFirewallPolicy -base_url: projects/{{project}}/global/firewallPolicies -create_url: projects/{{project}}/global/firewallPolicies -self_link: projects/{{project}}/global/firewallPolicies/{{name}} -update_verb: :PATCH +--- +name: 'NetworkFirewallPolicy' description: "The Compute NetworkFirewallPolicy resource" -legacy_long_form_project: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/firewallPolicies' +self_link: 'projects/{{project}}/global/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/global/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: +legacy_long_form_project: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_firewall_policy_full' + - name: 'network_firewall_policy_full' primary_resource_id: 'policy' vars: policy_name: 'tf-test-policy' +parameters: properties: - - !ruby/object:Api::Type::String - name: creationTimestamp + - name: 'creationTimestamp' + type: String description: Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true immutable: true - - !ruby/object:Api::Type::String - name: networkFirewallPolicyId + - name: 'networkFirewallPolicyId' + type: String description: The unique identifier for the resource. This identifier is defined by the server. - output: true api_name: id - - !ruby/object:Api::Type::String - name: description + output: true + - name: 'description' + type: String description: An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Fingerprint - name: fingerprint + - name: 'fingerprint' + type: Fingerprint description: Fingerprint of the resource. This field is used internally during updates of this resource. output: true - - !ruby/object:Api::Type::String - name: selfLink + - name: 'selfLink' + type: String description: Server-defined URL for the resource. output: true - - !ruby/object:Api::Type::String - name: selfLinkWithId + - name: 'selfLinkWithId' + type: String description: Server-defined URL for this resource with the resource id. output: true - - !ruby/object:Api::Type::Integer - name: ruleTupleCount + - name: 'ruleTupleCount' + type: Integer description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. output: true diff --git a/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml index 60df0a3589d7..2c89a894586d 100644 --- a/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml +++ b/mmv1/products/compute/NetworkFirewallPolicyWithRules.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,36 +11,42 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: NetworkFirewallPolicyWithRules -min_version: beta -base_url: projects/{{project}}/global/firewallPolicies -create_url: projects/{{project}}/global/firewallPolicies -self_link: projects/{{project}}/global/firewallPolicies/{{name}} -update_verb: :PATCH +--- +name: 'NetworkFirewallPolicyWithRules' description: "The Compute NetworkFirewallPolicy with rules resource" -legacy_long_form_project: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +min_version: 'beta' +docs: +base_url: 'projects/{{project}}/global/firewallPolicies' +self_link: 'projects/{{project}}/global/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/global/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: + constants: 'templates/terraform/constants/resource_compute_network_firewall_policy_with_rules.go.tmpl' + encoder: 'templates/terraform/encoders/resource_compute_network_firewall_policy_with_rules.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/resource_compute_network_firewall_policy_with_rules.go.tmpl' + decoder: 'templates/terraform/decoders/resource_compute_network_firewall_policy_with_rules.go.tmpl' + post_create: 'templates/terraform/post_create/resource_compute_network_firewall_policy_with_rules.go.tmpl' +legacy_long_form_project: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'compute_network_firewall_policy_with_rules_full' + - name: 'compute_network_firewall_policy_with_rules_full' primary_resource_id: 'network-firewall-policy-with-rules' vars: policy_name: 'tf-fw-policy-with-rules' @@ -50,20 +56,16 @@ examples: security_profile_group_name: 'tf-security-profile-group' security_profile_name: 'tf-security-profile' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/resource_compute_network_firewall_policy_with_rules.go.erb - encoder: templates/terraform/encoders/resource_compute_network_firewall_policy_with_rules.go.erb - decoder: templates/terraform/decoders/resource_compute_network_firewall_policy_with_rules.go.erb - update_encoder: templates/terraform/update_encoder/resource_compute_network_firewall_policy_with_rules.go.erb - post_create: templates/terraform/post_create/resource_compute_network_firewall_policy_with_rules.go.erb + org_id: 'ORG_ID' +parameters: properties: - - !ruby/object:Api::Type::String - name: creationTimestamp + - name: 'creationTimestamp' + type: String description: Creation timestamp in RFC3339 text format. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. @@ -71,130 +73,161 @@ properties: the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + min_version: 'beta' required: true immutable: true - - !ruby/object:Api::Type::String - name: networkFirewallPolicyId + - name: 'networkFirewallPolicyId' + type: String description: The unique identifier for the resource. This identifier is defined by the server. - output: true api_name: id - - !ruby/object:Api::Type::String - name: description + min_version: 'beta' + output: true + - name: 'description' + type: String description: An optional description of this resource. - - !ruby/object:Api::Type::Array - name: 'rule' - api_name: 'rules' + min_version: 'beta' + - name: 'rule' + type: Array description: A list of firewall policy rules. + api_name: rules + min_version: 'beta' required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A description of the rule. - - !ruby/object:Api::Type::String - name: 'ruleName' + min_version: 'beta' + - name: 'ruleName' + type: String description: | An optional name for the rule. This field is not a unique identifier and can be updated. - - !ruby/object:Api::Type::Integer - name: 'priority' + min_version: 'beta' + - name: 'priority' + type: Integer description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. + min_version: 'beta' required: true - - !ruby/object:Api::Type::NestedObject - name: 'match' + - name: 'match' + type: NestedObject description: A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' required: true properties: - - !ruby/object:Api::Type::Array - name: 'srcIpRanges' + - name: 'srcIpRanges' + type: Array description: | Source IP address range in CIDR format. Required for INGRESS rules. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'destIpRanges' + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array description: | Destination IP address range in CIDR format. Required for EGRESS rules. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcAddressGroups' + min_version: 'beta' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array description: | Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destAddressGroups' + min_version: 'beta' + item_type: + type: String + - name: 'destAddressGroups' + type: Array description: | Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcFqdns' + min_version: 'beta' + item_type: + type: String + - name: 'srcFqdns' + type: Array description: | Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destFqdns' + min_version: 'beta' + item_type: + type: String + - name: 'destFqdns' + type: Array description: | Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcRegionCodes' + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destRegionCodes' + min_version: 'beta' + item_type: + type: String + - name: 'destRegionCodes' + type: Array description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcThreatIntelligences' + min_version: 'beta' + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array description: | Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destThreatIntelligences' + min_version: 'beta' + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array description: | Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. - - !ruby/object:Api::Type::Array - name: 'layer4Config' - api_name: 'layer4Configs' + min_version: 'beta' + item_type: + type: String + - name: 'layer4Config' + type: Array description: | Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'ipProtocol' + - name: 'ipProtocol' + type: String description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. + min_version: 'beta' required: true - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'ports' + - name: 'ports' + type: Array description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -202,35 +235,41 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. - - !ruby/object:Api::Type::Array - name: 'srcSecureTag' - api_name: 'srcSecureTags' + min_version: 'beta' + item_type: + type: String + - name: 'srcSecureTag' + type: Array description: | List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. - item_type: !ruby/object:Api::Type::NestedObject + api_name: srcSecureTags + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the secure tag, created with TagManager's TagValue API. @pattern tagValues/[0-9]+ - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + min_version: 'beta' + - name: 'state' + type: Enum description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. - values: - - :EFFECTIVE - - :INEFFECTIVE - - !ruby/object:Api::Type::Array - name: 'targetSecureTag' - api_name: 'targetSecureTags' + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array description: | A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the @@ -243,194 +282,234 @@ properties: targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256. - item_type: !ruby/object:Api::Type::NestedObject + api_name: targetSecureTags + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the secure tag, created with TagManager's TagValue API. @pattern tagValues/[0-9]+ - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + min_version: 'beta' + - name: 'state' + type: Enum description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. - values: - - :EFFECTIVE - - :INEFFECTIVE - - !ruby/object:Api::Type::String - name: 'action' + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String description: | The Action to perform when the client connection triggers the rule. Can currently be either "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' required: true - - !ruby/object:Api::Type::Enum - name: 'direction' + - name: 'direction' + type: Enum description: | The direction in which this rule applies. If unspecified an INGRESS rule is created. - values: - - :INGRESS - - :EGRESS - - !ruby/object:Api::Type::Boolean - name: 'enableLogging' + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. + min_version: 'beta' send_empty_value: true - - !ruby/object:Api::Type::Array - name: 'targetServiceAccounts' + - name: 'targetServiceAccounts' + type: Array description: | A list of service accounts indicating the sets of instances that are applied with this rule. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'securityProfileGroup' + min_version: 'beta' + item_type: + type: String + - name: 'securityProfileGroup' + type: String description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. - - !ruby/object:Api::Type::Boolean - name: 'tlsInspect' + min_version: 'beta' + - name: 'tlsInspect' + type: Boolean description: | Boolean flag indicating if the traffic should be TLS decrypted. It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. - - !ruby/object:Api::Type::Boolean - name: 'disabled' + min_version: 'beta' + - name: 'disabled' + type: Boolean description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. - - !ruby/object:Api::Type::Array - name: 'predefinedRules' + min_version: 'beta' + - name: 'predefinedRules' + type: Array description: A list of firewall policy pre-defined rules. + min_version: 'beta' output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' - output: true + - name: 'description' + type: String description: | A description of the rule. - - !ruby/object:Api::Type::String - name: 'ruleName' + min_version: 'beta' output: true + - name: 'ruleName' + type: String description: | An optional name for the rule. This field is not a unique identifier and can be updated. - - !ruby/object:Api::Type::Integer - name: 'priority' + min_version: 'beta' output: true + - name: 'priority' + type: Integer description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. - - !ruby/object:Api::Type::NestedObject - name: 'match' + min_version: 'beta' output: true + - name: 'match' + type: NestedObject description: A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + output: true properties: - - !ruby/object:Api::Type::Array - name: 'srcIpRanges' - output: true + - name: 'srcIpRanges' + type: Array description: | Source IP address range in CIDR format. Required for INGRESS rules. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'destIpRanges' + min_version: 'beta' output: true + item_type: + type: String + - name: 'destIpRanges' + type: Array description: | Destination IP address range in CIDR format. Required for EGRESS rules. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - item_type: Api::Type::String + min_version: 'beta' output: true - name: 'srcAddressGroups' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array description: | Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String + min_version: 'beta' output: true - name: 'destAddressGroups' + item_type: + type: String + - name: 'destAddressGroups' + type: Array description: | Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcFqdns' + min_version: 'beta' output: true + item_type: + type: String + - name: 'srcFqdns' + type: Array description: | Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destFqdns' + min_version: 'beta' output: true + item_type: + type: String + - name: 'destFqdns' + type: Array description: | Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcRegionCodes' + min_version: 'beta' output: true + item_type: + type: String + - name: 'srcRegionCodes' + type: Array description: | Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destRegionCodes' + min_version: 'beta' output: true + item_type: + type: String + - name: 'destRegionCodes' + type: Array description: | Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'srcThreatIntelligences' + min_version: 'beta' output: true + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array description: | Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'destThreatIntelligences' + min_version: 'beta' output: true + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array description: | Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. - - !ruby/object:Api::Type::Array - name: 'layer4Config' + min_version: 'beta' output: true - api_name: 'layer4Configs' + item_type: + type: String + - name: 'layer4Config' + type: Array description: | Pairs of IP protocols and ports that the rule should match. - item_type: !ruby/object:Api::Type::NestedObject + api_name: layer4Configs + min_version: 'beta' + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'ipProtocol' - output: true + - name: 'ipProtocol' + type: String description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'ports' + min_version: 'beta' output: true + - name: 'ports' + type: Array description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -438,38 +517,44 @@ properties: applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. - - !ruby/object:Api::Type::Array - name: 'srcSecureTag' - api_name: 'srcSecureTags' - output: true + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcSecureTag' + type: Array description: | List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. - item_type: !ruby/object:Api::Type::NestedObject + api_name: srcSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Name of the secure tag, created with TagManager's TagValue API. @pattern tagValues/[0-9]+ - - !ruby/object:Api::Type::Enum - name: 'state' + min_version: 'beta' output: true + - name: 'state' + type: Enum description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. - values: - - :EFFECTIVE - - :INEFFECTIVE - - !ruby/object:Api::Type::Array - name: 'targetSecureTag' - api_name: 'targetSecureTags' - output: true + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array description: | A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the @@ -482,88 +567,106 @@ properties: targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256. - item_type: !ruby/object:Api::Type::NestedObject + api_name: targetSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | Name of the secure tag, created with TagManager's TagValue API. @pattern tagValues/[0-9]+ - - !ruby/object:Api::Type::Enum - name: 'state' + min_version: 'beta' output: true + - name: 'state' + type: Enum description: | [Output Only] State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted. - values: - - :EFFECTIVE - - :INEFFECTIVE - - !ruby/object:Api::Type::String - name: 'action' - output: true + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String description: | The Action to perform when the client connection triggers the rule. Can currently be either "allow", "deny", "apply_security_profile_group" or "goto_next". - - !ruby/object:Api::Type::Enum - name: 'direction' + min_version: 'beta' output: true + - name: 'direction' + type: Enum description: | The direction in which this rule applies. If unspecified an INGRESS rule is created. - values: - - :INGRESS - - :EGRESS - - !ruby/object:Api::Type::Boolean - name: 'enableLogging' + min_version: 'beta' output: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. - send_empty_value: true - - !ruby/object:Api::Type::Array - name: 'targetServiceAccounts' + min_version: 'beta' output: true + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array description: | A list of service accounts indicating the sets of instances that are applied with this rule. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'securityProfileGroup' + min_version: 'beta' output: true + item_type: + type: String + - name: 'securityProfileGroup' + type: String description: | A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action is 'apply_security_profile_group'. - - !ruby/object:Api::Type::Boolean - name: 'tlsInspect' + min_version: 'beta' output: true + - name: 'tlsInspect' + type: Boolean description: | Boolean flag indicating if the traffic should be TLS decrypted. It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. - - !ruby/object:Api::Type::Boolean - name: 'disabled' + min_version: 'beta' output: true + - name: 'disabled' + type: Boolean description: | Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled. - - !ruby/object:Api::Type::Fingerprint - name: fingerprint + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint description: Fingerprint of the resource. This field is used internally during updates of this resource. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: selfLink + - name: 'selfLink' + type: String description: Server-defined URL for the resource. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: selfLinkWithId + - name: 'selfLinkWithId' + type: String description: Server-defined URL for this resource with the resource id. + min_version: 'beta' output: true - - !ruby/object:Api::Type::Integer - name: ruleTupleCount + - name: 'ruleTupleCount' + type: Integer description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + min_version: 'beta' output: true diff --git a/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml b/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml index 8d63e5adbe86..e294562057b6 100644 --- a/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml +++ b/mmv1/products/compute/NetworkPeeringRoutesConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,66 +11,65 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NetworkPeeringRoutesConfig' -base_url: 'projects/{{project}}/global/networks/{{network}}' -self_link: 'projects/{{project}}/global/networks/{{network}}' description: | Manage a network peering's route settings without managing the peering as a whole. This resource is primarily intended for use with GCP-generated peerings that shouldn't otherwise be managed by other tools. Deleting this resource is a no-op and the peering will not be modified. -create_verb: :PATCH -create_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' -update_verb: :PATCH -update_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' -identity: - - peering -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - peerings -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc-peering' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks/updatePeering' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' +base_url: 'projects/{{project}}/global/networks/{{network}}' +self_link: 'projects/{{project}}/global/networks/{{network}}' +create_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' +update_verb: 'PATCH' +exclude_delete: true +mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' +import_format: + - 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' -import_format: - [ - 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}', - ] -mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' -skip_delete: true +identity: + - peering +nested_query: + keys: + - peerings + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/network_peering_routes_config.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'network_peering_routes_config_basic' + - name: 'network_peering_routes_config_basic' primary_resource_id: 'peering_primary_routes' vars: peering_primary_name: 'primary-peering' peering_secondary_name: 'secondary-peering' network_primary_name: 'primary-network' network_secondary_name: 'secondary-network' - - !ruby/object:Provider::Terraform::Examples - name: 'network_peering_routes_config_gke' - # currently failing - skip_vcr: true + - name: 'network_peering_routes_config_gke' primary_resource_id: 'peering_gke_routes' vars: network_name: 'container-network' @@ -78,38 +77,38 @@ examples: gke_cluster_name: 'private-cluster' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: 'templates/terraform/encoders/network_peering_routes_config.go.erb' + 'deletion_protection': 'false' + # currently failing + skip_vcr: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'name' + - name: 'network' + type: ResourceRef description: | The name of the primary network for the peering. - required: true url_param_only: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' -properties: - - !ruby/object:Api::Type::String - name: 'peering' - # renamed to make it clear that this is an existing peering - api_name: 'name' required: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + resource: 'Network' + imports: 'name' +properties: + - name: 'peering' + type: String description: | Name of the peering. - - !ruby/object:Api::Type::Boolean - name: 'exportCustomRoutes' + # renamed to make it clear that this is an existing peering + api_name: name required: true + - name: 'exportCustomRoutes' + type: Boolean description: | Whether to export the custom routes to the peer network. - send_empty_value: true - - !ruby/object:Api::Type::Boolean - name: 'importCustomRoutes' required: true + send_empty_value: true + - name: 'importCustomRoutes' + type: Boolean description: | Whether to import the custom routes to the peer network. + required: true send_empty_value: true diff --git a/mmv1/products/compute/NodeGroup.yaml b/mmv1/products/compute/NodeGroup.yaml index f55a62447aef..e011a8300469 100644 --- a/mmv1/products/compute/NodeGroup.yaml +++ b/mmv1/products/compute/NodeGroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,61 +11,60 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NodeGroup' kind: 'compute#NodeGroup' -base_url: projects/{{project}}/zones/{{zone}}/nodeGroups -create_url: projects/{{project}}/zones/{{zone}}/nodeGroups?initialNodeCount=PRE_CREATE_REPLACE_ME -update_verb: :PATCH -update_mask: true -has_self_link: true description: | Represents a NodeGroup resource to manage a group of sole-tenant nodes. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups' -collection_url_key: 'items' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups' +has_self_link: true +create_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups?initialNodeCount=PRE_CREATE_REPLACE_ME' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + pre_create: 'templates/terraform/pre_create/compute_node_group_url_replace.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'node_group_basic' + - name: 'node_group_basic' primary_resource_id: 'nodes' vars: group_name: 'soletenant-group' template_name: 'soletenant-tmpl' - - !ruby/object:Provider::Terraform::Examples - name: 'node_group_maintenance_interval' - min_version: beta + - name: 'node_group_maintenance_interval' primary_resource_id: 'nodes' + min_version: 'beta' vars: group_name: 'soletenant-group' template_name: 'soletenant-tmpl' - - !ruby/object:Provider::Terraform::Examples - name: 'node_group_autoscaling_policy' + - name: 'node_group_autoscaling_policy' primary_resource_id: 'nodes' vars: group_name: 'soletenant-group' template_name: 'soletenant-tmpl' - - !ruby/object:Provider::Terraform::Examples - name: 'node_group_share_settings' + - name: 'node_group_share_settings' primary_resource_id: 'nodes' vars: group_name: 'soletenant-group' @@ -73,71 +72,69 @@ examples: guest_project_id: 'project-id' guest_project_name: 'project-name' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_create: templates/terraform/pre_create/compute_node_group_url_replace.go.erb + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'selfLink' - required: false + - name: 'zone' + type: ResourceRef description: | Zone where this node group is located + required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'selfLink' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional textual description of the resource. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. - - !ruby/object:Api::Type::ResourceRef - name: 'nodeTemplate' - resource: 'NodeTemplate' - imports: 'selfLink' - required: true + - name: 'nodeTemplate' + type: ResourceRef description: | The URL of the node template to which this node group belongs. - update_verb: :POST + required: true update_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups/{{name}}/setNodeTemplate' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'size' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'NodeTemplate' + imports: 'selfLink' + - name: 'size' + type: Integer description: | The total number of nodes in the node group. output: true - - !ruby/object:Api::Type::Integer - name: 'initialSize' + - name: 'initialSize' + type: Integer description: | The initial number of nodes in the node group. One of `initial_size` or `autoscaling_policy` must be configured on resource creation. url_param_only: true - - !ruby/object:Api::Type::String - name: 'maintenancePolicy' + - name: 'maintenancePolicy' + type: String description: | Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. - default_value: DEFAULT - - !ruby/object:Api::Type::NestedObject - name: 'maintenanceWindow' + default_value: "DEFAULT" + - name: 'maintenanceWindow' + type: NestedObject description: | contains properties for the timeframe of maintenance properties: - - !ruby/object:Api::Type::String - name: 'startTime' - required: true + - name: 'startTime' + type: String description: | instances.start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid. - - !ruby/object:Api::Type::NestedObject - name: 'autoscalingPolicy' + required: true + - name: 'autoscalingPolicy' + type: NestedObject description: | If you use sole-tenant nodes for your workloads, you can use the node group autoscaler to automatically manage the sizes of your node groups. @@ -145,9 +142,8 @@ properties: One of `initial_size` or `autoscaling_policy` must be configured on resource creation. default_from_api: true properties: - - !ruby/object:Api::Type::Enum - name: 'mode' - required: true + - name: 'mode' + type: Enum description: | The autoscaling mode. Set to one of the following: - OFF: Disables the autoscaler. @@ -155,62 +151,64 @@ properties: - ONLY_SCALE_OUT: Enables only scaling out. You must use this mode if your node groups are configured to restart their hosted VMs on minimal servers. - values: - - :OFF - - :ON - - :ONLY_SCALE_OUT + required: true default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'minNodes' + enum_values: + - 'OFF' + - 'ON' + - 'ONLY_SCALE_OUT' + - name: 'minNodes' + type: Integer description: | Minimum size of the node group. Must be less than or equal to max-nodes. The default value is 0. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxNodes' + - name: 'maxNodes' + type: Integer description: | Maximum size of the node group. Set to a value less than or equal to 100 and greater than or equal to min-nodes. required: true default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'shareSettings' + - name: 'shareSettings' + type: NestedObject description: | Share settings for the node group. default_from_api: true properties: - - !ruby/object:Api::Type::Enum - name: 'shareType' - required: true + - name: 'shareType' + type: Enum description: | Node group sharing type. - values: - - :ORGANIZATION - - :SPECIFIC_PROJECTS - - :LOCAL - - !ruby/object:Api::Type::Map - name: 'projectMap' + required: true + enum_values: + - 'ORGANIZATION' + - 'SPECIFIC_PROJECTS' + - 'LOCAL' + - name: 'projectMap' + type: Map description: | A map of project id and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. - key_name: id + key_name: 'id' key_description: | The project ID. - value_type: !ruby/object:Api::Type::NestedObject + value_type: name: projectConfig + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'projectId' - required: true + - name: 'projectId' + type: String description: | The project id/number should be the same as the key of this project config in the project map. - - !ruby/object:Api::Type::Enum - name: 'maintenanceInterval' - min_version: beta + required: true + - name: 'maintenanceInterval' + type: Enum description: | Specifies the frequency of planned maintenance events. Set to one of the following: - AS_NEEDED: Hosts are eligible to receive infrastructure and hypervisor updates as they become available. - RECURRENT: Hosts receive planned infrastructure and hypervisor updates on a periodic basis, but not more frequently than every 28 days. This minimizes the number of planned maintenance operations on individual hosts and reduces the frequency of disruptions, both live migrations and terminations, on individual VMs. - values: - - :AS_NEEDED - - :RECURRENT + min_version: 'beta' default_from_api: true + enum_values: + - 'AS_NEEDED' + - 'RECURRENT' diff --git a/mmv1/products/compute/NodeTemplate.yaml b/mmv1/products/compute/NodeTemplate.yaml index f970aaf6a10b..c986cadd0871 100644 --- a/mmv1/products/compute/NodeTemplate.yaml +++ b/mmv1/products/compute/NodeTemplate.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,92 +11,91 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'NodeTemplate' kind: 'compute#nodeTemplate' -base_url: projects/{{project}}/regions/{{region}}/nodeTemplates -has_self_link: true description: | Represents a NodeTemplate resource. Node templates specify properties for creating sole-tenant nodes, such as node type, vCPU and memory requirements, node affinity labels, and region. -immutable: true -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeTemplates' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/nodeTemplates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'node_template_basic' + - name: 'node_template_basic' primary_resource_id: 'template' vars: template_name: 'soletenant-tmpl' - - !ruby/object:Provider::Terraform::Examples - name: 'node_template_server_binding' + - name: 'node_template_server_binding' primary_resource_id: 'template' vars: template_name: 'soletenant-with-licenses' - - !ruby/object:Provider::Terraform::Examples - name: 'node_template_accelerators' + - name: 'node_template_accelerators' primary_resource_id: 'template' vars: template_name: 'soletenant-with-accelerators' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'selfLink' - required: false + - name: 'region' + type: ResourceRef description: | Region where nodes using the node template will be created. If it is not provided, the provider region is used. + required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional textual description of the resource.' - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the resource.' - - !ruby/object:Api::Type::KeyValuePairs - name: 'nodeAffinityLabels' + - name: 'nodeAffinityLabels' + type: KeyValuePairs description: | Labels to use for node affinity, which will be used in instance scheduling. - - !ruby/object:Api::Type::String - name: 'nodeType' + - name: 'nodeType' + type: String description: | Node type to use for nodes group that are created from this template. Only one of nodeTypeFlexibility and nodeType can be specified. conflicts: - node_type_flexibility - - !ruby/object:Api::Type::NestedObject - name: 'nodeTypeFlexibility' + - name: 'nodeTypeFlexibility' + type: NestedObject description: | Flexible properties for the desired node type. Node groups that use this node template will create nodes of a type that matches @@ -105,35 +104,34 @@ properties: conflicts: - node_type properties: - - !ruby/object:Api::Type::String - name: cpus - at_least_one_of: - - node_type_flexibility.0.cpus - - node_type_flexibility.0.memory + - name: 'cpus' + type: String description: | Number of virtual CPUs to use. - - !ruby/object:Api::Type::String - name: memory at_least_one_of: - - node_type_flexibility.0.cpus - - node_type_flexibility.0.memory + - 'node_type_flexibility.0.cpus' + - 'node_type_flexibility.0.memory' + - name: 'memory' + type: String description: | Physical memory available to the node, defined in MB. - - !ruby/object:Api::Type::String - name: localSsd + at_least_one_of: + - 'node_type_flexibility.0.cpus' + - 'node_type_flexibility.0.memory' + - name: 'localSsd' + type: String description: | Use local SSD output: true - - !ruby/object:Api::Type::NestedObject - name: 'serverBinding' + - name: 'serverBinding' + type: NestedObject description: | The server binding policy for nodes using this template. Determines where the nodes should restart following a maintenance event. default_from_api: true properties: - - !ruby/object:Api::Type::Enum - name: 'type' - required: true + - name: 'type' + type: Enum description: | Type of server binding policy. If `RESTART_NODE_ON_ANY_SERVER`, nodes using this template will restart on any physical server @@ -147,31 +145,33 @@ properties: such as physical sockets or cores, to avoid the need for additional licenses when maintenance occurs. However, VMs on such nodes will experience outages while maintenance is applied. - values: - - :RESTART_NODE_ON_ANY_SERVER - - :RESTART_NODE_ON_MINIMAL_SERVERS - - !ruby/object:Api::Type::Array - name: 'accelerators' + required: true + enum_values: + - 'RESTART_NODE_ON_ANY_SERVER' + - 'RESTART_NODE_ON_MINIMAL_SERVERS' + - name: 'accelerators' + type: Array description: | List of the type and count of accelerator cards attached to the node template - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'acceleratorCount' + - name: 'acceleratorCount' + type: Integer description: | The number of the guest accelerator cards exposed to this node template. - - !ruby/object:Api::Type::String - name: 'acceleratorType' + - name: 'acceleratorType' + type: String description: | Full or partial URL of the accelerator type resource to expose to this node template. - - !ruby/object:Api::Type::Enum - name: 'cpuOvercommitType' + - name: 'cpuOvercommitType' + type: Enum description: | CPU overcommit. - values: - - :ENABLED - - :NONE - default_value: :NONE + default_value: "NONE" + enum_values: + - 'ENABLED' + - 'NONE' diff --git a/mmv1/products/compute/OrganizationSecurityPolicy.yaml b/mmv1/products/compute/OrganizationSecurityPolicy.yaml index 4501085cf87a..d30931f598ce 100644 --- a/mmv1/products/compute/OrganizationSecurityPolicy.yaml +++ b/mmv1/products/compute/OrganizationSecurityPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,73 +11,83 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'OrganizationSecurityPolicy' -min_version: beta -base_url: 'locations/global/securityPolicies?parentId={{parent}}' -self_link: 'locations/global/securityPolicies/{{policy_id}}' -create_url: 'locations/global/securityPolicies?parentId={{parent}}' -update_verb: :PATCH description: | Organization security policies are used to control incoming/outgoing traffic. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Creating a firewall policy': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-policy' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies' +docs: id_format: 'locations/global/securityPolicies/{{policy_id}}' -import_format: ['locations/global/securityPolicies/{{policy_id}}'] +base_url: 'locations/global/securityPolicies?parentId={{parent}}' +self_link: 'locations/global/securityPolicies/{{policy_id}}' +create_url: 'locations/global/securityPolicies?parentId={{parent}}' +update_verb: 'PATCH' +import_format: + - 'locations/global/securityPolicies/{{policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/org_security_policy.go.tmpl' + post_delete: 'templates/terraform/post_delete/org_security_policy.go.tmpl' + post_update: 'templates/terraform/post_update/org_security_policy.go.tmpl' + # TODO: Remove once b/154369201 is closed. + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'organization_security_policy_basic' + - name: 'organization_security_policy_basic' primary_resource_id: 'policy' min_version: 'beta' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/org_security_policy.go.erb - post_update: templates/terraform/post_update/org_security_policy.go.erb - post_delete: - templates/terraform/post_delete/org_security_policy.go.erb - # TODO: Remove once b/154369201 is closed. - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::String - name: parent + - name: 'parent' + type: String description: | The parent of this OrganizationSecurityPolicy in the Cloud Resource Hierarchy. Format: organizations/{organization_id} or folders/{folder_id} + min_version: 'beta' required: true immutable: true properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: | A textual name of the security policy. - immutable: true + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: description + immutable: true + - name: 'description' + type: String description: | A textual description for the organization security policy. - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + min_version: 'beta' + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. This field is used internally during updates of this resource. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: policy_id - api_name: 'id' + - name: 'policy_id' + type: String description: | The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' output: true - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: | The type indicates the intended use of the security policy. For organization security policies, the only supported type is "FIREWALL". + min_version: 'beta' immutable: true - values: - - :FIREWALL - default_value: :FIREWALL + default_value: "FIREWALL" + enum_values: + - 'FIREWALL' diff --git a/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml b/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml index bfd3b2bfe916..5f1a56b57d41 100644 --- a/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml +++ b/mmv1/products/compute/OrganizationSecurityPolicyAssociation.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,58 +11,66 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'OrganizationSecurityPolicyAssociation' -min_version: beta -base_url: '{{policy_id}}' -self_link: '{{policy_id}}/getAssociation?name={{name}}' -create_url: '{{policy_id}}/addAssociation' -delete_verb: :POST -delete_url: '{{policy_id}}/removeAssociation?name={{name}}' description: | An association for the OrganizationSecurityPolicy. -immutable: true -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Associating a policy with the organization or folder': 'https://cloud.google.com/vpc/docs/using-firewall-policies#associate' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addAssociation' +docs: id_format: '{{policy_id}}/association/{{name}}' -import_format: ['{{%policy_id}}/association/{{name}}'] +base_url: '{{policy_id}}' +self_link: '{{policy_id}}/getAssociation?name={{name}}' +create_url: '{{policy_id}}/addAssociation' +delete_url: '{{policy_id}}/removeAssociation?name={{name}}' +delete_verb: 'POST' +immutable: true +import_format: + - '{{%policy_id}}/association/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/org_security_policy_association.go.tmpl' + post_delete: 'templates/terraform/post_create/org_security_policy_association.go.tmpl' + # TODO: Remove once b/154369201 is closed. + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' read_error_transform: 'transformSecurityPolicyAssociationReadError' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'organization_security_policy_association_basic' + - name: 'organization_security_policy_association_basic' primary_resource_id: 'policy' min_version: 'beta' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/org_security_policy_association.go.erb - post_delete: - templates/terraform/post_create/org_security_policy_association.go.erb - # TODO: Remove once b/154369201 is closed. - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::String - name: 'policyId' + - name: 'policyId' + type: String description: | The security policy ID of the association. - required: true + api_name: securityPolicyId + min_version: 'beta' url_param_only: true - api_name: 'securityPolicyId' + required: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The name for an association. + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: 'attachmentId' + - name: 'attachmentId' + type: String description: | The resource that the security policy is attached to. + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | The display name of the security policy of the association. + min_version: 'beta' output: true diff --git a/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml b/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml index 1ab6ab59e741..db79e3d9b1d7 100644 --- a/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml +++ b/mmv1/products/compute/OrganizationSecurityPolicyRule.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,121 +11,138 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'OrganizationSecurityPolicyRule' -min_version: beta -base_url: '{{policy_id}}' -self_link: '{{policy_id}}/getRule?priority={{priority}}' -create_url: '{{policy_id}}/addRule?priority={{priority}}' -update_verb: :POST -update_url: '{{policy_id}}/patchRule?priority={{priority}}' -delete_verb: :POST -delete_url: '{{policy_id}}/removeRule?priority={{priority}}' description: | A rule for the OrganizationSecurityPolicy. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Creating firewall rules': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-rules' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addRule' +docs: id_format: '{{policy_id}}/priority/{{priority}}' -import_format: ['{{%policy_id}}/priority/{{priority}}'] +base_url: '{{policy_id}}' +self_link: '{{policy_id}}/getRule?priority={{priority}}' +create_url: '{{policy_id}}/addRule?priority={{priority}}' +update_url: '{{policy_id}}/patchRule?priority={{priority}}' +update_verb: 'POST' +delete_url: '{{policy_id}}/removeRule?priority={{priority}}' +delete_verb: 'POST' +import_format: + - '{{%policy_id}}/priority/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/org_security_policy_rule.go.tmpl' + post_delete: 'templates/terraform/post_create/org_security_policy_rule.go.tmpl' + post_update: 'templates/terraform/post_create/org_security_policy_rule.go.tmpl' + # TODO: Remove once b/154369201 is closed. + test_check_destroy: 'templates/terraform/custom_check_destroy/skip_delete_during_test.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'organization_security_policy_rule_basic' + - name: 'organization_security_policy_rule_basic' primary_resource_id: 'policy' min_version: 'beta' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/org_security_policy_rule.go.erb - post_delete: templates/terraform/post_create/org_security_policy_rule.go.erb - post_update: - templates/terraform/post_create/org_security_policy_rule.go.erb - # TODO: Remove once b/154369201 is closed. - test_check_destroy: templates/terraform/custom_check_destroy/skip_delete_during_test.go.erb + org_id: 'ORG_ID' parameters: - - !ruby/object:Api::Type::String - name: policyId + - name: 'policyId' + type: String description: | The ID of the OrganizationSecurityPolicy this rule applies to. + min_version: 'beta' + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A description of the rule. - - !ruby/object:Api::Type::Integer - name: 'priority' + min_version: 'beta' + - name: 'priority' + type: Integer description: | An integer indicating the priority of a rule in the list. The priority must be a value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority. + min_version: 'beta' required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'match' + - name: 'match' + type: NestedObject description: A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' required: true properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A description of the rule. - - !ruby/object:Api::Type::Enum - name: 'versionedExpr' + min_version: 'beta' + - name: 'versionedExpr' + type: Enum description: | Preconfigured versioned expression. For organization security policy rules, the only supported type is "FIREWALL". - values: - - :FIREWALL - default_value: :FIREWALL - - !ruby/object:Api::Type::NestedObject - name: 'config' + min_version: 'beta' + default_value: "FIREWALL" + enum_values: + - 'FIREWALL' + - name: 'config' + type: NestedObject description: The configuration options for matching the rule. + min_version: 'beta' required: true properties: - - !ruby/object:Api::Type::Array - name: 'srcIpRanges' + - name: 'srcIpRanges' + type: Array description: | Source IP address range in CIDR format. Required for INGRESS rules. - item_type: Api::Type::String + min_version: 'beta' exactly_one_of: - - match.0.config.0.src_ip_ranges - - match.0.config.0.dest_ip_ranges - - !ruby/object:Api::Type::Array - name: 'destIpRanges' + - 'match.0.config.0.src_ip_ranges' + - 'match.0.config.0.dest_ip_ranges' + item_type: + type: String + - name: 'destIpRanges' + type: Array description: | Destination IP address range in CIDR format. Required for EGRESS rules. - item_type: Api::Type::String + min_version: 'beta' exactly_one_of: - - match.0.config.0.src_ip_ranges - - match.0.config.0.dest_ip_ranges - - !ruby/object:Api::Type::Array - name: 'layer4Config' - api_name: 'layer4Configs' + - 'match.0.config.0.src_ip_ranges' + - 'match.0.config.0.dest_ip_ranges' + item_type: + type: String + - name: 'layer4Config' + type: Array description: | Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' required: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'ipProtocol' + - name: 'ipProtocol' + type: String description: | The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number. + min_version: 'beta' required: true - - !ruby/object:Api::Type::Array - item_type: Api::Type::String - name: 'ports' + - name: 'ports' + type: Array description: | An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be @@ -134,41 +151,52 @@ properties: Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. - - !ruby/object:Api::Type::String - name: 'action' + min_version: 'beta' + item_type: + type: String + - name: 'action' + type: String description: | The Action to perform when the client connection triggers the rule. Can currently be either "allow", "deny" or "goto_next". + min_version: 'beta' required: true - - !ruby/object:Api::Type::Boolean - name: 'preview' + - name: 'preview' + type: Boolean description: | If set to true, the specified action is not enforced. - - !ruby/object:Api::Type::Enum - name: 'direction' + min_version: 'beta' + - name: 'direction' + type: Enum description: | The direction in which this rule applies. If unspecified an INGRESS rule is created. - values: - - :INGRESS - - :EGRESS - - !ruby/object:Api::Type::Array - name: 'targetResources' + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'targetResources' + type: Array description: | A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'enableLogging' + min_version: 'beta' + item_type: + type: String + - name: 'enableLogging' + type: Boolean description: | Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. + min_version: 'beta' send_empty_value: true - - !ruby/object:Api::Type::Array - name: 'targetServiceAccounts' + - name: 'targetServiceAccounts' + type: Array description: | A list of service accounts indicating the sets of instances that are applied with this rule. - item_type: Api::Type::String + min_version: 'beta' + item_type: + type: String diff --git a/mmv1/products/compute/PacketMirroring.yaml b/mmv1/products/compute/PacketMirroring.yaml index b9dfca51b3fa..d73b3f1de04a 100644 --- a/mmv1/products/compute/PacketMirroring.yaml +++ b/mmv1/products/compute/PacketMirroring.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,40 +11,41 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'PacketMirroring' -base_url: projects/{{project}}/regions/{{region}}/packetMirrorings -update_verb: :PATCH -self_link: projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}} -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Using Packet Mirroring': 'https://cloud.google.com/vpc/docs/using-packet-mirroring#creating' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/packetMirrorings' description: | Packet Mirroring mirrors traffic to and from particular VM instances. You can use the collected traffic to help you detect security threats and monitor application performance. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Using Packet Mirroring': 'https://cloud.google.com/vpc/docs/using-packet-mirroring#creating' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/packetMirrorings' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/packetMirrorings' +self_link: 'projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'compute_packet_mirroring_full' + - name: 'compute_packet_mirroring_full' primary_resource_id: 'foobar' vars: instance_name: 'my-instance' @@ -54,53 +55,54 @@ examples: mirroring_name: 'my-mirroring' ilb_rule_name: 'my-ilb' network_name: 'my-network' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: The name of the packet mirroring rule required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: A human-readable description of the rule. immutable: true - - !ruby/object:Api::Type::String - name: region + - name: 'region' + type: String description: | The Region in which the created address should reside. If it is not provided, the provider region is used. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::NestedObject - name: network - immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'network' + type: NestedObject description: | Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. + required: true + immutable: true properties: - - !ruby/object:Api::Type::ResourceRef - name: url + - name: 'url' + type: ResourceRef description: The full self_link URL of the network where this rule is active. - resource: 'Network' - imports: 'selfLink' required: true immutable: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - required: true - - !ruby/object:Api::Type::Integer - name: priority + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'priority' + type: Integer description: | Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the same instances. required: false default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: collectorIlb + - name: 'collectorIlb' + type: NestedObject description: | The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) that will be used as collector for mirrored traffic. The @@ -108,90 +110,93 @@ properties: set to true. required: true properties: - - !ruby/object:Api::Type::ResourceRef - name: url + - name: 'url' + type: ResourceRef + description: The URL of the forwarding rule. required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'ForwardingRule' imports: 'selfLink' - description: The URL of the forwarding rule. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: filter + - name: 'filter' + type: NestedObject description: | A filter for mirrored traffic. If unset, all traffic is mirrored. properties: - - !ruby/object:Api::Type::Array - name: ipProtocols - api_name: 'IPProtocols' + - name: 'ipProtocols' + type: Array description: Possible IP protocols including tcp, udp, icmp and esp - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: cidrRanges + api_name: IPProtocols + item_type: + type: String + - name: 'cidrRanges' + type: Array description: | IP CIDR ranges that apply as a filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. - item_type: Api::Type::String - - !ruby/object:Api::Type::Enum - name: direction + item_type: + type: String + - name: 'direction' + type: Enum description: Direction of traffic to mirror. - values: - - :INGRESS - - :EGRESS - - :BOTH - default_value: :BOTH - - !ruby/object:Api::Type::NestedObject - name: mirroredResources - required: true + default_value: "BOTH" + enum_values: + - 'INGRESS' + - 'EGRESS' + - 'BOTH' + - name: 'mirroredResources' + type: NestedObject description: | A means of specifying which resources to mirror. + required: true properties: - - !ruby/object:Api::Type::Array - name: subnetworks - at_least_one_of: - - mirrored_resources.0.subnetworks - - mirrored_resources.0.instances - - mirrored_resources.0.tags + - name: 'subnetworks' + type: Array description: | All instances in one of these subnetworks will be mirrored. - item_type: !ruby/object:Api::Type::NestedObject - name: subnetworks + at_least_one_of: + - 'mirrored_resources.0.subnetworks' + - 'mirrored_resources.0.instances' + - 'mirrored_resources.0.tags' + item_type: description: The subnetworks that should be mirrored. Specify at most 5. + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: url - resource: 'Subnetwork' - imports: 'selfLink' + - name: 'url' + type: ResourceRef description: The URL of the subnetwork where this rule should be active. required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: instances + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'instances' + type: Array description: | All the listed instances will be mirrored. Specify at most 50. at_least_one_of: - - mirrored_resources.0.subnetworks - - mirrored_resources.0.instances - - mirrored_resources.0.tags - item_type: !ruby/object:Api::Type::NestedObject - name: instances + - 'mirrored_resources.0.subnetworks' + - 'mirrored_resources.0.instances' + - 'mirrored_resources.0.tags' + item_type: description: The instances that should be mirrored. + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: url - resource: 'Instance' - imports: 'selfLink' + - name: 'url' + type: ResourceRef description: The URL of the instances where this rule should be active. required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: tags - at_least_one_of: - - mirrored_resources.0.subnetworks - - mirrored_resources.0.instances - - mirrored_resources.0.tags + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Instance' + imports: 'selfLink' + - name: 'tags' + type: Array description: | All instances with these tags will be mirrored. - item_type: Api::Type::String + at_least_one_of: + - 'mirrored_resources.0.subnetworks' + - 'mirrored_resources.0.instances' + - 'mirrored_resources.0.tags' + item_type: + type: String diff --git a/mmv1/products/compute/PerInstanceConfig.yaml b/mmv1/products/compute/PerInstanceConfig.yaml index 77bbb0c9116c..a4aed0002834 100644 --- a/mmv1/products/compute/PerInstanceConfig.yaml +++ b/mmv1/products/compute/PerInstanceConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,67 +11,71 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'PerInstanceConfig' -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}' description: | A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name across instance group manager operations and can define stateful disks or metadata that are unique to the instance. -create_verb: :POST -create_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/createInstances -update_verb: :POST -update_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/updatePerInstanceConfigs -delete_verb: :POST -delete_url: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/deletePerInstanceConfigs -read_verb: :POST -self_link: projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/listPerInstanceConfigs -identity: - - name -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - items -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{zone}}/{{instance_group_manager}}/{{name}}' +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}' +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/listPerInstanceConfigs' +create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/createInstances' +update_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/updatePerInstanceConfigs' +update_verb: 'POST' +read_verb: 'POST' +delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/deletePerInstanceConfigs' +delete_verb: 'POST' +mutex: 'instanceGroupManager/{{project}}/{{zone}}/{{instance_group_manager}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{zone}}/{{instance_group_manager}}/{{name}}' -mutex: instanceGroupManager/{{project}}/{{zone}}/{{instance_group_manager}} +identity: + - name +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_per_instance_config.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/compute_per_instance_config.go.tmpl' + post_update: 'templates/terraform/post_update/compute_per_instance_config.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/per_instance_config.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'stateful_igm' - primary_resource_id: - 'stateful-instance' - # Fine-grained resource need different autogenerated tests, as - # we need to check destroy during a test step where the parent resource - # still exists, rather than during CheckDestroy (when read returns - # nothing because the parent resource has then also been destroyed) - skip_test: true + - name: 'stateful_igm' + primary_resource_id: 'stateful-instance' vars: template_name: 'my-template' igm_name: 'my-igm' disk_name: 'my-disk-name' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true virtual_fields: - - !ruby/object:Api::Type::String - name: 'minimal_action' + - name: 'minimal_action' description: | The minimal action to perform on the instance during an update. Default is `NONE`. Possible values are: @@ -79,9 +83,9 @@ virtual_fields: * RESTART * REFRESH * NONE - default_value: NONE - - !ruby/object:Api::Type::String - name: 'most_disruptive_allowed_action' + type: String + default_value: "NONE" + - name: 'most_disruptive_allowed_action' description: | The most disruptive action to perform on the instance during an update. Default is `REPLACE`. Possible values are: @@ -89,159 +93,156 @@ virtual_fields: * RESTART * REFRESH * NONE - default_value: REPLACE - - !ruby/object:Api::Type::Boolean - name: 'remove_instance_on_destroy' - conflicts: - - remove_instance_state_on_destroy + type: String + default_value: "REPLACE" + - name: 'remove_instance_on_destroy' description: | When true, deleting this config will immediately remove the underlying instance. When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. + type: Boolean default_value: false - - !ruby/object:Api::Type::Boolean - name: 'remove_instance_state_on_destroy' - conflicts: - - remove_instance_on_destroy + - name: 'remove_instance_state_on_destroy' description: | When true, deleting this config will immediately remove any specified state from the underlying instance. When false, deleting this config will *not* immediately remove any state from the underlying instance. State will be removed on the next instance recreation or update. + type: Boolean default_value: false -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/compute_per_instance_config.go.erb - update_encoder: templates/terraform/update_encoder/compute_per_instance_config.go.erb - post_update: templates/terraform/post_update/compute_per_instance_config.go.erb - custom_delete: templates/terraform/custom_delete/per_instance_config.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | Zone where the containing instance group manager is located - required: false url_param_only: true + required: false immutable: true ignore_read: true default_from_api: true - - !ruby/object:Api::Type::ResourceRef - name: 'instanceGroupManager' - resource: 'InstanceGroupManager' + resource: 'Zone' imports: 'name' + - name: 'instanceGroupManager' + type: ResourceRef description: | The instance group manager this instance config is part of. - required: true url_param_only: true + required: true immutable: true + resource: 'InstanceGroupManager' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name for this per-instance config and its corresponding instance. required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'preservedState' + - name: 'preservedState' + type: NestedObject description: 'The preserved state for this instance.' properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'metadata' + - name: 'metadata' + type: KeyValuePairs description: | Preserved metadata defined for this instance. This is a list of key->value pairs. - - !ruby/object:Api::Type::Array - name: 'disk' - api_name: disks + - name: 'disk' + type: Array description: | Stateful disks for the instance. + api_name: disks is_set: true - custom_flatten: templates/terraform/custom_flatten/preserved_state_disks.go.erb - custom_expand: templates/terraform/custom_expand/preserved_state_disks.go.erb - item_type: !ruby/object:Api::Type::NestedObject + custom_flatten: 'templates/terraform/custom_flatten/preserved_state_disks.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/preserved_state_disks.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: deviceName - required: true + - name: 'deviceName' + type: String description: | A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. - - !ruby/object:Api::Type::String - name: source required: true + - name: 'source' + type: String description: | The URI of an existing persistent disk to attach under the specified device-name in the format `projects/project-id/zones/zone/disks/disk-name`. - - !ruby/object:Api::Type::Enum - name: mode + required: true + - name: 'mode' + type: Enum description: | The mode of the disk. - values: - - :READ_ONLY - - :READ_WRITE - default_value: :READ_WRITE - - !ruby/object:Api::Type::Enum - name: deleteRule + default_value: "READ_WRITE" + enum_values: + - 'READ_ONLY' + - 'READ_WRITE' + - name: 'deleteRule' + type: Enum description: | A value that prescribes what should happen to the stateful disk when the VM instance is deleted. The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently deleted from the instance group. - values: - - :NEVER - - :ON_PERMANENT_INSTANCE_DELETION - default_value: :NEVER - - !ruby/object:Api::Type::Map - name: 'internalIp' - api_name: internalIPs - key_name: 'interface_name' + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'internalIp' + type: Map description: | Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. - value_type: !ruby/object:Api::Type::NestedObject + api_name: internalIPs + key_name: 'interface_name' + value_type: + name: internalIp + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: autoDelete + - name: 'autoDelete' + type: Enum description: | These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - values: - - :NEVER - - :ON_PERMANENT_INSTANCE_DELETION - default_value: :NEVER - - !ruby/object:Api::Type::NestedObject - name: 'ipAddress' + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject description: | Ip address representation properties: - - !ruby/object:Api::Type::ResourceRef - name: 'address' - resource: 'Address' - imports: 'selfLink' + - name: 'address' + type: ResourceRef description: | The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Map - name: 'externalIp' - api_name: externalIPs - key_name: 'interface_name' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' + - name: 'externalIp' + type: Map description: | Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. - value_type: !ruby/object:Api::Type::NestedObject + api_name: externalIPs + key_name: 'interface_name' + value_type: + name: externalIp + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: autoDelete + - name: 'autoDelete' + type: Enum description: | These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - values: - - :NEVER - - :ON_PERMANENT_INSTANCE_DELETION - default_value: :NEVER - - !ruby/object:Api::Type::NestedObject - name: 'ipAddress' + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject description: | Ip address representation properties: - - !ruby/object:Api::Type::ResourceRef - name: 'address' - resource: 'Address' - imports: 'selfLink' + - name: 'address' + type: ResourceRef description: | The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' diff --git a/mmv1/products/compute/ProjectCloudArmorTier.yaml b/mmv1/products/compute/ProjectCloudArmorTier.yaml index a9b447a46d94..2eeb6d5d7fc3 100644 --- a/mmv1/products/compute/ProjectCloudArmorTier.yaml +++ b/mmv1/products/compute/ProjectCloudArmorTier.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,63 +11,63 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ProjectCloudArmorTier' -base_url: 'projects/{{project}}' -create_url: 'projects/{{project}}/setCloudArmorTier' -update_url: 'projects/{{project}}/setCloudArmorTier' -read_query_params: '?fields=cloudArmorTier' -create_verb: :POST -update_verb: :POST description: | Sets the Cloud Armor tier of the project. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Subscribing to Cloud Armor Enterprise': 'https://cloud.google.com/armor/docs/managed-protection-overview#subscribing_to_plus' - api: - 'https://cloud.google.com/compute/docs/reference/rest/v1/projects/setCloudArmorTier' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/projects/setCloudArmorTier' +docs: id_format: 'projects/{{project}}' -import_format: ['projects/{{project}}'] -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'compute_project_cloud_armor_tier_basic' - skip_test: true - primary_resource_id: 'cloud_armor_tier_config' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_project_cloud_armor_tier_project_set' - skip_test: true - primary_resource_id: 'cloud_armor_tier_config' - vars: - project_id: 'your_project_id' - test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +base_url: 'projects/{{project}}' +create_url: 'projects/{{project}}/setCloudArmorTier' +update_url: 'projects/{{project}}/setCloudArmorTier' +update_verb: 'POST' + +read_query_params: '?fields=cloudArmorTier' +import_format: + - 'projects/{{project}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/only_remove_from_state.go.erb +custom_code: + custom_delete: 'templates/terraform/custom_delete/only_remove_from_state.go.tmpl' +examples: + - name: 'compute_project_cloud_armor_tier_basic' + primary_resource_id: 'cloud_armor_tier_config' + exclude_test: true + - name: 'compute_project_cloud_armor_tier_project_set' + primary_resource_id: 'cloud_armor_tier_config' + vars: + project_id: 'your_project_id' + test_env_vars: + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::Enum - name: 'cloudArmorTier' - required: true + - name: 'cloudArmorTier' + type: Enum description: | Managed protection tier to be set. - values: - - :CA_STANDARD - - :CA_ENTERPRISE_PAYGO + required: true + enum_values: + - 'CA_STANDARD' + - 'CA_ENTERPRISE_PAYGO' diff --git a/mmv1/products/compute/PublicAdvertisedPrefix.yaml b/mmv1/products/compute/PublicAdvertisedPrefix.yaml index 555e752dd2f2..a040591657a0 100644 --- a/mmv1/products/compute/PublicAdvertisedPrefix.yaml +++ b/mmv1/products/compute/PublicAdvertisedPrefix.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,52 +11,54 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'PublicAdvertisedPrefix' -base_url: projects/{{project}}/global/publicAdvertisedPrefixes -has_self_link: true -immutable: true description: | Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP). -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicAdvertisedPrefixes' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/publicAdvertisedPrefixes' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'public_advertised_prefixes_basic' + - name: 'public_advertised_prefixes_basic' primary_resource_id: 'prefixes' - # PAPs have very low quota limits and a shared testing range so serialized tests exist in: - # resource_compute_public_advertised_prefix_test.go - skip_test: true vars: prefixes_name: 'my-prefix' test_env_vars: - desc: :PAP_DESCRIPTION + desc: 'PAP_DESCRIPTION' + # PAPs have very low quota limits and a shared testing range so serialized tests exist in: + # resource_compute_public_advertised_prefix_test.go + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: An optional description of this resource. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -65,18 +67,18 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::String - name: 'dnsVerificationIp' + - name: 'dnsVerificationIp' + type: String description: The IPv4 address to be used for reverse DNS verification. required: true - - !ruby/object:Api::Type::String - name: 'ipCidrRange' + - name: 'ipCidrRange' + type: String description: The IPv4 address range, in CIDR format, represented by this public advertised prefix. required: true - - !ruby/object:Api::Type::String - name: 'sharedSecret' - output: true + - name: 'sharedSecret' + type: String description: | Output Only. The shared secret to be used for reverse DNS verification. + output: true diff --git a/mmv1/products/compute/PublicDelegatedPrefix.yaml b/mmv1/products/compute/PublicDelegatedPrefix.yaml index fe76e467fa1c..da8ed28cdefc 100644 --- a/mmv1/products/compute/PublicDelegatedPrefix.yaml +++ b/mmv1/products/compute/PublicDelegatedPrefix.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,60 +11,62 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'PublicDelegatedPrefix' -base_url: projects/{{project}}/regions/{{region}}/publicDelegatedPrefixes -has_self_link: true -immutable: true description: | Represents a PublicDelegatedPrefix for use with bring your own IP addresses (BYOIP). -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicDelegatedPrefixes' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/publicDelegatedPrefixes' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'public_delegated_prefixes_basic' + - name: 'public_delegated_prefixes_basic' primary_resource_id: 'prefixes' - # PAPs have very low quota limits and a shared testing range so serialized tests exist in: - # resource_compute_public_advertised_prefix_test.go - skip_test: true vars: prefixes_name: 'my-prefix' test_env_vars: - desc: :PAP_DESCRIPTION + desc: 'PAP_DESCRIPTION' + # PAPs have very low quota limits and a shared testing range so serialized tests exist in: + # resource_compute_public_advertised_prefix_test.go + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: 'A region where the prefix will reside.' url_param_only: true required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: An optional description of this resource. - - !ruby/object:Api::Type::Boolean - name: 'isLiveMigration' + - name: 'isLiveMigration' + type: Boolean description: If true, the prefix will be live migrated. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -73,15 +75,15 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::String - name: 'parentPrefix' + - name: 'parentPrefix' + type: String description: The URL of parent prefix. Either PublicAdvertisedPrefix or PublicDelegatedPrefix. required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::String - name: 'ipCidrRange' + - name: 'ipCidrRange' + type: String description: The IPv4 address range, in CIDR format, represented by this public advertised prefix. diff --git a/mmv1/products/compute/Region.yaml b/mmv1/products/compute/Region.yaml index 0df713c74cb6..1bdfa4dad732 100644 --- a/mmv1/products/compute/Region.yaml +++ b/mmv1/products/compute/Region.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,55 +11,62 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Region' kind: 'compute#region' -base_url: projects/{{project}}/regions -collection_url_key: 'items' -has_self_link: true -readonly: true description: | Represents a Region resource. A region is a specific geographical location where you can run your resources. Each region has one or more zones # Used as a resource reference exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/regions' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::NestedObject - name: 'deprecated' + - name: 'deprecated' + type: NestedObject description: 'The deprecation state of this resource.' output: true properties: - - !ruby/object:Api::Type::Time - name: 'deleted' + - name: 'deleted' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DELETED. - - !ruby/object:Api::Type::Time - name: 'deprecated' + - name: 'deprecated' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DEPRECATED. output: true - - !ruby/object:Api::Type::Time - name: 'obsolete' + - name: 'obsolete' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to OBSOLETE. output: true - - !ruby/object:Api::Type::String - name: 'replacement' + - name: 'replacement' + type: String description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true - - !ruby/object:Api::Type::Enum - name: 'state' + - name: 'state' + type: Enum description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a @@ -67,56 +74,58 @@ properties: indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. - values: - - :DEPRECATED - - :OBSOLETE - - :DELETED output: true - - !ruby/object:Api::Type::String - name: 'description' + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String description: 'An optional description of this resource.' output: true - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'The unique identifier for the resource.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the resource.' - - !ruby/object:Api::Type::Array - name: 'quotas' + - name: 'quotas' + type: Array description: 'Quotas assigned to this region.' output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'metric' + - name: 'metric' + type: String description: 'Name of the quota metric.' output: true - - !ruby/object:Api::Type::Double - name: 'limit' + - name: 'limit' + type: Double description: 'Quota limit for this metric.' output: true - - !ruby/object:Api::Type::Double - name: 'usage' + - name: 'usage' + type: Double description: 'Current usage of this metric.' output: true - - !ruby/object:Api::Type::String - name: 'owner' + - name: 'owner' + type: String description: 'Owning resource. This is the resource on which this quota is applied.' output: true - - !ruby/object:Api::Type::Enum - name: 'status' + - name: 'status' + type: Enum description: | Status of the region, either UP or DOWN. - values: - - :UP - - :DOWN output: true - - !ruby/object:Api::Type::Array - name: 'zones' + enum_values: + - 'UP' + - 'DOWN' + - name: 'zones' + type: Array description: 'List of zones within the region' - item_type: Api::Type::String output: true + item_type: + type: String diff --git a/mmv1/products/compute/RegionAutoscaler.yaml b/mmv1/products/compute/RegionAutoscaler.yaml index 3701a5ef7233..74463542f425 100644 --- a/mmv1/products/compute/RegionAutoscaler.yaml +++ b/mmv1/products/compute/RegionAutoscaler.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,44 +11,45 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionAutoscaler' kind: 'compute#autoscaler' -base_url: projects/{{project}}/regions/{{region}}/autoscalers -update_url: projects/{{project}}/regions/{{region}}/autoscalers?autoscaler={{name}} -collection_url_key: 'items' -has_self_link: true description: | Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionAutoscalers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/autoscalers' +has_self_link: true +update_url: 'projects/{{project}}/regions/{{region}}/autoscalers?autoscaler={{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_autoscaler_basic' + - name: 'region_autoscaler_basic' primary_resource_id: 'foobar' vars: region_autoscaler_name: 'my-region-autoscaler' @@ -56,24 +57,24 @@ examples: target_pool_name: 'my-target-pool' rigm_name: 'my-region-igm' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | URL of the region where the instance group resides. required: false immutable: true - default_from_api: true ignore_read: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the @@ -82,14 +83,14 @@ properties: character, which cannot be a dash. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::NestedObject - name: 'autoscalingPolicy' + - name: 'autoscalingPolicy' + type: NestedObject description: | The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, @@ -99,29 +100,28 @@ properties: on cpuUtilization to 0.6 or 60%. required: true properties: - - !ruby/object:Api::Type::Integer - name: 'minReplicas' - api_name: 'minNumReplicas' - required: true + - name: 'minReplicas' + type: Integer description: | The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed. + api_name: minNumReplicas + required: true send_empty_value: true - - !ruby/object:Api::Type::Integer - name: 'maxReplicas' - api_name: 'maxNumReplicas' + - name: 'maxReplicas' + type: Integer description: | The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas. - send_empty_value: true + api_name: maxNumReplicas required: true - - !ruby/object:Api::Type::Integer - name: 'cooldownPeriod' - api_name: 'coolDownPeriodSec' + send_empty_value: true + - name: 'cooldownPeriod' + type: Integer description: | The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents @@ -133,97 +133,96 @@ properties: numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process. + api_name: coolDownPeriodSec default_value: 60 - - !ruby/object:Api::Type::String - name: 'mode' - default_value: 'ON' + - name: 'mode' + type: String description: | Defines operating mode for this policy. - - !ruby/object:Api::Type::NestedObject - name: 'scaleDownControl' - min_version: beta + default_value: "ON" + - name: 'scaleDownControl' + type: NestedObject description: | Defines scale down controls to reduce the risk of response latency and outages due to abrupt scale-in events + min_version: 'beta' properties: - - !ruby/object:Api::Type::NestedObject - name: 'maxScaledDownReplicas' + - name: 'maxScaledDownReplicas' + type: NestedObject at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas - - autoscaling_policy.0.scale_down_control.0.time_window_sec + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' properties: - - !ruby/object:Api::Type::Integer - name: 'fixed' - at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + - name: 'fixed' + type: Integer description: | Specifies a fixed number of VM instances. This must be a positive integer. - - !ruby/object:Api::Type::Integer - name: 'percent' at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'percent' + type: Integer description: | Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. - - !ruby/object:Api::Type::Integer - name: 'timeWindowSec' - at_least_one_of: - - autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas - - autoscaling_policy.0.scale_down_control.0.time_window_sec + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer description: | How long back autoscaling should look when computing recommendations to include directives regarding slower scale down, as described above. - - !ruby/object:Api::Type::NestedObject - name: 'scaleInControl' + at_least_one_of: + - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' + - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' + - name: 'scaleInControl' + type: NestedObject description: | Defines scale in controls to reduce the risk of response latency and outages due to abrupt scale-in events properties: - - !ruby/object:Api::Type::NestedObject - name: 'maxScaledInReplicas' + - name: 'maxScaledInReplicas' + type: NestedObject at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas - - autoscaling_policy.0.scale_in_control.0.time_window_sec + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' properties: - - !ruby/object:Api::Type::Integer - name: 'fixed' - at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + - name: 'fixed' + type: Integer description: | Specifies a fixed number of VM instances. This must be a positive integer. - - !ruby/object:Api::Type::Integer - name: 'percent' at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'percent' + type: Integer description: | Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. - - !ruby/object:Api::Type::Integer - name: 'timeWindowSec' - at_least_one_of: - - autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas - - autoscaling_policy.0.scale_in_control.0.time_window_sec + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' + - name: 'timeWindowSec' + type: Integer description: | How long back autoscaling should look when computing recommendations to include directives regarding slower scale down, as described above. - - !ruby/object:Api::Type::NestedObject - name: 'cpuUtilization' + at_least_one_of: + - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' + - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' + - name: 'cpuUtilization' + type: NestedObject description: | Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group. default_from_api: true properties: - - !ruby/object:Api::Type::Double - name: 'target' - api_name: 'utilizationTarget' - required: true + - name: 'target' + type: Double description: | The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the @@ -238,34 +237,37 @@ properties: scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization. - - !ruby/object:Api::Type::String - name: 'predictiveMethod' - default_value: NONE + api_name: utilizationTarget + required: true + - name: 'predictiveMethod' + type: String description: | Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Array - name: 'metric' - api_name: 'customMetricUtilizations' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "NONE" + - name: 'metric' + type: Array description: | Configuration parameters of autoscaling based on a custom metric. - item_type: !ruby/object:Api::Type::NestedObject + api_name: customMetricUtilizations + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - api_name: 'metric' + - name: 'name' + type: String description: | The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE. + api_name: metric required: true - - !ruby/object:Api::Type::Double - name: 'singleInstanceAssignment' + - name: 'singleInstanceAssignment' + type: Double description: | If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to @@ -283,9 +285,8 @@ properties: latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead. - - !ruby/object:Api::Type::Double - name: 'target' - api_name: 'utilizationTarget' + - name: 'target' + type: Double description: | The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization @@ -296,18 +297,19 @@ properties: www.googleapis.com/compute/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances. - - !ruby/object:Api::Type::Enum - name: 'type' - api_name: 'utilizationTargetType' + api_name: utilizationTarget + - name: 'type' + type: Enum description: | Defines how target utilization value is expressed for a Stackdriver Monitoring metric. - values: - - :GAUGE - - :DELTA_PER_SECOND - - :DELTA_PER_MINUTE - - !ruby/object:Api::Type::String - name: 'filter' + api_name: utilizationTargetType + enum_values: + - 'GAUGE' + - 'DELTA_PER_SECOND' + - 'DELTA_PER_MINUTE' + - name: 'filter' + type: String description: | A filter string to be used as the filter string for a Stackdriver Monitoring TimeSeries.list API call. @@ -341,61 +343,62 @@ properties: (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value. - - !ruby/object:Api::Type::NestedObject - name: 'loadBalancingUtilization' + - name: 'loadBalancingUtilization' + type: NestedObject description: | Configuration parameters of autoscaling based on a load balancer. properties: - - !ruby/object:Api::Type::Double - name: 'target' - api_name: utilizationTarget - required: true + - name: 'target' + type: Double description: | Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8. - - !ruby/object:Api::Type::Map - name: 'scalingSchedules' + api_name: utilizationTarget + required: true + - name: 'scalingSchedules' + type: Map description: | Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. - key_name: name + key_name: 'name' key_description: | A name for the schedule. - value_type: !ruby/object:Api::Type::NestedObject + value_type: name: scalingSchedule + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'minRequiredReplicas' + - name: 'minRequiredReplicas' + type: Integer description: | Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. required: true send_empty_value: true - - !ruby/object:Api::Type::String - name: 'schedule' + - name: 'schedule' + type: String description: | The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). required: true - - !ruby/object:Api::Type::String - name: 'timeZone' - default_value: UTC + - name: 'timeZone' + type: String description: | The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. - - !ruby/object:Api::Type::Integer - name: 'durationSec' + default_value: "UTC" + - name: 'durationSec' + type: Integer description: | The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. required: true - - !ruby/object:Api::Type::Boolean - name: 'disabled' + - name: 'disabled' + type: Boolean description: | A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. default_value: false - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | A description of a scaling schedule. - - !ruby/object:Api::Type::String - name: 'target' + - name: 'target' + type: String # TODO(#303): resourceref once RegionIGM exists # resource: 'RegionInstanceGroupManager' # imports: 'selfLink' diff --git a/mmv1/products/compute/RegionBackendService.yaml b/mmv1/products/compute/RegionBackendService.yaml index c6aba190b38c..76f9dbf223be 100644 --- a/mmv1/products/compute/RegionBackendService.yaml +++ b/mmv1/products/compute/RegionBackendService.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,131 +11,125 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionBackendService' kind: 'compute#backendService' -base_url: projects/{{project}}/regions/{{region}}/backendServices -collection_url_key: 'items' -has_self_link: true description: | A Region Backend Service defines a regionally-scoped group of virtual machines that will serve traffic for load balancing. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Internal TCP/UDP Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/internal/' api: 'https://cloud.google.com/compute/docs/reference/latest/regionBackendServices' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/backendServices' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +iam_policy: + allowed_iam_role: 'roles/compute.admin' + parent_resource_attribute: 'name' + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + min_version: 'beta' +custom_code: + constants: 'templates/terraform/constants/region_backend_service.go.tmpl' + encoder: 'templates/terraform/encoders/region_backend_service.go.tmpl' + decoder: 'templates/terraform/decoders/region_backend_service.go.tmpl' + post_create: 'templates/terraform/post_create/compute_region_backend_service_security_policy.go.tmpl' +custom_diff: + - 'customDiffRegionBackendService' +schema_version: 1 +migrate_state: 'tpgresource.MigrateStateNoop' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_basic' + - name: 'region_backend_service_basic' primary_resource_id: 'default' - primary_resource_name: "fmt.Sprintf(\"tf-test-region-service%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-region-service%s", context["random_suffix"])' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_external_iap' + - name: 'region_backend_service_external_iap' primary_resource_id: 'default' vars: region_backend_service_name: 'tf-test-region-service-external' - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_cache' + - name: 'region_backend_service_cache' primary_resource_id: 'default' + min_version: 'beta' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - min_version: beta - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_ilb_round_robin' + - name: 'region_backend_service_ilb_round_robin' primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_external' + - name: 'region_backend_service_external' primary_resource_id: 'default' + min_version: 'beta' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - min_version: beta - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_external_weighted' + - name: 'region_backend_service_external_weighted' primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_ilb_ring_hash' + - name: 'region_backend_service_ilb_ring_hash' primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_balancing_mode' + - name: 'region_backend_service_ilb_stateful_session_affinity' + primary_resource_id: 'default' + min_version: 'beta' + vars: + region_backend_service_name: 'region-service' + health_check_name: 'rbs-health-check' + - name: 'region_backend_service_balancing_mode' primary_resource_id: 'default' vars: region_backend_service_name: 'region-service' rigm_name: 'rbs-rigm' region_health_check_name: 'rbs-health-check' network_name: 'rbs-net' - - !ruby/object:Provider::Terraform::Examples - name: 'region_backend_service_connection_tracking' - min_version: 'beta' + - name: 'region_backend_service_connection_tracking' primary_resource_id: 'default' + min_version: 'beta' vars: region_backend_service_name: 'region-service' health_check_name: 'rbs-health-check' -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: '/' - fetch_iam_policy_verb: :GET - min_version: beta - iam_conditions_request_type: :QUERY_PARAM - parent_resource_attribute: 'name' - allowed_iam_role: 'roles/compute.admin' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/region_backend_service.go.erb - encoder: templates/terraform/encoders/region_backend_service.go.erb - decoder: templates/terraform/decoders/region_backend_service.go.erb - post_create: 'templates/terraform/post_create/compute_region_backend_service_security_policy.go.erb' -custom_diff: [ - 'customDiffRegionBackendService', -] -migrate_state: 'tpgresource.MigrateStateNoop' -schema_version: 1 parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | The Region in which the created backend service should reside. If it is not provided, the provider region is used. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Integer - name: 'affinityCookieTtlSec' + - name: 'affinityCookieTtlSec' + type: Integer description: | Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts @@ -143,29 +137,30 @@ properties: maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used. - - !ruby/object:Api::Type::Array - name: 'backend' - api_name: 'backends' - is_set: true - set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + - name: 'backend' + type: Array description: | The set of backends that serve this RegionBackendService. - item_type: !ruby/object:Api::Type::NestedObject + api_name: backends + is_set: true + set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'balancingMode' - default_value: :UTILIZATION - values: - - :UTILIZATION - - :RATE - - :CONNECTION + - name: 'balancingMode' + type: Enum description: | Specifies the balancing mode for this backend. See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) for an explanation of load balancing modes. - - !ruby/object:Api::Type::Double - name: 'capacityScaler' + default_value: "UTILIZATION" + enum_values: + - 'UTILIZATION' + - 'RATE' + - 'CONNECTION' + - name: 'capacityScaler' + type: Double description: | A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). @@ -178,22 +173,19 @@ properties: A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. send_empty_value: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Boolean - name: 'failover' - default_from_api: true + - name: 'failover' + type: Boolean description: | This field designates whether this is a failover backend. More than one failover backend can be configured for a given RegionBackendService. - - !ruby/object:Api::Type::String - name: 'group' - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - custom_flatten: templates/terraform/custom_flatten/guard_self_link.go.erb + default_from_api: true + - name: 'group' + type: String description: | The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list @@ -215,8 +207,11 @@ properties: Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL. - - !ruby/object:Api::Type::Integer - name: 'maxConnections' + required: true + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' + custom_flatten: 'templates/terraform/custom_flatten/guard_self_link.go.tmpl' + - name: 'maxConnections' + type: Integer description: | The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. @@ -225,8 +220,8 @@ properties: For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set. - - !ruby/object:Api::Type::Integer - name: 'maxConnectionsPerInstance' + - name: 'maxConnectionsPerInstance' + type: Integer description: | The max number of simultaneous connections that a single backend instance can handle. Cannot be set for INTERNAL backend @@ -236,8 +231,8 @@ properties: Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set. - - !ruby/object:Api::Type::Integer - name: 'maxConnectionsPerEndpoint' + - name: 'maxConnectionsPerEndpoint' + type: Integer description: | The max number of simultaneous connections that a single backend network endpoint can handle. Cannot be set @@ -247,8 +242,8 @@ properties: used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set. - - !ruby/object:Api::Type::Integer - name: 'maxRate' + - name: 'maxRate' + type: Integer description: | The max requests per second (RPS) of the group. Cannot be set for INTERNAL backend services. @@ -257,129 +252,129 @@ properties: but required if RATE mode. Either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set. - - !ruby/object:Api::Type::Double - name: 'maxRatePerInstance' + - name: 'maxRatePerInstance' + type: Double description: | The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set. Cannot be set for INTERNAL backend services. - - !ruby/object:Api::Type::Double - name: 'maxRatePerEndpoint' + - name: 'maxRatePerEndpoint' + type: Double description: | The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set. Cannot be set for INTERNAL backend services. - - !ruby/object:Api::Type::Double - name: 'maxUtilization' + - name: 'maxUtilization' + type: Double description: | Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0]. Cannot be set for INTERNAL backend services. - - !ruby/object:Api::Type::NestedObject - name: 'circuitBreakers' + - name: 'circuitBreakers' + type: NestedObject description: | Settings controlling the volume of connections to a backend service. This field is applicable only when the `load_balancing_scheme` is set to INTERNAL_MANAGED and the `protocol` is set to HTTP, HTTPS, or HTTP2. properties: - - !ruby/object:Api::Type::NestedObject - name: 'connectTimeout' - min_version: beta - at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - name: 'connectTimeout' + type: NestedObject description: | The timeout for new network connections to hosts. + min_version: 'beta' + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Integer - name: 'maxRequestsPerConnection' - at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - name: 'maxRequestsPerConnection' + type: Integer description: | Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. - - !ruby/object:Api::Type::Integer - name: 'maxConnections' - default_value: 1024 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + - name: 'maxConnections' + type: Integer description: | The maximum number of connections to the backend cluster. Defaults to 1024. - - !ruby/object:Api::Type::Integer - name: 'maxPendingRequests' - default_value: 1024 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxPendingRequests' + type: Integer description: | The maximum number of pending requests to the backend cluster. Defaults to 1024. - - !ruby/object:Api::Type::Integer - name: 'maxRequests' - default_value: 1024 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRequests' + type: Integer description: | The maximum number of parallel requests to the backend cluster. Defaults to 1024. - - !ruby/object:Api::Type::Integer - name: 'maxRetries' - default_value: 3 at_least_one_of: - - circuit_breakers.0.connect_timeout - - circuit_breakers.0.max_requests_per_connection - - circuit_breakers.0.max_connections - - circuit_breakers.0.max_pending_requests - - circuit_breakers.0.max_requests - - circuit_breakers.0.max_retries + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 1024 + - name: 'maxRetries' + type: Integer description: | The maximum number of parallel retries to the backend cluster. Defaults to 3. - - !ruby/object:Api::Type::NestedObject - name: 'consistentHash' + at_least_one_of: + - 'circuit_breakers.0.connect_timeout' + - 'circuit_breakers.0.max_requests_per_connection' + - 'circuit_breakers.0.max_connections' + - 'circuit_breakers.0.max_pending_requests' + - 'circuit_breakers.0.max_requests' + - 'circuit_breakers.0.max_retries' + default_value: 3 + - name: 'consistentHash' + type: NestedObject description: | Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing @@ -392,72 +387,67 @@ properties: * `protocol` is set to HTTP, HTTPS, or HTTP2 * `locality_lb_policy` is set to MAGLEV or RING_HASH properties: - - !ruby/object:Api::Type::NestedObject - name: 'httpCookie' - at_least_one_of: - - consistent_hash.0.http_cookie - - consistent_hash.0.http_header_name - - consistent_hash.0.minimum_ring_size + - name: 'httpCookie' + type: NestedObject description: | Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' properties: - - !ruby/object:Api::Type::NestedObject - name: 'ttl' - at_least_one_of: - - consistent_hash.0.http_cookie.0.ttl - - consistent_hash.0.http_cookie.0.name - - consistent_hash.0.http_cookie.0.path + - name: 'ttl' + type: NestedObject description: | Lifetime of the cookie. + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'name' - at_least_one_of: - - consistent_hash.0.http_cookie.0.ttl - - consistent_hash.0.http_cookie.0.name - - consistent_hash.0.http_cookie.0.path + - name: 'name' + type: String description: | Name of the cookie. - - !ruby/object:Api::Type::String - name: 'path' at_least_one_of: - - consistent_hash.0.http_cookie.0.ttl - - consistent_hash.0.http_cookie.0.name - - consistent_hash.0.http_cookie.0.path + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'path' + type: String description: | Path to set for the cookie. - - !ruby/object:Api::Type::String - name: 'httpHeaderName' - at_least_one_of: - - consistent_hash.0.http_cookie - - consistent_hash.0.http_header_name - - consistent_hash.0.minimum_ring_size + at_least_one_of: + - 'consistent_hash.0.http_cookie.0.ttl' + - 'consistent_hash.0.http_cookie.0.name' + - 'consistent_hash.0.http_cookie.0.path' + - name: 'httpHeaderName' + type: String description: | The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD. - - !ruby/object:Api::Type::Integer - name: 'minimumRingSize' - default_value: 1024 at_least_one_of: - - consistent_hash.0.http_cookie - - consistent_hash.0.http_header_name - - consistent_hash.0.minimum_ring_size + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + - name: 'minimumRingSize' + type: Integer description: | The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load @@ -465,52 +455,49 @@ properties: is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024. - - !ruby/object:Api::Type::NestedObject - name: 'cdnPolicy' + at_least_one_of: + - 'consistent_hash.0.http_cookie' + - 'consistent_hash.0.http_header_name' + - 'consistent_hash.0.minimum_ring_size' + default_value: 1024 + - name: 'cdnPolicy' + type: NestedObject description: 'Cloud CDN configuration for this BackendService.' default_from_api: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'cacheKeyPolicy' + - name: 'cacheKeyPolicy' + type: NestedObject description: 'The CacheKeyPolicy for this CdnPolicy.' at_least_one_of: - - cdn_policy.0.cache_key_policy - - cdn_policy.0.signed_url_cache_max_age_sec + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' properties: - - !ruby/object:Api::Type::Boolean - name: 'includeHost' - send_empty_value: true - at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - name: 'includeHost' + type: Boolean description: | If true requests to different hosts will be cached separately. - - !ruby/object:Api::Type::Boolean - name: 'includeProtocol' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeProtocol' + type: Boolean description: | If true, http and https requests will be cached separately. - - !ruby/object:Api::Type::Boolean - name: 'includeQueryString' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'includeQueryString' + type: Boolean description: | If true, include query string parameters in the cache key according to query_string_whitelist and @@ -519,16 +506,16 @@ properties: If false, the query string will be excluded from the cache key entirely. - - !ruby/object:Api::Type::Array - name: 'queryStringBlacklist' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + - name: 'queryStringBlacklist' + type: Array description: | Names of query string parameters to exclude in cache keys. @@ -537,17 +524,18 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array send_empty_value: true - name: 'queryStringWhitelist' at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'queryStringWhitelist' + type: Array description: | Names of query string parameters to include in cache keys. @@ -556,26 +544,32 @@ properties: '&' and '=' will be percent encoded and not treated as delimiters. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'includeNamedCookies' send_empty_value: true at_least_one_of: - - cdn_policy.0.cache_key_policy.0.include_host - - cdn_policy.0.cache_key_policy.0.include_protocol - - cdn_policy.0.cache_key_policy.0.include_query_string - - cdn_policy.0.cache_key_policy.0.query_string_blacklist - - cdn_policy.0.cache_key_policy.0.query_string_whitelist - - cdn_policy.0.cache_key_policy.0.include_named_cookies + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'includeNamedCookies' + type: Array description: | Names of cookies to include in cache keys. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'signedUrlCacheMaxAgeSec' - default_value: 3600 - at_least_one_of: - - cdn_policy.0.cache_key_policy - - cdn_policy.0.signed_url_cache_max_age_sec + send_empty_value: true + at_least_one_of: + - 'cdn_policy.0.cache_key_policy.0.include_host' + - 'cdn_policy.0.cache_key_policy.0.include_protocol' + - 'cdn_policy.0.cache_key_policy.0.include_query_string' + - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' + - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' + - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' + item_type: + type: String + - name: 'signedUrlCacheMaxAgeSec' + type: Integer description: | Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this @@ -587,98 +581,99 @@ properties: "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. - - !ruby/object:Api::Type::Integer - name: 'defaultTtl' + at_least_one_of: + - 'cdn_policy.0.cache_key_policy' + - 'cdn_policy.0.signed_url_cache_max_age_sec' + default_value: 3600 + - name: 'defaultTtl' + type: Integer description: | Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'maxTtl' + - name: 'maxTtl' + type: Integer description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'clientTtl' + - name: 'clientTtl' + type: Integer description: | Specifies the maximum allowed TTL for cached content served by this origin. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'negativeCaching' - send_empty_value: true + - name: 'negativeCaching' + type: Boolean description: | Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'negativeCachingPolicy' + send_empty_value: true + - name: 'negativeCachingPolicy' + type: Array description: | Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'code' + - name: 'code' + type: Integer description: | The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once. - - !ruby/object:Api::Type::Integer - name: 'ttl' - min_version: beta + - name: 'ttl' + type: Integer description: | The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. - - !ruby/object:Api::Type::Enum - name: 'cacheMode' + min_version: 'beta' + - name: 'cacheMode' + type: Enum description: | Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC - values: - - :USE_ORIGIN_HEADERS - - :FORCE_CACHE_ALL - - :CACHE_ALL_STATIC default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'serveWhileStale' - send_empty_value: true + enum_values: + - 'USE_ORIGIN_HEADERS' + - 'FORCE_CACHE_ALL' + - 'CACHE_ALL_STATIC' + - name: 'serveWhileStale' + type: Integer description: | Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'connectionDraining' + send_empty_value: true + - name: 'connectionDraining' + type: NestedObject description: | Settings for connection draining flatten_object: true properties: - - !ruby/object:Api::Type::Integer - name: 'connection_draining_timeout_sec' - api_name: drainingTimeoutSec - default_value: 300 - send_empty_value: true + - name: 'connection_draining_timeout_sec' + type: Integer description: | Time for which instance will be drained (not accept new connections, but still work to finish started). - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + api_name: drainingTimeoutSec + send_empty_value: true + default_value: 300 + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. output: true # customRequestHeaders only supported for EXTERNAL load balancing - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::NestedObject - name: 'failoverPolicy' + - name: 'failoverPolicy' + type: NestedObject description: | Policy for failovers. properties: - - !ruby/object:Api::Type::Boolean - name: 'disableConnectionDrainOnFailover' - at_least_one_of: - - failover_policy.0.disable_connection_drain_on_failover - - failover_policy.0.drop_traffic_if_unhealthy - - failover_policy.0.failover_ratio + - name: 'disableConnectionDrainOnFailover' + type: Boolean description: | On failover or failback, this field indicates whether connection drain will be honored. Setting this to true has the following effect: connections @@ -689,25 +684,25 @@ properties: This can be set to true only if the protocol is TCP. The default is false. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'dropTrafficIfUnhealthy' at_least_one_of: - - failover_policy.0.disable_connection_drain_on_failover - - failover_policy.0.drop_traffic_if_unhealthy - - failover_policy.0.failover_ratio + - 'failover_policy.0.disable_connection_drain_on_failover' + - 'failover_policy.0.drop_traffic_if_unhealthy' + - 'failover_policy.0.failover_ratio' + - name: 'dropTrafficIfUnhealthy' + type: Boolean description: | This option is used only when no healthy VMs are detected in the primary and backup instance groups. When set to true, traffic is dropped. When set to false, new connections are sent across all VMs in the primary group. The default is false. - send_empty_value: true default_from_api: true - - !ruby/object:Api::Type::Double - name: 'failoverRatio' + send_empty_value: true at_least_one_of: - - failover_policy.0.disable_connection_drain_on_failover - - failover_policy.0.drop_traffic_if_unhealthy - - failover_policy.0.failover_ratio + - 'failover_policy.0.disable_connection_drain_on_failover' + - 'failover_policy.0.drop_traffic_if_unhealthy' + - 'failover_policy.0.failover_ratio' + - name: 'failoverRatio' + type: Double description: | The value of the field must be in [0, 1]. If the ratio of the healthy VMs in the primary backend is at or below this number, traffic arriving @@ -717,20 +712,22 @@ properties: backend in the "force" mode, where traffic will be spread to the healthy VMs with the best effort, or to all VMs when no VM is healthy. This field is only used with l4 load balancing. - - !ruby/object:Api::Type::Boolean - name: 'enableCDN' + at_least_one_of: + - 'failover_policy.0.disable_connection_drain_on_failover' + - 'failover_policy.0.drop_traffic_if_unhealthy' + - 'failover_policy.0.failover_ratio' + - name: 'enableCDN' + type: Boolean description: | If true, enable Cloud CDN for this RegionBackendService. - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' - output: true + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. - - !ruby/object:Api::Type::Array - name: 'healthChecks' - min_size: 1 - max_size: 1 + output: true + - name: 'healthChecks' + type: Array description: | The set of URLs to HealthCheck resources for health checking this RegionBackendService. Currently at most one health @@ -740,65 +737,61 @@ properties: or serverless NEG as a backend. is_set: true set_hash_func: 'tpgresource.SelfLinkRelativePathHash' - custom_flatten: templates/terraform/custom_flatten/guard_self_link_array.go.erb - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'generated_id' - api_name: 'id' + custom_flatten: 'templates/terraform/custom_flatten/guard_self_link_array.go.tmpl' + item_type: + type: String + min_size: 1 + max_size: 1 + - name: 'generated_id' + type: Integer description: 'The unique identifier for the resource. This identifier is defined by the server.' + api_name: id output: true - - !ruby/object:Api::Type::NestedObject - name: 'iap' + - name: 'iap' + type: NestedObject description: Settings for enabling Cloud Identity Aware Proxy + default_from_api: true send_empty_value: true properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' - required: true + - name: 'enabled' + type: Boolean description: Whether the serving infrastructure will authenticate and authorize all incoming requests. - - !ruby/object:Api::Type::String - name: 'oauth2ClientId' + required: true + - name: 'oauth2ClientId' + type: String description: | OAuth2 Client ID for IAP - - !ruby/object:Api::Type::String - name: 'oauth2ClientSecret' + - name: 'oauth2ClientSecret' + type: String description: | OAuth2 Client Secret for IAP - send_empty_value: true ignore_read: true sensitive: true - - !ruby/object:Api::Type::String - name: 'oauth2ClientSecretSha256' - output: true + send_empty_value: true + - name: 'oauth2ClientSecretSha256' + type: String description: | OAuth2 Client Secret SHA-256 for IAP sensitive: true - - !ruby/object:Api::Type::Enum - name: 'loadBalancingScheme' - immutable: true + output: true + - name: 'loadBalancingScheme' + type: Enum description: | Indicates what kind of load balancing this regional backend service will be used for. A backend service created for one type of load balancing cannot be used with the other(s). For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). - default_value: :INTERNAL - values: - - :EXTERNAL - - :EXTERNAL_MANAGED - - :INTERNAL - - :INTERNAL_MANAGED - - !ruby/object:Api::Type::Enum - name: 'localityLbPolicy' - values: - - :ROUND_ROBIN - - :LEAST_REQUEST - - :RING_HASH - - :RANDOM - - :ORIGINAL_DESTINATION - - :MAGLEV - - :WEIGHTED_MAGLEV + immutable: true + default_value: "INTERNAL" + enum_values: + - 'EXTERNAL' + - 'EXTERNAL_MANAGED' + - 'INTERNAL' + - 'INTERNAL_MANAGED' + - name: 'localityLbPolicy' + type: Enum description: | The load balancing algorithm used within the scope of the locality. The possible values are: @@ -828,7 +821,8 @@ properties: Maglev, refer to https://ai.google/research/pubs/pub44824 * `WEIGHTED_MAGLEV`: Per-instance weighted Load Balancing via health check - reported weights. If set, the Backend Service must + reported weights. Only applicable to loadBalancingScheme + EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field @@ -840,7 +834,7 @@ properties: UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. - This field is applicable to either: + locality_lb_policy is applicable to either: * A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED. @@ -849,16 +843,22 @@ properties: Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. - If session_affinity is not NONE, and this field is not set to MAGLEV, WEIGHTED_MAGLEV, + If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + enum_values: + - 'ROUND_ROBIN' + - 'LEAST_REQUEST' + - 'RING_HASH' + - 'RANDOM' + - 'ORIGINAL_DESTINATION' + - 'MAGLEV' + - 'WEIGHTED_MAGLEV' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -867,234 +867,224 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::NestedObject - name: 'outlierDetection' + required: true + immutable: true + - name: 'outlierDetection' + type: NestedObject description: | Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the `load_balancing_scheme` is set to INTERNAL_MANAGED and the `protocol` is set to HTTP, HTTPS, or HTTP2. properties: - - !ruby/object:Api::Type::NestedObject - name: 'baseEjectionTime' - at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - name: 'baseEjectionTime' + type: NestedObject description: | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Integer - name: 'consecutiveErrors' - at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - name: 'consecutiveErrors' + type: Integer description: | Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5. - - !ruby/object:Api::Type::Integer - name: 'consecutiveGatewayFailure' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'consecutiveGatewayFailure' + type: Integer description: | The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5. - - !ruby/object:Api::Type::Integer - name: 'enforcingConsecutiveErrors' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveErrors' + type: Integer description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. - - !ruby/object:Api::Type::Integer - name: 'enforcingConsecutiveGatewayFailure' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingConsecutiveGatewayFailure' + type: Integer description: | The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0. - - !ruby/object:Api::Type::Integer - name: 'enforcingSuccessRate' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'enforcingSuccessRate' + type: Integer description: | The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. - - !ruby/object:Api::Type::NestedObject - name: 'interval' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'interval' + type: NestedObject description: | Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' properties: - - !ruby/object:Api::Type::Integer - name: 'seconds' - required: true + - name: 'seconds' + type: Integer description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Integer - name: 'nanos' + required: true + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Integer - name: 'maxEjectionPercent' - at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - name: 'maxEjectionPercent' + type: Integer description: | Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%. - - !ruby/object:Api::Type::Integer - name: 'successRateMinimumHosts' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateMinimumHosts' + type: Integer description: | The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5. - - !ruby/object:Api::Type::Integer - name: 'successRateRequestVolume' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateRequestVolume' + type: Integer description: | The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100. - - !ruby/object:Api::Type::Integer - name: 'successRateStdevFactor' at_least_one_of: - - outlier_detection.0.base_ejection_time - - outlier_detection.0.consecutive_errors - - outlier_detection.0.consecutive_gateway_failure - - outlier_detection.0.enforcing_consecutive_errors - - outlier_detection.0.enforcing_consecutive_gateway_failure - - outlier_detection.0.enforcing_success_rate - - outlier_detection.0.interval - - outlier_detection.0.max_ejection_percent - - outlier_detection.0.success_rate_minimum_hosts - - outlier_detection.0.success_rate_request_volume - - outlier_detection.0.success_rate_stdev_factor + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'successRateStdevFactor' + type: Integer description: | This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success @@ -1102,8 +1092,20 @@ properties: success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. - - !ruby/object:Api::Type::String - name: 'portName' + at_least_one_of: + - 'outlier_detection.0.base_ejection_time' + - 'outlier_detection.0.consecutive_errors' + - 'outlier_detection.0.consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_consecutive_errors' + - 'outlier_detection.0.enforcing_consecutive_gateway_failure' + - 'outlier_detection.0.enforcing_success_rate' + - 'outlier_detection.0.interval' + - 'outlier_detection.0.max_ejection_percent' + - 'outlier_detection.0.success_rate_minimum_hosts' + - 'outlier_detection.0.success_rate_request_volume' + - 'outlier_detection.0.success_rate_stdev_factor' + - name: 'portName' + type: String description: | A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the @@ -1113,58 +1115,102 @@ properties: default of "http" if not given. Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing). default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'protocol' + - name: 'protocol' + type: Enum description: | The protocol this RegionBackendService uses to communicate with backends. The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. + default_from_api: true # This is removed to avoid breaking terraform, as default values cannot be # unspecified. Providers should include this as needed via overrides # default_value: :TCP - values: - - :HTTP - - :HTTPS - - :HTTP2 - - :SSL - - :TCP - - :UDP - - :GRPC - - :UNSPECIFIED - default_from_api: true - - !ruby/object:Api::Type::String - name: 'securityPolicy' - min_version: beta + enum_values: + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - 'SSL' + - 'TCP' + - 'UDP' + - 'GRPC' + - 'UNSPECIFIED' + - name: 'securityPolicy' + type: String description: | The security policy associated with this backend service. - update_verb: :POST + min_version: 'beta' update_url: 'projects/{{project}}/regions/{{region}}/backendServices/{{name}}/setSecurityPolicy' + update_verb: 'POST' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::Enum - name: 'sessionAffinity' + - name: 'sessionAffinity' + type: Enum description: | Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. - values: - - :NONE - - :CLIENT_IP - - :CLIENT_IP_PORT_PROTO - - :CLIENT_IP_PROTO - - :GENERATED_COOKIE - - :HEADER_FIELD - - :HTTP_COOKIE - - :CLIENT_IP_NO_DESTINATION default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'connectionTrackingPolicy' - min_version: 'beta' + enum_values: + - 'NONE' + - 'CLIENT_IP' + - 'CLIENT_IP_PORT_PROTO' + - 'CLIENT_IP_PROTO' + - 'GENERATED_COOKIE' + - 'HEADER_FIELD' + - 'HTTP_COOKIE' + - 'CLIENT_IP_NO_DESTINATION' + - 'STRONG_COOKIE_AFFINITY' + - name: 'strongSessionAffinityCookie' + type: NestedObject + description: | + Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. + properties: + - name: 'ttl' + type: NestedObject + description: | + Lifetime of the cookie. + at_least_one_of: + - 'strong_session_affinity_cookie.0.ttl' + - 'strong_session_affinity_cookie.0.name' + - 'strong_session_affinity_cookie.0.path' + properties: + - name: 'seconds' + type: Integer + description: | + Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. + required: true + - name: 'nanos' + type: Integer + description: | + Span of time that's a fraction of a second at nanosecond + resolution. Durations less than one second are represented + with a 0 seconds field and a positive nanos field. Must + be from 0 to 999,999,999 inclusive. + - name: 'name' + type: String + description: | + Name of the cookie. + at_least_one_of: + - 'strong_session_affinity_cookie.0.ttl' + - 'strong_session_affinity_cookie.0.name' + - 'strong_session_affinity_cookie.0.path' + - name: 'path' + type: String + description: | + Path to set for the cookie. + at_least_one_of: + - 'strong_session_affinity_cookie.0.ttl' + - 'strong_session_affinity_cookie.0.name' + - 'strong_session_affinity_cookie.0.path' + - name: 'connectionTrackingPolicy' + type: NestedObject description: | Connection Tracking configuration for this BackendService. This is available only for Layer 4 Internal Load Balancing and Network Load Balancing. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Integer - name: 'idleTimeoutSec' + - name: 'idleTimeoutSec' + type: Integer description: | Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). @@ -1173,8 +1219,8 @@ properties: For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'trackingMode' + - name: 'trackingMode' + type: Enum description: | Specifies the key used for connection tracking. There are two options: `PER_CONNECTION`: The Connection Tracking is performed as per the @@ -1182,12 +1228,12 @@ properties: `PER_SESSION`: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. - default_value: :PER_CONNECTION - values: - - :PER_CONNECTION - - :PER_SESSION - - !ruby/object:Api::Type::Enum - name: 'connectionPersistenceOnUnhealthyBackends' + default_value: "PER_CONNECTION" + enum_values: + - 'PER_CONNECTION' + - 'PER_SESSION' + - name: 'connectionPersistenceOnUnhealthyBackends' + type: Enum description: | Specifies connection persistence when backends are unhealthy. @@ -1205,67 +1251,67 @@ properties: If set to `ALWAYS_PERSIST`, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. - default_value: :DEFAULT_FOR_PROTOCOL - values: - - :DEFAULT_FOR_PROTOCOL - - :NEVER_PERSIST - - :ALWAYS_PERSIST - - !ruby/object:Api::Type::Boolean - name: enableStrongAffinity + default_value: "DEFAULT_FOR_PROTOCOL" + enum_values: + - 'DEFAULT_FOR_PROTOCOL' + - 'NEVER_PERSIST' + - 'ALWAYS_PERSIST' + - name: 'enableStrongAffinity' + type: Boolean description: Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly. - - !ruby/object:Api::Type::Integer - name: 'timeoutSec' + - name: 'timeoutSec' + type: Integer description: | The backend service timeout has a different meaning depending on the type of load balancer. For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'logConfig' + - name: 'logConfig' + type: NestedObject description: | This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. default_from_api: true properties: - - !ruby/object:Api::Type::Boolean - name: 'enable' - at_least_one_of: - - log_config.0.enable - - log_config.0.sample_rate + - name: 'enable' + type: Boolean description: | Whether to enable logging for the load balancer traffic served by this backend service. send_empty_value: true - - !ruby/object:Api::Type::Double - name: 'sampleRate' at_least_one_of: - - log_config.0.enable - - log_config.0.sample_rate + - 'log_config.0.enable' + - 'log_config.0.sample_rate' + - name: 'sampleRate' + type: Double description: | This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0. - default_value: 1.0 + at_least_one_of: + - 'log_config.0.enable' + - 'log_config.0.sample_rate' diff_suppress_func: 'suppressWhenDisabled' - - !ruby/object:Api::Type::ResourceRef - resource: 'Network' - name: 'network' - imports: 'selfLink' + default_value: 1.0 + - name: 'network' + type: ResourceRef description: | The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'subsetting' - min_version: beta + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'subsetting' + type: NestedObject description: | Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Enum - name: 'policy' - values: - - :CONSISTENT_HASH_SUBSETTING - required: true + - name: 'policy' + type: Enum description: | The algorithm used for subsetting. + required: true + enum_values: + - 'CONSISTENT_HASH_SUBSETTING' diff --git a/mmv1/products/compute/RegionCommitment.yaml b/mmv1/products/compute/RegionCommitment.yaml index 5635662d15a1..38f332a23341 100644 --- a/mmv1/products/compute/RegionCommitment.yaml +++ b/mmv1/products/compute/RegionCommitment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,84 +11,84 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionCommitment' kind: 'compute#commitment' -base_url: projects/{{project}}/regions/{{region}}/commitments -collection_url_key: 'items' -has_self_link: true -# Cannot be deleted -skip_delete: true -# Cannot be updated (as of implementation date) -immutable: true description: | Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Committed use discounts for Compute Engine': 'https://cloud.google.com/compute/docs/instances/committed-use-discounts-overview' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionCommitments' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/commitments' +has_self_link: true +# Cannot be deleted +exclude_delete: true +# Cannot be updated (as of implementation date) +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'compute_region_commitment_basic' + - name: 'compute_region_commitment_basic' primary_resource_id: 'foobar' - # Creating a resource means signing a contract - # Spanning years that cannot be deleted - skip_test: true vars: region_commitment_name: 'my-region-commitment' - - !ruby/object:Provider::Terraform::Examples - name: 'compute_region_commitment_full' - primary_resource_id: 'foobar' # Creating a resource means signing a contract # Spanning years that cannot be deleted - skip_test: true + exclude_test: true + - name: 'compute_region_commitment_full' + primary_resource_id: 'foobar' vars: region_commitment_name: 'my-full-commitment' + # Creating a resource means signing a contract + # Spanning years that cannot be deleted + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | URL of the region where this commitment may be used. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Integer - name: 'commitment_id' - api_name: 'id' + - name: 'commitment_id' + type: Integer description: 'Unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the @@ -96,110 +96,116 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::Enum - name: 'status' - output: true + - name: 'status' + type: Enum description: | Status of the commitment with regards to eventual expiration (each commitment has an end date defined). - values: - - :NOT_YET_ACTIVE - - :ACTIVE - - :EXPIRED - - !ruby/object:Api::Type::String - name: 'statusMessage' output: true + enum_values: + - 'NOT_YET_ACTIVE' + - 'ACTIVE' + - 'EXPIRED' + - name: 'statusMessage' + type: String description: | A human-readable explanation of the status. - - !ruby/object:Api::Type::Enum - name: 'plan' - required: true + output: true + - name: 'plan' + type: Enum description: | The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years). - values: - - :TWELVE_MONTH - - :THIRTY_SIX_MONTH - - !ruby/object:Api::Type::Time - name: 'startTimestamp' + required: true + enum_values: + - 'TWELVE_MONTH' + - 'THIRTY_SIX_MONTH' + - name: 'startTimestamp' + type: Time description: 'Commitment start time in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Time - name: 'endTimestamp' + - name: 'endTimestamp' + type: Time description: 'Commitment end time in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Array - name: resources + - name: 'resources' + type: Array description: | A list of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'type' + - name: 'type' + type: String description: | Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR. - - !ruby/object:Api::Type::String - name: 'amount' + - name: 'amount' + type: String description: | The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU. - - !ruby/object:Api::Type::String - name: 'acceleratorType' + - name: 'acceleratorType' + type: String description: | Name of the accelerator type resource. Applicable only when the type is ACCELERATOR. - - !ruby/object:Api::Type::String - name: 'type' - default_from_api: true + - name: 'type' + type: String description: | The type of commitment, which affects the discount rate and the eligible resources. The type could be one of the following value: `MEMORY_OPTIMIZED`, `ACCELERATOR_OPTIMIZED`, `GENERAL_PURPOSE_N1`, `GENERAL_PURPOSE_N2`, `GENERAL_PURPOSE_N2D`, `GENERAL_PURPOSE_E2`, `GENERAL_PURPOSE_T2D`, `GENERAL_PURPOSE_C3`, `COMPUTE_OPTIMIZED_C2`, `COMPUTE_OPTIMIZED_C2D` and `GRAPHICS_OPTIMIZED_G2` - - !ruby/object:Api::Type::Enum - name: 'category' default_from_api: true + - name: 'category' + type: Enum description: | The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified. - values: - - :LICENSE - - :MACHINE - - !ruby/object:Api::Type::NestedObject - name: 'licenseResource' + default_from_api: true + enum_values: + - 'LICENSE' + - 'MACHINE' + - name: 'licenseResource' + type: NestedObject description: | The license specification required as part of a license commitment. properties: - - !ruby/object:Api::Type::String - name: 'license' - required: true + - name: 'license' + type: String description: | Any applicable license URI. - - !ruby/object:Api::Type::String - name: 'amount' + required: true + - name: 'amount' + type: String description: | The number of licenses purchased. - - !ruby/object:Api::Type::String - name: 'coresPerLicense' + - name: 'coresPerLicense' + type: String description: | Specifies the core range of the instance for which this license applies. - - !ruby/object:Api::Type::Boolean - name: 'autoRenew' - default_from_api: true + - name: 'autoRenew' + type: Boolean description: | Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment. + default_from_api: true + - name: 'existingReservations' + type: String + description: | + Specifies the already existing reservations to attach to the Commitment. + default_from_api: true diff --git a/mmv1/products/compute/RegionDisk.yaml b/mmv1/products/compute/RegionDisk.yaml index ba65b98a0135..56cadab731ae 100644 --- a/mmv1/products/compute/RegionDisk.yaml +++ b/mmv1/products/compute/RegionDisk.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionDisk' kind: 'compute#disk' -immutable: true -base_url: projects/{{project}}/regions/{{region}}/disks -collection_url_key: 'items' -has_self_link: true description: | Persistent disks are durable storage devices that function similarly to the physical disks in a desktop or a server. Compute Engine manages the @@ -34,83 +30,78 @@ description: | Add a persistent disk to your instance when you need reliable and affordable storage with consistent performance characteristics. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Adding or Resizing Regional Persistent Disks': 'https://cloud.google.com/compute/docs/disks/regional-persistent-disk' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionDisks' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/disks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: templates/terraform/pre_delete/detach_disk.erb - encoder: templates/terraform/encoders/disk.erb - decoder: templates/terraform/decoders/disk.erb -custom_diff: [ - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)', - 'hyperDiskIopsUpdateDiffSupress', -] +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + base_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/regions/{{region}}/disks/{{name}}' + - '{{name}}' +custom_code: + encoder: 'templates/terraform/encoders/disk.tmpl' + decoder: 'templates/terraform/decoders/disk.tmpl' + pre_delete: 'templates/terraform/pre_delete/detach_disk.tmpl' +custom_diff: + - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)' + - 'hyperDiskIopsUpdateDiffSupress' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_disk_basic' + - name: 'region_disk_basic' primary_resource_id: 'regiondisk' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-region-disk%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' vars: region_disk_name: 'my-region-disk' disk_name: 'my-disk' snapshot_name: 'my-snapshot' - - !ruby/object:Provider::Terraform::Examples - name: 'region_disk_async' + - name: 'region_disk_async' primary_resource_id: 'primary' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-region-disk%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' vars: region_disk_name: 'primary-region-disk' secondary_region_disk_name: 'secondary-region-disk' - - !ruby/object:Provider::Terraform::Examples - name: 'region_disk_features' + - name: 'region_disk_features' primary_resource_id: 'regiondisk' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-region-disk%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' vars: region_disk_name: 'my-region-features-disk' -iam_policy: !ruby/object:Api::Resource::IamPolicy - method_name_separator: '/' - fetch_iam_policy_verb: :GET - parent_resource_attribute: 'name' - import_format: - ['projects/{{project}}/regions/{{region}}/disks/{{name}}', '{{name}}'] - base_url: projects/{{project}}/regions/{{region}}/disks/{{name}} parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: 'A reference to the region where the disk resides.' required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'diskEncryptionKey' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' + - name: 'diskEncryptionKey' + type: NestedObject description: | Encrypts the disk using a customer-supplied encryption key. @@ -124,30 +115,27 @@ parameters: If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. sensitive: true - - !ruby/object:Api::Type::String - name: 'sha256' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | The name of the encryption key that is stored in Google Cloud KMS. - immutable: true - - !ruby/object:Api::Type::ResourceRef - name: 'snapshot' - api_name: sourceSnapshot - resource: 'Snapshot' - imports: 'selfLink' + - name: 'snapshot' + type: ResourceRef description: | The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are @@ -157,34 +145,37 @@ parameters: * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` * `snapshot` - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'sourceSnapshotEncryptionKey' + api_name: sourceSnapshot + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Snapshot' + imports: 'selfLink' + - name: 'sourceSnapshotEncryptionKey' + type: NestedObject description: | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - !ruby/object:Api::Type::String - name: 'kmsKeyName' - min_version: beta + - name: 'kmsKeyName' + type: String description: | The name of the encryption key that is stored in Google Cloud KMS. - - !ruby/object:Api::Type::String - name: 'sha256' + min_version: 'beta' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true - immutable: true - - !ruby/object:Api::Type::String - name: 'sourceSnapshotId' + - name: 'sourceSnapshotId' + type: String description: | The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent @@ -194,38 +185,40 @@ parameters: used. output: true properties: - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + update_verb: 'POST' + key_expander: '' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Time - name: 'lastAttachTimestamp' + - name: 'lastAttachTimestamp' + type: Time description: 'Last attach timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Time - name: 'lastDetachTimestamp' + - name: 'lastDetachTimestamp' + type: Time description: 'Last detach timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | Labels to apply to this disk. A list of key->value pairs. - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' - - !ruby/object:Api::Type::String - name: 'name' + update_verb: 'POST' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -234,12 +227,10 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Integer - name: 'size' - api_name: sizeGb - default_from_api: true + immutable: true + - name: 'size' + type: Integer description: | Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or @@ -249,22 +240,25 @@ properties: If you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. - update_verb: :POST + api_name: sizeGb + default_from_api: true update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/resize' - - !ruby/object:Api::Type::Array - name: 'users' + update_verb: 'POST' + - name: 'users' + type: Array description: | Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance - item_type: !ruby/object:Api::Type::ResourceRef + output: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'user' + type: ResourceRef + description: 'A reference to a user of this disk' resource: 'Instance' imports: 'selfLink' - description: 'A reference to a user of this disk' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - output: true - - !ruby/object:Api::Type::Integer - name: 'physicalBlockSizeBytes' + - name: 'physicalBlockSizeBytes' + type: Integer description: | Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes @@ -272,45 +266,43 @@ properties: If an unsupported value is requested, the error message will list the supported values for the caller's project. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'replicaZones' + - name: 'replicaZones' + type: Array description: 'URLs of the zones where the disk should be replicated to.' - min_size: 2 - max_size: 2 required: true - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'zone' - resource: 'Zone' - imports: 'selfLink' + type: ResourceRef description: | A reference to a zone where the disk should be replicated to. - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'type' - resource: 'RegionDiskType' - imports: 'selfLink' + resource: 'Zone' + imports: 'selfLink' + min_size: 2 + max_size: 2 + - name: 'type' + type: ResourceRef description: | URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - default_value: 'pd-standard' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'interface' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + default_value: "pd-standard" + resource: 'RegionDiskType' + imports: 'selfLink' + - name: 'interface' + type: String + description: | + Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. min_version: 'beta' # interface is removed using url_param_only to preserve schema definition # and prevent sending or reading in API requests url_param_only: true - default_value: 'SCSI' - deprecation_message: >- - `interface` is deprecated and will be removed in a future major release. - This field is no longer used and can be safely removed from your configurations; - disk interfaces are automatically determined on attachment. - description: | - Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. - diff_suppress_func: AlwaysDiffSuppress - - !ruby/object:Api::Type::String - name: 'sourceDisk' + diff_suppress_func: 'AlwaysDiffSuppress' + default_value: "SCSI" + deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' + - name: 'sourceDisk' + type: String description: | The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: @@ -322,56 +314,58 @@ properties: * zones/{zone}/disks/{disk} * regions/{region}/disks/{disk} diff_suppress_func: 'sourceDiskDiffSupress' - - !ruby/object:Api::Type::String - name: 'sourceDiskId' + - name: 'sourceDiskId' + type: String description: | The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name. output: true - - !ruby/object:Api::Type::NestedObject - name: 'asyncPrimaryDisk' + - name: 'asyncPrimaryDisk' + type: NestedObject + diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' properties: - - !ruby/object:Api::Type::String - name: 'disk' + - name: 'disk' + type: String description: | Primary disk for asynchronous disk replication. required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Array - name: 'guestOsFeatures' + - name: 'guestOsFeatures' + type: Array description: | A list of features to enable on the guest operating system. Applicable only for bootable disks. - default_from_api: true is_set: true - item_type: !ruby/object:Api::Type::NestedObject + default_from_api: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'type' - required: true + - name: 'type' + type: Enum description: | The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - values: - - :MULTI_IP_SUBNET - - :SECURE_BOOT - - :SEV_CAPABLE - - :UEFI_COMPATIBLE - - :VIRTIO_SCSI_MULTIQUEUE - - :WINDOWS - - :GVNIC - - :SEV_LIVE_MIGRATABLE - - :SEV_SNP_CAPABLE - - :SUSPEND_RESUME_COMPATIBLE - - :TDX_CAPABLE - - !ruby/object:Api::Type::Array - name: 'licenses' + required: true + enum_values: + - 'MULTI_IP_SUBNET' + - 'SECURE_BOOT' + - 'SEV_CAPABLE' + - 'UEFI_COMPATIBLE' + - 'VIRTIO_SCSI_MULTIQUEUE' + - 'WINDOWS' + - 'GVNIC' + - 'SEV_LIVE_MIGRATABLE' + - 'SEV_SNP_CAPABLE' + - 'SUSPEND_RESUME_COMPATIBLE' + - 'TDX_CAPABLE' + - name: 'licenses' + type: Array description: Any applicable license URI. - default_from_api: true immutable: true - item_type: !ruby/object:Api::Type::ResourceRef + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'license' + type: ResourceRef description: 'An applicable license URI' resource: 'License' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' diff --git a/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml b/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml index 3e23536a4a34..c2eeedbb584e 100644 --- a/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml +++ b/mmv1/products/compute/RegionDiskResourcePolicyAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,78 +11,78 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionDiskResourcePolicyAttachment' -immutable: true -base_url: projects/{{project}}/regions/{{region}}/disks/{{disk}} -create_verb: :POST -create_url: projects/{{project}}/regions/{{region}}/disks/{{disk}}/addResourcePolicies -delete_verb: :POST -delete_url: projects/{{project}}/regions/{{region}}/disks/{{disk}}/removeResourcePolicies -self_link: projects/{{project}}/regions/{{region}}/disks/{{disk}} -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - resourcePolicies - is_list_of_ids: true -identity: - - name description: | Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation. ~> **Note:** This resource does not support zonal disks (`google_compute_disk`). For zonal disks, please refer to [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{region}}/{{disk}}/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' +self_link: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' +create_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}/addResourcePolicies' +delete_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}/removeResourcePolicies' +delete_verb: 'POST' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +identity: + - name +nested_query: + keys: + - resourcePolicies + is_list_of_ids: true + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_region_disk_resource_policies_attachment.go.tmpl' + decoder: 'templates/terraform/decoders/compute_disk_resource_policies_attachment.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_region_disk_resource_policies_attachment.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_disk_resource_policy_attachment_basic' + - name: 'region_disk_resource_policy_attachment_basic' primary_resource_id: 'attachment' vars: base_disk_name: 'my-base-disk' snapshot_name: 'my-snapshot' disk_name: 'my-disk' policy_name: 'my-resource-policy' -id_format: '{{project}}/{{region}}/{{disk}}/{{name}}' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/compute_region_disk_resource_policies_attachment.go.erb - decoder: templates/terraform/decoders/compute_disk_resource_policies_attachment.go.erb - pre_delete: templates/terraform/pre_delete/compute_region_disk_resource_policies_attachment.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'disk' - resource: 'Disk' - imports: 'name' + - name: 'disk' + type: ResourceRef description: | The name of the regional disk in which the resource policies are attached to. - required: true url_param_only: true - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' + required: true + resource: 'Disk' imports: 'name' + - name: 'region' + type: ResourceRef description: 'A reference to the region where the disk resides.' - required: false url_param_only: true + required: false default_from_api: true + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link. diff --git a/mmv1/products/compute/RegionDiskType.yaml b/mmv1/products/compute/RegionDiskType.yaml index e0b24ffebd8e..7a656e46cac4 100644 --- a/mmv1/products/compute/RegionDiskType.yaml +++ b/mmv1/products/compute/RegionDiskType.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,67 +11,73 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionDiskType' kind: 'compute#diskType' -base_url: projects/{{project}}/regions/{{region}}/diskTypes -collection_url_key: 'items' description: | Represents a regional DiskType resource. A DiskType resource represents the type of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a disk type, use the disk type's full or partial URL. +exclude: true readonly: true +docs: +base_url: 'projects/{{project}}/regions/{{region}}/diskTypes' has_self_link: true -exclude: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: 'A reference to the region where the disk type resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Integer - name: 'defaultDiskSizeGb' + - name: 'defaultDiskSizeGb' + type: Integer description: 'Server-defined default disk size in GB.' output: true - - !ruby/object:Api::Type::NestedObject - name: 'deprecated' + - name: 'deprecated' + type: NestedObject description: 'The deprecation status associated with this disk type.' output: true properties: - - !ruby/object:Api::Type::Time - name: 'deleted' + - name: 'deleted' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DELETED. output: true - - !ruby/object:Api::Type::Time - name: 'deprecated' + - name: 'deprecated' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to DEPRECATED. output: true - - !ruby/object:Api::Type::Time - name: 'obsolete' + - name: 'obsolete' + type: Time description: | An optional RFC3339 timestamp on or after which the deprecation state of this resource will be changed to OBSOLETE. output: true - - !ruby/object:Api::Type::String - name: 'replacement' + - name: 'replacement' + type: String description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true - - !ruby/object:Api::Type::Enum - name: 'state' + - name: 'state' + type: Enum description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a @@ -79,24 +85,24 @@ properties: indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. - values: - - :DEPRECATED - - :OBSOLETE - - :DELETED output: true - - !ruby/object:Api::Type::String - name: 'description' + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String description: 'An optional description of this resource.' output: true - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'The unique identifier for the resource.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the resource.' - - !ruby/object:Api::Type::String - name: 'validDiskSize' + - name: 'validDiskSize' + type: String description: | An optional textual description of the valid disk size, such as "10GB-10TB". diff --git a/mmv1/products/compute/RegionHealthCheck.yaml b/mmv1/products/compute/RegionHealthCheck.yaml index 0e7fd72ea8a7..42419bc26890 100644 --- a/mmv1/products/compute/RegionHealthCheck.yaml +++ b/mmv1/products/compute/RegionHealthCheck.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,16 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionHealthCheck' kind: 'compute#healthCheck' -base_url: projects/{{project}}/regions/{{region}}/healthChecks -collection_url_key: 'items' -has_self_link: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionHealthChecks' description: | Health Checks determine whether instances are responsive and able to do work. They are an important part of a comprehensive load balancing configuration, @@ -33,136 +26,128 @@ description: | continue to poll unhealthy instances. If an instance later responds successfully to some number of consecutive probes, it is marked healthy again and can receive new connections. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionHealthChecks' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/healthChecks' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + encoder: 'templates/terraform/encoders/health_check_type.tmpl' +custom_diff: + - 'healthCheckCustomizeDiff' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_tcp' + - name: 'region_health_check_tcp' primary_resource_id: 'tcp-region-health-check' vars: health_check_name: 'tcp-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_tcp_full' + - name: 'region_health_check_tcp_full' primary_resource_id: 'tcp-region-health-check' vars: health_check_name: 'tcp-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_ssl' + - name: 'region_health_check_ssl' primary_resource_id: 'ssl-region-health-check' vars: health_check_name: 'ssl-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_ssl_full' + - name: 'region_health_check_ssl_full' primary_resource_id: 'ssl-region-health-check' vars: health_check_name: 'ssl-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_http' + - name: 'region_health_check_http' primary_resource_id: 'http-region-health-check' vars: health_check_name: 'http-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_http_logs' + - name: 'region_health_check_http_logs' primary_resource_id: 'http-region-health-check' - min_version: beta + min_version: 'beta' vars: health_check_name: 'http-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_http_full' + - name: 'region_health_check_http_full' primary_resource_id: 'http-region-health-check' vars: health_check_name: 'http-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_https' + - name: 'region_health_check_https' primary_resource_id: 'https-region-health-check' vars: health_check_name: 'https-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_https_full' + - name: 'region_health_check_https_full' primary_resource_id: 'https-region-health-check' vars: health_check_name: 'https-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_http2' + - name: 'region_health_check_http2' primary_resource_id: 'http2-region-health-check' vars: health_check_name: 'http2-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_http2_full' + - name: 'region_health_check_http2_full' primary_resource_id: 'http2-region-health-check' vars: health_check_name: 'http2-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_grpc' + - name: 'region_health_check_grpc' primary_resource_id: 'grpc-region-health-check' vars: health_check_name: 'grpc-region-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_health_check_grpc_full' + - name: 'region_health_check_grpc_full' primary_resource_id: 'grpc-region-health-check' vars: health_check_name: 'grpc-region-health-check' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/health_check_type.erb -custom_diff: [ - 'healthCheckCustomizeDiff', -] parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'selfLink' - immutable: true + - name: 'region' + type: ResourceRef description: | The Region in which the created health check should reside. If it is not provided, the provider region is used. - default_from_api: true required: false - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' properties: - - !ruby/object:Api::Type::Integer - name: 'checkIntervalSec' + - name: 'checkIntervalSec' + type: Integer description: | How often (in seconds) to send a health check. The default value is 5 seconds. default_value: 5 - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. send_empty_value: true - - !ruby/object:Api::Type::Integer - name: 'healthyThreshold' + - name: 'healthyThreshold' + type: Integer description: | A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. default_value: 2 - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -171,136 +156,130 @@ properties: the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::Integer - name: 'unhealthyThreshold' + required: true + immutable: true + - name: 'unhealthyThreshold' + type: Integer description: | A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. default_value: 2 - - !ruby/object:Api::Type::Integer - name: 'timeoutSec' + - name: 'timeoutSec' + type: Integer description: | How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. default_value: 5 - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: |- The type of the health check. One of HTTP, HTTP2, HTTPS, TCP, or SSL. - values: - - :TCP - - :SSL - - :HTTP - - :HTTPS - - :HTTP2 output: true - - !ruby/object:Api::Type::NestedObject - name: 'httpHealthCheck' + enum_values: + - 'TCP' + - 'SSL' + - 'HTTP' + - 'HTTPS' + - 'HTTP2' + - name: 'httpHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'host' - at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - name: 'host' + type: String description: | The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'requestPath' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'requestPath' + type: String description: | The request path of the HTTP health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::String - name: 'response' - at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the HTTP health check request. The default value is 80. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - http_health_check.0.host - - http_health_check.0.request_path - - http_health_check.0.response - - http_health_check.0.port - - http_health_check.0.port_name - - http_health_check.0.proxy_header - - http_health_check.0.port_specification + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -316,116 +295,116 @@ properties: If not specified, HTTP health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'httpsHealthCheck' + at_least_one_of: + - 'http_health_check.0.host' + - 'http_health_check.0.request_path' + - 'http_health_check.0.response' + - 'http_health_check.0.port' + - 'http_health_check.0.port_name' + - 'http_health_check.0.proxy_header' + - 'http_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'httpsHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'host' - at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - name: 'host' + type: String description: | The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'requestPath' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'requestPath' + type: String description: | The request path of the HTTPS health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::String - name: 'response' - at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the HTTPS health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - https_health_check.0.host - - https_health_check.0.request_path - - https_health_check.0.response - - https_health_check.0.port - - https_health_check.0.port_name - - https_health_check.0.proxy_header - - https_health_check.0.port_specification + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -441,97 +420,98 @@ properties: If not specified, HTTPS health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'tcpHealthCheck' + at_least_one_of: + - 'https_health_check.0.host' + - 'https_health_check.0.request_path' + - 'https_health_check.0.response' + - 'https_health_check.0.port' + - 'https_health_check.0.port_name' + - 'https_health_check.0.proxy_header' + - 'https_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'tcpHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'request' - at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - name: 'request' + type: String description: | The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. - - !ruby/object:Api::Type::String - name: 'response' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the TCP health check request. The default value is 80. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - tcp_health_check.0.request - - tcp_health_check.0.response - - tcp_health_check.0.port - - tcp_health_check.0.port_name - - tcp_health_check.0.proxy_header - - tcp_health_check.0.port_specification + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -547,97 +527,97 @@ properties: If not specified, TCP health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'sslHealthCheck' + at_least_one_of: + - 'tcp_health_check.0.request' + - 'tcp_health_check.0.response' + - 'tcp_health_check.0.port' + - 'tcp_health_check.0.port_name' + - 'tcp_health_check.0.proxy_header' + - 'tcp_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'sslHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'request' - at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - name: 'request' + type: String description: | The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII. - - !ruby/object:Api::Type::String - name: 'response' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the SSL health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - ssl_health_check.0.request - - ssl_health_check.0.response - - ssl_health_check.0.port - - ssl_health_check.0.port_name - - ssl_health_check.0.proxy_header - - ssl_health_check.0.port_specification + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -653,116 +633,115 @@ properties: If not specified, SSL health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'http2HealthCheck' + at_least_one_of: + - 'ssl_health_check.0.request' + - 'ssl_health_check.0.response' + - 'ssl_health_check.0.port' + - 'ssl_health_check.0.port_name' + - 'ssl_health_check.0.proxy_header' + - 'ssl_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'http2HealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::String - name: 'host' - at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - name: 'host' + type: String description: | The value of the host header in the HTTP2 health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. - - !ruby/object:Api::Type::String - name: 'requestPath' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'requestPath' + type: String description: | The request path of the HTTP2 health check request. The default value is /. - default_value: '/' - - !ruby/object:Api::Type::String - name: 'response' - at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "/" + - name: 'response' + type: String description: | The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII. - - !ruby/object:Api::Type::Integer - name: 'port' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'port' + type: Integer description: | The TCP port number for the HTTP2 health check request. The default value is 443. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::Enum - name: 'portSpecification' - at_least_one_of: - - http2_health_check.0.host - - http2_health_check.0.request_path - - http2_health_check.0.response - - http2_health_check.0.port - - http2_health_check.0.port_name - - http2_health_check.0.proxy_header - - http2_health_check.0.port_specification + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -778,49 +757,52 @@ properties: If not specified, HTTP2 health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::NestedObject - name: 'grpcHealthCheck' + at_least_one_of: + - 'http2_health_check.0.host' + - 'http2_health_check.0.request_path' + - 'http2_health_check.0.response' + - 'http2_health_check.0.port' + - 'http2_health_check.0.port_name' + - 'http2_health_check.0.proxy_header' + - 'http2_health_check.0.port_specification' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcHealthCheck' + type: NestedObject exactly_one_of: - - http_health_check - - https_health_check - - http2_health_check - - tcp_health_check - - ssl_health_check - - grpc_health_check + - 'http_health_check' + - 'https_health_check' + - 'http2_health_check' + - 'tcp_health_check' + - 'ssl_health_check' + - 'grpc_health_check' diff_suppress_func: 'portDiffSuppress' properties: - - !ruby/object:Api::Type::Integer - name: 'port' - at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + - name: 'port' + type: Integer description: | The port number for the health check request. Must be specified if portName and portSpecification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. - - !ruby/object:Api::Type::String - name: 'portName' at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portName' + type: String description: | Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. - - !ruby/object:Api::Type::Enum - name: 'portSpecification' at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'portSpecification' + type: Enum description: | Specifies how port is selected for health checking, can be one of the following values: @@ -836,17 +818,17 @@ properties: If not specified, gRPC health check follows behavior specified in `port` and `portName` fields. - values: - - :USE_FIXED_PORT - - :USE_NAMED_PORT - - :USE_SERVING_PORT - - !ruby/object:Api::Type::String - name: 'grpcServiceName' - at_least_one_of: - - grpc_health_check.0.port - - grpc_health_check.0.port_name - - grpc_health_check.0.port_specification - - grpc_health_check.0.grpc_service_name + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + enum_values: + - 'USE_FIXED_PORT' + - 'USE_NAMED_PORT' + - 'USE_SERVING_PORT' + - name: 'grpcServiceName' + type: String description: | The gRPC service name for the health check. The value of grpcServiceName has the following meanings by convention: @@ -855,15 +837,20 @@ properties: * Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. The grpcServiceName can only be ASCII. - - !ruby/object:Api::Type::NestedObject - name: 'logConfig' + at_least_one_of: + - 'grpc_health_check.0.port' + - 'grpc_health_check.0.port_name' + - 'grpc_health_check.0.port_specification' + - 'grpc_health_check.0.grpc_service_name' + - name: 'logConfig' + type: NestedObject description: | Configure logging on this health check. default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/health_check_log_config.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/health_check_log_config.go.tmpl' properties: - - !ruby/object:Api::Type::Boolean - name: 'enable' + - name: 'enable' + type: Boolean description: | Indicates whether or not to export logs. This is false by default, which means no health check logging will be done. diff --git a/mmv1/products/compute/RegionInstanceGroupManager.yaml b/mmv1/products/compute/RegionInstanceGroupManager.yaml index 6d2dbc03f915..c80b73a6c148 100644 --- a/mmv1/products/compute/RegionInstanceGroupManager.yaml +++ b/mmv1/products/compute/RegionInstanceGroupManager.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionInstanceGroupManager' kind: 'compute#instanceGroupManager' -base_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers -collection_url_key: 'items' -has_self_link: true description: | Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create @@ -26,63 +23,69 @@ description: | verify the status of the individual instances. A managed instance group can have up to 1000 VM instances per group. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +exclude: true +docs: +base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -exclude: true +collection_url_key: 'items' +custom_code: parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: 'The region the managed instance group resides.' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'baseInstanceName' + - name: 'baseInstanceName' + type: String description: | The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035. required: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: | The creation timestamp for this managed instance group in RFC3339 text format. output: true - - !ruby/object:Api::Type::NestedObject - name: 'currentActions' + - name: 'currentActions' + type: NestedObject description: | The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions. + output: true properties: - - !ruby/object:Api::Type::Integer - name: 'abandoning' + - name: 'abandoning' + type: Integer description: | The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it. output: true - - !ruby/object:Api::Type::Integer - name: 'creating' + - name: 'creating' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the @@ -93,28 +96,28 @@ properties: populated; instead, the creatingWithoutRetries field will be populated. output: true - - !ruby/object:Api::Type::Integer - name: 'creatingWithoutRetries' + - name: 'creatingWithoutRetries' + type: Integer description: | The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly. output: true - - !ruby/object:Api::Type::Integer - name: 'deleting' + - name: 'deleting' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted. output: true - - !ruby/object:Api::Type::Integer - name: 'none' + - name: 'none' + type: Integer description: | The number of instances in the managed instance group that are running and have no scheduled actions. output: true - - !ruby/object:Api::Type::Integer - name: 'recreating' + - name: 'recreating' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. @@ -122,103 +125,105 @@ properties: and creates a new disk from the image that is defined in the instance template. output: true - - !ruby/object:Api::Type::Integer - name: 'refreshing' + - name: 'refreshing' + type: Integer description: | The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance. output: true - - !ruby/object:Api::Type::Integer - name: 'restarting' + - name: 'restarting' + type: Integer description: | The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted. output: true - output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. immutable: true # fingerprint ignored as it is an internal locking detail - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'A unique identifier for this resource' output: true - - !ruby/object:Api::Type::ResourceRef - name: 'instanceGroup' - resource: 'InstanceGroup' - imports: 'selfLink' + - name: 'instanceGroup' + type: ResourceRef description: 'The instance group being managed' output: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'instanceTemplate' - resource: 'InstanceTemplate' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'InstanceGroup' imports: 'selfLink' + - name: 'instanceTemplate' + type: ResourceRef description: | The instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. required: true # kind is internal transport detail - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'name' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'InstanceTemplate' + imports: 'selfLink' + - name: 'name' + type: String description: | The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035. required: true # TODO(nelsonjr): Make namedPorts a NameValue(name[string], port[integer]) - - !ruby/object:Api::Type::Array - name: 'namedPorts' + - name: 'namedPorts' + type: Array description: Named ports configured for the Instance Groups complementary to this Instance Group Manager. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name for this named port. The name must be 1-63 characters long, and comply with RFC1035. - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: The port number, which can be a value between 1 and 65535. - - !ruby/object:Api::Type::Array - name: 'targetPools' + - name: 'targetPools' + type: Array description: | TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group. - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'targetPool' + type: ResourceRef description: 'The targetPool to receive managed instances.' resource: 'TargetPool' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'targetSize' + - name: 'targetSize' + type: Integer description: | The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number. - - !ruby/object:Api::Type::Array - name: 'autoHealingPolicies' + - name: 'autoHealingPolicies' + type: Array description: | The autohealing policy for this managed instance group - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'healthCheck' + - name: 'healthCheck' + type: String description: | The URL for the health check that signals autohealing. - - !ruby/object:Api::Type::Integer - name: 'initialDelaySec' + - name: 'initialDelaySec' + type: Integer description: | The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances diff --git a/mmv1/products/compute/RegionNetworkEndpoint.yaml b/mmv1/products/compute/RegionNetworkEndpoint.yaml index 06d2473e4691..eaa29f307f11 100644 --- a/mmv1/products/compute/RegionNetworkEndpoint.yaml +++ b/mmv1/products/compute/RegionNetworkEndpoint.yaml @@ -11,143 +11,142 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionNetworkEndpoint' kind: 'compute#networkEndpoint' -base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}' description: | A Region network endpoint represents a IP address/FQDN and port combination that is part of a specific network endpoint group (NEG). ~> **NOTE**: Network endpoints cannot be created outside of a network endpoint group. -immutable: true -create_verb: :POST -create_url: projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/attachNetworkEndpoints -delete_verb: :POST -delete_url: projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/detachNetworkEndpoints -read_verb: :POST -self_link: projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/listNetworkEndpoints -identity: - - ipAddress - - fqdn - - port -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - items -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{region}}/{{region_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' +base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}' +self_link: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/listNetworkEndpoints' +create_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/attachNetworkEndpoints' +read_verb: 'POST' +delete_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/detachNetworkEndpoints' +delete_verb: 'POST' +immutable: true +mutex: 'networkEndpoint/{{project}}/{{region}}/{{region_network_endpoint_group}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{region}}/{{region_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' -mutex: networkEndpoint/{{project}}/{{region}}/{{region_network_endpoint_group}} +identity: + - ipAddress + - fqdn + - port +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_region_network_endpoint.go.tmpl' + decoder: 'templates/terraform/decoders/network_endpoint.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_region_network_endpoint.go.tmpl' + custom_import: 'templates/terraform/custom_import/compute_region_network_endpoint.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_internet_ip_port' + - name: 'region_network_endpoint_internet_ip_port' primary_resource_id: 'region-internet-ip-port-endpoint' vars: neg_name: 'ip-port-neg' network_name: 'network' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_internet_fqdn_port' + - name: 'region_network_endpoint_internet_fqdn_port' primary_resource_id: 'region-internet-fqdn-port-endpoint' vars: neg_name: 'fqdn-port-neg' network_name: 'network' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_portmap' + - name: 'region_network_endpoint_portmap' primary_resource_id: 'region_network_endpoint_portmap' min_version: 'beta' - # Fine-grained resource need different autogenerated tests, as - # we need to check destroy during a test step where the parent resource - # still exists, rather than during CheckDestroy (when read returns - # nothing because the parent resource has then also been destroyed) - skip_test: true vars: network_name: 'network' subnetwork_name: 'subnetwork' instance_name: 'instance' neg_name: 'portmap-neg' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_delete: templates/terraform/pre_delete/compute_region_network_endpoint.go.erb - custom_import: templates/terraform/custom_import/compute_region_network_endpoint.go.erb - decoder: templates/terraform/decoders/network_endpoint.go.erb - encoder: templates/terraform/encoders/compute_region_network_endpoint.go.erb + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | Region where the containing network endpoint group is located. - required: false url_param_only: true - default_from_api: true + required: false ignore_read: true - - !ruby/object:Api::Type::ResourceRef - name: 'regionNetworkEndpointGroup' - resource: 'RegionNetworkEndpointGroup' + default_from_api: true + resource: 'Region' imports: 'name' + - name: 'regionNetworkEndpointGroup' + type: ResourceRef description: | The network endpoint group this endpoint is part of. - required: true url_param_only: true + required: true ignore_read: true - diff_suppress_func: tpgresource.CompareResourceNames + diff_suppress_func: 'tpgresource.CompareResourceNames' + resource: 'RegionNetworkEndpointGroup' + imports: 'name' properties: - - !ruby/object:Api::Type::Integer - name: 'port' + - name: 'port' + type: Integer description: | Port number of network endpoint. required: true - custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb - validation: !ruby/object:Provider::Terraform::Validation + custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' + validation: function: 'validation.IntAtLeast(1)' - - !ruby/object:Api::Type::String - name: 'ipAddress' + - name: 'ipAddress' + type: String description: | IPv4 address external endpoint. This can only be specified when network_endpoint_type of the NEG is INTERNET_IP_PORT. - - !ruby/object:Api::Type::String - name: 'fqdn' - at_least_one_of: - - fqdn - - ip_address + - name: 'fqdn' + type: String description: | Fully qualified domain name of network endpoint. This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. - - !ruby/object:Api::Type::Integer - name: 'clientDestinationPort' - custom_flatten: templates/terraform/custom_flatten/float64_to_int.go.erb + at_least_one_of: + - 'fqdn' + - 'ip_address' + - name: 'clientDestinationPort' + type: Integer description: | Client destination port for the `GCE_VM_IP_PORTMAP` NEG. min_version: 'beta' - - !ruby/object:Api::Type::ResourceRef - name: 'instance' - resource: 'Instance' - imports: 'name' - min_version: 'beta' + custom_flatten: 'templates/terraform/custom_flatten/float64_to_int.go.tmpl' + - name: 'instance' + type: ResourceRef description: | The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORTMAP. + resource: 'Instance' + imports: 'name' + min_version: 'beta' diff --git a/mmv1/products/compute/RegionNetworkEndpointGroup.yaml b/mmv1/products/compute/RegionNetworkEndpointGroup.yaml index ab0ef684803a..bbff58495400 100644 --- a/mmv1/products/compute/RegionNetworkEndpointGroup.yaml +++ b/mmv1/products/compute/RegionNetworkEndpointGroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,18 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionNetworkEndpointGroup' kind: 'compute#networkEndpointGroup' -base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups' -immutable: true -has_self_link: true -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Serverless NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/serverless-neg-concepts' - 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' description: | A regional NEG that can support Serverless Products, proxying traffic to external backends and providing traffic to the PSC port mapping endpoints. @@ -30,27 +21,37 @@ description: | Recreating a region network endpoint group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` to avoid this type of error. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Serverless NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/serverless-neg-concepts' + 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_functions' + - name: 'region_network_endpoint_group_functions' primary_resource_id: 'function_neg' vars: neg_name: 'function-neg' @@ -58,29 +59,24 @@ examples: bucket_name: 'cloudfunctions-function-example-bucket' zip_path: 'path/to/index.zip' test_vars_overrides: - zip_path: 'acctest.CreateZIPArchiveForCloudFunctionSource(t, "./test-fixtures/http_trigger.js")' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_cloudrun' + 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, "./test-fixtures/http_trigger.js")' + - name: 'region_network_endpoint_group_cloudrun' primary_resource_id: 'cloudrun_neg' vars: neg_name: 'cloudrun-neg' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_appengine' + - name: 'region_network_endpoint_group_appengine' primary_resource_id: 'appengine_neg' vars: neg_name: 'appengine-neg' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_appengine_empty' + - name: 'region_network_endpoint_group_appengine_empty' primary_resource_id: 'appengine_neg' vars: neg_name: 'appengine-neg' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_psc' + - name: 'region_network_endpoint_group_psc' primary_resource_id: 'psc_neg' vars: neg_name: 'psc-neg' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_psc_service_attachment' + - name: 'region_network_endpoint_group_psc_service_attachment' primary_resource_id: 'psc_neg_service_attachment' vars: neg_name: 'psc-neg' @@ -91,20 +87,17 @@ examples: forwarding_rule_name: 'psc-forwarding-rule' service_attachment_name: 'psc-service-attachment' health_check_name: 'psc-healthcheck' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_internet_ip_port' + - name: 'region_network_endpoint_group_internet_ip_port' primary_resource_id: 'region_network_endpoint_group_internet_ip_port' vars: neg_name: 'ip-port-neg' network_name: 'network' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_internet_fqdn_port' + - name: 'region_network_endpoint_group_internet_fqdn_port' primary_resource_id: 'region_network_endpoint_group_internet_fqdn_port' vars: neg_name: 'ip-port-neg' network_name: 'network' - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_endpoint_group_portmap' + - name: 'region_network_endpoint_group_portmap' primary_resource_id: 'region_network_endpoint_group_portmap' min_version: 'beta' vars: @@ -112,17 +105,17 @@ examples: subnetwork_name: 'subnetwork' neg_name: 'portmap-neg' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | A reference to the region where the regional NEGs reside. required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -132,82 +125,79 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Enum - name: 'networkEndpointType' + - name: 'networkEndpointType' + type: Enum description: | Type of network endpoints in this network endpoint group. Defaults to SERVERLESS. - values: - - :SERVERLESS - - :PRIVATE_SERVICE_CONNECT - - :INTERNET_IP_PORT - - :INTERNET_FQDN_PORT - - :GCE_VM_IP_PORTMAP - default_value: :SERVERLESS - - !ruby/object:Api::Type::String - name: 'pscTargetService' + default_value: "SERVERLESS" + enum_values: + - 'SERVERLESS' + - 'PRIVATE_SERVICE_CONNECT' + - 'INTERNET_IP_PORT' + - 'INTERNET_FQDN_PORT' + - 'GCE_VM_IP_PORTMAP' + - name: 'pscTargetService' + type: String description: | This field is only used for PSC and INTERNET NEGs. The target service url used to set up private service connection to a Google API or a PSC Producer Service Attachment. - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | This field is only used for PSC and INTERNET NEGs. The URL of the network to which all network endpoints in the NEG belong. Uses "default" project network if unspecified. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'subnetwork' - resource: 'Subnetwork' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' imports: 'selfLink' + - name: 'subnetwork' + type: ResourceRef description: | This field is only used for PSC NEGs. Optional URL of the subnetwork to which all network endpoints in the NEG belong. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'cloudRun' - conflicts: - - cloud_function - - app_engine - - serverless_deployment + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'cloudRun' + type: NestedObject description: | This field is only used for SERVERLESS NEGs. Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. + conflicts: + - cloud_function + - app_engine + - serverless_deployment properties: - - !ruby/object:Api::Type::String - name: 'service' - at_least_one_of: - - cloud_run.0.service - - cloud_run.0.url_mask + - name: 'service' + type: String description: | Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service". - - !ruby/object:Api::Type::String - name: 'tag' + at_least_one_of: + - 'cloud_run.0.service' + - 'cloud_run.0.url_mask' + - name: 'tag' + type: String description: | Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010". - - !ruby/object:Api::Type::String - name: 'urlMask' - at_least_one_of: - - cloud_run.0.service - - cloud_run.0.url_mask + - name: 'urlMask' + type: String description: | A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having @@ -217,33 +207,36 @@ properties: an be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively. - - !ruby/object:Api::Type::NestedObject - name: 'appEngine' - conflicts: - - cloud_run - - cloud_function - - serverless_deployment - allow_empty_object: true - send_empty_value: true + at_least_one_of: + - 'cloud_run.0.service' + - 'cloud_run.0.url_mask' + - name: 'appEngine' + type: NestedObject description: | This field is only used for SERVERLESS NEGs. Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. + send_empty_value: true + allow_empty_object: true + conflicts: + - cloud_run + - cloud_function + - serverless_deployment properties: - - !ruby/object:Api::Type::String - name: 'service' + - name: 'service' + type: String description: | Optional serving service. The service name must be 1-63 characters long, and comply with RFC1035. Example value: "default", "my-service". - - !ruby/object:Api::Type::String - name: 'version' + - name: 'version' + type: String description: | Optional serving version. The version must be 1-63 characters long, and comply with RFC1035. Example value: "v1", "v2". - - !ruby/object:Api::Type::String - name: 'urlMask' + - name: 'urlMask' + type: String description: | A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without @@ -253,31 +246,28 @@ properties: "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively. - - !ruby/object:Api::Type::NestedObject - name: 'cloudFunction' - conflicts: - - cloud_run - - app_engine - - serverless_deployment + - name: 'cloudFunction' + type: NestedObject description: | This field is only used for SERVERLESS NEGs. Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. + conflicts: + - cloud_run + - app_engine + - serverless_deployment properties: - - !ruby/object:Api::Type::String - name: 'function' - at_least_one_of: - - cloud_function.0.function - - cloud_function.0.url_mask + - name: 'function' + type: String description: | A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1". - - !ruby/object:Api::Type::String - name: 'urlMask' at_least_one_of: - - cloud_function.0.function - - cloud_function.0.url_mask + - 'cloud_function.0.function' + - 'cloud_function.0.url_mask' + - name: 'urlMask' + type: String description: | A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create @@ -286,23 +276,25 @@ properties: For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively. - - !ruby/object:Api::Type::NestedObject - name: 'serverlessDeployment' - min_version: beta - conflicts: - - cloud_run - - cloud_function - - app_engine - allow_empty_object: true - send_empty_value: true + at_least_one_of: + - 'cloud_function.0.function' + - 'cloud_function.0.url_mask' + - name: 'serverlessDeployment' + type: NestedObject description: | This field is only used for SERVERLESS NEGs. Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set. + min_version: 'beta' + send_empty_value: true + allow_empty_object: true + conflicts: + - cloud_run + - cloud_function + - app_engine properties: - - !ruby/object:Api::Type::String - name: 'platform' - required: true + - name: 'platform' + type: String # Docs (https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups) say support is offered for: # API Gateway: apigateway.googleapis.com, App Engine: appengine.googleapis.com, # Cloud Functions: cloudfunctions.googleapis.com, Cloud Run: run.googleapis.com @@ -310,22 +302,23 @@ properties: description: | The platform of the NEG backend target(s). Possible values: API Gateway: apigateway.googleapis.com - - !ruby/object:Api::Type::String - name: 'resource' + required: true + - name: 'resource' + type: String description: | The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name, Cloud Functions: The function name, Cloud Run: The service name - - !ruby/object:Api::Type::String - name: 'version' + - name: 'version' + type: String description: | The optional resource version. The version identified by this value is platform-specific and is follows: API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag - - !ruby/object:Api::Type::String - name: 'urlMask' - required: false + - name: 'urlMask' + type: String description: | A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID, App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag + required: false diff --git a/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml b/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml index 776a35674dce..13dfcebdcaeb 100644 --- a/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml +++ b/mmv1/products/compute/RegionNetworkFirewallPolicy.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,76 +11,77 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: RegionNetworkFirewallPolicy -base_url: projects/{{project}}/regions/{{region}}/firewallPolicies -create_url: projects/{{project}}/regions/{{region}}/firewallPolicies -self_link: projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}} -update_verb: :PATCH +--- +name: 'RegionNetworkFirewallPolicy' description: "The Compute NetworkFirewallPolicy resource" -legacy_long_form_project: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +self_link: 'projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: +legacy_long_form_project: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_network_firewall_policy_full' + - name: 'region_network_firewall_policy_full' primary_resource_id: 'policy' vars: policy_name: 'tf-test-policy' parameters: - - !ruby/object:Api::Type::String - name: region + - name: 'region' + type: String description: The region of this resource. url_param_only: true - default_from_api: true immutable: true + default_from_api: true properties: - - !ruby/object:Api::Type::String - name: creationTimestamp + - name: 'creationTimestamp' + type: String description: Creation timestamp in RFC3339 text format. output: true - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true immutable: true - - !ruby/object:Api::Type::String - name: regionNetworkFirewallPolicyId + - name: 'regionNetworkFirewallPolicyId' + type: String description: The unique identifier for the resource. This identifier is defined by the server. - output: true api_name: id - - !ruby/object:Api::Type::String - name: description + output: true + - name: 'description' + type: String description: An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Fingerprint - name: fingerprint + - name: 'fingerprint' + type: Fingerprint description: Fingerprint of the resource. This field is used internally during updates of this resource. output: true - - !ruby/object:Api::Type::String - name: selfLink + - name: 'selfLink' + type: String description: Server-defined URL for the resource. output: true - - !ruby/object:Api::Type::String - name: selfLinkWithId + - name: 'selfLinkWithId' + type: String description: Server-defined URL for this resource with the resource id. output: true - - !ruby/object:Api::Type::Integer - name: ruleTupleCount + - name: 'ruleTupleCount' + type: Integer description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. output: true diff --git a/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml new file mode 100644 index 000000000000..f9a8100f09e1 --- /dev/null +++ b/mmv1/products/compute/RegionNetworkFirewallPolicyWithRules.yaml @@ -0,0 +1,677 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'RegionNetworkFirewallPolicyWithRules' +description: "The Compute NetworkFirewallPolicy with rules resource" +min_version: 'beta' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +self_link: 'projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + encoder: 'templates/terraform/encoders/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + decoder: 'templates/terraform/decoders/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' + post_create: 'templates/terraform/post_create/resource_compute_region_network_firewall_policy_with_rules.go.tmpl' +legacy_long_form_project: true +examples: + - name: 'compute_region_network_firewall_policy_with_rules_full' + primary_resource_id: 'region-network-firewall-policy-with-rules' + vars: + policy_name: 'tf-region-fw-policy-with-rules' + address_group_name: 'tf-address-group' + tag_key_name: 'tf-tag-key' + tag_value_name: 'tf-tag-value' + test_env_vars: + org_id: 'ORG_ID' +parameters: + - name: 'region' + type: String + description: The region of this resource. + min_version: 'beta' + url_param_only: true + immutable: true + default_from_api: true +properties: + - name: 'creationTimestamp' + type: String + description: Creation timestamp in RFC3339 text format. + min_version: 'beta' + output: true + - name: 'name' + type: String + description: | + User-provided name of the Network firewall policy. + The name should be unique in the project in which the firewall policy is created. + The name must be 1-63 characters long, and comply with RFC1035. Specifically, + the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? + which means the first character must be a lowercase letter, and all following characters must be a dash, + lowercase letter, or digit, except the last character, which cannot be a dash. + min_version: 'beta' + required: true + immutable: true + - name: 'networkFirewallPolicyId' + type: String + description: The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' + output: true + - name: 'description' + type: String + description: An optional description of this resource. + min_version: 'beta' + - name: 'rule' + type: Array + description: A list of firewall policy rules. + api_name: rules + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + required: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + required: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + required: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + required: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + item_type: + type: String + - name: 'srcSecureTag' + type: Array + description: | + List of secure tag values, which should be matched at the source + of the traffic. + For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, + and there is no srcIpRange, this rule will be ignored. + Maximum number of source tag values allowed is 256. + api_name: srcSecureTags + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array + description: | + A list of secure tags that controls which instances the firewall rule + applies to. If targetSecureTag are specified, then the + firewall rule applies only to instances in the VPC network that have one + of those EFFECTIVE secure tags, if all the target_secure_tag are in + INEFFECTIVE state, then this rule will be ignored. + targetSecureTag may not be set at the same time as + targetServiceAccounts. + If neither targetServiceAccounts nor + targetSecureTag are specified, the firewall rule applies + to all instances on the specified network. + Maximum number of target label tags allowed is 256. + api_name: targetSecureTags + min_version: 'beta' + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + required: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + - name: 'predefinedRules' + type: Array + description: A list of firewall policy pre-defined rules. + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'description' + type: String + description: | + A description of the rule. + min_version: 'beta' + output: true + - name: 'ruleName' + type: String + description: | + An optional name for the rule. This field is not a unique identifier + and can be updated. + min_version: 'beta' + output: true + - name: 'priority' + type: Integer + description: | + An integer indicating the priority of a rule in the list. The priority must be a value + between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the + highest priority and 2147483647 is the lowest priority. + min_version: 'beta' + output: true + - name: 'match' + type: NestedObject + description: + A match condition that incoming traffic is evaluated against. If it + evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' + output: true + properties: + - name: 'srcIpRanges' + type: Array + description: | + Source IP address range in CIDR format. Required for + INGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destIpRanges' + type: Array + description: | + Destination IP address range in CIDR format. Required for + EGRESS rules. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic source. + Maximum number of source address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destAddressGroups' + type: Array + description: | + Address groups which should be matched against the traffic destination. + Maximum number of destination address groups is 10. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic source. Maximum number of source fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destFqdns' + type: Array + description: | + Fully Qualified Domain Name (FQDN) which should be matched against + traffic destination. Maximum number of destination fqdn allowed is 100. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for source + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of source region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destRegionCodes' + type: Array + description: | + Region codes whose IP addresses will be used to match for destination + of traffic. Should be specified as 2 letter country code defined as per + ISO 3166 alpha-2 country codes. ex."US" + Maximum number of destination region codes allowed is 5000. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic source. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'destThreatIntelligences' + type: Array + description: | + Names of Network Threat Intelligence lists. + The IPs in these lists will be matched against traffic destination. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'layer4Config' + type: Array + description: | + Pairs of IP protocols and ports that the rule should match. + api_name: layer4Configs + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'ipProtocol' + type: String + description: | + The IP protocol to which this rule applies. The protocol + type is required when creating a firewall rule. + This value can either be one of the following well + known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), + or the IP protocol number. + min_version: 'beta' + output: true + - name: 'ports' + type: Array + description: | + An optional list of ports to which this rule applies. This field + is only applicable for UDP or TCP protocol. Each entry must be + either an integer or a range. If not specified, this rule + applies to connections through any port. + Example inputs include: ["22"], ["80","443"], and + ["12345-12349"]. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'srcSecureTag' + type: Array + description: | + List of secure tag values, which should be matched at the source + of the traffic. + For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, + and there is no srcIpRange, this rule will be ignored. + Maximum number of source tag values allowed is 256. + api_name: srcSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + output: true + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'targetSecureTag' + type: Array + description: | + A list of secure tags that controls which instances the firewall rule + applies to. If targetSecureTag are specified, then the + firewall rule applies only to instances in the VPC network that have one + of those EFFECTIVE secure tags, if all the target_secure_tag are in + INEFFECTIVE state, then this rule will be ignored. + targetSecureTag may not be set at the same time as + targetServiceAccounts. + If neither targetServiceAccounts nor + targetSecureTag are specified, the firewall rule applies + to all instances on the specified network. + Maximum number of target label tags allowed is 256. + api_name: targetSecureTags + min_version: 'beta' + output: true + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + Name of the secure tag, created with TagManager's TagValue API. + @pattern tagValues/[0-9]+ + min_version: 'beta' + output: true + - name: 'state' + type: Enum + description: | + [Output Only] State of the secure tag, either `EFFECTIVE` or + `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted + or its network is deleted. + min_version: 'beta' + output: true + enum_values: + - 'EFFECTIVE' + - 'INEFFECTIVE' + - name: 'action' + type: String + description: | + The Action to perform when the client connection triggers the rule. Can currently be either + "allow", "deny", "apply_security_profile_group" or "goto_next". + min_version: 'beta' + output: true + - name: 'direction' + type: Enum + description: | + The direction in which this rule applies. If unspecified an INGRESS rule is created. + min_version: 'beta' + output: true + enum_values: + - 'INGRESS' + - 'EGRESS' + - name: 'enableLogging' + type: Boolean + description: | + Denotes whether to enable logging for a particular rule. + If logging is enabled, logs will be exported to the + configured export destination in Stackdriver. + min_version: 'beta' + output: true + send_empty_value: true + - name: 'targetServiceAccounts' + type: Array + description: | + A list of service accounts indicating the sets of + instances that are applied with this rule. + min_version: 'beta' + output: true + item_type: + type: String + - name: 'securityProfileGroup' + type: String + description: | + A fully-qualified URL of a SecurityProfile resource instance. + Example: + https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group + Must be specified if action is 'apply_security_profile_group'. + min_version: 'beta' + output: true + - name: 'tlsInspect' + type: Boolean + description: | + Boolean flag indicating if the traffic should be TLS decrypted. + It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. + min_version: 'beta' + output: true + - name: 'disabled' + type: Boolean + description: | + Denotes whether the firewall policy rule is disabled. When set to true, + the firewall policy rule is not enforced and traffic behaves as if it did + not exist. If this is unspecified, the firewall policy rule will be + enabled. + min_version: 'beta' + output: true + - name: 'fingerprint' + type: Fingerprint + description: Fingerprint of the resource. This field is used internally during updates of this resource. + min_version: 'beta' + output: true + - name: 'selfLink' + type: String + description: Server-defined URL for the resource. + min_version: 'beta' + output: true + - name: 'selfLinkWithId' + type: String + description: Server-defined URL for this resource with the resource id. + min_version: 'beta' + output: true + - name: 'ruleTupleCount' + type: Integer + description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. + min_version: 'beta' + output: true diff --git a/mmv1/products/compute/RegionPerInstanceConfig.yaml b/mmv1/products/compute/RegionPerInstanceConfig.yaml index 2aa525362005..9d0a6340a5ab 100644 --- a/mmv1/products/compute/RegionPerInstanceConfig.yaml +++ b/mmv1/products/compute/RegionPerInstanceConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,68 +11,72 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionPerInstanceConfig' -base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}' description: | A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name across instance group manager operations and can define stateful disks or metadata that are unique to the instance. This resource works with regional instance group managers. -create_verb: :POST -create_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/createInstances -update_verb: :POST -update_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/updatePerInstanceConfigs -delete_verb: :POST -delete_url: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/deletePerInstanceConfigs -read_verb: :POST -self_link: projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/listPerInstanceConfigs -identity: - - name -nested_query: !ruby/object:Api::Resource::NestedQuery - keys: - - items -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{region}}/{{region_instance_group_manager}}/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}' +self_link: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/listPerInstanceConfigs' +create_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/createInstances' +update_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/updatePerInstanceConfigs' +update_verb: 'POST' +read_verb: 'POST' +delete_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/deletePerInstanceConfigs' +delete_verb: 'POST' +mutex: 'instanceGroupManager/{{project}}/{{region}}/{{region_instance_group_manager}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{region}}/{{region_instance_group_manager}}/{{name}}' -mutex: instanceGroupManager/{{project}}/{{region}}/{{region_instance_group_manager}} +identity: + - name +nested_query: + keys: + - items + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/compute_per_instance_config.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/compute_per_instance_config.go.tmpl' + post_update: 'templates/terraform/post_update/compute_region_per_instance_config.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/region_per_instance_config.go.tmpl' exclude_tgc: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'stateful_rigm' - primary_resource_id: - 'stateful-instance' - # Fine-grained resource need different autogenerated tests, as - # we need to check destroy during a test step where the parent resource - # still exists, rather than during CheckDestroy (when read returns - # nothing because the parent resource has then also been destroyed) - skip_test: true + - name: 'stateful_rigm' + primary_resource_id: 'stateful-instance' vars: template_name: 'my-template' igm_name: 'my-rigm' disk_name: 'my-disk-name' + # Fine-grained resource need different autogenerated tests, as + # we need to check destroy during a test step where the parent resource + # still exists, rather than during CheckDestroy (when read returns + # nothing because the parent resource has then also been destroyed) + exclude_test: true virtual_fields: - - !ruby/object:Api::Type::String - name: 'minimal_action' + - name: 'minimal_action' description: | The minimal action to perform on the instance during an update. Default is `NONE`. Possible values are: @@ -80,9 +84,9 @@ virtual_fields: * RESTART * REFRESH * NONE - default_value: NONE - - !ruby/object:Api::Type::String - name: 'most_disruptive_allowed_action' + type: String + default_value: "NONE" + - name: 'most_disruptive_allowed_action' description: | The most disruptive action to perform on the instance during an update. Default is `REPLACE`. Possible values are: @@ -90,160 +94,156 @@ virtual_fields: * RESTART * REFRESH * NONE - default_value: REPLACE - - !ruby/object:Api::Type::Boolean - name: 'remove_instance_on_destroy' - conflicts: - - remove_instance_state_on_destroy + type: String + default_value: "REPLACE" + - name: 'remove_instance_on_destroy' description: | When true, deleting this config will immediately remove the underlying instance. When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. + type: Boolean default_value: false - - !ruby/object:Api::Type::Boolean - name: 'remove_instance_state_on_destroy' - conflicts: - - remove_instance_on_destroy + - name: 'remove_instance_state_on_destroy' description: | When true, deleting this config will immediately remove any specified state from the underlying instance. When false, deleting this config will *not* immediately remove any state from the underlying instance. State will be removed on the next instance recreation or update. + type: Boolean default_value: false -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/compute_per_instance_config.go.erb - update_encoder: templates/terraform/update_encoder/compute_per_instance_config.go.erb - post_update: templates/terraform/post_update/compute_region_per_instance_config.go.erb - custom_delete: templates/terraform/custom_delete/region_per_instance_config.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | Region where the containing instance group manager is located - required: false url_param_only: true + required: false immutable: true ignore_read: true default_from_api: true - - !ruby/object:Api::Type::ResourceRef - name: 'regionInstanceGroupManager' - resource: 'RegionInstanceGroupManager' + resource: 'Region' imports: 'name' + - name: 'regionInstanceGroupManager' + type: ResourceRef description: | The region instance group manager this instance config is part of. - required: true url_param_only: true + required: true immutable: true + resource: 'RegionInstanceGroupManager' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name for this per-instance config and its corresponding instance. required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'preservedState' + - name: 'preservedState' + type: NestedObject description: 'The preserved state for this instance.' - update_verb: :POST properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'metadata' + - name: 'metadata' + type: KeyValuePairs description: | Preserved metadata defined for this instance. This is a list of key->value pairs. - - !ruby/object:Api::Type::Array - name: 'disk' - api_name: disks + - name: 'disk' + type: Array description: | Stateful disks for the instance. + api_name: disks is_set: true - custom_flatten: templates/terraform/custom_flatten/preserved_state_disks.go.erb - custom_expand: templates/terraform/custom_expand/preserved_state_disks.go.erb - item_type: !ruby/object:Api::Type::NestedObject + custom_flatten: 'templates/terraform/custom_flatten/preserved_state_disks.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/preserved_state_disks.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: deviceName - required: true + - name: 'deviceName' + type: String description: | A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. - - !ruby/object:Api::Type::String - name: source required: true + - name: 'source' + type: String description: | The URI of an existing persistent disk to attach under the specified device-name in the format `projects/project-id/zones/zone/disks/disk-name`. - - !ruby/object:Api::Type::Enum - name: mode + required: true + - name: 'mode' + type: Enum description: | The mode of the disk. - values: - - :READ_ONLY - - :READ_WRITE - default_value: :READ_WRITE - - !ruby/object:Api::Type::Enum - name: deleteRule + default_value: "READ_WRITE" + enum_values: + - 'READ_ONLY' + - 'READ_WRITE' + - name: 'deleteRule' + type: Enum description: | A value that prescribes what should happen to the stateful disk when the VM instance is deleted. The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently deleted from the instance group. - values: - - :NEVER - - :ON_PERMANENT_INSTANCE_DELETION - default_value: :NEVER - - !ruby/object:Api::Type::Map - name: 'internalIp' - api_name: internalIPs - key_name: 'interface_name' + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'internalIp' + type: Map description: | Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. - value_type: !ruby/object:Api::Type::NestedObject + api_name: internalIPs + key_name: 'interface_name' + value_type: + name: internalIp + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: autoDelete + - name: 'autoDelete' + type: Enum description: | These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - values: - - :NEVER - - :ON_PERMANENT_INSTANCE_DELETION - default_value: :NEVER - - !ruby/object:Api::Type::NestedObject - name: 'ipAddress' + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject description: | Ip address representation properties: - - !ruby/object:Api::Type::ResourceRef - name: 'address' - resource: 'Address' - imports: 'selfLink' + - name: 'address' + type: ResourceRef description: | The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Map - name: 'externalIp' - api_name: externalIPs - key_name: 'interface_name' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' + - name: 'externalIp' + type: Map description: | Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. - value_type: !ruby/object:Api::Type::NestedObject + api_name: externalIPs + key_name: 'interface_name' + value_type: + name: externalIp + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: autoDelete + - name: 'autoDelete' + type: Enum description: | These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - values: - - :NEVER - - :ON_PERMANENT_INSTANCE_DELETION - default_value: :NEVER - - !ruby/object:Api::Type::NestedObject - name: 'ipAddress' + default_value: "NEVER" + enum_values: + - 'NEVER' + - 'ON_PERMANENT_INSTANCE_DELETION' + - name: 'ipAddress' + type: NestedObject description: | Ip address representation properties: - - !ruby/object:Api::Type::ResourceRef - name: 'address' - resource: 'Address' - imports: 'selfLink' + - name: 'address' + type: ResourceRef description: | The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Address' + imports: 'selfLink' diff --git a/mmv1/products/compute/RegionSecurityPolicy.yaml b/mmv1/products/compute/RegionSecurityPolicy.yaml index 7bc1866b21cc..b41615004665 100644 --- a/mmv1/products/compute/RegionSecurityPolicy.yaml +++ b/mmv1/products/compute/RegionSecurityPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,168 +11,185 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionSecurityPolicy' -min_version: beta -base_url: projects/{{project}}/regions/{{region}}/securityPolicies -self_link: projects/{{project}}/regions/{{region}}/securityPolicies/{{name}} -update_verb: :PATCH -update_mask: true description: | Represents a Region Cloud Armor Security Policy resource. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/armor/docs/security-policy-concepts' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSecurityPolicies' -import_format: ['projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies' +self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_basic' + - name: 'region_security_policy_basic' primary_resource_id: 'region-sec-policy-basic' vars: sec_policy_name: 'my-sec-policy-basic' - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_with_ddos_protection_config' + - name: 'region_security_policy_with_ddos_protection_config' primary_resource_id: 'region-sec-policy-ddos-protection' vars: sec_policy_name: 'my-sec-policy-ddos-protection' - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_with_user_defined_fields' + - name: 'region_security_policy_with_user_defined_fields' primary_resource_id: 'region-sec-policy-user-defined-fields' vars: sec_policy_name: 'my-sec-policy-user-defined-fields' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - required: false - immutable: true + - name: 'region' + type: ResourceRef description: | The Region in which the created Region Security Policy should reside. If it is not provided, the provider region is used. + min_version: 'beta' + required: false + immutable: true default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'policyId' - api_name: 'id' + - name: 'policyId' + type: String description: | The unique identifier for the resource. This identifier is defined by the server. + api_name: id + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: 'name' - immutable: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: 'description' + immutable: true + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + min_version: 'beta' + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. This field is used internally during updates of this resource. + min_version: 'beta' output: true - - !ruby/object:Api::Type::Enum - name: 'type' - immutable: true + - name: 'type' + type: Enum description: | The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time. - values: - - :CLOUD_ARMOR - - :CLOUD_ARMOR_EDGE - - :CLOUD_ARMOR_NETWORK - - !ruby/object:Api::Type::NestedObject - name: 'ddosProtectionConfig' + min_version: 'beta' + immutable: true + enum_values: + - 'CLOUD_ARMOR' + - 'CLOUD_ARMOR_EDGE' + - 'CLOUD_ARMOR_NETWORK' + - name: 'ddosProtectionConfig' + type: NestedObject description: | Configuration for Google Cloud Armor DDOS Proctection Config. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Enum - name: 'ddosProtection' + - name: 'ddosProtection' + type: Enum description: | Google Cloud Armor offers the following options to help protect systems against DDoS attacks: - STANDARD: basic always-on protection for network load balancers, protocol forwarding, or VMs with public IP addresses. - ADVANCED: additional protections for Managed Protection Plus subscribers who use network load balancers, protocol forwarding, or VMs with public IP addresses. - ADVANCED_PREVIEW: flag to enable the security policy in preview mode. - values: - - :ADVANCED - - :ADVANCED_PREVIEW - - :STANDARD + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: 'selfLink' - output: true + enum_values: + - 'ADVANCED' + - 'ADVANCED_PREVIEW' + - 'STANDARD' + - name: 'selfLink' + type: String description: | Server-defined URL for the resource. - - !ruby/object:Api::Type::String - name: 'selfLinkWithPolicyId' - api_name: 'selfLinkWithId' + min_version: 'beta' output: true + - name: 'selfLinkWithPolicyId' + type: String description: | Server-defined URL for this resource with the resource id. - - !ruby/object:Api::Type::Array - name: 'userDefinedFields' + api_name: selfLinkWithId + min_version: 'beta' + output: true + - name: 'userDefinedFields' + type: Array description: | Definitions of user-defined fields for CLOUD_ARMOR_NETWORK policies. A user-defined field consists of up to 4 bytes extracted from a fixed offset in the packet, relative to the IPv4, IPv6, TCP, or UDP header, with an optional mask to select certain bits. Rules may then specify matching values for these fields. - item_type: !ruby/object:Api::Type::NestedObject + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of this field. Must be unique within the policy. - - !ruby/object:Api::Type::Enum - name: 'base' - required: true + min_version: 'beta' + - name: 'base' + type: Enum description: | The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - values: - - :IPV4 - - :IPV6 - - :TCP - - :UDP - - !ruby/object:Api::Type::Integer - name: 'offset' + min_version: 'beta' + required: true + enum_values: + - 'IPV4' + - 'IPV6' + - 'TCP' + - 'UDP' + - name: 'offset' + type: Integer description: | Offset of the first byte of the field (in network byte order) relative to 'base'. - - !ruby/object:Api::Type::Integer - name: 'size' + min_version: 'beta' + - name: 'size' + type: Integer description: | Size of the field in bytes. Valid values: 1-4. - - !ruby/object:Api::Type::String - name: 'mask' + min_version: 'beta' + - name: 'mask' + type: String description: | If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with "0x"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask. + min_version: 'beta' diff --git a/mmv1/products/compute/RegionSecurityPolicyRule.yaml b/mmv1/products/compute/RegionSecurityPolicyRule.yaml index 0db906585134..765935d2fe9c 100644 --- a/mmv1/products/compute/RegionSecurityPolicyRule.yaml +++ b/mmv1/products/compute/RegionSecurityPolicyRule.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,169 +11,184 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionSecurityPolicyRule' -min_version: beta -base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}' -self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' -create_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' -update_verb: :POST -update_mask: true -update_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' -delete_verb: :POST -delete_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' description: | A rule for the RegionSecurityPolicy. -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Creating region security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' - api: - 'https://cloud.google.com/compute/docs/reference/rest/beta/regionSecurityPolicies/addRule' + api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionSecurityPolicies/addRule' +docs: id_format: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' -import_format: ['projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}' +self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' +create_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' +update_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' +update_verb: 'POST' +update_mask: true +delete_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' +delete_verb: 'POST' +import_format: + - 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_rule_basic' + - name: 'region_security_policy_rule_basic' primary_resource_id: 'policy_rule' min_version: 'beta' vars: sec_policy_name: 'policyruletest' - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_rule_multiple_rules' + - name: 'region_security_policy_rule_multiple_rules' primary_resource_id: 'policy_rule_one' min_version: 'beta' vars: sec_policy_name: 'policywithmultiplerules' - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_rule_with_preconfigured_waf_config' + - name: 'region_security_policy_rule_with_preconfigured_waf_config' primary_resource_id: 'policy_rule' min_version: 'beta' vars: sec_policy_name: 'policyruletest' - - !ruby/object:Provider::Terraform::Examples - name: 'region_security_policy_rule_with_network_match' - # it needs to run synchronously because a region can have only one google_compute_network_edge_security_service. - # there is a robust handwritten test which covers this scenario. - skip_test: true + - name: 'region_security_policy_rule_with_network_match' primary_resource_id: 'policy_rule_network_match' min_version: 'beta' vars: sec_policy_name: 'policyfornetworkmatch' + # it needs to run synchronously because a region can have only one google_compute_network_edge_security_service. + # there is a robust handwritten test which covers this scenario. + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: | The Region in which the created Region Security Policy rule should reside. - immutable: true + min_version: 'beta' url_param_only: true required: true - - !ruby/object:Api::Type::String - name: 'security_policy' - required: true immutable: true + - name: 'security_policy' + type: String description: | The name of the security policy this rule belongs to. + min_version: 'beta' url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Integer - name: 'priority' + min_version: 'beta' + - name: 'priority' + type: Integer description: | An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. + min_version: 'beta' required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'match' + - name: 'match' + type: NestedObject description: | A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Enum - name: 'versionedExpr' + - name: 'versionedExpr' + type: Enum description: | Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. - values: - - :SRC_IPS_V1 - - !ruby/object:Api::Type::NestedObject - name: 'expr' + min_version: 'beta' + enum_values: + - 'SRC_IPS_V1' + - name: 'expr' + type: NestedObject description: | User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'expression' - required: true + - name: 'expression' + type: String description: | Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. - - !ruby/object:Api::Type::NestedObject - name: 'config' + min_version: 'beta' + required: true + - name: 'config' + type: NestedObject description: | The configuration options available when specifying versionedExpr. This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Array - name: 'srcIpRanges' + - name: 'srcIpRanges' + type: Array description: | CIDR IP address range. Maximum number of srcIpRanges allowed is 10. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'preconfiguredWafConfig' + min_version: 'beta' + item_type: + type: String + - name: 'preconfiguredWafConfig' + type: NestedObject description: | Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Array - name: 'exclusion' - api_name: 'exclusions' + - name: 'exclusion' + type: Array description: | An exclusion to apply during preconfigured WAF evaluation. - item_type: !ruby/object:Api::Type::NestedObject + api_name: exclusions + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'targetRuleSet' - required: true + - name: 'targetRuleSet' + type: String description: | Target WAF rule set to apply the preconfigured WAF exclusion. - - !ruby/object:Api::Type::Array - name: 'targetRuleIds' + min_version: 'beta' + required: true + - name: 'targetRuleIds' + type: Array description: | A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'requestHeader' - api_name: 'requestHeadersToExclude' + min_version: 'beta' + item_type: + type: String + - name: 'requestHeader' + type: Array description: | Request header whose value will be excluded from inspection during preconfigured WAF evaluation. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestHeadersToExclude + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: Enum description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -182,29 +197,33 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - values: - - :CONTAINS - - :ENDS_WITH - - :EQUALS - - :EQUALS_ANY - - :STARTS_WITH - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::Array - name: 'requestCookie' - api_name: 'requestCookiesToExclude' + api_name: val + min_version: 'beta' + - name: 'requestCookie' + type: Array description: | Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestCookiesToExclude + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: Enum description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -213,30 +232,34 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - values: - - :CONTAINS - - :ENDS_WITH - - :EQUALS - - :EQUALS_ANY - - :STARTS_WITH - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::Array - name: 'requestUri' - api_name: 'requestUrisToExclude' + api_name: val + min_version: 'beta' + - name: 'requestUri' + type: Array description: | Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestUrisToExclude + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: Enum description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -245,30 +268,34 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - values: - - :CONTAINS - - :ENDS_WITH - - :EQUALS - - :EQUALS_ANY - - :STARTS_WITH - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::Array - name: 'requestQueryParam' - api_name: 'requestQueryParamsToExclude' + api_name: val + min_version: 'beta' + - name: 'requestQueryParam' + type: Array description: | Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestQueryParamsToExclude + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: Enum description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -277,20 +304,24 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - values: - - :CONTAINS - - :ENDS_WITH - - :EQUALS - - :EQUALS_ANY - - :STARTS_WITH - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + min_version: 'beta' + required: true + enum_values: + - 'CONTAINS' + - 'ENDS_WITH' + - 'EQUALS' + - 'EQUALS_ANY' + - 'STARTS_WITH' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::String - name: 'action' + api_name: val + min_version: 'beta' + - name: 'action' + type: String description: | The Action to perform when the rule is matched. The following are the valid actions: @@ -303,11 +334,13 @@ properties: * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. + min_version: 'beta' required: true - - !ruby/object:Api::Type::NestedObject - name: 'rateLimitOptions' + - name: 'rateLimitOptions' + type: NestedObject description: | Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + min_version: 'beta' update_mask_fields: - 'rateLimitOptions.rateLimitThreshold' - 'rateLimitOptions.conformAction' @@ -318,31 +351,36 @@ properties: - 'rateLimitOptions.banThreshold' - 'rateLimitOptions.banDurationSec' properties: - - !ruby/object:Api::Type::NestedObject - name: 'rateLimitThreshold' + - name: 'rateLimitThreshold' + type: NestedObject description: | Threshold at which to begin ratelimiting. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Integer - name: 'count' + - name: 'count' + type: Integer description: | Number of HTTP(S) requests for calculating the threshold. - - !ruby/object:Api::Type::Integer - name: 'intervalSec' + min_version: 'beta' + - name: 'intervalSec' + type: Integer description: | Interval over which the threshold is computed. - - !ruby/object:Api::Type::String - name: 'conformAction' + min_version: 'beta' + - name: 'conformAction' + type: String description: | Action to take for requests that are under the configured rate limit threshold. Valid option is "allow" only. - - !ruby/object:Api::Type::String - name: 'exceedAction' + min_version: 'beta' + - name: 'exceedAction' + type: String description: | Action to take for requests that are above the configured rate limit threshold, to deny with a specified HTTP response code. Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. - - !ruby/object:Api::Type::Enum - name: 'enforceOnKey' + min_version: 'beta' + - name: 'enforceOnKey' + type: Enum description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. @@ -355,33 +393,37 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - values: - - :ALL - - :IP - - :HTTP_HEADER - - :XFF_IP - - :HTTP_COOKIE - - :HTTP_PATH - - :SNI - - :REGION_CODE - - :TLS_JA3_FINGERPRINT - - :USER_IP - - !ruby/object:Api::Type::String - name: 'enforceOnKeyName' + min_version: 'beta' + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - - !ruby/object:Api::Type::Array - name: 'enforceOnKeyConfigs' + min_version: 'beta' + - name: 'enforceOnKeyConfigs' + type: Array description: | If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforceOnKeyConfigs. If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. - item_type: !ruby/object:Api::Type::NestedObject + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'enforceOnKeyType' + - name: 'enforceOnKeyType' + type: Enum description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. @@ -394,48 +436,55 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - values: - - :ALL - - :IP - - :HTTP_HEADER - - :XFF_IP - - :HTTP_COOKIE - - :HTTP_PATH - - :SNI - - :REGION_CODE - - :TLS_JA3_FINGERPRINT - - :USER_IP - - !ruby/object:Api::Type::String - name: 'enforceOnKeyName' + min_version: 'beta' + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - - !ruby/object:Api::Type::NestedObject - name: 'banThreshold' + min_version: 'beta' + - name: 'banThreshold' + type: NestedObject description: | Can only be specified if the action for the rule is "rate_based_ban". If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Integer - name: 'count' + - name: 'count' + type: Integer description: | Number of HTTP(S) requests for calculating the threshold. - - !ruby/object:Api::Type::Integer - name: 'intervalSec' + min_version: 'beta' + - name: 'intervalSec' + type: Integer description: | Interval over which the threshold is computed. - - !ruby/object:Api::Type::Integer - name: 'banDurationSec' + min_version: 'beta' + - name: 'banDurationSec' + type: Integer description: | Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - - !ruby/object:Api::Type::Boolean - name: 'preview' + min_version: 'beta' + - name: 'preview' + type: Boolean description: | If set to true, the specified action is not enforced. - - !ruby/object:Api::Type::NestedObject - name: 'networkMatch' + min_version: 'beta' + - name: 'networkMatch' + type: NestedObject description: | A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). @@ -445,6 +494,7 @@ properties: Example: networkMatch: srcIpRanges: - "192.0.2.0/24" - "198.51.100.0/24" userDefinedFields: - name: "ipv4_fragment_offset" values: - "1-0x1fff" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named "ipv4_fragment_offset" with a value between 1 and 0x1fff inclusive + min_version: 'beta' update_mask_fields: - 'network_match.userDefinedFields' - 'network_match.srcIpRanges' @@ -455,53 +505,72 @@ properties: - 'network_match.srcRegionCodes' - 'network_match.srcAsns' properties: - - !ruby/object:Api::Type::Array - name: 'userDefinedFields' + - name: 'userDefinedFields' + type: Array description: | User-defined fields. Each element names a defined field and lists the matching values for that field. - item_type: !ruby/object:Api::Type::NestedObject + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the user-defined field, as given in the definition. - - !ruby/object:Api::Type::Array - name: 'values' + min_version: 'beta' + - name: 'values' + type: Array description: | Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with "0x") number (e.g. "64") or range (e.g. "0x400-0x7ff"). - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'srcIpRanges' + min_version: 'beta' + item_type: + type: String + - name: 'srcIpRanges' + type: Array description: | Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'destIpRanges' + min_version: 'beta' + item_type: + type: String + - name: 'destIpRanges' + type: Array description: | Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'ipProtocols' + min_version: 'beta' + item_type: + type: String + - name: 'ipProtocols' + type: Array description: | IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. "6"), range (e.g. "253-254"), or one of the following protocol names: "tcp", "udp", "icmp", "esp", "ah", "ipip", or "sctp". - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'srcPorts' + min_version: 'beta' + item_type: + type: String + - name: 'srcPorts' + type: Array description: | Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'destPorts' + min_version: 'beta' + item_type: + type: String + - name: 'destPorts' + type: Array description: | Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'srcRegionCodes' + min_version: 'beta' + item_type: + type: String + - name: 'srcRegionCodes' + type: Array description: | Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'srcAsns' + min_version: 'beta' + item_type: + type: String + - name: 'srcAsns' + type: Array description: | BGP Autonomous System Number associated with the source IP address. - item_type: Api::Type::Integer + min_version: 'beta' + item_type: + type: Integer diff --git a/mmv1/products/compute/RegionSslCertificate.yaml b/mmv1/products/compute/RegionSslCertificate.yaml index b579e26097b6..1bb481b10e65 100644 --- a/mmv1/products/compute/RegionSslCertificate.yaml +++ b/mmv1/products/compute/RegionSslCertificate.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,40 +11,18 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionSslCertificate' kind: 'compute#sslCertificate' -base_url: projects/{{project}}/regions/{{region}}/sslCertificates -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslCertificates' -immutable: true -has_self_link: true description: | A RegionSslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - kind: 'compute#operation' - path: 'name' - base_url: '{{op_id}}' - wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result - path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error - path: 'error/errors' - message: 'message' -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslCertificates' +docs: optional_properties: | * `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`. Max length is 54 characters. @@ -54,28 +32,45 @@ docs: !ruby/object:Provider::Terraform::Docs `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter Resulting name for a `name_prefix` 38 - 54 characters: `name_prefix` + YYmmdd + 3 digit incremental counter +base_url: 'projects/{{project}}/regions/{{region}}/sslCertificates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/ssl_certificate.tmpl' + constants: 'templates/terraform/constants/compute_certificate.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_ssl_certificate_basic' - primary_resource_id: - 'default' - # Uses id.UniqueId - skip_vcr: true + - name: 'region_ssl_certificate_basic' + primary_resource_id: 'default' ignore_read_extra: - 'name_prefix' - - !ruby/object:Provider::Terraform::Examples - name: 'region_ssl_certificate_random_provider' - external_providers: ["random", "time"] - primary_resource_id: - 'default' # Uses id.UniqueId skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'region_ssl_certificate_target_https_proxies' - primary_resource_id: - 'default' + - name: 'region_ssl_certificate_random_provider' + primary_resource_id: 'default' + external_providers: ["random", "time"] # Uses id.UniqueId skip_vcr: true + - name: 'region_ssl_certificate_target_https_proxies' + primary_resource_id: 'default' vars: region_target_https_proxy_name: 'test-proxy' region_url_map_name: 'url-map' @@ -83,49 +78,48 @@ examples: region_health_check_name: 'http-health-check' ignore_read_extra: - 'name_prefix' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/compute_certificate.go.erb - extra_schema_entry: templates/terraform/extra_schema_entry/ssl_certificate.erb + # Uses id.UniqueId + skip_vcr: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - required: false - immutable: true + - name: 'region' + type: ResourceRef description: | The Region in which the created regional ssl certificate should reside. If it is not provided, the provider region is used. + required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'certificate' + - name: 'certificate' + type: String description: | The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. required: true sensitive: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::String - name: 'expireTime' - output: true + - name: 'expireTime' + type: String description: 'Expire time of the certificate in RFC3339 text format.' - - !ruby/object:Api::Type::Integer - name: 'certificate_id' - api_name: 'id' + output: true + - name: 'certificate_id' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -137,15 +131,15 @@ properties: These are in the same namespace as the managed SSL certificates. default_from_api: true - custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.erb' - validation: !ruby/object:Provider::Terraform::Validation + custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.tmpl' + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'privateKey' + - name: 'privateKey' + type: String description: 'The write-only private key in PEM format.' required: true immutable: true - sensitive: true ignore_read: true - custom_flatten: 'templates/terraform/custom_flatten/sha256.erb' + sensitive: true diff_suppress_func: 'sha256DiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/sha256.tmpl' diff --git a/mmv1/products/compute/RegionSslPolicy.yaml b/mmv1/products/compute/RegionSslPolicy.yaml index 6be42355f86e..f09fc0432096 100644 --- a/mmv1/products/compute/RegionSslPolicy.yaml +++ b/mmv1/products/compute/RegionSslPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,65 +11,65 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionSslPolicy' kind: 'compute#sslPolicy' -base_url: projects/{{project}}/regions/{{region}}/sslPolicies -collection_url_key: 'items' -update_verb: :PATCH -has_self_link: true description: | Represents a Regional SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslPolicies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/sslPolicies' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/region_ssl_policy.erb' -custom_diff: [ - 'regionSslPolicyCustomizeDiff', -] +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/region_ssl_policy.tmpl' +custom_diff: + - 'regionSslPolicyCustomizeDiff' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - default_from_api: true - immutable: true + - name: 'region' + type: ResourceRef description: | The region where the regional SSL policy resides. - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -78,10 +78,10 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Enum - name: 'profile' + immutable: true + - name: 'profile' + type: Enum description: | Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -91,30 +91,31 @@ properties: See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) for information on what cipher suites each profile provides. If `CUSTOM` is used, the `custom_features` attribute **must be set**. - values: - - :COMPATIBLE - - :MODERN - - :RESTRICTED - - :CUSTOM - default_value: :COMPATIBLE - - !ruby/object:Api::Type::Enum - name: 'minTlsVersion' + default_value: "COMPATIBLE" + enum_values: + - 'COMPATIBLE' + - 'MODERN' + - 'RESTRICTED' + - 'CUSTOM' + - name: 'minTlsVersion' + type: Enum description: | The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. - values: - - :TLS_1_0 - - :TLS_1_1 - - :TLS_1_2 - default_value: :TLS_1_0 - - !ruby/object:Api::Type::Array - name: 'enabledFeatures' + default_value: "TLS_1_0" + enum_values: + - 'TLS_1_0' + - 'TLS_1_1' + - 'TLS_1_2' + - name: 'enabledFeatures' + type: Array description: 'The list of features enabled in the SSL policy.' - output: true is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'customFeatures' + output: true + item_type: + type: String + - name: 'customFeatures' + type: Array description: | A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this @@ -126,9 +127,10 @@ properties: *must not* be present when using any other profile. is_set: true send_empty_value: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + item_type: + type: String + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. diff --git a/mmv1/products/compute/RegionTargetHttpProxy.yaml b/mmv1/products/compute/RegionTargetHttpProxy.yaml index e408292d00f2..9e31fb6966e0 100644 --- a/mmv1/products/compute/RegionTargetHttpProxy.yaml +++ b/mmv1/products/compute/RegionTargetHttpProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,87 +11,86 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionTargetHttpProxy' -base_url: projects/{{project}}/regions/{{region}}/targetHttpProxies -has_self_link: true -immutable: true description: | Represents a RegionTargetHttpProxy resource, which is used by one or more forwarding rules to route incoming HTTP requests to a URL map. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_http_proxy_basic' + - name: 'region_target_http_proxy_basic' primary_resource_id: 'default' vars: region_target_http_proxy_name: 'test-proxy' region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_http_proxy_http_keep_alive_timeout' + - name: 'region_target_http_proxy_http_keep_alive_timeout' primary_resource_id: 'default' vars: region_target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_http_proxy_https_redirect' + - name: 'region_target_http_proxy_https_redirect' primary_resource_id: 'default' vars: region_target_http_proxy_name: 'test-https-redirect-proxy' region_url_map_name: 'url-map' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - required: false - immutable: true + - name: 'region' + type: ResourceRef description: | The Region in which the created target https proxy should reside. If it is not provided, the provider region is used. + required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -101,19 +100,19 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::ResourceRef - name: 'urlMap' - resource: 'RegionUrlMap' - imports: 'selfLink' + - name: 'urlMap' + type: ResourceRef description: | A reference to the RegionUrlMap resource that defines the mapping from URL to the BackendService. required: true - update_verb: :POST - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' update_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}/setUrlMap' - - !ruby/object:Api::Type::Integer - name: 'httpKeepAliveTimeoutSec' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionUrlMap' + imports: 'selfLink' + - name: 'httpKeepAliveTimeoutSec' + type: Integer description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is diff --git a/mmv1/products/compute/RegionTargetHttpsProxy.yaml b/mmv1/products/compute/RegionTargetHttpsProxy.yaml index d14be279320b..9348a3799b67 100644 --- a/mmv1/products/compute/RegionTargetHttpsProxy.yaml +++ b/mmv1/products/compute/RegionTargetHttpsProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,46 +11,46 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionTargetHttpsProxy' -base_url: projects/{{project}}/regions/{{region}}/targetHttpsProxies -has_self_link: true -immutable: true description: | Represents a RegionTargetHttpsProxy resource, which is used by one or more forwarding rules to route incoming HTTPS requests to a URL map. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpsProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/compute_region_target_https_proxy.go.erb +custom_code: + encoder: 'templates/terraform/encoders/compute_region_target_https_proxy.go.tmpl' # update_encoder is usually the same as encoder by default. This resource is an uncommon case where the whole resource # is marked to be immutable, but we have a field specific update that overrides it (e.g certifiacteManagerCertificates). # This causes the encoder logic to not be applied during update. - update_encoder: templates/terraform/encoders/compute_region_target_https_proxy.go.erb - decoder: templates/terraform/decoders/compute_region_target_https_proxy.go.erb + update_encoder: 'templates/terraform/encoders/compute_region_target_https_proxy.go.tmpl' + decoder: 'templates/terraform/decoders/compute_region_target_https_proxy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_https_proxy_basic' + - name: 'region_target_https_proxy_basic' primary_resource_id: 'default' vars: region_target_https_proxy_name: 'test-proxy' @@ -58,8 +58,7 @@ examples: region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_https_proxy_http_keep_alive_timeout' + - name: 'region_target_https_proxy_http_keep_alive_timeout' primary_resource_id: 'default' vars: region_target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' @@ -67,8 +66,7 @@ examples: region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' region_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_https_proxy_mtls' + - name: 'region_target_https_proxy_mtls' primary_resource_id: 'default' min_version: 'beta' vars: @@ -79,8 +77,7 @@ examples: http_health_check_name: 'http-health-check' server_tls_policy_name: 'my-tls-policy' trust_config_name: 'my-trust-config' - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_https_proxy_certificate_manager_certificate' + - name: 'region_target_https_proxy_certificate_manager_certificate' primary_resource_id: 'default' vars: region_target_https_proxy_name: 'target-http-proxy' @@ -88,34 +85,34 @@ examples: region_url_map_name: 'url-map' region_backend_service_name: 'backend-service' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - immutable: true - required: false + - name: 'region' + type: ResourceRef description: | The Region in which the created target https proxy should reside. If it is not provided, the provider region is used. + required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -124,8 +121,8 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true + immutable: true # This field is present in the schema but as of 2019 Sep 23 attempting to set it fails with # a 400 "QUIC override is supported only with global TargetHttpsProxy". jamessynge@ said in an # email sent on 2019 Sep 20 that support for this "is probably far in the future." @@ -145,72 +142,71 @@ properties: # update_verb: :POST # update_url: # 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setQuicOverride' - - !ruby/object:Api::Type::Array - name: 'certificateManagerCertificates' + - name: 'certificateManagerCertificates' + type: Array description: | URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. sslCertificates and certificateManagerCertificates can't be defined together. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' - item_type: Api::Type::String - custom_expand: 'templates/terraform/custom_expand/certificate_manager_certificate_construct_full_url.go.erb' - diff_suppress_func: 'tpgresource.CompareResourceNames' + update_verb: 'POST' conflicts: - ssl_certificates - - !ruby/object:Api::Type::Array - name: 'sslCertificates' + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_expand: 'templates/terraform/custom_expand/certificate_manager_certificate_construct_full_url.go.tmpl' + item_type: + type: String + - name: 'sslCertificates' + type: Array description: | URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' - item_type: !ruby/object:Api::Type::ResourceRef + update_verb: 'POST' + conflicts: + - certificate_manager_certificates + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'sslCertificate' + type: ResourceRef + description: 'The SSL certificates used by this TargetHttpsProxy' resource: 'RegionSslCertificate' imports: 'selfLink' - description: 'The SSL certificates used by this TargetHttpsProxy' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - conflicts: - - certificate_manager_certificates - - !ruby/object:Api::Type::ResourceRef - name: 'sslPolicy' - resource: 'RegionSslPolicy' - imports: 'selfLink' + - name: 'sslPolicy' + type: ResourceRef description: | A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' + update_verb: 'PATCH' update_id: 'sslPolicy' fingerprint_name: 'fingerprint' - update_verb: :PATCH - update_url: - 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'urlMap' - resource: 'RegionUrlMap' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionSslPolicy' imports: 'selfLink' + - name: 'urlMap' + type: ResourceRef description: | A reference to the RegionUrlMap resource that defines the mapping from URL to the RegionBackendService. required: true - update_verb: :POST - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setUrlMap' - - !ruby/object:Api::Type::Integer - name: 'httpKeepAliveTimeoutSec' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionUrlMap' + imports: 'selfLink' + - name: 'httpKeepAliveTimeoutSec' + type: Integer description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds. - - !ruby/object:Api::Type::ResourceRef - name: 'serverTlsPolicy' - resource: 'SslPolicy' - imports: 'selfLink' + - name: 'serverTlsPolicy' + type: ResourceRef description: | A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound @@ -226,8 +222,9 @@ properties: deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this. + update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' + update_verb: 'PATCH' update_id: 'serverTlsPolicy' fingerprint_name: 'fingerprint' - update_verb: :PATCH - update_url: - 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' + resource: 'SslPolicy' + imports: 'selfLink' diff --git a/mmv1/products/compute/RegionTargetTcpProxy.yaml b/mmv1/products/compute/RegionTargetTcpProxy.yaml index 5c7de9b58777..a6b97416621f 100644 --- a/mmv1/products/compute/RegionTargetTcpProxy.yaml +++ b/mmv1/products/compute/RegionTargetTcpProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,74 +11,75 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionTargetTcpProxy' -base_url: projects/{{project}}/regions/{{region}}/targetTcpProxies -has_self_link: true -immutable: true description: | Represents a RegionTargetTcpProxy resource, which is used by one or more forwarding rules to route incoming TCP requests to a regional TCP proxy load balancer. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/tcp/internal-proxy' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetTcpProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/targetTcpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_target_tcp_proxy_basic' + - name: 'region_target_tcp_proxy_basic' primary_resource_id: 'default' vars: region_target_tcp_proxy_name: 'test-proxy' region_backend_service_name: 'backend-service' health_check_name: 'health-check' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' - required: false - immutable: true + - name: 'region' + type: ResourceRef description: | The Region in which the created target TCP proxy should reside. If it is not provided, the provider region is used. + required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -87,28 +88,28 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' + immutable: true + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - default_value: :NONE - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - api_name: 'service' - resource: 'RegionBackendService' - imports: 'selfLink' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'backendService' + type: ResourceRef description: | A reference to the BackendService resource. + api_name: service required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: 'proxyBind' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. diff --git a/mmv1/products/compute/RegionUrlMap.yaml b/mmv1/products/compute/RegionUrlMap.yaml index ceeec9bdf788..093a6b0ce6e2 100644 --- a/mmv1/products/compute/RegionUrlMap.yaml +++ b/mmv1/products/compute/RegionUrlMap.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,82 +11,77 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RegionUrlMap' kind: 'compute#urlMap' -base_url: projects/{{project}}/regions/{{region}}/urlMaps -collection_url_key: 'items' -has_self_link: true description: | UrlMaps are used to route requests to a backend service based on rules that you define for the host and path of an incoming URL. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/urlMaps' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'region_url_map_basic' + - name: 'region_url_map_basic' primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' login_region_backend_service_name: 'login' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_url_map_default_route_action' + - name: 'region_url_map_default_route_action' primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' login_region_backend_service_name: 'login' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_url_map_l7_ilb_path' + - name: 'region_url_map_l7_ilb_path' primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_url_map_l7_ilb_path_partial' + - name: 'region_url_map_l7_ilb_path_partial' primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_url_map_l7_ilb_route' + - name: 'region_url_map_l7_ilb_route' primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'region_url_map_l7_ilb_route_partial' + - name: 'region_url_map_l7_ilb_route_partial' primary_resource_id: 'regionurlmap' vars: region_url_map_name: 'regionurlmap' home_region_backend_service_name: 'home' region_health_check_name: 'health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'int_https_lb_https_redirect' + - name: 'int_https_lb_https_redirect' primary_resource_id: 'redirect' - skip_test: true + min_version: 'beta' vars: l7_ilb_network: 'l7-ilb-network' l7_ilb_proxy_subnet: 'l7-ilb-proxy-subnet' @@ -105,14 +100,13 @@ examples: l7_ilb_redirect: 'l7-ilb-redirect' l7_ilb_target_http_proxy: 'l7-ilb-target-http-proxy' l7_ilb_redirect_url_map: 'l7-ilb-redirect-url-map' - min_version: beta ignore_read_extra: - 'target' - 'ip_address' - - !ruby/object:Provider::Terraform::Examples - name: 'regional_external_http_load_balancer' - primary_resource_type: 'google_compute_region_url_map' + exclude_test: true + - name: 'regional_external_http_load_balancer' primary_resource_id: 'default' + min_version: 'beta' vars: lb_network: 'lb-network' backend_subnet: 'backend-subnet' @@ -127,43 +121,36 @@ examples: regional_l7_xlb_map: 'regional-l7-xlb-map' l7_xlb_proxy: 'l7-xlb-proxy' l7_xlb_forwarding_rule: 'l7-xlb-forwarding-rule' - skip_docs: true - skip_test: true # Similar to other samples - min_version: beta - - !ruby/object:Provider::Terraform::Examples - name: "region_url_map_path_template_match" - primary_resource_id: "urlmap" + # Similar to other samples + exclude_test: true + exclude_docs: true + - name: 'region_url_map_path_template_match' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - home_backend_service_name: "home-service" - cart_backend_service_name: "cart-service" - user_backend_service_name: "user-service" - health_check_name: "health-check" + url_map_name: 'urlmap' + home_backend_service_name: 'home-service' + cart_backend_service_name: 'cart-service' + user_backend_service_name: 'user-service' + health_check_name: 'health-check' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | The Region in which the url map should reside. If it is not provided, the provider region is used. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::ResourceRef - name: 'defaultService' - exactly_one_of: - - default_service - - default_url_redirect - - default_route_action.0.weighted_backend_services - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'defaultService' + type: ResourceRef description: | The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced @@ -172,55 +159,62 @@ properties: weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'description' + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. # 'fingerprint' used internally for object consistency. - - !ruby/object:Api::Type::Array - name: 'host_rule' - api_name: 'hostRules' - is_set: true + - name: 'host_rule' + type: Array description: 'The list of HostRules to use against the URL.' - item_type: !ruby/object:Api::Type::NestedObject + api_name: hostRules + is_set: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this HostRule. Provide this property when you create the resource. - - !ruby/object:Api::Type::Array - name: 'hosts' - is_set: true - required: true - item_type: Api::Type::String + - name: 'hosts' + type: Array description: | The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. - - !ruby/object:Api::Type::String - name: 'pathMatcher' + is_set: true required: true + item_type: + type: String + - name: 'pathMatcher' + type: String description: | The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion. - - !ruby/object:Api::Type::Integer - name: 'map_id' + required: true + - name: 'map_id' + type: Integer description: 'The unique identifier for the resource.' - api_name: 'id' + api_name: id output: true - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. This field is used internally during updates of this resource. - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + output: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -229,14 +223,22 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::Array - name: 'path_matcher' - api_name: 'pathMatchers' + required: true + immutable: true + - name: 'path_matcher' + type: Array description: 'The list of named PathMatchers to use against the URL.' - item_type: !ruby/object:Api::Type::NestedObject + api_name: pathMatchers + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'defaultService' + - name: 'defaultService' + type: ResourceRef + description: | + A reference to a RegionBackendService resource. This will be used if + none of the pathRules defined by this PathMatcher is matched by + the URL's path portion. + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # TODO: add defaultRouteAction.weightedBackendService here once they are supported. @@ -245,21 +247,16 @@ properties: # - path_matchers.0.default_url_redirect resource: 'RegionBackendService' imports: 'selfLink' - description: | - A reference to a RegionBackendService resource. This will be used if - none of the pathRules defined by this PathMatcher is matched by - the URL's path portion. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | The name to which this PathMatcher is referred by the HostRule. - - !ruby/object:Api::Type::Array - name: 'routeRules' + required: true + - name: 'routeRules' + type: Array description: | The list of ordered HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. The order of specifying @@ -267,11 +264,11 @@ properties: action to take effect. Within a given pathMatcher, only one of pathRules or routeRules must be set. routeRules are not supported in UrlMaps intended for External load balancers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'priority' - required: true + - name: 'priority' + type: Integer description: | For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated @@ -288,10 +285,9 @@ properties: 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules. - - !ruby/object:Api::Type::ResourceRef - name: 'service' - resource: 'RegionBackendService' - imports: 'selfLink' + required: true + - name: 'service' + type: ResourceRef description: | The region backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, @@ -300,128 +296,136 @@ properties: contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r outeAction.weightedBackendService.backendServiceWeightAction[].headerAction properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Array - name: 'matchRules' + item_type: + type: String + - name: 'matchRules' + type: Array description: | The rules for determining a match. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'fullPathMatch' + - name: 'fullPathMatch' + type: String description: | For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. FullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. - - !ruby/object:Api::Type::Array - name: 'headerMatches' + - name: 'headerMatches' + type: Array description: | Specifies a list of header match criteria, all of which must match corresponding headers in the request. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'exactMatch' + - name: 'exactMatch' + type: String description: | The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". - - !ruby/object:Api::Type::Boolean - name: 'invertMatch' - default_value: false + required: true + - name: 'invertMatch' + type: Boolean description: | If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. Defaults to false. - - !ruby/object:Api::Type::String - name: 'prefixMatch' + default_value: false + - name: 'prefixMatch' + type: String description: | The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::Boolean - name: 'presentMatch' + - name: 'presentMatch' + type: Boolean description: | A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value or not. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::NestedObject - name: 'rangeMatch' + - name: 'rangeMatch' + type: NestedObject description: | The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, @@ -435,18 +439,18 @@ properties: Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. properties: - - !ruby/object:Api::Type::Integer - name: 'rangeEnd' - required: true + - name: 'rangeEnd' + type: Integer description: | The end of the range (exclusive). - - !ruby/object:Api::Type::Integer - name: 'rangeStart' required: true + - name: 'rangeStart' + type: Integer description: | The start of the range (inclusive). - - !ruby/object:Api::Type::String - name: 'regexMatch' + required: true + - name: 'regexMatch' + type: String description: | The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: @@ -455,20 +459,20 @@ properties: a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::String - name: 'suffixMatch' + - name: 'suffixMatch' + type: String description: | The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::Boolean - name: 'ignoreCase' - default_value: false + - name: 'ignoreCase' + type: Boolean description: | Specifies that prefixMatch and fullPathMatch matches are case sensitive. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'metadataFilters' + default_value: false + - name: 'metadataFilters' + type: Array description: | Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS @@ -481,34 +485,35 @@ properties: here can be overrides those specified in ForwardingRule that refers to this UrlMap. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'filterLabels' - min_size: 1 - max_size: 64 - required: true + - name: 'filterLabels' + type: Array description: | The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long. - - !ruby/object:Api::Type::String - name: 'value' required: true + - name: 'value' + type: String description: | The value of the label must match the specified value. value can have a maximum length of 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'filterMatchCriteria' - required: true + required: true + min_size: 1 + max_size: 64 + - name: 'filterMatchCriteria' + type: Enum description: | Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: @@ -517,58 +522,60 @@ properties: provided metadata. * MATCH_ALL: All filterLabels must have matching labels in the provided metadata. - values: - - :MATCH_ALL - - :MATCH_ANY - - !ruby/object:Api::Type::String - name: 'prefixMatch' + required: true + enum_values: + - 'MATCH_ALL' + - 'MATCH_ANY' + - name: 'prefixMatch' + type: String description: | For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. - - !ruby/object:Api::Type::Array - name: 'queryParameterMatches' + - name: 'queryParameterMatches' + type: Array description: | Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'exactMatch' + - name: 'exactMatch' + type: String description: | The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch must be set. - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails. - - !ruby/object:Api::Type::Boolean - name: 'presentMatch' + required: true + - name: 'presentMatch' + type: Boolean description: | Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch and regexMatch must be set. - - !ruby/object:Api::Type::String - name: 'regexMatch' + - name: 'regexMatch' + type: String description: | The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, exactMatch and regexMatch must be set. - - !ruby/object:Api::Type::String - name: 'regexMatch' + - name: 'regexMatch' + type: String description: | For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, fullPathMatch or regexMatch must be specified. - - !ruby/object:Api::Type::String - name: 'pathTemplateMatch' + - name: 'pathTemplateMatch' + type: String description: | For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch @@ -579,8 +586,8 @@ properties: (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total. - - !ruby/object:Api::Type::NestedObject - name: 'routeAction' + - name: 'routeAction' + type: NestedObject description: | In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -589,60 +596,65 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' - default_value: false + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowHeaders' - item_type: Api::Type::String + default_value: false + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. - - !ruby/object:Api::Type::Array - name: 'allowMethods' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Array - name: 'allowOrigins' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Boolean - name: 'disabled' - default_value: false + item_type: + type: String + - name: 'disabled' + type: Boolean description: | If true, specifies the CORS policy is disabled. which indicates that the CORS policy is in effect. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' - item_type: Api::Type::String + default_value: false + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. - - !ruby/object:Api::Type::Integer - name: 'maxAge' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long the results of a preflight request can be cached. This translates to the content for the Access-Control-Max-Age header. - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -652,98 +664,97 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'delay' + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' + required: true + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' + - name: 'backendService' + type: ResourceRef + description: | + The RegionBackendService resource being mirrored to. required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - description: | - The RegionBackendService resource being mirrored to. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. properties: - - !ruby/object:Api::Type::Integer - name: 'numRetries' - required: true + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + required: true + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Array - name: 'retryConditions' - item_type: Api::Type::String + required: true + - name: 'retryConditions' + type: Array description: | Specifies one or more conditions when this retry rule applies. Valid values are: @@ -767,46 +778,48 @@ properties: header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - - !ruby/object:Api::Type::NestedObject - name: 'timeout' + item_type: + type: String + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + required: true + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - name: 'hostRewrite' + type: String description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'pathTemplateRewrite' + - name: 'pathTemplateRewrite' + type: String description: | Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the @@ -822,8 +835,8 @@ properties: Only one of pathPrefixRewrite and pathTemplateRewrite may be specified. - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' + - name: 'weightedBackendServices' + type: Array description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -833,87 +846,91 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - required: true - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The default RegionBackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Integer - name: 'weight' - required: true + item_type: + type: String + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -921,38 +938,39 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 - - !ruby/object:Api::Type::NestedObject - name: 'urlRedirect' + required: true + - name: 'urlRedirect' + type: NestedObject description: | When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before @@ -960,8 +978,8 @@ properties: pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -976,23 +994,22 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - default_value: false + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default value is false. - - !ruby/object:Api::Type::Array - name: 'pathRule' - api_name: 'pathRules' + default_value: false + - name: 'pathRule' + type: Array description: | The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules @@ -1000,12 +1017,12 @@ properties: basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set. - item_type: !ruby/object:Api::Type::NestedObject + api_name: pathRules + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'service' - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'service' + type: ResourceRef description: | The region backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, @@ -1014,19 +1031,22 @@ properties: contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'paths' - required: true - is_set: true - item_type: Api::Type::String + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'paths' + type: Array description: | The list of path patterns to match. Each must start with / and the only place a \* is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here. - - !ruby/object:Api::Type::NestedObject - name: 'routeAction' + is_set: true + required: true + item_type: + type: String + - name: 'routeAction' + type: NestedObject description: | In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -1035,59 +1055,64 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' - default_value: false + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowHeaders' - item_type: Api::Type::String + default_value: false + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. - - !ruby/object:Api::Type::Array - name: 'allowMethods' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Array - name: 'allowOrigins' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Boolean - name: 'disabled' - required: true + item_type: + type: String + - name: 'disabled' + type: Boolean description: | If true, specifies the CORS policy is disabled. - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' - item_type: Api::Type::String + required: true + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. - - !ruby/object:Api::Type::Integer - name: 'maxAge' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long the results of a preflight request can be cached. This translates to the content for the Access-Control-Max-Age header. - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -1097,101 +1122,100 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' - required: true + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' required: true + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'delay' + required: true + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' - required: true + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. + required: true properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' - required: true + required: true + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + required: true + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' + - name: 'backendService' + type: ResourceRef + description: | + The RegionBackendService resource being mirrored to. required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'RegionBackendService' imports: 'selfLink' - description: | - The RegionBackendService resource being mirrored to. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. properties: - - !ruby/object:Api::Type::Integer - name: 'numRetries' + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Array - name: 'retryConditions' - item_type: Api::Type::String + required: true + - name: 'retryConditions' + type: Array description: | Specifies one or more conditions when this retry rule applies. Valid values are: @@ -1215,46 +1239,48 @@ properties: header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - - !ruby/object:Api::Type::NestedObject - name: 'timeout' + item_type: + type: String + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + required: true + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - name: 'hostRewrite' + type: String description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' + - name: 'weightedBackendServices' + type: Array description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -1264,87 +1290,91 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - required: true - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The default RegionBackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Integer - name: 'weight' - required: true + item_type: + type: String + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -1352,38 +1382,39 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 - - !ruby/object:Api::Type::NestedObject - name: 'urlRedirect' + required: true + - name: 'urlRedirect' + type: NestedObject description: | When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before @@ -1391,8 +1422,8 @@ properties: pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1407,23 +1438,23 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - required: true + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. - - !ruby/object:Api::Type::NestedObject - name: 'defaultUrlRedirect' + required: true + - name: 'defaultUrlRedirect' + type: NestedObject # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # TODO: add defaultRouteAction.weightedBackendService here once they are supported. @@ -1435,37 +1466,37 @@ properties: by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1480,93 +1511,94 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - required: true + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. - - !ruby/object:Api::Type::Array - name: 'test' - api_name: tests + required: true + - name: 'test' + type: Array description: | The list of expected URL mappings. Requests to update this UrlMap will succeed only if all of the test cases pass. - item_type: !ruby/object:Api::Type::NestedObject + api_name: tests + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'Description of this test case.' - - !ruby/object:Api::Type::String - name: 'host' - required: true + - name: 'host' + type: String description: 'Host portion of the URL.' - - !ruby/object:Api::Type::String - name: 'path' required: true + - name: 'path' + type: String description: 'Path portion of the URL.' - - !ruby/object:Api::Type::ResourceRef - name: 'service' required: true - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'service' + type: ResourceRef description: A reference to expected RegionBackendService resource the given URL should be mapped to. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'defaultUrlRedirect' - exactly_one_of: - - default_service - - default_url_redirect - - default_route_action.0.weighted_backend_services - conflicts: - - default_route_action + required: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'defaultUrlRedirect' + type: NestedObject description: | When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. + conflicts: + - default_route_action + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1581,201 +1613,205 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. required: true - - !ruby/object:Api::Type::NestedObject - name: 'defaultRouteAction' - conflicts: - - default_url_redirect + - name: 'defaultRouteAction' + type: NestedObject description: | defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for Classic external HTTP(S) load balancers only support the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + conflicts: + - default_url_redirect properties: - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' + - name: 'weightedBackendServices' + type: Array description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - exactly_one_of: - - default_service - - default_url_redirect - - default_route_action.0.weighted_backend_services at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy - item_type: !ruby/object:Api::Type::NestedObject + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'weight' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.IntBetween(0, 1000)' - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request before forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + item_type: + type: String + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request before forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: 'The name of the header.' - - !ruby/object:Api::Type::String - name: 'headerValue' + - name: 'headerValue' + type: String description: 'The value of the header to add.' - - !ruby/object:Api::Type::Boolean - name: 'replace' + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. default_value: false - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response before sending the response back to the client. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response before sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: 'The name of the header.' - - !ruby/object:Api::Type::String - name: 'headerValue' + - name: 'headerValue' + type: String description: 'The value of the header to add.' - - !ruby/object:Api::Type::Boolean - name: 'replace' + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. default_value: false - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters. at_least_one_of: - - default_route_action.0.url_rewrite.0.path_prefix_rewrite - - default_route_action.0.url_rewrite.0.host_rewrite - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + validation: function: 'validation.StringLenBetween(1, 1024)' - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - name: 'hostRewrite' + type: String description: | Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters. at_least_one_of: - - default_route_action.0.url_rewrite.0.path_prefix_rewrite - - default_route_action.0.url_rewrite.0.host_rewrite - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + validation: function: 'validation.StringLenBetween(1, 255)' - - !ruby/object:Api::Type::NestedObject - name: 'timeout' + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as end-of-stream) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: - - default_route_action.0.timeout.0.seconds - - default_route_action.0.timeout.0.nanos - - !ruby/object:Api::Type::Integer - name: 'nanos' + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: - - default_route_action.0.timeout.0.seconds - - default_route_action.0.timeout.0.nanos - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + validation: function: 'validation.IntBetween(0, 999999999)' - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::Array - name: 'retryConditions' - item_type: Api::Type::String + - name: 'retryConditions' + type: Array description: | Specifies one or more conditions when this retry policy applies. Valid values are listed below. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true: cancelled, deadline-exceeded, internal, resource-exhausted, unavailable. @@ -1790,206 +1826,213 @@ properties: - resource-exhausted : a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable : a retry is attempted if the gRPC status code in the response header is set to unavailable. at_least_one_of: - - default_route_action.0.retry_policy.0.retry_conditions - - default_route_action.0.retry_policy.0.num_retries - - default_route_action.0.retry_policy.0.per_try_timeout - - !ruby/object:Api::Type::Integer - name: 'numRetries' + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + item_type: + type: String + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - default_value: 1 at_least_one_of: - - default_route_action.0.retry_policy.0.retry_conditions - - default_route_action.0.retry_policy.0.num_retries - - default_route_action.0.retry_policy.0.per_try_timeout - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + validation: function: 'validation.IntAtLeast(1)' - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + default_value: 1 + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. at_least_one_of: - - default_route_action.0.retry_policy.0.retry_conditions - - default_route_action.0.retry_policy.0.num_retries - - default_route_action.0.retry_policy.0.per_try_timeout + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: - - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds - - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos - - !ruby/object:Api::Type::Integer - name: 'nanos' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: - - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds - - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + validation: function: 'validation.IntBetween(0, 999999999)' - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'RegionBackendService' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The full or partial URL to the RegionBackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'RegionBackendService' + imports: 'selfLink' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::Array - name: 'allowOrigins' + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowMethods' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowHeaders' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'maxAge' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false. - default_value: false at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - - !ruby/object:Api::Type::Boolean - name: 'disabled' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'disabled' + type: Boolean description: | If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect. - default_value: false at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. @@ -1997,83 +2040,83 @@ properties: timeout and retryPolicy is ignored by clients that are configured with a faultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the global external HTTP(S) load balancer (classic). To see which load balancers support fault injection, see Load balancing: [Routing and traffic management features](https://cloud.google.com/load-balancing/docs/features#routing-traffic-management). at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::NestedObject - name: 'delay' + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay - - default_route_action.0.fault_injection_policy.0.abort + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay - - default_route_action.0.fault_injection_policy.0.delay.0.percentage + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos - - !ruby/object:Api::Type::Integer - name: 'nanos' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + validation: function: 'validation.IntBetween(0, 999999999)' - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay - - default_route_action.0.fault_injection_policy.0.delay.0.percentage - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' + validation: function: 'validation.FloatBetween(0, 100)' - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay - - default_route_action.0.fault_injection_policy.0.abort + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.abort.0.http_status - - default_route_action.0.fault_injection_policy.0.abort.0.percentage - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: function: 'validation.IntBetween(200, 599)' - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.abort.0.http_status - - default_route_action.0.fault_injection_policy.0.abort.0.percentage - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/Reservation.yaml b/mmv1/products/compute/Reservation.yaml index 3c3baeb84b88..7db5bfc96cad 100644 --- a/mmv1/products/compute/Reservation.yaml +++ b/mmv1/products/compute/Reservation.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Reservation' -base_url: projects/{{project}}/zones/{{zone}}/reservations -update_verb: :PATCH -update_url: projects/{{project}}/zones/{{zone}}/reservations/{{name}} -update_mask: true -collection_url_key: 'items' -has_self_link: true description: | Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. @@ -28,75 +22,77 @@ description: | `g1-small` machine types, preemptible VMs, sole tenant nodes, or other services not listed above like Cloud SQL and Dataflow. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Reserving zonal resources': 'https://cloud.google.com/compute/docs/instances/reserving-zonal-resources' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/reservations' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/reservations' +has_self_link: true +update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}' +update_verb: 'PATCH' +update_mask: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + update_encoder: 'templates/terraform/update_encoder/reservation.go.tmpl' + pre_update: 'templates/terraform/pre_update/shared_reservation_update.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'reservation_basic' + - name: 'reservation_basic' primary_resource_id: 'gce_reservation' vars: reservation_name: 'gce-reservation' - - !ruby/object:Provider::Terraform::Examples - name: 'shared_reservation_basic' + - name: 'shared_reservation_basic' primary_resource_id: 'gce_reservation' - test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID - billing_account: :BILLING_ACCT vars: reservation_name: 'gce-shared-reservation' - skip_docs: - true + test_env_vars: + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + billing_account: 'BILLING_ACCT' + exclude_docs: true # Resource creation race skip_vcr: true -custom_code: !ruby/object:Provider::Terraform::CustomCode - update_encoder: templates/terraform/update_encoder/reservation.go.erb - pre_update: templates/terraform/pre_update/shared_reservation_update.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | The zone where the reservation is made. required: true immutable: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' - output: true + - name: 'creationTimestamp' + type: Time description: | Creation timestamp in RFC3339 text format. - - !ruby/object:Api::Type::String - name: 'description' - immutable: true + output: true + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::String - name: 'name' - required: true immutable: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -105,143 +101,148 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::String - name: 'commitment' - output: true + required: true + immutable: true + - name: 'commitment' + type: String description: | Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment. - - !ruby/object:Api::Type::Boolean - name: 'specificReservationRequired' - immutable: true - # Not a hard API default, but this should help avoid a unset/true/false - # trinary. - default_value: false + output: true + - name: 'specificReservationRequired' + type: Boolean description: | When set to true, only VMs that target this reservation by name can consume this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false. - - !ruby/object:Api::Type::String - name: 'status' - output: true + immutable: true + # Not a hard API default, but this should help avoid a unset/true/false + # trinary. + default_value: false + - name: 'status' + type: String description: | The status of the reservation. - - !ruby/object:Api::Type::NestedObject - name: 'shareSettings' + output: true + - name: 'shareSettings' + type: NestedObject description: | The share setting for reservations. - default_from_api: true ignore_read: true + default_from_api: true properties: - - !ruby/object:Api::Type::Enum - name: 'shareType' - values: - - :LOCAL - - :SPECIFIC_PROJECTS + - name: 'shareType' + type: Enum description: | Type of sharing for this shared-reservation - default_from_api: true immutable: true - - !ruby/object:Api::Type::Map - name: 'projectMap' + default_from_api: true + enum_values: + - 'LOCAL' + - 'SPECIFIC_PROJECTS' + - name: 'projectMap' + type: Map description: | A map of project number and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. - key_name: id + key_name: 'id' key_description: | The project id/number which is deleting or adding to the project list. - value_type: !ruby/object:Api::Type::NestedObject + value_type: name: projectConfig + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | The project id/number, should be same as the key of this project config in the project map. - - !ruby/object:Api::Type::NestedObject - name: 'specificReservation' - required: true + - name: 'specificReservation' + type: NestedObject description: | Reservation for instances with specific machine shapes. - update_verb: :POST + required: true update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}/resize' + update_verb: 'POST' properties: - - !ruby/object:Api::Type::Integer - name: 'count' - required: true + - name: 'count' + type: Integer description: | The number of resources that are allocated. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: function: 'validation.IntAtLeast(1)' - - !ruby/object:Api::Type::Integer - name: 'inUseCount' - output: true + - name: 'inUseCount' + type: Integer description: | How many instances are in use. - - !ruby/object:Api::Type::NestedObject - name: 'instanceProperties' - required: true - immutable: true + output: true + - name: 'instanceProperties' + type: NestedObject description: | The instance properties for the reservation. + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'machineType' - required: true - immutable: true + - name: 'machineType' + type: String description: | The name of the machine type to reserve. - - !ruby/object:Api::Type::String - name: 'minCpuPlatform' + required: true immutable: true + - name: 'minCpuPlatform' + type: String description: | The minimum CPU platform for the reservation. For example, `"Intel Skylake"`. See the CPU platform availability reference](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones) for information on available CPU platforms. + immutable: true default_from_api: true - - !ruby/object:Api::Type::Array - name: 'guestAccelerators' + - name: 'guestAccelerators' + type: Array description: | Guest accelerator type and count. immutable: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'acceleratorType' - required: true - immutable: true + - name: 'acceleratorType' + type: String description: | The full or partial URL of the accelerator type to attach to this instance. For example: `projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100` If you are creating an instance template, specify only the accelerator name. - - !ruby/object:Api::Type::Integer - name: 'acceleratorCount' required: true immutable: true + - name: 'acceleratorCount' + type: Integer description: | The number of the guest accelerator cards exposed to this instance. - - !ruby/object:Api::Type::Array - name: 'localSsds' - immutable: true + required: true + immutable: true + - name: 'localSsds' + type: Array description: | The amount of local ssd to reserve with each instance. This reserves disks of type `local-ssd`. - item_type: !ruby/object:Api::Type::NestedObject + immutable: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'interface' - immutable: true - default_value: :SCSI - values: - - :SCSI - - :NVME + - name: 'interface' + type: Enum description: | The disk interface to use for attaching this disk. - - !ruby/object:Api::Type::Integer - name: 'diskSizeGb' - required: true immutable: true + default_value: "SCSI" + enum_values: + - 'SCSI' + - 'NVME' + - name: 'diskSizeGb' + type: Integer description: | The size of the disk in base-2 GB. + required: true + immutable: true diff --git a/mmv1/products/compute/ResizeRequest.yaml b/mmv1/products/compute/ResizeRequest.yaml index bdc6bbbe6349..80fc2e19e459 100644 --- a/mmv1/products/compute/ResizeRequest.yaml +++ b/mmv1/products/compute/ResizeRequest.yaml @@ -12,413 +12,400 @@ # limitations under the License. --- -!ruby/object:Api::Resource -name: "ResizeRequest" -kind: "compute#instanceGroupManagerResizeRequest" +name: 'ResizeRequest' +kind: 'compute#instanceGroupManagerResizeRequest' description: | Represents a Managed Instance Group Resize Request Resize Requests are the Managed Instance Group implementation of Dynamic Workload Scheduler Flex Start. With Dynamic Workload Scheduler in Flex Start mode, you submit a GPU capacity request for your AI/ML jobs by indicating how many you need, a duration, and your preferred region. Dynamic Workload Scheduler intelligently persists the request; once the capacity becomes available, it automatically provisions your VMs enabling your workloads to run continuously for the entire duration of the capacity allocation. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: # Link to quickstart in the API's Guides section. For example: # 'Create and connect to a database': 'https://cloud.google.com/alloydb/docs/quickstart/create-and-connect' - "QUICKSTART_TITLE": "https://cloud.google.com/compute/docs/instance-groups/create-resize-requests-mig" + 'QUICKSTART_TITLE': 'https://cloud.google.com/compute/docs/instance-groups/create-resize-requests-mig' # Link to the REST API reference for the resource. For example, # https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.backups - api: "https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagerResizeRequests" - -immutable: true - + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagerResizeRequests' +docs: ### List Method ### -base_url: "projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests" - +base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests' ### Get Method -self_link: "projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests/{{name}}" - -### Create Method ### -# Get method with a post -create_verb: :POST - -### Update method ### -# Resize requests are currently not update-able - -### Delete Method ### -# Custom delete method to handle resize request cancellations vs. deletions. -# If a resize request is in the ACCEPTED state, it must be canceled before it can be -# deleted. If a resize request is NOT in the ACCEPTED state, it can be directly deleted. -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/compute_mig_resize_request_delete.go.erb - +self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests/{{name}}' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 # Sets parameters for handling operations returned by the API. -async: !ruby/object:Api::OpAsync +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' # Overrides which API calls return operations. Default: ['create', # 'update', 'delete'] # actions: ['create', 'update', 'delete'] - operation: !ruby/object:Api::OpAsync::Operation - kind: "compute#operation" - path: "name" + operation: base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result - path: "targetLink" - status: !ruby/object:Api::OpAsync::Status - path: "status" - complete: "DONE" - allowed: - - "PENDING" - - "RUNNING" - - "DONE" - error: !ruby/object:Api::OpAsync::Error - path: "error/errors" - message: "message" + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +### Update method ### +# Resize requests are currently not update-able +### Delete Method ### +# Custom delete method to handle resize request cancellations vs. deletions. +# If a resize request is in the ACCEPTED state, it must be canceled before it can be +# deleted. If a resize request is NOT in the ACCEPTED state, it can be directly deleted. +custom_code: + custom_delete: 'templates/terraform/custom_delete/compute_mig_resize_request_delete.go.tmpl' +# Examples for testing +examples: + - name: 'compute_mig_resize_request' + primary_resource_id: 'a3_resize_request' + vars: + resize_request_name: 'a3-dws' # Resize request parameters injected via URL parameters: - - !ruby/object:Api::Type::ResourceRef - name: "zone" - resource: "Zone" - imports: "name" + - name: 'zone' + type: ResourceRef description: | Name of the compute zone scoping this request. Name should conform to RFC1035. - required: true url_param_only: true - - !ruby/object:Api::Type::ResourceRef - name: "instanceGroupManager" - resource: "InstanceGroupManager" - imports: "name" + required: true + resource: 'Zone' + imports: 'name' + - name: 'instanceGroupManager' + type: ResourceRef description: | The name of the managed instance group. The name should conform to RFC1035 or be a resource ID. Authorization requires the following IAM permission on the specified resource instanceGroupManager: *compute.instanceGroupManagers.update - required: true url_param_only: true - + required: true + resource: 'InstanceGroupManager' + imports: 'name' # Non-URL parameters including input and output parameters properties: - - !ruby/object:Api::Type::Time - name: "creationTimestamp" + - name: 'creationTimestamp' + type: Time description: | The creation timestamp for this resize request in RFC3339 text format. output: true - - !ruby/object:Api::Type::Enum - name: "state" + - name: 'state' + type: Enum description: | [Output only] Current state of the request. - values: - - :CREATING - - :ACCEPTED - - :FAILED - - :SUCCEEDED - - :CANCELLED output: true - - !ruby/object:Api::Type::String - name: "name" + enum_values: + - 'CREATING' + - 'ACCEPTED' + - 'FAILED' + - 'SUCCEEDED' + - 'CANCELLED' + - name: 'name' + type: String description: | The name of this resize request. The name must be 1-63 characters long, and comply with RFC1035. required: true - - !ruby/object:Api::Type::String - name: "description" + - name: 'description' + type: String description: | An optional description of this resize-request. - - !ruby/object:Api::Type::Integer - name: "resizeBy" + - name: 'resizeBy' + type: Integer description: | The number of instances to be created by this resize request. The group's target size will be increased by this number. required: true - - !ruby/object:Api::Type::NestedObject - name: "requestedRunDuration" + - name: 'requestedRunDuration' + type: NestedObject description: | Requested run duration for instances that will be created by this request. At the end of the run duration instance will be deleted. properties: - - !ruby/object:Api::Type::String - name: "seconds" + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years required: true - - !ruby/object:Api::Type::Integer - name: "nanos" + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::NestedObject - name: "status" + - name: 'status' + type: NestedObject description: | [Output only] Status of the request. output: true properties: # Status.error - - !ruby/object:Api::Type::NestedObject - name: "error" - output: true + - name: 'error' + type: NestedObject description: | [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "errors" - output: true + - name: 'errors' + type: NestedObject description: | [Output Only] The array of errors encountered while processing this operation. + output: true properties: - - !ruby/object:Api::Type::String - name: "code" - output: true + - name: 'code' + type: String description: | [Output Only] The error type identifier for this error. - - !ruby/object:Api::Type::String - name: "location" output: true + - name: 'location' + type: String description: | Output Only] Indicates the field in the request that caused the error. This property is optional. - - !ruby/object:Api::Type::String - name: "message" output: true + - name: 'message' + type: String description: | [Output Only] An optional, human-readable error message. - - !ruby/object:Api::Type::NestedObject - name: "errorDetails" output: true + - name: 'errorDetails' + type: NestedObject description: | [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "errorInfo" - output: true + - name: 'errorInfo' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "reason" - output: true + - name: 'reason' + type: String description: | The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. - - !ruby/object:Api::Type::String - name: "domain" output: true + - name: 'domain' + type: String description: | The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". - - !ruby/object:Api::Type::KeyValuePairs - name: "metadatas" output: true + - name: 'metadatas' + type: KeyValuePairs description: | Additional structured details about this error. Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. - - !ruby/object:Api::Type::NestedObject - name: "quotaInfo" - output: true + output: true + - name: 'quotaInfo' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "metricName" - output: true + - name: 'metricName' + type: String description: | The Compute Engine quota metric name. - - !ruby/object:Api::Type::String - name: "limitName" output: true + - name: 'limitName' + type: String description: | The name of the quota limit. - - !ruby/object:Api::Type::KeyValuePairs - name: "dimensions" output: true + - name: 'dimensions' + type: KeyValuePairs description: | The map holding related quota dimensions - - !ruby/object:Api::Type::Integer - name: "limit" output: true + - name: 'limit' + type: Integer description: | Current effective quota limit. The limit's unit depends on the quota type or metric. - - !ruby/object:Api::Type::Integer - name: "futureLimit" output: true + - name: 'futureLimit' + type: Integer description: | Future quota limit being rolled out. The limit's unit depends on the quota type or metric. - - !ruby/object:Api::Type::String - name: "rolloutStatus" output: true + - name: 'rolloutStatus' + type: String description: | Rollout status of the future quota limit. - - !ruby/object:Api::Type::NestedObject - name: "help" - output: true + output: true + - name: 'help' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "links" - output: true + - name: 'links' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "description" - output: true + - name: 'description' + type: String description: | Describes what the link offers. - - !ruby/object:Api::Type::String - name: "url" output: true + - name: 'url' + type: String description: | The URL of the link. - - !ruby/object:Api::Type::NestedObject - name: "localizedMessage" - output: true + output: true + - name: 'localizedMessage' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "locale" - output: true + - name: 'locale' + type: String description: | The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" - - !ruby/object:Api::Type::String - name: "message" output: true + - name: 'message' + type: String description: | The localized error message in the above locale. + output: true # Status.lastAttempt - - !ruby/object:Api::Type::NestedObject - name: "lastAttempt" - output: true + - name: 'lastAttempt' + type: NestedObject description: | [Output only] Information about the last attempt to fulfill the request. The value is temporary since the ResizeRequest can retry, as long as it's still active and the last attempt value can either be cleared or replaced with a different error. Since ResizeRequest retries infrequently, the value may be stale and no longer show an active problem. The value is cleared when ResizeRequest transitions to the final state (becomes inactive). If the final state is FAILED the error describing it will be storred in the "error" field only. + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "error" - output: true + - name: 'error' + type: NestedObject description: | [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "errors" - output: true + - name: 'errors' + type: NestedObject description: | [Output Only] The array of errors encountered while processing this operation. + output: true properties: - - !ruby/object:Api::Type::String - name: "code" - output: true + - name: 'code' + type: String description: | [Output Only] The error type identifier for this error. - - !ruby/object:Api::Type::String - name: "location" output: true + - name: 'location' + type: String description: | Output Only] Indicates the field in the request that caused the error. This property is optional. - - !ruby/object:Api::Type::String - name: "message" output: true + - name: 'message' + type: String description: | [Output Only] An optional, human-readable error message. - - !ruby/object:Api::Type::NestedObject - name: "errorDetails" output: true + - name: 'errorDetails' + type: NestedObject description: | [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "errorInfo" - output: true + - name: 'errorInfo' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "reason" - output: true + - name: 'reason' + type: String description: | The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. - - !ruby/object:Api::Type::String - name: "domain" output: true + - name: 'domain' + type: String description: | The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". - - !ruby/object:Api::Type::KeyValuePairs - name: "metadatas" output: true + - name: 'metadatas' + type: KeyValuePairs description: | Additional structured details about this error. Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. - - !ruby/object:Api::Type::NestedObject - name: "quotaInfo" - output: true + output: true + - name: 'quotaInfo' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "metricName" - output: true + - name: 'metricName' + type: String description: | The Compute Engine quota metric name. - - !ruby/object:Api::Type::String - name: "limitName" output: true + - name: 'limitName' + type: String description: | The name of the quota limit. - - !ruby/object:Api::Type::KeyValuePairs - name: "dimensions" output: true + - name: 'dimensions' + type: KeyValuePairs description: | The map holding related quota dimensions - - !ruby/object:Api::Type::Integer - name: "limit" output: true + - name: 'limit' + type: Integer description: | Current effective quota limit. The limit's unit depends on the quota type or metric. - - !ruby/object:Api::Type::Integer - name: "futureLimit" output: true + - name: 'futureLimit' + type: Integer description: | Future quota limit being rolled out. The limit's unit depends on the quota type or metric. - - !ruby/object:Api::Type::String - name: "rolloutStatus" output: true + - name: 'rolloutStatus' + type: String description: | Rollout status of the future quota limit. - - !ruby/object:Api::Type::NestedObject - name: "help" - output: true + output: true + - name: 'help' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::NestedObject - name: "links" - output: true + - name: 'links' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "description" - output: true + - name: 'description' + type: String description: | Describes what the link offers. - - !ruby/object:Api::Type::String - name: "url" output: true + - name: 'url' + type: String description: | The URL of the link. - - !ruby/object:Api::Type::NestedObject - name: "localizedMessage" - output: true + output: true + - name: 'localizedMessage' + type: NestedObject description: | [Output Only] + output: true properties: - - !ruby/object:Api::Type::String - name: "locale" - output: true + - name: 'locale' + type: String description: | The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" - - !ruby/object:Api::Type::String - name: "message" output: true + - name: 'message' + type: String description: | The localized error message in the above locale. - -#Examples for testing -examples: - - !ruby/object:Provider::Terraform::Examples - name: "compute_mig_resize_request" - primary_resource_id: "a3_resize_request" - vars: - resize_request_name: a3-dws + output: true diff --git a/mmv1/products/compute/ResourcePolicy.yaml b/mmv1/products/compute/ResourcePolicy.yaml index 00e649978c64..de3eaecdce61 100644 --- a/mmv1/products/compute/ResourcePolicy.yaml +++ b/mmv1/products/compute/ResourcePolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,96 +11,89 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ResourcePolicy' kind: 'compute#resourcePolicy' -base_url: projects/{{project}}/regions/{{region}}/resourcePolicies -has_self_link: true -update_verb: :PATCH -update_url: projects/{{project}}/regions/{{region}}/resourcePolicies/{{name}} -collection_url_key: 'items' description: | A policy that can be attached to a resource to specify or schedule actions on that resource. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/compute/docs/reference/rest/v1/resourcePolicies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/resourcePolicies' +has_self_link: true +update_url: 'projects/{{project}}/regions/{{region}}/resourcePolicies/{{name}}' +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/compute_resource_policy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_basic' + - name: 'resource_policy_basic' primary_resource_id: 'foo' vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_hourly_format' + - name: 'resource_policy_hourly_format' primary_resource_id: 'foo' - skip_docs: true vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_full' + exclude_docs: true + - name: 'resource_policy_full' primary_resource_id: 'bar' vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_placement_policy' + - name: 'resource_policy_placement_policy' primary_resource_id: 'baz' vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_placement_policy_max_distance' - min_version: 'beta' + - name: 'resource_policy_placement_policy_max_distance' primary_resource_id: 'baz' + min_version: 'beta' vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_instance_schedule_policy' + - name: 'resource_policy_instance_schedule_policy' primary_resource_id: 'hourly' vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_snapshot_schedule_chain_name' + - name: 'resource_policy_snapshot_schedule_chain_name' primary_resource_id: 'hourly' vars: name: 'gce-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'resource_policy_consistency_group' + - name: 'resource_policy_consistency_group' primary_resource_id: 'cgroup' vars: name: 'gce-policy' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/compute_resource_policy.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: region - resource: Region - imports: name + - name: 'region' + type: ResourceRef description: Region where resource policy resides. - immutable: true required: false + immutable: true ignore_read: true default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply @@ -109,268 +102,271 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::NestedObject - name: 'snapshotSchedulePolicy' - conflicts: - - 'group_placement_policy' - - 'instance_schedule_policy' - - 'disk_consistency_group_policy' + - name: 'snapshotSchedulePolicy' + type: NestedObject description: | Policy for creating snapshots of persistent disks. + conflicts: + - group_placement_policy + - instance_schedule_policy + - disk_consistency_group_policy properties: - - !ruby/object:Api::Type::NestedObject - name: 'schedule' + - name: 'schedule' + type: NestedObject description: | Contains one of an `hourlySchedule`, `dailySchedule`, or `weeklySchedule`. required: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'hourlySchedule' + - name: 'hourlySchedule' + type: NestedObject description: | The policy will execute every nth hour starting at the specified time. exactly_one_of: - - snapshot_schedule_policy.0.schedule.0.hourly_schedule - - snapshot_schedule_policy.0.schedule.0.daily_schedule - - snapshot_schedule_policy.0.schedule.0.weekly_schedule + - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' + - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' + - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' properties: - - !ruby/object:Api::Type::Integer - name: 'hoursInCycle' + - name: 'hoursInCycle' + type: Integer description: | The number of hours between snapshots. required: true - - !ruby/object:Api::Type::String - name: 'startTime' + - name: 'startTime' + type: String description: | Time within the window to start the operations. It must be in an hourly format "HH:MM", where HH : [00-23] and MM : [00] GMT. eg: 21:00 required: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'verify.ValidateHourlyOnly' diff_suppress_func: 'HourlyFormatSuppressDiff' - - !ruby/object:Api::Type::NestedObject - name: 'dailySchedule' + validation: + function: 'verify.ValidateHourlyOnly' + - name: 'dailySchedule' + type: NestedObject description: | The policy will execute every nth day at the specified time. exactly_one_of: - - snapshot_schedule_policy.0.schedule.0.hourly_schedule - - snapshot_schedule_policy.0.schedule.0.daily_schedule - - snapshot_schedule_policy.0.schedule.0.weekly_schedule + - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' + - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' + - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' properties: - - !ruby/object:Api::Type::Integer - name: 'daysInCycle' + - name: 'daysInCycle' + type: Integer description: | Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle. Days in cycle for snapshot schedule policy must be 1. required: true - - !ruby/object:Api::Type::String - name: 'startTime' + - name: 'startTime' + type: String description: | This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid. required: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'verify.ValidateHourlyOnly' diff_suppress_func: 'HourlyFormatSuppressDiff' - - !ruby/object:Api::Type::NestedObject - name: 'weeklySchedule' + validation: + function: 'verify.ValidateHourlyOnly' + - name: 'weeklySchedule' + type: NestedObject description: | Allows specifying a snapshot time for each day of the week. exactly_one_of: - - snapshot_schedule_policy.0.schedule.0.hourly_schedule - - snapshot_schedule_policy.0.schedule.0.daily_schedule - - snapshot_schedule_policy.0.schedule.0.weekly_schedule + - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' + - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' + - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' properties: - - !ruby/object:Api::Type::Array - name: 'dayOfWeeks' + - name: 'dayOfWeeks' + type: Array description: | May contain up to seven (one for each day of the week) snapshot times. - required: true - min_size: 1 - max_size: 7 is_set: true - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'startTime' + - name: 'startTime' + type: String description: | Time within the window to start the operations. It must be in format "HH:MM", where HH : [00-23] and MM : [00-00] GMT. required: true - - !ruby/object:Api::Type::Enum - name: 'day' + - name: 'day' + type: Enum description: | The day of the week to create the snapshot. e.g. MONDAY required: true - values: - - :MONDAY - - :TUESDAY - - :WEDNESDAY - - :THURSDAY - - :FRIDAY - - :SATURDAY - - :SUNDAY - - !ruby/object:Api::Type::NestedObject - name: 'retentionPolicy' + enum_values: + - 'MONDAY' + - 'TUESDAY' + - 'WEDNESDAY' + - 'THURSDAY' + - 'FRIDAY' + - 'SATURDAY' + - 'SUNDAY' + min_size: 1 + max_size: 7 + - name: 'retentionPolicy' + type: NestedObject description: | Retention policy applied to snapshots created by this resource policy. properties: - - !ruby/object:Api::Type::Integer - name: 'maxRetentionDays' + - name: 'maxRetentionDays' + type: Integer description: | Maximum age of the snapshot that is allowed to be kept. required: true - - !ruby/object:Api::Type::Enum - name: 'onSourceDiskDelete' + - name: 'onSourceDiskDelete' + type: Enum description: | Specifies the behavior to apply to scheduled snapshots when the source disk is deleted. - default_value: :KEEP_AUTO_SNAPSHOTS - values: - - :KEEP_AUTO_SNAPSHOTS - - :APPLY_RETENTION_POLICY - - !ruby/object:Api::Type::NestedObject - name: 'snapshotProperties' + default_value: "KEEP_AUTO_SNAPSHOTS" + enum_values: + - 'KEEP_AUTO_SNAPSHOTS' + - 'APPLY_RETENTION_POLICY' + - name: 'snapshotProperties' + type: NestedObject description: | Properties with which the snapshots are created, such as labels. properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' - at_least_one_of: - - snapshot_schedule_policy.0.snapshot_properties.0.labels - - snapshot_schedule_policy.0.snapshot_properties.0.storage_locations - - snapshot_schedule_policy.0.snapshot_properties.0.guest_flush + - name: 'labels' + type: KeyValuePairs description: | A set of key-value pairs. - - !ruby/object:Api::Type::Array - name: 'storageLocations' at_least_one_of: - - snapshot_schedule_policy.0.snapshot_properties.0.labels - - snapshot_schedule_policy.0.snapshot_properties.0.storage_locations - - snapshot_schedule_policy.0.snapshot_properties.0.guest_flush - max_size: 1 + - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' + - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' + - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' + - name: 'storageLocations' + type: Array description: | Cloud Storage bucket location to store the auto snapshot (regional or multi-regional) is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'guestFlush' - send_empty_value: true at_least_one_of: - - snapshot_schedule_policy.0.snapshot_properties.0.labels - - snapshot_schedule_policy.0.snapshot_properties.0.storage_locations - - snapshot_schedule_policy.0.snapshot_properties.0.guest_flush + - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' + - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' + - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' + item_type: + type: String + max_size: 1 + - name: 'guestFlush' + type: Boolean description: | Whether to perform a 'guest aware' snapshot. - - !ruby/object:Api::Type::String - name: 'chainName' + send_empty_value: true + at_least_one_of: + - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' + - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' + - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' + - name: 'chainName' + type: String description: | Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. - - !ruby/object:Api::Type::NestedObject - name: 'groupPlacementPolicy' - conflicts: - - 'instance_schedule_policy' - - 'snapshot_schedule_policy' - - 'disk_consistency_group_policy' + - name: 'groupPlacementPolicy' + type: NestedObject description: | Resource policy for instances used for placement configuration. + conflicts: + - instance_schedule_policy + - snapshot_schedule_policy + - disk_consistency_group_policy properties: - - !ruby/object:Api::Type::Integer - name: 'vmCount' + - name: 'vmCount' + type: Integer description: | Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs. - - !ruby/object:Api::Type::Integer - name: 'availabilityDomainCount' + - name: 'availabilityDomainCount' + type: Integer description: | The number of availability domains instances will be spread across. If two instances are in different availability domain, they will not be put in the same low latency network - - !ruby/object:Api::Type::Enum - name: 'collocation' + - name: 'collocation' + type: Enum description: | Collocation specifies whether to place VMs inside the same availability domain on the same low-latency network. Specify `COLLOCATED` to enable collocation. Can only be specified with `vm_count`. If compute instances are created with a COLLOCATED policy, then exactly `vm_count` instances must be created at the same time with the resource policy attached. - values: - - :COLLOCATED - - !ruby/object:Api::Type::Integer - name: 'maxDistance' - min_version: 'beta' + enum_values: + - 'COLLOCATED' + - name: 'maxDistance' + type: Integer description: | Specifies the number of max logical switches. - - !ruby/object:Api::Type::NestedObject - name: 'instanceSchedulePolicy' - conflicts: - - 'snapshot_schedule_policy' - - 'group_placement_policy' - - 'disk_consistency_group_policy' + min_version: 'beta' + - name: 'instanceSchedulePolicy' + type: NestedObject description: | Resource policy for scheduling instance operations. + conflicts: + - snapshot_schedule_policy + - group_placement_policy + - disk_consistency_group_policy properties: - - !ruby/object:Api::Type::NestedObject - name: 'vmStartSchedule' - at_least_one_of: - - instance_schedule_policy.0.vm_start_schedule - - instance_schedule_policy.0.vm_stop_schedule + - name: 'vmStartSchedule' + type: NestedObject description: | Specifies the schedule for starting instances. + at_least_one_of: + - 'instance_schedule_policy.0.vm_start_schedule' + - 'instance_schedule_policy.0.vm_stop_schedule' properties: - - !ruby/object:Api::Type::String - name: 'schedule' + - name: 'schedule' + type: String description: | Specifies the frequency for the operation, using the unix-cron format. required: true - - !ruby/object:Api::Type::NestedObject - name: 'vmStopSchedule' - at_least_one_of: - - instance_schedule_policy.0.vm_start_schedule - - instance_schedule_policy.0.vm_stop_schedule + - name: 'vmStopSchedule' + type: NestedObject description: | Specifies the schedule for stopping instances. + at_least_one_of: + - 'instance_schedule_policy.0.vm_start_schedule' + - 'instance_schedule_policy.0.vm_stop_schedule' properties: - - !ruby/object:Api::Type::String - name: 'schedule' + - name: 'schedule' + type: String description: | Specifies the frequency for the operation, using the unix-cron format. required: true - - !ruby/object:Api::Type::String - name: 'timeZone' + - name: 'timeZone' + type: String description: | Specifies the time zone to be used in interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. required: true - - !ruby/object:Api::Type::String - name: 'startTime' + - name: 'startTime' + type: String description: | The start time of the schedule. The timestamp is an RFC3339 string. - - !ruby/object:Api::Type::String - name: 'expirationTime' + - name: 'expirationTime' + type: String description: | The expiration time of the schedule. The timestamp is an RFC3339 string. - - !ruby/object:Api::Type::NestedObject - name: 'diskConsistencyGroupPolicy' - conflicts: - - 'snapshot_schedule_policy' - - 'group_placement_policy' - - 'instance_schedule_policy' + - name: 'diskConsistencyGroupPolicy' + type: NestedObject description: | Replication consistency group for asynchronous disk replication. send_empty_value: true + conflicts: + - snapshot_schedule_policy + - group_placement_policy + - instance_schedule_policy + custom_flatten: 'templates/terraform/custom_flatten/disk_consistency_group_policy.tmpl' + custom_expand: 'templates/terraform/custom_expand/disk_consistency_group_policy.tmpl' properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' - immutable: true - required: true + - name: 'enabled' + type: Boolean description: | Enable disk consistency on the resource policy. - custom_expand: 'templates/terraform/custom_expand/disk_consistency_group_policy.erb' - custom_flatten: 'templates/terraform/custom_flatten/disk_consistency_group_policy.erb' + required: true + immutable: true diff --git a/mmv1/products/compute/Route.yaml b/mmv1/products/compute/Route.yaml index 9578b50bdee6..0c53770cd87c 100644 --- a/mmv1/products/compute/Route.yaml +++ b/mmv1/products/compute/Route.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Route' kind: 'compute#route' -base_url: projects/{{project}}/global/routes -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a Route resource. @@ -42,39 +38,53 @@ description: | nextHopGateway, nextHopInstance, nextHopIp, nextHopVpnTunnel, or nextHopIlb. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using Routes': 'https://cloud.google.com/vpc/docs/using-routes' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routes' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: + optional_properties: | + * `next_hop_instance_zone` - (Optional when `next_hop_instance` is + specified) The zone of the instance specified in + `next_hop_instance`. Omit if `next_hop_instance` is specified as + a URL. +base_url: 'projects/{{project}}/global/routes' +has_self_link: true +immutable: true +mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' -error_retry_predicates: ['transport_tpg.IsPeeringOperationInProgress'] +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/route.tmpl' + constants: 'templates/terraform/constants/compute_route.go.tmpl' + decoder: 'templates/terraform/decoders/route.tmpl' +error_retry_predicates: + + - 'transport_tpg.IsPeeringOperationInProgress' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'route_basic' + - name: 'route_basic' primary_resource_id: 'default' vars: route_name: 'network-route' network_name: 'compute-network' - - !ruby/object:Provider::Terraform::Examples - name: 'route_ilb' + - name: 'route_ilb' primary_resource_id: 'route-ilb' vars: network_name: 'compute-network' @@ -83,10 +93,9 @@ examples: health_check_name: 'proxy-health-check' backend_name: 'compute-backend' route_name: 'route-ilb' - - !ruby/object:Provider::Terraform::Examples - name: 'route_ilb_vip' + - name: 'route_ilb_vip' primary_resource_id: 'route-ilb' - min_version: beta + min_version: 'beta' vars: producer_name: 'producer' consumer_name: 'consumer' @@ -94,30 +103,21 @@ examples: health_check_name: 'proxy-health-check' backend_name: 'compute-backend' route_name: 'route-ilb' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/compute_route.go.erb - decoder: templates/terraform/decoders/route.erb - extra_schema_entry: templates/terraform/extra_schema_entry/route.erb -docs: !ruby/object:Provider::Terraform::Docs - optional_properties: | - * `next_hop_instance_zone` - (Optional when `next_hop_instance` is - specified) The zone of the instance specified in - `next_hop_instance`. Omit if `next_hop_instance` is specified as - a URL. +parameters: properties: - - !ruby/object:Api::Type::String - name: 'destRange' + - name: 'destRange' + type: String description: | The destination range of outgoing packets that this route applies to. Only IPv4 is supported. required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -127,19 +127,19 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: 'The network that this route applies to.' - immutable: true required: true + immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'priority' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'priority' + type: Integer description: | The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. @@ -149,24 +149,18 @@ properties: Default value is 1000. Valid range is 0 through 65535. immutable: true - default_value: 1000 send_empty_value: true - - !ruby/object:Api::Type::Array - name: 'tags' + default_value: 1000 + - name: 'tags' + type: Array description: 'A list of instance tags to which this route applies.' - immutable: true - custom_expand: templates/terraform/custom_expand/set_to_list.erb is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'nextHopGateway' immutable: true - exactly_one_of: - - next_hop_gateway - - next_hop_instance - - next_hop_ip - - next_hop_vpn_tunnel - - next_hop_ilb + custom_expand: 'templates/terraform/custom_expand/set_to_list.tmpl' + item_type: + type: String + - name: 'nextHopGateway' + type: String description: | URL to a gateway that should handle matching packets. Currently, you can only specify the internet gateway, using a full or @@ -175,19 +169,17 @@ properties: * `projects/project/global/gateways/default-internet-gateway` * `global/gateways/default-internet-gateway` * The string `default-internet-gateway`. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: templates/terraform/custom_expand/route_gateway.erb - - !ruby/object:Api::Type::ResourceRef - name: 'nextHopInstance' - resource: 'Instance' - imports: 'selfLink' immutable: true exactly_one_of: - - next_hop_gateway - - next_hop_instance - - next_hop_ip - - next_hop_vpn_tunnel - - next_hop_ilb + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + custom_expand: 'templates/terraform/custom_expand/route_gateway.tmpl' + - name: 'nextHopInstance' + type: ResourceRef description: | URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: @@ -195,40 +187,67 @@ properties: * `projects/project/zones/zone/instances/instance` * `zones/zone/instances/instance` * Just the instance name, with the zone in `next_hop_instance_zone`. - custom_expand: templates/terraform/custom_expand/route_instance.erb - - !ruby/object:Api::Type::String - name: 'nextHopIp' - description: | - Network IP address of an instance that should handle matching packets. immutable: true exactly_one_of: - - next_hop_gateway - - next_hop_instance - - next_hop_ip - - next_hop_vpn_tunnel - - next_hop_ilb - default_from_api: true - - !ruby/object:Api::Type::ResourceRef - name: 'nextHopVpnTunnel' - resource: 'VpnTunnel' + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + custom_expand: 'templates/terraform/custom_expand/route_instance.tmpl' + resource: 'Instance' imports: 'selfLink' + - name: 'nextHopIp' + type: String + description: | + Network IP address of an instance that should handle matching packets. immutable: true + default_from_api: true exactly_one_of: - - next_hop_gateway - - next_hop_instance - - next_hop_ip - - next_hop_vpn_tunnel - - next_hop_ilb + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + - name: 'nextHopVpnTunnel' + type: ResourceRef description: | URL to a VpnTunnel that should handle matching packets. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'nextHopNetwork' - output: true + immutable: true + exactly_one_of: + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'VpnTunnel' + imports: 'selfLink' + - name: 'nextHopNetwork' + type: String description: | URL to a Network that should handle matching packets. - - !ruby/object:Api::Type::String - name: 'nextHopIlb' + output: true + - name: 'nextHopOrigin' + type: String + description: | + Indicates the origin of the route. Can be IGP (Interior Gateway Protocol), EGP (Exterior Gateway Protocol), or INCOMPLETE. + min_version: 'beta' + output: true + - name: 'nextHopMed' + type: String + description: | + Multi-Exit Discriminator, a BGP route metric that indicates the desirability of a particular route in a network. + min_version: 'beta' + output: true + - name: 'nextHopInterRegionCost' + type: String + description: | + Internal fixed region-to-region cost that Google Cloud calculates based on factors such as network performance, distance, and available bandwidth between regions. + min_version: 'beta' + output: true + - name: 'nextHopIlb' + type: String description: | The IP address or URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching @@ -248,9 +267,9 @@ properties: a public (non-RFC 1918) IP CIDR range. immutable: true exactly_one_of: - - next_hop_gateway - - next_hop_instance - - next_hop_ip - - next_hop_vpn_tunnel - - next_hop_ilb + - 'next_hop_gateway' + - 'next_hop_instance' + - 'next_hop_ip' + - 'next_hop_vpn_tunnel' + - 'next_hop_ilb' diff_suppress_func: 'CompareIpAddressOrSelfLinkOrResourceName' diff --git a/mmv1/products/compute/Router.yaml b/mmv1/products/compute/Router.yaml index 0c0cf6482500..b152c433bd8a 100644 --- a/mmv1/products/compute/Router.yaml +++ b/mmv1/products/compute/Router.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,81 +11,79 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Router' kind: 'compute#router' -base_url: projects/{{project}}/regions/{{region}}/routers -collection_url_key: 'items' -# Since Terraform has separate resources for router, router interface, and -# router peer, calling PUT on the router will delete the interface and peer. -# Use patch instead. -update_verb: :PATCH -has_self_link: true description: | Represents a Router resource. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Google Cloud Router': 'https://cloud.google.com/router/docs/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/routers' +has_self_link: true +# Since Terraform has separate resources for router, router interface, and +# router peer, calling PUT on the router will delete the interface and peer. +# Use patch instead. +update_verb: 'PATCH' +mutex: 'router/{{region}}/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -mutex: router/{{region}}/{{name}} +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/router.go.tmpl' +custom_diff: + - 'resourceComputeRouterCustomDiff' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'router_basic' + - name: 'router_basic' primary_resource_id: 'foobar' vars: router_name: 'my-router' network_name: 'my-network' ignore_read_extra: - - advertisedIpRanges - - !ruby/object:Provider::Terraform::Examples - name: 'compute_router_encrypted_interconnect' + - 'advertisedIpRanges' + - name: 'compute_router_encrypted_interconnect' primary_resource_id: 'encrypted-interconnect-router' vars: router_name: 'test-router' network_name: 'test-network' ignore_read_extra: - - advertisedIpRanges -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/router.go.erb -custom_diff: [ - 'resourceComputeRouterCustomDiff', -] + - 'advertisedIpRanges' parameters: - - !ruby/object:Api::Type::ResourceRef - name: region - resource: Region - imports: name + - name: 'region' + type: ResourceRef description: Region where the router resides. - immutable: true required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -93,19 +91,17 @@ properties: which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - validation: !ruby/object:Provider::Terraform::Validation + immutable: true + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | An optional description of this resource. send_empty_value: true - - !ruby/object:Api::Type::ResourceRef - name: network - resource: Network - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | A reference to the network to which this router belongs. required: true @@ -117,33 +113,35 @@ properties: # these fields to the Terraform resource (and then within that, decide # whether to deprecate router_interface and router_peer or leave them # alone). - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: bgp + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'bgp' + type: NestedObject description: | BGP information specific to this router. send_empty_value: true properties: - - !ruby/object:Api::Type::Integer - name: asn + - name: 'asn' + type: Integer description: | Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateRFC6996Asn' - - !ruby/object:Api::Type::Enum - name: advertiseMode + - name: 'advertiseMode' + type: Enum description: | User-specified flag to indicate which mode to use for advertisement. - values: - - :DEFAULT - - :CUSTOM - default_value: :DEFAULT - - !ruby/object:Api::Type::Array - name: advertisedGroups + default_value: "DEFAULT" + enum_values: + - 'DEFAULT' + - 'CUSTOM' + - name: 'advertisedGroups' + type: Array description: | User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and @@ -152,10 +150,12 @@ properties: blank to advertise no custom groups. This enum field has the one valid value: ALL_SUBNETS - item_type: Api::Type::String # TODO(#324): enum? send_empty_value: true - - !ruby/object:Api::Type::Array - name: advertisedIpRanges + # TODO(#324): enum? + item_type: + type: String + - name: 'advertisedIpRanges' + type: Array description: | User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode @@ -163,23 +163,24 @@ properties: ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. send_empty_value: true - custom_flatten: 'templates/terraform/custom_flatten/compute_router_range.go.erb' - item_type: !ruby/object:Api::Type::NestedObject + custom_flatten: 'templates/terraform/custom_flatten/compute_router_range.go.tmpl' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: range - required: true + - name: 'range' + type: String description: | The IP range to advertise. The value must be a CIDR-formatted string. + required: true send_empty_value: true - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | User-specified description for the IP range. send_empty_value: true - - !ruby/object:Api::Type::Integer - name: keepaliveInterval + - name: 'keepaliveInterval' + type: Integer description: | The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive @@ -192,18 +193,18 @@ properties: between the two peers. If set, this value must be between 20 and 60. The default is 20. default_value: 20 - - !ruby/object:Api::Type::String - name: identifierRange - default_from_api: true + - name: 'identifierRange' + type: String description: | Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this router ID. - - !ruby/object:Api::Type::Boolean - name: encryptedInterconnectRouter - immutable: true + default_from_api: true + - name: 'encryptedInterconnectRouter' + type: Boolean description: | Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). + immutable: true diff --git a/mmv1/products/compute/RouterNat.yaml b/mmv1/products/compute/RouterNat.yaml index 39a77175d0ce..08eff670dde3 100644 --- a/mmv1/products/compute/RouterNat.yaml +++ b/mmv1/products/compute/RouterNat.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,81 +11,86 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RouterNat' -base_url: projects/{{project}}/regions/{{region}}/routers/{{router}} -self_link: projects/{{project}}/regions/{{region}}/routers/{{router}} -create_url: projects/{{project}}/regions/{{region}}/routers/{{router}} -update_url: projects/{{project}}/regions/{{region}}/routers/{{router}} -delete_url: projects/{{project}}/regions/{{region}}/routers/{{router}} -create_verb: :PATCH -update_verb: :PATCH -delete_verb: :PATCH -identity: - - name -collection_url_key: nats -nested_query: !ruby/object:Api::Resource::NestedQuery - modify_by_patch: true - keys: - - nats description: | A NAT service created in a router. ~> **Note:** Recreating a `google_compute_address` that is being used by `google_compute_router_nat` will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` on this address resource to avoid this type of error as shown in the Manual Ips example. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Google Cloud Router': 'https://cloud.google.com/router/docs/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{region}}/{{router}}/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +update_verb: 'PATCH' +delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +delete_verb: 'PATCH' +mutex: 'router/{{region}}/{{router}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'nats' +identity: + - name +nested_query: + keys: + - nats + is_list_of_ids: false + modify_by_patch: true +custom_code: + constants: 'templates/terraform/constants/router_nat.go.tmpl' + encoder: 'templates/terraform/encoders/router_nat_set_initial_nat_ips.go.tmpl' + pre_create: 'templates/terraform/constants/router_nat_validate_action_active_range.go.tmpl' + pre_update: 'templates/terraform/constants/router_nat_validate_action_active_range.go.tmpl' +custom_diff: + - 'resourceComputeRouterNatDrainNatIpsCustomDiff' exclude_tgc: true -id_format: '{{project}}/{{region}}/{{router}}/{{name}}' -mutex: router/{{region}}/{{router}} examples: # These examples are not used to autogenerate tests, as fine-grained # resources do not fit the normal test flow - we need to test deletion # in a test step while parent resource still exists vs in CheckDestroy # when all resources have been deleted. - - !ruby/object:Provider::Terraform::Examples - name: 'router_nat_basic' + - name: 'router_nat_basic' primary_resource_id: 'nat' - skip_test: true vars: router_name: 'my-router' nat_name: 'my-router-nat' network_name: 'my-network' subnet_name: 'my-subnetwork' - - !ruby/object:Provider::Terraform::Examples - name: 'router_nat_manual_ips' + exclude_test: true + - name: 'router_nat_manual_ips' primary_resource_id: 'nat_manual' - skip_test: true vars: router_name: 'my-router' nat_name: 'my-router-nat' network_name: 'my-network' subnet_name: 'my-subnetwork' address_name: 'nat-manual-ip' - - !ruby/object:Provider::Terraform::Examples - name: 'router_nat_rules' + exclude_test: true + - name: 'router_nat_rules' primary_resource_id: 'nat_rules' - skip_test: true vars: router_name: 'my-router' nat_name: 'my-router-nat' @@ -94,11 +99,10 @@ examples: address_name1: 'nat-address1' address_name2: 'nat-address2' address_name3: 'nat-address3' - - !ruby/object:Provider::Terraform::Examples - name: 'router_nat_private' + exclude_test: true + - name: 'router_nat_private' primary_resource_id: 'nat_type' - skip_test: true - min_version: beta + min_version: 'beta' vars: router_name: 'my-router' nat_name: 'my-router-nat' @@ -106,86 +110,103 @@ examples: subnet_name: 'my-subnetwork' hub_name: 'my-hub' spoke_name: 'my-spoke' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/router_nat.go.erb' - pre_create: 'templates/terraform/constants/router_nat_validate_action_active_range.go.erb' - pre_update: 'templates/terraform/constants/router_nat_validate_action_active_range.go.erb' -custom_diff: [ - 'resourceComputeRouterNatDrainNatIpsCustomDiff', -] + exclude_test: true parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'router' - resource: 'Router' - imports: 'name' + - name: 'router' + type: ResourceRef description: | The name of the Cloud Router in which this NAT will be configured. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::ResourceRef - name: region - resource: Region - imports: name + resource: 'Router' + imports: 'name' + - name: 'region' + type: ResourceRef description: Region where the router and NAT reside. - immutable: true - required: false url_param_only: true + required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateRFC1035Name(2, 63)' - - !ruby/object:Api::Type::Enum - name: 'natIpAllocateOption' - required: false + - name: 'natIpAllocateOption' + type: Enum description: | How external IPs should be allocated for this NAT. Valid values are `AUTO_ONLY` for only allowing NAT IPs allocated by Google Cloud Platform, or `MANUAL_ONLY` for only user-allocated NAT IP addresses. - values: - - :MANUAL_ONLY - - :AUTO_ONLY - - !ruby/object:Api::Type::Array - name: 'natIps' + required: false + enum_values: + - 'MANUAL_ONLY' + - 'AUTO_ONLY' + - name: 'initialNatIps' + type: Array + description: | + Self-links of NAT IPs to be used as initial value for creation alongside a RouterNatAddress resource. + Conflicts with natIps and drainNatIps. Only valid if natIpAllocateOption is set to MANUAL_ONLY. + is_set: true + immutable: true + ignore_read: true + send_empty_value: true + conflicts: + - natIps + - drainNatIps + set_hash_func: computeRouterNatIPsHash + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'natIps' + type: Array description: | Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY. If this field is used alongside with a count created list of address resources `google_compute_address.foobar.*.self_link`, the access level resource for the address resource must have a `lifecycle` block with `create_before_destroy = true` so the number of resources can be increased/decreased without triggering the `resourceInUseByAnotherResource` error. - send_empty_value: true is_set: true + default_from_api: true + send_empty_value: true set_hash_func: computeRouterNatIPsHash - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' resource: 'Address' imports: 'selfLink' - description: 'A reference to an address associated with this NAT' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'drainNatIps' + - name: 'drainNatIps' + type: Array description: | A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. - send_empty_value: true is_set: true - item_type: !ruby/object:Api::Type::ResourceRef + default_from_api: true + send_empty_value: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' resource: 'Address' imports: 'selfLink' - description: 'A reference to an address associated with this NAT' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Enum - name: 'sourceSubnetworkIpRangesToNat' - required: true + - name: 'sourceSubnetworkIpRangesToNat' + type: Enum description: | How NAT should be configured per Subnetwork. If `ALL_SUBNETWORKS_ALL_IP_RANGES`, all of the @@ -197,60 +218,64 @@ properties: contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. - values: - - :ALL_SUBNETWORKS_ALL_IP_RANGES - - :ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES - - :LIST_OF_SUBNETWORKS - - !ruby/object:Api::Type::Array - name: subnetwork - api_name: 'subnetworks' - send_empty_value: true + required: true + enum_values: + - 'ALL_SUBNETWORKS_ALL_IP_RANGES' + - 'ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES' + - 'LIST_OF_SUBNETWORKS' + - name: 'subnetwork' + type: Array description: | One or more subnetwork NAT configurations. Only used if `source_subnetwork_ip_ranges_to_nat` is set to `LIST_OF_SUBNETWORKS` + api_name: subnetworks is_set: true + send_empty_value: true set_hash_func: computeRouterNatSubnetworkHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'name' - resource: 'Subnetwork' - imports: 'selfLink' + - name: 'name' + type: ResourceRef description: 'Self-link of subnetwork to NAT' required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'sourceIpRangesToNat' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'sourceIpRangesToNat' + type: Array description: | List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include: `ALL_IP_RANGES`, `LIST_OF_SECONDARY_IP_RANGES`, `PRIMARY_IP_RANGE`. + is_set: true required: true + item_type: + type: String min_size: 1 - is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'secondaryIpRangeNames' + - name: 'secondaryIpRangeNames' + type: Array description: | List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if `LIST_OF_SECONDARY_IP_RANGES` is one of the values in sourceIpRangesToNat is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: minPortsPerVm + item_type: + type: String + - name: 'minPortsPerVm' + type: Integer description: | Minimum number of ports allocated to a VM from this NAT. Defaults to 64 for static port allocation and 32 dynamic port allocation if not set. default_from_api: true - - !ruby/object:Api::Type::Integer - name: maxPortsPerVm + - name: 'maxPortsPerVm' + type: Integer description: | Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled. - - !ruby/object:Api::Type::Boolean - name: enableDynamicPortAllocation + - name: 'enableDynamicPortAllocation' + type: Boolean description: | Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. @@ -261,92 +286,94 @@ properties: Mutually exclusive with enableEndpointIndependentMapping. default_from_api: true send_empty_value: true - - !ruby/object:Api::Type::Integer - name: udpIdleTimeoutSec + - name: 'udpIdleTimeoutSec' + type: Integer description: | Timeout (in seconds) for UDP connections. Defaults to 30s if not set. + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: 30 - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Integer - name: icmpIdleTimeoutSec + - name: 'icmpIdleTimeoutSec' + type: Integer description: | Timeout (in seconds) for ICMP connections. Defaults to 30s if not set. + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: 30 - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Integer - name: tcpEstablishedIdleTimeoutSec + - name: 'tcpEstablishedIdleTimeoutSec' + type: Integer description: | Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set. + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: 1200 - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Integer - name: tcpTransitoryIdleTimeoutSec + - name: 'tcpTransitoryIdleTimeoutSec' + type: Integer description: | Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set. + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: 30 - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Integer - name: tcpTimeWaitTimeoutSec + - name: 'tcpTimeWaitTimeoutSec' + type: Integer description: | Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set. + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' default_value: 120 - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::NestedObject - name: logConfig + - name: 'logConfig' + type: NestedObject description: | Configuration for logging on NAT send_empty_value: true properties: - - !ruby/object:Api::Type::Boolean - name: 'enable' + - name: 'enable' + type: Boolean description: | Indicates whether or not to export logs. required: true - - !ruby/object:Api::Type::Enum - name: 'filter' + - name: 'filter' + type: Enum description: | Specifies the desired filtering of logs on this NAT. required: true - values: - - :ERRORS_ONLY - - :TRANSLATIONS_ONLY - - :ALL - - !ruby/object:Api::Type::Array - name: 'endpointTypes' - immutable: true - min_size: 1 + enum_values: + - 'ERRORS_ONLY' + - 'TRANSLATIONS_ONLY' + - 'ALL' + - name: 'endpointTypes' + type: Array description: | Specifies the endpoint Types supported by the NAT Gateway. Supported values include: `ENDPOINT_TYPE_VM`, `ENDPOINT_TYPE_SWG`, `ENDPOINT_TYPE_MANAGED_PROXY_LB`. + immutable: true default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: rules + item_type: + type: String + min_size: 1 + - name: 'rules' + type: Array description: 'A list of rules associated with this NAT.' - send_empty_value: true is_set: true + send_empty_value: true set_hash_func: computeRouterNatRulesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'ruleNumber' + - name: 'ruleNumber' + type: Integer description: | An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT. required: true send_empty_value: true - validation: !ruby/object:Provider::Terraform::Validation - function: validation.IntBetween(0, 65000) - - !ruby/object:Api::Type::String - name: 'description' + validation: + function: 'validation.IntBetween(0, 65000)' + - name: 'description' + type: String description: 'An optional description of this rule.' - - !ruby/object:Api::Type::String - name: 'match' + - name: 'match' + type: String description: | CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. @@ -361,30 +388,31 @@ properties: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'" required: true - - !ruby/object:Api::Type::NestedObject - name: 'action' + - name: 'action' + type: NestedObject description: 'The action to be enforced for traffic that matches this rule.' default_from_api: true properties: - - !ruby/object:Api::Type::Array - name: 'sourceNatActiveIps' + - name: 'sourceNatActiveIps' + type: Array description: | A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT. is_set: true set_hash_func: computeRouterNatIPsHash - custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.erb' - item_type: !ruby/object:Api::Type::ResourceRef + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'address' - resource: 'Address' - imports: 'selfLink' + type: ResourceRef description: 'A reference to an address associated with this NAT' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'sourceNatDrainIps' + resource: 'Address' + imports: 'selfLink' + - name: 'sourceNatDrainIps' + type: Array description: | A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. @@ -392,75 +420,78 @@ properties: This field is used for public NAT. is_set: true set_hash_func: computeRouterNatIPsHash - custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.erb' - item_type: !ruby/object:Api::Type::ResourceRef + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_ip_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'address' - resource: 'Address' - imports: 'selfLink' + type: ResourceRef description: 'A reference to an address associated with this NAT' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'sourceNatActiveRanges' - min_version: beta + resource: 'Address' + imports: 'selfLink' + - name: 'sourceNatActiveRanges' + type: Array description: | A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT. is_set: true + min_version: 'beta' set_hash_func: computeRouterNatRulesSubnetHash - custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.erb' - item_type: !ruby/object:Api::Type::ResourceRef + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'subnet' - resource: 'Subnetwork' - imports: 'selfLink' + type: ResourceRef description: 'A reference to a subnetwork address associated with this NAT' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'sourceNatDrainRanges' - min_version: beta + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'sourceNatDrainRanges' + type: Array description: | A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT. is_set: true + min_version: 'beta' set_hash_func: computeRouterNatRulesSubnetHash - custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.erb' - item_type: !ruby/object:Api::Type::ResourceRef + custom_flatten: 'templates/terraform/custom_flatten/nat_rules_subnets_set.tmpl' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'subnet' - resource: 'Subnetwork' - imports: 'selfLink' + type: ResourceRef description: 'A reference to a subnetwork address associated with this NAT' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: enableEndpointIndependentMapping + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'enableEndpointIndependentMapping' + type: Boolean description: | Enable endpoint independent mapping. For more information see the [official documentation](https://cloud.google.com/nat/docs/overview#specs-rfcs). default_from_api: true send_empty_value: true - - !ruby/object:Api::Type::Enum - name: 'type' - immutable: true - min_version: beta + - name: 'type' + type: Enum description: | Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If `PUBLIC` NAT used for public IP translation. If `PRIVATE` NAT used for private IP translation. - values: - - :PUBLIC - - :PRIVATE - default_value: :PUBLIC - - !ruby/object:Api::Type::Enum - name: 'autoNetworkTier' + min_version: 'beta' + immutable: true + default_value: "PUBLIC" + enum_values: + - 'PUBLIC' + - 'PRIVATE' + - name: 'autoNetworkTier' + type: Enum description: | The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used. - values: - - :PREMIUM - - :STANDARD default_from_api: true + enum_values: + - 'PREMIUM' + - 'STANDARD' diff --git a/mmv1/products/compute/RouterNatAddress.yaml b/mmv1/products/compute/RouterNatAddress.yaml new file mode 100644 index 000000000000..844896518a5e --- /dev/null +++ b/mmv1/products/compute/RouterNatAddress.yaml @@ -0,0 +1,142 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'RouterNatAddress' +description: | + A resource used to set the list of IP addresses to be used in a NAT service and manage the draining of destroyed IPs. + + ~> **Note:** This resource is to be used alongside a `google_compute_router_nat` resource, + the router nat resource must have no defined `nat_ips` or `drain_nat_ips` parameters, + instead using the `initial_nat_ips` parameter to set at least one IP for the creation of the resource. +references: + guides: + 'Google Cloud Router': 'https://cloud.google.com/router/docs/' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' +docs: +id_format: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/{{router_nat}}' +base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +update_verb: 'PATCH' +delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +delete_verb: 'PATCH' +mutex: 'router/{{region}}/{{router}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: 'projects/{{project}}/regions/{{regions}}/operations/{{op_id}}' + kind: 'compute#operation' + path: 'routerNat' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'nats' +identity: + - routerNat +nested_query: + keys: + - nats + is_list_of_ids: false + modify_by_patch: true +# ToDo: We use a custom code for CREATE since the generated code is erroneously not replacing the generated encoder with the custom one provided +custom_code: + constants: 'templates/terraform/constants/router_nat_address.go.tmpl' + encoder: 'templates/terraform/encoders/router_nat_address_patch_on_create.go.tmpl' + update_encoder: 'templates/terraform/encoders/router_nat_address_update_skip_encoder.go.tmpl' + custom_create: 'templates/terraform/custom_create/router_nat_address_nested_query_create_encoder.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/compute_router_nat_address_delete_nat_ips_only.go.tmpl' +custom_diff: + - 'resourceComputeRouterNatAddressDrainNatIpsCustomDiff' +exclude_tgc: true +examples: + - name: 'router_nat_address_count' + primary_resource_id: 'nat_address' + vars: + router_name: 'my-router' + nat_name: 'my-router-nat' + network_name: 'my-network' + subnet_name: 'my-subnetwork' + address_name: 'nat-manual-ip' + exclude_test: true +parameters: + - name: 'router' + type: ResourceRef + description: | + The name of the Cloud Router in which the referenced NAT service is configured. + url_param_only: true + required: true + immutable: true + resource: 'Router' + imports: 'name' + - name: 'routerNat' + type: ResourceRef + description: | + The name of the Nat service in which this address will be configured. + api_name: name + required: true + immutable: true + resource: 'RouterNat' + imports: 'name' + - name: 'region' + type: ResourceRef + description: Region where the NAT service reside. + url_param_only: true + required: false + immutable: true + default_from_api: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + resource: 'Region' + imports: 'name' +properties: + - name: 'natIps' + type: Array + description: | + Self-links of NAT IPs to be used in a Nat service. Only valid if the referenced RouterNat + natIpAllocateOption is set to MANUAL_ONLY. + is_set: true + required: true + send_empty_value: true + set_hash_func: computeRouterNatIPsHash + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address to be associated with this NAT' + resource: 'Address' + imports: 'selfLink' + - name: 'drainNatIps' + type: Array + description: | + A list of URLs of the IP resources to be drained. These IPs must be + valid static external IPs that have been assigned to the NAT. + is_set: true + send_empty_value: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: + name: 'address' + type: ResourceRef + description: 'A reference to an address associated with this NAT' + resource: 'Address' + imports: 'selfLink' diff --git a/mmv1/products/compute/RouterRoutePolicy.yaml b/mmv1/products/compute/RouterRoutePolicy.yaml index 95c24c7038d9..d3c15564138f 100644 --- a/mmv1/products/compute/RouterRoutePolicy.yaml +++ b/mmv1/products/compute/RouterRoutePolicy.yaml @@ -11,162 +11,180 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'RouterRoutePolicy' -base_url: projects/{{project}}/regions/{{region}}/routers/{{router}} -self_link: projects/{{project}}/regions/{{region}}/routers/{{router}}/getRoutePolicy?policy={{name}} -create_url: projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy -update_url: projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy -delete_url: projects/{{project}}/regions/{{region}}/routers/{{router}}/deleteRoutePolicy?policy={{name}} -create_verb: :POST -update_verb: :POST -update_mask: true -delete_verb: :POST description: A route policy created in a router min_version: 'beta' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Google Cloud Router': 'https://cloud.google.com/router/docs/' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +id_format: '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' +base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' +self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/getRoutePolicy?policy={{name}}' +create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy' +update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy' +update_verb: 'POST' +update_mask: true +delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/deleteRoutePolicy?policy={{name}}' +delete_verb: 'POST' +import_format: + - '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -id_format: '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' -import_format: ['{{project}}/{{region}}/{{router}}/routePolicies/{{name}}'] +custom_code: + decoder: 'templates/terraform/decoders/unwrap_route_policy_resource.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'router_route_policy_export' + - name: 'router_route_policy_export' primary_resource_id: 'rp-export' vars: router_name: 'my-router' network_name: 'my-network' subnet_name: 'my-subnetwork' route_policy_name: 'my-rp1' - - !ruby/object:Provider::Terraform::Examples - name: 'router_route_policy_import' + - name: 'router_route_policy_import' primary_resource_id: 'rp-import' vars: router_name: 'my-router' network_name: 'my-network' subnet_name: 'my-subnetwork' route_policy_name: 'my-rp2' -custom_code: !ruby/object:Provider::Terraform::CustomCode - decoder: templates/terraform/decoders/unwrap_route_policy_resource.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'router' - resource: 'Router' - imports: name + - name: 'router' + type: ResourceRef description: | The name of the Cloud Router in which this route policy will be configured. + min_version: 'beta' + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::ResourceRef - name: region - resource: Region - imports: name + resource: 'Router' + imports: 'name' + - name: 'region' + type: ResourceRef description: Region where the router and NAT reside. - immutable: true - required: false + min_version: 'beta' url_param_only: true + required: false + immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: name + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + resource: 'Region' + imports: 'name' + - name: 'name' + type: String description: | Name of the route policy. This policy's name, which must be a resource ID segment and unique within all policies owned by the Router + min_version: 'beta' required: true immutable: true properties: - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: | This is policy's type, which is one of IMPORT or EXPORT - values: - - :ROUTE_POLICY_TYPE_IMPORT - - :ROUTE_POLICY_TYPE_EXPORT - - !ruby/object:Api::Type::Array - name: terms + min_version: 'beta' + enum_values: + - 'ROUTE_POLICY_TYPE_IMPORT' + - 'ROUTE_POLICY_TYPE_EXPORT' + - name: 'terms' + type: Array description: | List of terms (the order in the list is not important, they are evaluated in order of priority). + min_version: 'beta' required: true immutable: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: priority + - name: 'priority' + type: Integer description: | The evaluation priority for this term, which must be between 0 (inclusive) and 231 (exclusive), and unique within the list. + min_version: 'beta' required: true - - !ruby/object:Api::Type::NestedObject - name: match + - name: 'match' + type: NestedObject description: | CEL expression evaluated against a route to determine if this term applies (see Policy Language). When not set, the term applies to all routes. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'expression' - required: true + - name: 'expression' + type: String description: Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: 'title' + min_version: 'beta' + required: true + - name: 'title' + type: String description: Title for the expression, i.e. a short string describing its purpose. - - !ruby/object:Api::Type::String - name: 'description' + min_version: 'beta' + - name: 'description' + type: String description: Description of the expression - - !ruby/object:Api::Type::String - name: 'location' + min_version: 'beta' + - name: 'location' + type: String description: String indicating the location of the expression for error reporting, e.g. a file name and a position in the file - - !ruby/object:Api::Type::Array - name: actions + min_version: 'beta' + - name: 'actions' + type: Array description: | 'CEL expressions to evaluate to modify a route when this term matches.'\ - item_type: !ruby/object:Api::Type::NestedObject + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'expression' - required: true + - name: 'expression' + type: String description: | Textual representation of an expression in Common Expression Language syntax. - - !ruby/object:Api::Type::String - name: 'title' + min_version: 'beta' + required: true + - name: 'title' + type: String description: | Title for the expression, i.e. a short string describing its purpose. - - !ruby/object:Api::Type::String - name: 'description' + min_version: 'beta' + - name: 'description' + type: String description: | Description of the expression - - !ruby/object:Api::Type::String - name: 'location' + min_version: 'beta' + - name: 'location' + type: String description: | String indicating the location of the expression for error reporting, e.g. a file name and a position in the file - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + min_version: 'beta' + - name: 'fingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + min_version: 'beta' output: true diff --git a/mmv1/products/compute/SecurityPolicyRule.yaml b/mmv1/products/compute/SecurityPolicyRule.yaml index 5cf8a8a0d484..85d3067fd82c 100644 --- a/mmv1/products/compute/SecurityPolicyRule.yaml +++ b/mmv1/products/compute/SecurityPolicyRule.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,105 +11,104 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'SecurityPolicyRule' -base_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}' -self_link: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' -create_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' -update_verb: :POST -update_mask: true -update_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' -delete_verb: :POST -delete_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' description: | A rule for the SecurityPolicy. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Creating global security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' - api: - 'https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies/addRule' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies/addRule' +docs: id_format: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' -import_format: ['projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +base_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}' +self_link: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' +create_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' +update_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' +update_verb: 'POST' +update_mask: true +delete_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' +delete_verb: 'POST' +import_format: + - 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'security_policy_rule_basic' + - name: 'security_policy_rule_basic' primary_resource_id: 'policy_rule' vars: sec_policy_name: 'policyruletest' - - !ruby/object:Provider::Terraform::Examples - name: 'security_policy_rule_default_rule' + - name: 'security_policy_rule_default_rule' primary_resource_id: 'policy_rule' - skip_test: true vars: sec_policy_name: 'policyruletest' - project_id: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'security_policy_rule_multiple_rules' + project_id: 'PROJECT_NAME' + exclude_test: true + - name: 'security_policy_rule_multiple_rules' primary_resource_id: 'policy_rule_one' vars: sec_policy_name: 'policywithmultiplerules' parameters: - - !ruby/object:Api::Type::String - name: 'security_policy' - required: true - immutable: true + - name: 'security_policy' + type: String description: | The name of the security policy this rule belongs to. url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Integer - name: 'priority' + - name: 'priority' + type: Integer description: | An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'match' + - name: 'match' + type: NestedObject description: | A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced. properties: - - !ruby/object:Api::Type::Enum - name: 'versionedExpr' + - name: 'versionedExpr' + type: Enum description: | Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. - values: - - :SRC_IPS_V1 - - !ruby/object:Api::Type::NestedObject - name: 'expr' + enum_values: + - 'SRC_IPS_V1' + - name: 'expr' + type: NestedObject description: | User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. properties: - - !ruby/object:Api::Type::String - name: 'expression' - required: true + - name: 'expression' + type: String description: | Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. + required: true # >> These fields are not yet supported, following the global security policy resource. # - !ruby/object:Api::Type::String # name: 'title' @@ -123,62 +122,65 @@ properties: # name: 'location' # description: | # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. - - !ruby/object:Api::Type::NestedObject - name: 'exprOptions' + - name: 'exprOptions' + type: NestedObject description: | The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr'). properties: - - !ruby/object:Api::Type::NestedObject - name: 'recaptchaOptions' - required: true + - name: 'recaptchaOptions' + type: NestedObject description: | reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field has no effect. + required: true properties: - - !ruby/object:Api::Type::Array - name: 'actionTokenSiteKeys' + - name: 'actionTokenSiteKeys' + type: Array description: | A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'sessionTokenSiteKeys' + item_type: + type: String + - name: 'sessionTokenSiteKeys' + type: Array description: | A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'config' + item_type: + type: String + - name: 'config' + type: NestedObject description: | The configuration options available when specifying versionedExpr. This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. properties: - - !ruby/object:Api::Type::Array - name: 'srcIpRanges' + - name: 'srcIpRanges' + type: Array description: | CIDR IP address range. Maximum number of srcIpRanges allowed is 10. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'preconfiguredWafConfig' + item_type: + type: String + - name: 'preconfiguredWafConfig' + type: NestedObject description: | Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. properties: - - !ruby/object:Api::Type::Array - name: 'exclusion' - api_name: 'exclusions' + - name: 'exclusion' + type: Array description: | An exclusion to apply during preconfigured WAF evaluation. - item_type: !ruby/object:Api::Type::NestedObject + api_name: exclusions + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'requestHeader' - api_name: 'requestHeadersToExclude' + - name: 'requestHeader' + type: Array description: | Request header whose value will be excluded from inspection during preconfigured WAF evaluation. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestHeadersToExclude + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: String description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -187,25 +189,26 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - validation: !ruby/object:Provider::Terraform::Validation - function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::Array - name: 'requestCookie' - api_name: 'requestCookiesToExclude' + api_name: val + - name: 'requestCookie' + type: Array description: | Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestCookiesToExclude + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: String description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -214,26 +217,27 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - validation: !ruby/object:Provider::Terraform::Validation - function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::Array - name: 'requestUri' - api_name: 'requestUrisToExclude' + api_name: val + - name: 'requestUri' + type: Array description: | Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestUrisToExclude + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: String description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -242,26 +246,27 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - validation: !ruby/object:Provider::Terraform::Validation - function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::Array - name: 'requestQueryParam' - api_name: 'requestQueryParamsToExclude' + api_name: val + - name: 'requestQueryParam' + type: Array description: | Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body. - item_type: !ruby/object:Api::Type::NestedObject + api_name: requestQueryParamsToExclude + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'operator' - api_name: 'op' - required: true + - name: 'operator' + type: String description: | You can specify an exact match or a partial match by using a field operator and a field value. Available options: @@ -270,27 +275,30 @@ properties: ENDS_WITH: The operator matches if the field value ends with the specified value. CONTAINS: The operator matches if the field value contains the specified value. EQUALS_ANY: The operator matches if the field value is any value. - validation: !ruby/object:Provider::Terraform::Validation - function: validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false) - - !ruby/object:Api::Type::String - name: 'value' - api_name: 'val' + api_name: op + required: true + validation: + function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' + - name: 'value' + type: String description: | A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - - !ruby/object:Api::Type::String - name: 'targetRuleSet' - required: true + api_name: val + - name: 'targetRuleSet' + type: String description: | Target WAF rule set to apply the preconfigured WAF exclusion. - - !ruby/object:Api::Type::Array - name: 'targetRuleIds' + required: true + - name: 'targetRuleIds' + type: Array description: | A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'action' + item_type: + type: String + - name: 'action' + type: String description: | The Action to perform when the rule is matched. The following are the valid actions: @@ -304,8 +312,8 @@ properties: * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. required: true - - !ruby/object:Api::Type::NestedObject - name: 'rateLimitOptions' + - name: 'rateLimitOptions' + type: NestedObject description: | Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. update_mask_fields: @@ -319,44 +327,44 @@ properties: - 'rateLimitOptions.banThreshold' - 'rateLimitOptions.banDurationSec' properties: - - !ruby/object:Api::Type::NestedObject - name: 'rateLimitThreshold' + - name: 'rateLimitThreshold' + type: NestedObject description: | Threshold at which to begin ratelimiting. properties: - - !ruby/object:Api::Type::Integer - name: 'count' + - name: 'count' + type: Integer description: | Number of HTTP(S) requests for calculating the threshold. - - !ruby/object:Api::Type::Integer - name: 'intervalSec' + - name: 'intervalSec' + type: Integer description: | Interval over which the threshold is computed. - - !ruby/object:Api::Type::String - name: 'conformAction' + - name: 'conformAction' + type: String description: | Action to take for requests that are under the configured rate limit threshold. Valid option is "allow" only. - - !ruby/object:Api::Type::NestedObject - name: 'exceedRedirectOptions' + - name: 'exceedRedirectOptions' + type: NestedObject description: | Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. properties: - - !ruby/object:Api::Type::String - name: 'type' + - name: 'type' + type: String description: | Type of the redirect action. - - !ruby/object:Api::Type::String - name: 'target' + - name: 'target' + type: String description: | Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. - - !ruby/object:Api::Type::String - name: 'exceedAction' + - name: 'exceedAction' + type: String description: | Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. - - !ruby/object:Api::Type::Enum - name: 'enforceOnKey' + - name: 'enforceOnKey' + type: Enum description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. @@ -369,33 +377,34 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - values: - - :ALL - - :IP - - :HTTP_HEADER - - :XFF_IP - - :HTTP_COOKIE - - :HTTP_PATH - - :SNI - - :REGION_CODE - - :TLS_JA3_FINGERPRINT - - :USER_IP - - !ruby/object:Api::Type::String - name: 'enforceOnKeyName' + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - - !ruby/object:Api::Type::Array - name: 'enforceOnKeyConfigs' + - name: 'enforceOnKeyConfigs' + type: Array description: | If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforceOnKeyConfigs. If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'enforceOnKeyType' + - name: 'enforceOnKeyType' + type: Enum description: | Determines the key to enforce the rateLimitThreshold on. Possible values are: * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. @@ -408,43 +417,43 @@ properties: * REGION_CODE: The country/region from which the request originates. * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - values: - - :ALL - - :IP - - :HTTP_HEADER - - :XFF_IP - - :HTTP_COOKIE - - :HTTP_PATH - - :SNI - - :REGION_CODE - - :TLS_JA3_FINGERPRINT - - :USER_IP - - !ruby/object:Api::Type::String - name: 'enforceOnKeyName' + enum_values: + - 'ALL' + - 'IP' + - 'HTTP_HEADER' + - 'XFF_IP' + - 'HTTP_COOKIE' + - 'HTTP_PATH' + - 'SNI' + - 'REGION_CODE' + - 'TLS_JA3_FINGERPRINT' + - 'USER_IP' + - name: 'enforceOnKeyName' + type: String description: | Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - - !ruby/object:Api::Type::NestedObject - name: 'banThreshold' + - name: 'banThreshold' + type: NestedObject description: | Can only be specified if the action for the rule is "rate_based_ban". If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. properties: - - !ruby/object:Api::Type::Integer - name: 'count' + - name: 'count' + type: Integer description: | Number of HTTP(S) requests for calculating the threshold. - - !ruby/object:Api::Type::Integer - name: 'intervalSec' + - name: 'intervalSec' + type: Integer description: | Interval over which the threshold is computed. - - !ruby/object:Api::Type::Integer - name: 'banDurationSec' + - name: 'banDurationSec' + type: Integer description: | Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - - !ruby/object:Api::Type::Boolean - name: 'preview' + - name: 'preview' + type: Boolean description: | If set to true, the specified action is not enforced. diff --git a/mmv1/products/compute/ServiceAttachment.yaml b/mmv1/products/compute/ServiceAttachment.yaml index 244aa01eb9c1..8d6650c63704 100644 --- a/mmv1/products/compute/ServiceAttachment.yaml +++ b/mmv1/products/compute/ServiceAttachment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,39 +11,42 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ServiceAttachment' kind: 'compute#ServiceAttachment' -base_url: projects/{{project}}/regions/{{region}}/serviceAttachments -has_self_link: true -update_verb: :PATCH description: | Represents a ServiceAttachment resource. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Configuring Private Service Connect to access services': 'https://cloud.google.com/vpc/docs/configure-private-service-connect-services' api: 'https://cloud.google.com/compute/docs/reference/beta/serviceAttachments' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/serviceAttachments' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +custom_code: + constants: 'templates/terraform/constants/compute_service_attachment.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/compute_service_attachment.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'service_attachment_basic' + - name: 'service_attachment_basic' primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -55,8 +58,7 @@ examples: producer_forwarding_rule_name: 'producer-forwarding-rule' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' - - !ruby/object:Provider::Terraform::Examples - name: 'service_attachment_explicit_projects' + - name: 'service_attachment_explicit_projects' primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -68,8 +70,7 @@ examples: producer_forwarding_rule_name: 'producer-forwarding-rule' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' - - !ruby/object:Provider::Terraform::Examples - name: 'service_attachment_explicit_networks' + - name: 'service_attachment_explicit_networks' primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -82,8 +83,7 @@ examples: consumer_network_name: 'psc-ilb-consumer-network' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' - - !ruby/object:Provider::Terraform::Examples - name: 'service_attachment_reconcile_connections' + - name: 'service_attachment_reconcile_connections' primary_resource_id: 'psc_ilb_service_attachment' vars: service_attachment_name: 'my-psc-ilb' @@ -95,25 +95,21 @@ examples: producer_forwarding_rule_name: 'producer-forwarding-rule' consumer_address_name: 'psc-ilb-consumer-address' consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/compute_service_attachment.go.erb - update_encoder: 'templates/terraform/update_encoder/compute_service_attachment.go.erb' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | URL of the region where the resource resides. required: false immutable: true - default_from_api: true ignore_read: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + default_from_api: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters @@ -121,142 +117,147 @@ properties: which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + required: true immutable: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. This field is used internally during updates of this resource. - - !ruby/object:Api::Type::String - name: 'connectionPreference' - required: true + output: true + - name: 'connectionPreference' + type: String description: | The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL". - - !ruby/object:Api::Type::Array - name: 'connectedEndpoints' - output: true + required: true + - name: 'connectedEndpoints' + type: Array description: | An array of the consumer forwarding rules connected to this service attachment. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'endpoint' - output: true + - name: 'endpoint' + type: String description: | The URL of the consumer forwarding rule. - - !ruby/object:Api::Type::String - name: 'status' output: true + - name: 'status' + type: String description: | The status of the connection from the consumer forwarding rule to this service attachment. - - !ruby/object:Api::Type::String - name: 'consumerNetwork' output: true + - name: 'consumerNetwork' + type: String description: | The url of the consumer network. - - !ruby/object:Api::Type::String - name: 'pscConnectionId' output: true + - name: 'pscConnectionId' + type: String description: | The PSC connection id of the connected endpoint. - - !ruby/object:Api::Type::Integer - name: 'propagatedConnectionCount' - min_version: 'beta' output: true + - name: 'propagatedConnectionCount' + type: Integer description: | The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to. - - !ruby/object:Api::Type::String - name: targetService + min_version: 'beta' + output: true + - name: 'targetService' + type: String + description: | + The URL of a service serving the endpoint identified by this service attachment. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' + - name: 'natSubnets' + type: Array description: | - The URL of a service serving the endpoint identified by this service attachment. - - !ruby/object:Api::Type::Array - name: 'natSubnets' + An array of subnets that is provided for NAT in this service attachment. required: true send_empty_value: true - description: | - An array of subnets that is provided for NAT in this service attachment. - item_type: !ruby/object:Api::Type::ResourceRef + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'subnet' - resource: 'Subnetwork' - imports: 'selfLink' + type: ResourceRef description: | A subnet that is provided for NAT in this service attachment. - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: 'enableProxyProtocol' - required: true + resource: 'Subnetwork' + imports: 'selfLink' + - name: 'enableProxyProtocol' + type: Boolean description: | If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers. - - !ruby/object:Api::Type::Array - name: 'domainNames' - immutable: true - item_type: Api::Type::String + required: true + - name: 'domainNames' + type: Array description: | If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1. - - !ruby/object:Api::Type::Array - name: 'consumerRejectLists' - item_type: Api::Type::String - send_empty_value: true + immutable: true + item_type: + type: String + - name: 'consumerRejectLists' + type: Array description: | An array of projects that are not allowed to connect to this service attachment. - - !ruby/object:Api::Type::Array - name: 'consumerAcceptLists' + send_empty_value: true + item_type: + type: String + - name: 'consumerAcceptLists' + type: Array description: | An array of projects that are allowed to connect to this service attachment. - send_empty_value: true is_set: true + send_empty_value: true set_hash_func: computeServiceAttachmentConsumerAcceptListsHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'projectIdOrNum' + - name: 'projectIdOrNum' + type: String # TODO (laurensknoll): add exactly_one_of when it can be applied to lists (https://github.com/hashicorp/terraform-plugin-sdk/issues/470) description: | A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set. - - !ruby/object:Api::Type::String - name: 'networkUrl' + - name: 'networkUrl' + type: String # TODO (laurensknoll): add exactly_one_of when it can be applied to lists (https://github.com/hashicorp/terraform-plugin-sdk/issues/470) description: | The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set. diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - !ruby/object:Api::Type::Integer - name: 'connectionLimit' - required: true + - name: 'connectionLimit' + type: Integer description: | The number of consumer forwarding rules the consumer project can create. - - !ruby/object:Api::Type::Boolean - name: reconcileConnections - default_from_api: true - send_empty_value: true + required: true + - name: 'reconcileConnections' + type: Boolean description: | This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list. - - !ruby/object:Api::Type::Integer - name: 'propagatedConnectionLimit' - min_version: 'beta' default_from_api: true + send_empty_value: true + - name: 'propagatedConnectionLimit' + type: Integer description: | The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. @@ -265,3 +266,5 @@ properties: If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250. + min_version: 'beta' + default_from_api: true diff --git a/mmv1/products/compute/Snapshot.yaml b/mmv1/products/compute/Snapshot.yaml index 9d7ad7ffe598..f3db7a1ee1e4 100644 --- a/mmv1/products/compute/Snapshot.yaml +++ b/mmv1/products/compute/Snapshot.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,21 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Snapshot' kind: 'compute#snapshot' -immutable: true -base_url: projects/{{project}}/global/snapshots -create_url: PRE_CREATE_REPLACE_ME/createSnapshot -collection_url_key: 'items' -has_self_link: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/disks/create-snapshots' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/snapshots' -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'name' - import_format: ['projects/{{project}}/global/snapshots/{{name}}', '{{name}}'] description: | Represents a Persistent Disk Snapshot resource. @@ -39,73 +27,83 @@ description: | Snapshots are incremental, so you can create regular snapshots on a persistent disk faster and at a much lower cost than if you regularly created a full image of the disk. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/compute/docs/disks/create-snapshots' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/snapshots' +docs: +base_url: 'projects/{{project}}/global/snapshots' +has_self_link: true +create_url: 'PRE_CREATE_REPLACE_ME/createSnapshot' +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 # 'createSnapshot' is a zonal operation while 'snapshot.delete' is a global # operation. we'll leave the object as global operation and use the disk's # zonal operation for the create action. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + full_url: 'selfLink' kind: 'compute#operation' path: 'name' - full_url: 'selfLink' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +iam_policy: + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/global/snapshots/{{name}}' + - '{{name}}' +custom_code: + decoder: 'templates/terraform/decoders/snapshot.go.tmpl' + pre_create: 'templates/terraform/pre_create/compute_snapshot_precreate_url.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'snapshot_basic' + - name: 'snapshot_basic' primary_resource_id: 'snapshot' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-snapshot%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-snapshot%s", context["random_suffix"])' vars: snapshot_name: 'my-snapshot' disk_name: 'debian-disk' - - !ruby/object:Provider::Terraform::Examples - name: 'snapshot_chainname' + - name: 'snapshot_chainname' primary_resource_id: 'snapshot' - primary_resource_name: "fmt.Sprintf(\"tf-test-snapshot-chainname%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-snapshot-chainname%s", context["random_suffix"])' vars: snapshot_name: 'my-snapshot' disk_name: 'debian-disk' chain_name: 'snapshot-chain' -custom_code: !ruby/object:Provider::Terraform::CustomCode - decoder: templates/terraform/decoders/snapshot.go.erb - pre_create: templates/terraform/pre_create/compute_snapshot_precreate_url.go.erb parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'sourceDisk' - resource: 'Disk' - imports: 'name' + - name: 'sourceDisk' + type: ResourceRef description: 'A reference to the disk used to create this snapshot.' - immutable: true required: true + immutable: true # ignore_read in providers - this is only used in Create diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Disk' imports: 'name' + - name: 'zone' + type: ResourceRef description: 'A reference to the zone where the disk is hosted.' + required: false immutable: true ignore_read: true default_from_api: true - required: false - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'snapshotEncryptionKey' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' + - name: 'snapshotEncryptionKey' + type: NestedObject description: | Encrypts the snapshot using a customer-supplied encryption key. @@ -121,69 +119,69 @@ parameters: then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later. properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. ignore_read: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/compute_snapshot_snapshot_encryption_raw_key.go.erb - - !ruby/object:Api::Type::String - name: 'sha256' + custom_flatten: 'templates/terraform/custom_flatten/compute_snapshot_snapshot_encryption_raw_key.go.tmpl' + - name: 'sha256' + type: String description: | The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - !ruby/object:Api::Type::String - name: 'kmsKeySelfLink' - api_name: 'kmsKeyName' + - name: 'kmsKeySelfLink' + type: String description: | The name of the encryption key that is stored in Google Cloud KMS. - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + api_name: kmsKeyName + - name: 'kmsKeyServiceAccount' + type: String description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. # ignore_read in providers - this is only used in Create - - !ruby/object:Api::Type::NestedObject - name: 'sourceDiskEncryptionKey' + - name: 'sourceDiskEncryptionKey' + type: NestedObject description: | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. ignore_read: true properties: - - !ruby/object:Api::Type::String - name: 'rawKey' + - name: 'rawKey' + type: String description: | Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. # The docs list this field but it is never returned. sensitive: true - - !ruby/object:Api::Type::String - name: 'kmsKeyServiceAccount' + - name: 'kmsKeyServiceAccount' + type: String description: | The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::Integer - name: 'snapshot_id' - api_name: 'id' + - name: 'snapshot_id' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true # 'status' not useful for object convergence. - - !ruby/object:Api::Type::Integer - name: 'diskSizeGb' + - name: 'diskSizeGb' + type: Integer description: 'Size of the snapshot, specified in GB.' output: true - - !ruby/object:Api::Type::String - name: 'chainName' + - name: 'chainName' + type: String description: | Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and @@ -191,10 +189,8 @@ properties: service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value. - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -203,48 +199,54 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::String - name: 'description' + required: true immutable: true + - name: 'description' + type: String description: 'An optional description of this resource.' + immutable: true # 'sourceDiskId' not useful for object convergence. - - !ruby/object:Api::Type::Integer - name: 'storageBytes' + - name: 'storageBytes' + type: Integer description: | A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion. output: true # 'storageBytesStatus' not useful for object convergence. - - !ruby/object:Api::Type::Array - name: 'storageLocations' + - name: 'storageLocations' + type: Array description: | Cloud Storage bucket storage location of the snapshot (regional or multi-regional). default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'licenses' - output: true + item_type: + type: String + - name: 'licenses' + type: Array description: | A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key. - item_type: !ruby/object:Api::Type::ResourceRef + output: true + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'license' + type: ResourceRef + description: 'A reference to a license associated with this snapshot' resource: 'License' imports: 'selfLink' - description: 'A reference to a license associated with this snapshot' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: Labels to apply to this Snapshot. - update_verb: :POST update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. + output: true update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' - update_verb: :POST + update_verb: 'POST' + key_expander: '' diff --git a/mmv1/products/compute/SslCertificate.yaml b/mmv1/products/compute/SslCertificate.yaml index 8ac659eea06e..a4e3e2a762cd 100644 --- a/mmv1/products/compute/SslCertificate.yaml +++ b/mmv1/products/compute/SslCertificate.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,40 +11,18 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'SslCertificate' kind: 'compute#sslCertificate' -base_url: projects/{{project}}/global/sslCertificates -collection_url_key: 'items' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' -immutable: true -has_self_link: true description: | An SslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - kind: 'compute#operation' - path: 'name' - base_url: '{{op_id}}' - wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result - path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error - path: 'error/errors' - message: 'message' -docs: !ruby/object:Provider::Terraform::Docs +references: + guides: + 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' +docs: optional_properties: | * `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`. Max length is 54 characters. @@ -54,28 +32,44 @@ docs: !ruby/object:Provider::Terraform::Docs `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter Resulting name for a `name_prefix` 38 - 54 characters: `name_prefix` + YYmmdd + 3 digit incremental counter +base_url: 'projects/{{project}}/global/sslCertificates' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + kind: 'compute#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +collection_url_key: 'items' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/ssl_certificate.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'ssl_certificate_basic' - primary_resource_id: - 'default' - # Uses id.UniqueId - skip_vcr: true + - name: 'ssl_certificate_basic' + primary_resource_id: 'default' ignore_read_extra: - 'name_prefix' - - !ruby/object:Provider::Terraform::Examples - name: 'ssl_certificate_random_provider' - external_providers: ["random", "time"] - primary_resource_id: - 'default' # Uses id.UniqueId skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'ssl_certificate_target_https_proxies' - primary_resource_id: - 'default' + - name: 'ssl_certificate_random_provider' + primary_resource_id: 'default' + external_providers: ["random", "time"] # Uses id.UniqueId skip_vcr: true + - name: 'ssl_certificate_target_https_proxies' + primary_resource_id: 'default' vars: target_https_proxy_name: 'test-proxy' url_map_name: 'url-map' @@ -83,35 +77,36 @@ examples: http_health_check_name: 'http-health-check' ignore_read_extra: - 'name_prefix' -custom_code: !ruby/object:Provider::Terraform::CustomCode - extra_schema_entry: templates/terraform/extra_schema_entry/ssl_certificate.erb + # Uses id.UniqueId + skip_vcr: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'certificate' + - name: 'certificate' + type: String description: | The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. required: true sensitive: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::String - name: 'expireTime' - output: true + - name: 'expireTime' + type: String description: 'Expire time of the certificate in RFC3339 text format.' - - !ruby/object:Api::Type::Integer - name: 'certificate_id' - api_name: 'id' + output: true + - name: 'certificate_id' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -123,15 +118,15 @@ properties: These are in the same namespace as the managed SSL certificates. default_from_api: true - custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.erb' - validation: !ruby/object:Provider::Terraform::Validation + custom_expand: 'templates/terraform/custom_expand/name_or_name_prefix.go.tmpl' + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::String - name: 'privateKey' + - name: 'privateKey' + type: String description: 'The write-only private key in PEM format.' required: true immutable: true - sensitive: true ignore_read: true - custom_flatten: 'templates/terraform/custom_flatten/sha256.erb' + sensitive: true diff_suppress_func: 'sha256DiffSuppress' + custom_flatten: 'templates/terraform/custom_flatten/sha256.tmpl' diff --git a/mmv1/products/compute/SslPolicy.yaml b/mmv1/products/compute/SslPolicy.yaml index 9f083f49798f..c78369eee147 100644 --- a/mmv1/products/compute/SslPolicy.yaml +++ b/mmv1/products/compute/SslPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,63 +11,63 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'SslPolicy' kind: 'compute#sslPolicy' -base_url: projects/{{project}}/global/sslPolicies -collection_url_key: 'items' -update_verb: :PATCH -has_self_link: true description: | Represents a SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/sslPolicies' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/ssl_policy.tmpl' + update_encoder: 'templates/terraform/update_encoder/ssl_policy.tmpl' +custom_diff: + - 'sslPolicyCustomizeDiff' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'ssl_policy_basic' + - name: 'ssl_policy_basic' primary_resource_id: 'prod-ssl-policy' vars: production_ssl_policy_name: 'production-ssl-policy' nonprod_ssl_policy_name: 'nonprod-ssl-policy' custom_ssl_policy_name: 'custom-ssl-policy' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/ssl_policy.erb' - update_encoder: 'templates/terraform/update_encoder/ssl_policy.erb' -custom_diff: [ - 'sslPolicyCustomizeDiff', -] +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -76,11 +76,11 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true + immutable: true # TODO: profile, minTlsVersion, enabledFeatures, customFeatures, fingerprint, warnings, kind - - !ruby/object:Api::Type::Enum - name: 'profile' + - name: 'profile' + type: Enum description: | Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -90,30 +90,31 @@ properties: See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) for information on what cipher suites each profile provides. If `CUSTOM` is used, the `custom_features` attribute **must be set**. - values: - - :COMPATIBLE - - :MODERN - - :RESTRICTED - - :CUSTOM - default_value: :COMPATIBLE - - !ruby/object:Api::Type::Enum - name: 'minTlsVersion' + default_value: "COMPATIBLE" + enum_values: + - 'COMPATIBLE' + - 'MODERN' + - 'RESTRICTED' + - 'CUSTOM' + - name: 'minTlsVersion' + type: Enum description: | The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. - values: - - :TLS_1_0 - - :TLS_1_1 - - :TLS_1_2 - default_value: :TLS_1_0 - - !ruby/object:Api::Type::Array - name: 'enabledFeatures' + default_value: "TLS_1_0" + enum_values: + - 'TLS_1_0' + - 'TLS_1_1' + - 'TLS_1_2' + - name: 'enabledFeatures' + type: Array description: 'The list of features enabled in the SSL policy.' - output: true is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'customFeatures' + output: true + item_type: + type: String + - name: 'customFeatures' + type: Array description: | Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of @@ -126,9 +127,10 @@ properties: *must* be present when using the `CUSTOM` profile. This argument *must not* be present when using any other profile. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'fingerprint' + item_type: + type: String + - name: 'fingerprint' + type: String description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. diff --git a/mmv1/products/compute/Subnetwork.yaml b/mmv1/products/compute/Subnetwork.yaml index 672dca4bcd14..42b2f4262f78 100644 --- a/mmv1/products/compute/Subnetwork.yaml +++ b/mmv1/products/compute/Subnetwork.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Subnetwork' kind: 'compute#subnetwork' -base_url: projects/{{project}}/regions/{{region}}/subnetworks -collection_url_key: 'items' -immutable: true -has_self_link: true description: | A VPC network is a virtual version of the traditional physical networks that exist within and between physical data centers. A VPC network @@ -41,107 +37,102 @@ description: | instances in all other subnets of the same VPC network, regardless of region, using their RFC1918 private IP addresses. You can isolate portions of the network, even entire subnets, using firewall rules. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + 'Private Google Access': 'https://cloud.google.com/vpc/docs/configure-private-google-access' + 'Cloud Networking': 'https://cloud.google.com/vpc/docs/using-vpc' + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks' +docs: +base_url: 'projects/{{project}}/regions/{{region}}/subnetworks' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Private Google Access': 'https://cloud.google.com/vpc/docs/configure-private-google-access' - 'Cloud Networking': 'https://cloud.google.com/vpc/docs/using-vpc' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks' -iam_policy: !ruby/object:Api::Resource::IamPolicy +collection_url_key: 'items' +iam_policy: allowed_iam_role: 'roles/compute.networkUser' parent_resource_attribute: 'subnetwork' - iam_conditions_request_type: :QUERY_PARAM -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/subnetwork.erb - extra_schema_entry: templates/terraform/extra_schema_entry/subnetwork.erb - post_update: templates/terraform/post_update/compute_subnetwork.go.erb -custom_diff: [ - 'customdiff.ForceNewIfChange("ip_cidr_range", IsShrinkageIpCidr)', - 'sendSecondaryIpRangeIfEmptyDiff', -] + iam_conditions_request_type: 'QUERY_PARAM' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' +custom_code: + extra_schema_entry: 'templates/terraform/extra_schema_entry/subnetwork.tmpl' + constants: 'templates/terraform/constants/subnetwork.tmpl' + post_update: 'templates/terraform/post_update/compute_subnetwork.go.tmpl' +custom_diff: + - 'customdiff.ForceNewIfChange("ip_cidr_range", IsShrinkageIpCidr)' + - 'sendSecondaryIpRangeIfEmptyDiff' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_basic' + - name: 'subnetwork_basic' primary_resource_id: 'network-with-private-secondary-ip-ranges' + primary_resource_name: 'fmt.Sprintf("tf-test-test-subnetwork%s", context["random_suffix"])' vars: subnetwork_name: 'test-subnetwork' network_name: 'test-network' - primary_resource_name: "fmt.Sprintf(\"tf-test-test-subnetwork%s\", - context[\"\ - random_suffix\"])" - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_logging_config' + - name: 'subnetwork_logging_config' primary_resource_id: 'subnet-with-logging' vars: subnetwork_name: 'log-test-subnetwork' network_name: 'log-test-network' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_internal_l7lb' - min_version: beta + - name: 'subnetwork_internal_l7lb' primary_resource_id: 'network-for-l7lb' + min_version: 'beta' vars: subnetwork_name: 'l7lb-test-subnetwork' network_name: 'l7lb-test-network' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_ipv6' + - name: 'subnetwork_ipv6' primary_resource_id: 'subnetwork-ipv6' vars: subnetwork_name: 'ipv6-test-subnetwork' network_name: 'ipv6-test-network' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_internal_ipv6' + - name: 'subnetwork_internal_ipv6' primary_resource_id: 'subnetwork-internal-ipv6' vars: subnetwork_name: 'internal-ipv6-test-subnetwork' network_name: 'internal-ipv6-test-network' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_purpose_private_nat' - min_version: beta + - name: 'subnetwork_purpose_private_nat' primary_resource_id: 'subnetwork-purpose-private-nat' + min_version: 'beta' vars: subnetwork_name: 'subnet-purpose-test-subnetwork' network_name: 'subnet-purpose-test-network' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_cidr_overlap' - min_version: beta + - name: 'subnetwork_cidr_overlap' primary_resource_id: 'subnetwork-cidr-overlap' + min_version: 'beta' vars: subnetwork_name: 'subnet-cidr-overlap' network_name: 'net-cidr-overlap' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_reserved_internal_range' - min_version: beta + - name: 'subnetwork_reserved_internal_range' primary_resource_id: 'subnetwork-reserved-internal-range' + min_version: 'beta' vars: subnetwork_name: 'subnetwork-reserved-internal-range' network_name: 'network-reserved-internal-range' - - !ruby/object:Provider::Terraform::Examples - name: 'subnetwork_reserved_secondary_range' - min_version: beta + - name: 'subnetwork_reserved_secondary_range' primary_resource_id: 'subnetwork-reserved-secondary-range' + min_version: 'beta' vars: subnetwork_name: 'subnetwork-reserved-secondary-range' network_name: 'network-reserved-secondary-range' + primary_range_name: 'reserved-primary' + secondary_range_name: 'reserved-secondary' virtual_fields: - - !ruby/object:Api::Type::Boolean - name: 'send_secondary_ip_range_if_empty' + - name: 'send_secondary_ip_range_if_empty' description: | Controls the removal behavior of secondary_ip_range. When false, removing secondary_ip_range from config will not produce a diff as @@ -149,26 +140,27 @@ virtual_fields: When true, the provider will treat removing secondary_ip_range as sending an empty list of secondary IP ranges to the API. Defaults to false. + type: Boolean +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time. - - !ruby/object:Api::Type::String - name: 'gatewayAddress' + - name: 'gatewayAddress' + type: String description: | The gateway address for default routes to reach destination addresses outside this subnetwork. output: true - - !ruby/object:Api::Type::String - name: 'ipCidrRange' - default_from_api: true + - name: 'ipCidrRange' + type: String description: | The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, @@ -176,19 +168,20 @@ properties: non-overlapping within a network. Only IPv4 is supported. Field is optional when `reserved_internal_range` is defined, otherwise required. required: false - update_verb: :POST + default_from_api: true update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/expandIpCidrRange' - validation: !ruby/object:Provider::Terraform::Validation + update_verb: 'POST' + validation: function: 'verify.ValidateIpCidrRange' - - !ruby/object:Api::Type::ResourceRef - name: 'reservedInternalRange' + - name: 'reservedInternalRange' + type: ResourceRef description: | The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` resource: 'InternalRange' imports: 'selfLink' - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and @@ -198,51 +191,47 @@ properties: following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'verify.ValidateGCEName' - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | The network this subnet belongs to. Only networks that are in the distributed mode can have subnetworks. - immutable: true required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'purpose' immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' + - name: 'purpose' + type: String description: | - The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). + The purpose of the resource. This field can be either `PRIVATE`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). A subnet with purpose set to `REGIONAL_MANAGED_PROXY` is a user-created subnetwork that is reserved for regional Envoy-based load balancers. A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service. A subnetwork with purpose set to `PRIVATE_NAT` is used as source range for Private NAT gateways. Note that `REGIONAL_MANAGED_PROXY` is the preferred setting for all regional Envoy load balancers. - If unspecified, the purpose defaults to `PRIVATE_RFC_1918`. + If unspecified, the purpose defaults to `PRIVATE`. + immutable: true default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'role' - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} - update_id: 'role' - fingerprint_name: 'fingerprint' - values: - - :ACTIVE - - :BACKUP + - name: 'role' + type: Enum description: | The role of subnetwork. Currently, this field is only used when `purpose` is `REGIONAL_MANAGED_PROXY`. The value can be set to `ACTIVE` or `BACKUP`. An `ACTIVE` subnetwork is one that is currently being used for Envoy-based load balancers in a region. A `BACKUP` subnetwork is one that is ready to be promoted to `ACTIVE` or is currently draining. - - !ruby/object:Api::Type::Array - name: 'secondaryIpRange' - api_name: secondaryIpRanges - unordered_list: true - default_from_api: true - send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + update_id: 'role' + fingerprint_name: 'fingerprint' + enum_values: + - 'ACTIVE' + - 'BACKUP' + - name: 'secondaryIpRange' + type: Array description: | An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong @@ -252,200 +241,206 @@ properties: **Note**: This field uses [attr-as-block mode](https://www.terraform.io/docs/configuration/attr-as-blocks.html) to avoid breaking users during the 0.12 upgrade. To explicitly send a list of zero objects, set `send_secondary_ip_range_if_empty = true` - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + api_name: secondaryIpRanges + unordered_list: true + default_from_api: true + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' update_id: 'secondaryIpRanges' fingerprint_name: 'fingerprint' - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'rangeName' - required: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'verify.ValidateGCEName' + - name: 'rangeName' + type: String description: | The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork. - - !ruby/object:Api::Type::String - name: 'ipCidrRange' - required: false - default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'verify.ValidateIpCidrRange' + required: true + validation: + function: 'verify.ValidateGCEName' + - name: 'ipCidrRange' + type: String description: | The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. Field is optional when `reserved_internal_range` is defined, otherwise required. - - !ruby/object:Api::Type::ResourceRef - name: 'reservedInternalRange' + required: false + default_from_api: true + validation: + function: 'verify.ValidateIpCidrRange' + - name: 'reservedInternalRange' + type: ResourceRef description: | The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` resource: 'InternalRange' imports: 'selfLink' - - !ruby/object:Api::Type::Boolean - name: 'privateIpGoogleAccess' + - name: 'privateIpGoogleAccess' + type: Boolean description: | When enabled, VMs in this subnetwork without external IP addresses can access Google APIs and services by using Private Google Access. - update_verb: :POST - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/setPrivateIpGoogleAccess' default_from_api: true - - !ruby/object:Api::Type::String - name: 'privateIpv6GoogleAccess' - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/setPrivateIpGoogleAccess' + update_verb: 'POST' + - name: 'privateIpv6GoogleAccess' + type: String description: The private IPv6 google access type for the VMs in this subnet. - fingerprint_name: 'fingerprint' default_from_api: true - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' + - name: 'region' + type: ResourceRef description: | The GCP region for this subnetwork. required: false immutable: true default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::NestedObject - name: 'logConfig' - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} - fingerprint_name: 'fingerprint' - update_id: 'logConfig' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' + - name: 'logConfig' + type: NestedObject description: | This field denotes the VPC flow logging options for this subnetwork. If logging is enabled, logs are exported to Cloud Logging. Flow logging isn't supported if the subnet `purpose` field is set to subnetwork is `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`. send_empty_value: true - custom_expand: 'templates/terraform/custom_expand/subnetwork_log_config.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/subnetwork_log_config.go.erb' + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + update_id: 'logConfig' + fingerprint_name: 'fingerprint' + custom_flatten: 'templates/terraform/custom_flatten/subnetwork_log_config.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/subnetwork_log_config.go.tmpl' properties: - - !ruby/object:Api::Type::Enum - name: 'aggregationInterval' - at_least_one_of: - - log_config.0.aggregation_interval - - log_config.0.flow_sampling - - log_config.0.metadata - - log_config.0.filterExpr + - name: 'aggregationInterval' + type: Enum description: | Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection. - values: - - :INTERVAL_5_SEC - - :INTERVAL_30_SEC - - :INTERVAL_1_MIN - - :INTERVAL_5_MIN - - :INTERVAL_10_MIN - - :INTERVAL_15_MIN - default_value: :INTERVAL_5_SEC - - !ruby/object:Api::Type::Double - name: 'flowSampling' at_least_one_of: - - log_config.0.aggregation_interval - - log_config.0.flow_sampling - - log_config.0.metadata - - log_config.0.filterExpr + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: "INTERVAL_5_SEC" + enum_values: + - 'INTERVAL_5_SEC' + - 'INTERVAL_30_SEC' + - 'INTERVAL_1_MIN' + - 'INTERVAL_5_MIN' + - 'INTERVAL_10_MIN' + - 'INTERVAL_15_MIN' + - name: 'flowSampling' + type: Double description: | Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 which means half of all collected logs are reported. - default_value: 0.5 - - !ruby/object:Api::Type::Enum - name: 'metadata' at_least_one_of: - - log_config.0.aggregation_interval - - log_config.0.flow_sampling - - log_config.0.metadata - - log_config.0.filterExpr + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: 0.5 + - name: 'metadata' + type: Enum description: | Can only be specified if VPC flow logging for this subnetwork is enabled. Configures whether metadata fields should be added to the reported VPC flow logs. - values: - - :EXCLUDE_ALL_METADATA - - :INCLUDE_ALL_METADATA - - :CUSTOM_METADATA - default_value: :INCLUDE_ALL_METADATA - - !ruby/object:Api::Type::Array - name: 'metadataFields' + at_least_one_of: + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: "INCLUDE_ALL_METADATA" + enum_values: + - 'EXCLUDE_ALL_METADATA' + - 'INCLUDE_ALL_METADATA' + - 'CUSTOM_METADATA' + - name: 'metadataFields' + type: Array description: | List of metadata fields that should be added to reported logs. Can only be specified if VPC flow logs for this subnetwork is enabled and "metadata" is set to CUSTOM_METADATA. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'filterExpr' - at_least_one_of: - - log_config.0.aggregation_interval - - log_config.0.flow_sampling - - log_config.0.metadata - - log_config.0.filterExpr + item_type: + type: String + - name: 'filterExpr' + type: String description: | Export filter used to define which VPC flow logs should be logged, as as CEL expression. See https://cloud.google.com/vpc/docs/flow-logs#filtering for details on how to format this field. The default value is 'true', which evaluates to include everything. - default_value: 'true' - - !ruby/object:Api::Type::Enum - name: 'stackType' - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} - fingerprint_name: 'fingerprint' - values: - - :IPV4_ONLY - - :IPV4_IPV6 + at_least_one_of: + - 'log_config.0.aggregation_interval' + - 'log_config.0.flow_sampling' + - 'log_config.0.metadata' + - 'log_config.0.filterExpr' + default_value: "true" + - name: 'stackType' + type: Enum description: | The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'ipv6AccessType' - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' fingerprint_name: 'fingerprint' - values: - - :EXTERNAL - - :INTERNAL + enum_values: + - 'IPV4_ONLY' + - 'IPV4_IPV6' + - name: 'ipv6AccessType' + type: Enum description: | The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation or the first time the subnet is updated into IPV4_IPV6 dual stack. If the ipv6_type is EXTERNAL then this subnet cannot enable direct path. - - !ruby/object:Api::Type::String - name: 'ipv6CidrRange' - output: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' + enum_values: + - 'EXTERNAL' + - 'INTERNAL' + - name: 'ipv6CidrRange' + type: String description: | The range of internal IPv6 addresses that are owned by this subnetwork. - - !ruby/object:Api::Type::String - name: 'internalIpv6Prefix' output: true + - name: 'internalIpv6Prefix' + type: String description: | The internal IPv6 address range that is assigned to this subnetwork. - - !ruby/object:Api::Type::String - name: 'externalIpv6Prefix' - default_from_api: true + output: true + - name: 'externalIpv6Prefix' + type: String description: | The range of external IPv6 addresses that are owned by this subnetwork. - - !ruby/object:Api::Type::Boolean - name: 'allowSubnetCidrRoutesOverlap' default_from_api: true - update_verb: :PATCH - update_url: projects/{{project}}/regions/{{region}}/subnetworks/{{name}} - fingerprint_name: 'fingerprint' - send_empty_value: true - min_version: beta + - name: 'allowSubnetCidrRoutesOverlap' + type: Boolean description: | Typically packets destined to IPs within the subnetwork range that do not match existing resources are dropped and prevented from leaving the VPC. Setting this field to true will allow these packets to match dynamic routes injected via BGP even if their destinations match existing subnet ranges. + min_version: 'beta' + default_from_api: true + send_empty_value: true + update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' + update_verb: 'PATCH' + fingerprint_name: 'fingerprint' diff --git a/mmv1/products/compute/TargetGrpcProxy.yaml b/mmv1/products/compute/TargetGrpcProxy.yaml index 82d691a34020..a8ea91e0905e 100644 --- a/mmv1/products/compute/TargetGrpcProxy.yaml +++ b/mmv1/products/compute/TargetGrpcProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,56 +11,58 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetGrpcProxy' kind: 'compute#targetGrpcProxy' -base_url: projects/{{project}}/global/targetGrpcProxies -collection_url_key: 'items' -update_verb: :PATCH -has_self_link: true description: | Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Global forwarding rules reference a target gRPC proxy. The Target gRPC Proxy references a URL map which specifies how traffic routes to gRPC backend services. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using Target gRPC Proxies': 'https://cloud.google.com/traffic-director/docs/proxyless-overview' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetGrpcProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/targetGrpcProxies' +has_self_link: true +update_verb: 'PATCH' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_grpc_proxy_basic' + - name: 'target_grpc_proxy_basic' primary_resource_id: 'default' vars: proxy_name: 'proxy' urlmap_name: 'urlmap' backend_name: 'backend' healthcheck_name: 'healthcheck' +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply @@ -69,17 +71,17 @@ properties: means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::String - name: 'description' + immutable: true + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::String - name: 'selfLinkWithId' + - name: 'selfLinkWithId' + type: String description: 'Server-defined URL with id for the resource.' output: true - - !ruby/object:Api::Type::String - name: 'urlMap' + - name: 'urlMap' + type: String description: | URL to the UrlMap resource that defines the mapping from URL to the BackendService. The protocol field in the BackendService @@ -88,9 +90,8 @@ properties: update_id: 'urlMap' fingerprint_name: 'fingerprint' diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - !ruby/object:Api::Type::Boolean - name: 'validateForProxyless' - immutable: true + - name: 'validateForProxyless' + type: Boolean description: | If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using @@ -102,8 +103,9 @@ properties: applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + immutable: true + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field @@ -112,3 +114,4 @@ properties: TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy. A base64-encoded string. + output: true diff --git a/mmv1/products/compute/TargetHttpProxy.yaml b/mmv1/products/compute/TargetHttpProxy.yaml index 6f8d7767e88c..b8f8d271d0e0 100644 --- a/mmv1/products/compute/TargetHttpProxy.yaml +++ b/mmv1/products/compute/TargetHttpProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,76 +11,76 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetHttpProxy' kind: 'compute#targetHttpProxy' -base_url: projects/{{project}}/global/targetHttpProxies -collection_url_key: 'items' -has_self_link: true -immutable: true description: | Represents a TargetHttpProxy resource, which is used by one or more global forwarding rule to route incoming HTTP requests to a URL map. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/targetHttpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_http_proxy_basic' + - name: 'target_http_proxy_basic' primary_resource_id: 'default' vars: target_http_proxy_name: 'test-proxy' url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'target_http_proxy_http_keep_alive_timeout' + - name: 'target_http_proxy_http_keep_alive_timeout' primary_resource_id: 'default' vars: target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'target_http_proxy_https_redirect' + - name: 'target_http_proxy_https_redirect' primary_resource_id: 'default' vars: target_http_proxy_name: 'test-https-redirect-proxy' url_map_name: 'url-map' +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -90,25 +90,25 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::ResourceRef - name: 'urlMap' - resource: 'UrlMap' - imports: 'selfLink' + - name: 'urlMap' + type: ResourceRef description: | A reference to the UrlMap resource that defines the mapping from URL to the BackendService. required: true - update_verb: :POST update_url: 'projects/{{project}}/targetHttpProxies/{{name}}/setUrlMap' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: 'proxyBind' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'UrlMap' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'httpKeepAliveTimeoutSec' + - name: 'httpKeepAliveTimeoutSec' + type: Integer description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is diff --git a/mmv1/products/compute/TargetHttpsProxy.yaml b/mmv1/products/compute/TargetHttpsProxy.yaml index 56e438f5ae7b..e8de3f3bc99b 100644 --- a/mmv1/products/compute/TargetHttpsProxy.yaml +++ b/mmv1/products/compute/TargetHttpsProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,48 +11,48 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetHttpsProxy' kind: 'compute#targetHttpsProxy' -base_url: projects/{{project}}/global/targetHttpsProxies -collection_url_key: 'items' -has_self_link: true -immutable: true description: | Represents a TargetHttpsProxy resource, which is used by one or more global forwarding rule to route incoming HTTPS requests to a URL map. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpsProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/targetHttpsProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/compute_target_https_proxy.go.erb +collection_url_key: 'items' +custom_code: + encoder: 'templates/terraform/encoders/compute_target_https_proxy.go.tmpl' # update_encoder is usually the same as encoder by default. This resource is an uncommon case where the whole resource # is marked to be immutable, but we have a field specific update that overrides it (e.g certifiacteManagerCertificates). # This causes the encoder logic to not be applied during update. - update_encoder: templates/terraform/encoders/compute_target_https_proxy.go.erb - decoder: templates/terraform/decoders/compute_target_https_proxy.go.erb + update_encoder: 'templates/terraform/encoders/compute_target_https_proxy.go.tmpl' + decoder: 'templates/terraform/decoders/compute_target_https_proxy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_https_proxy_basic' + - name: 'target_https_proxy_basic' primary_resource_id: 'default' vars: target_https_proxy_name: 'test-proxy' @@ -60,8 +60,7 @@ examples: url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'target_https_proxy_http_keep_alive_timeout' + - name: 'target_https_proxy_http_keep_alive_timeout' primary_resource_id: 'default' vars: target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' @@ -69,8 +68,7 @@ examples: url_map_name: 'url-map' backend_service_name: 'backend-service' http_health_check_name: 'http-health-check' - - !ruby/object:Provider::Terraform::Examples - name: 'target_https_proxy_mtls' + - name: 'target_https_proxy_mtls' primary_resource_id: 'default' min_version: 'beta' vars: @@ -81,30 +79,30 @@ examples: http_health_check_name: 'http-health-check' server_tls_policy_name: 'my-tls-policy' trust_config_name: 'my-trust-config' - - !ruby/object:Provider::Terraform::Examples - name: 'target_https_proxy_certificate_manager_certificate' + - name: 'target_https_proxy_certificate_manager_certificate' primary_resource_id: 'default' vars: target_https_proxy_name: 'target-http-proxy' certificate_manager_certificate_name: 'my-certificate' url_map_name: 'url-map' backend_service_name: 'backend-service' +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -113,105 +111,107 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Enum - name: 'quicOverride' + immutable: true + - name: 'quicOverride' + type: Enum description: | Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. - values: - - :NONE - - :ENABLE - - :DISABLE - update_verb: :POST update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setQuicOverride' - default_value: :NONE - custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb' - - !ruby/object:Api::Type::Enum - name: 'tlsEarlyData' + update_verb: 'POST' + custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.tmpl' + default_value: "NONE" + enum_values: + - 'NONE' + - 'ENABLE' + - 'DISABLE' + - name: 'tlsEarlyData' + type: Enum description: | Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). - values: - - :STRICT - - :PERMISSIVE - - :DISABLED default_from_api: true - - !ruby/object:Api::Type::Array - name: 'certificateManagerCertificates' + enum_values: + - 'STRICT' + - 'PERMISSIVE' + - 'DISABLED' + - name: 'certificateManagerCertificates' + type: Array description: | URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` - update_verb: :POST update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' - item_type: Api::Type::String - custom_expand: 'templates/terraform/custom_expand/certificate_manager_certificate_construct_full_url.go.erb' - diff_suppress_func: 'tpgresource.CompareResourceNames' + update_verb: 'POST' conflicts: - ssl_certificates - - !ruby/object:Api::Type::Array - name: 'sslCertificates' + diff_suppress_func: 'tpgresource.CompareResourceNames' + custom_expand: 'templates/terraform/custom_expand/certificate_manager_certificate_construct_full_url.go.tmpl' + item_type: + type: String + - name: 'sslCertificates' + type: Array description: | URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together. - update_verb: :POST update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' - item_type: !ruby/object:Api::Type::ResourceRef + update_verb: 'POST' + conflicts: + - certificate_manager_certificates + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'sslCertificate' + type: ResourceRef + description: 'The SSL certificate URL used by this TargetHttpsProxy' resource: 'SslCertificate' imports: 'selfLink' - description: 'The SSL certificate URL used by this TargetHttpsProxy' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - conflicts: - - certificate_manager_certificates - - !ruby/object:Api::Type::String - name: 'certificateMap' + - name: 'certificateMap' + type: String description: | A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. - update_verb: :POST update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setCertificateMap' - - !ruby/object:Api::Type::ResourceRef - name: 'sslPolicy' - resource: 'SslPolicy' - imports: 'selfLink' + update_verb: 'POST' + - name: 'sslPolicy' + type: ResourceRef description: | A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. - update_verb: :POST update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setSslPolicy' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'urlMap' - resource: 'UrlMap' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'SslPolicy' imports: 'selfLink' + - name: 'urlMap' + type: ResourceRef description: | A reference to the UrlMap resource that defines the mapping from URL to the BackendService. required: true - update_verb: :POST update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setUrlMap' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: 'proxyBind' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'UrlMap' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'httpKeepAliveTimeoutSec' + - name: 'httpKeepAliveTimeoutSec' + type: Integer description: | Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is @@ -222,10 +222,8 @@ properties: value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly. - - !ruby/object:Api::Type::ResourceRef - name: 'serverTlsPolicy' - resource: 'ServerTlsPolicy' - imports: 'selfLink' + - name: 'serverTlsPolicy' + type: ResourceRef description: | A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound @@ -241,6 +239,8 @@ properties: deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this. - update_verb: :PATCH update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}' + update_verb: 'PATCH' fingerprint_name: 'fingerprint' + resource: 'ServerTlsPolicy' + imports: 'selfLink' diff --git a/mmv1/products/compute/TargetInstance.yaml b/mmv1/products/compute/TargetInstance.yaml index f522bb57e789..24462fdea0f8 100644 --- a/mmv1/products/compute/TargetInstance.yaml +++ b/mmv1/products/compute/TargetInstance.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetInstance' kind: 'compute#targetInstance' -base_url: projects/{{project}}/zones/{{zone}}/targetInstances -collection_url_key: 'items' -has_self_link: true -immutable: true description: | Represents a TargetInstance resource which defines an endpoint instance that terminates traffic of certain protocols. In particular, they are used @@ -25,68 +21,70 @@ description: | non-NAT'ed target instance. Each target instance contains a single virtual machine instance that receives and handles traffic from the corresponding forwarding rules. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Using Protocol Forwarding': 'https://cloud.google.com/compute/docs/protocol-forwarding' api: 'https://cloud.google.com/compute/docs/reference/v1/targetInstances' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/zones/{{zone}}/targetInstances' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + post_create: 'templates/terraform/post_create/compute_target_instance_security_policy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_instance_basic' + - name: 'target_instance_basic' primary_resource_id: 'default' vars: target_name: 'target' instance_name: 'target-vm' - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'target_instance_custom_network' + - name: 'target_instance_custom_network' primary_resource_id: 'custom_network' + min_version: 'beta' vars: target_name: 'custom-network' instance_name: 'custom-network-target-vm' - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: 'target_instance_with_security_policy' + - name: 'target_instance_with_security_policy' primary_resource_id: 'default' + min_version: 'beta' vars: network_name: 'custom-default-network' subnetname_name: 'custom-default-subnet' instance_name: 'target-vm' region_sec_policy: 'region-secpolicy' target_name: 'target-instance' -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: 'templates/terraform/post_create/compute_target_instance_security_policy.go.erb' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'zone' - resource: 'Zone' - imports: 'name' + - name: 'zone' + type: ResourceRef description: | URL of the zone where the target instance resides. required: false immutable: true default_from_api: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Zone' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -96,25 +94,23 @@ properties: characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'network' + - name: 'network' + type: String description: 'The URL of the network this target instance uses to forward traffic. If not specified, the traffic will be forwarded to the network that the default network interface belongs to.' + min_version: 'beta' immutable: true - min_version: beta - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' - - !ruby/object:Api::Type::ResourceRef - name: 'instance' - resource: 'Instance' - imports: 'selfLink' + - name: 'instance' + type: ResourceRef description: | The Compute instance VM handling traffic for this target instance. Accepts the instance self-link, relative path @@ -125,20 +121,22 @@ properties: required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/self_link_from_name.erb' - - !ruby/object:Api::Type::Enum - name: 'natPolicy' + custom_expand: 'templates/terraform/custom_expand/self_link_from_name.tmpl' + resource: 'Instance' + imports: 'selfLink' + - name: 'natPolicy' + type: Enum description: | NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported. immutable: true - default_value: :NO_NAT - values: - - :NO_NAT - - !ruby/object:Api::Type::String - name: 'securityPolicy' - min_version: beta + default_value: "NO_NAT" + enum_values: + - 'NO_NAT' + - name: 'securityPolicy' + type: String description: | The resource URL for the security policy associated with this target instance. - update_url: projects/{{project}}/zones/{{zone}}/targetInstances/{{name}}/setSecurityPolicy - update_verb: :POST + min_version: 'beta' + update_url: 'projects/{{project}}/zones/{{zone}}/targetInstances/{{name}}/setSecurityPolicy' + update_verb: 'POST' diff --git a/mmv1/products/compute/TargetSslProxy.yaml b/mmv1/products/compute/TargetSslProxy.yaml index 795274ab4bda..77c2e5fe4019 100644 --- a/mmv1/products/compute/TargetSslProxy.yaml +++ b/mmv1/products/compute/TargetSslProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,64 +11,66 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetSslProxy' kind: 'compute#targetSslProxy' -base_url: projects/{{project}}/global/targetSslProxies -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a TargetSslProxy resource, which is used by one or more global forwarding rule to route incoming SSL requests to a backend service. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Setting Up SSL proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/' api: 'https://cloud.google.com/compute/docs/reference/v1/targetSslProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/targetSslProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_ssl_proxy_basic' + - name: 'target_ssl_proxy_basic' primary_resource_id: 'default' vars: target_ssl_proxy_name: 'test-proxy' ssl_certificate_name: 'default-cert' backend_service_name: 'backend-service' health_check_name: 'health-check' +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -77,66 +79,67 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' + immutable: true + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - update_verb: :POST update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setProxyHeader' - default_value: :NONE - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - api_name: service - resource: 'BackendService' - imports: 'selfLink' + update_verb: 'POST' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'backendService' + type: ResourceRef description: | A reference to the BackendService resource. + api_name: service required: true - update_verb: :POST update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setBackendService' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Array - name: 'sslCertificates' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'sslCertificates' + type: Array description: | A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. - exactly_one_of: - - sslCertificates - - certificateMap - update_verb: :POST update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslCertificates' - item_type: !ruby/object:Api::Type::ResourceRef + update_verb: 'POST' + exactly_one_of: + - 'sslCertificates' + - 'certificateMap' + custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.tmpl' + item_type: name: 'sslCertificate' + type: ResourceRef + description: 'The SSL certificates used by this TargetSslProxy' resource: 'SslCertificate' imports: 'selfLink' - description: 'The SSL certificates used by this TargetSslProxy' - custom_expand: 'templates/terraform/custom_expand/array_resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::String - name: 'certificateMap' + - name: 'certificateMap' + type: String description: | A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. - exactly_one_of: - - sslCertificates - - certificateMap - update_verb: :POST update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setCertificateMap' - - !ruby/object:Api::Type::ResourceRef - name: 'sslPolicy' - resource: 'SslPolicy' - imports: 'selfLink' + update_verb: 'POST' + exactly_one_of: + - 'sslCertificates' + - 'certificateMap' + - name: 'sslPolicy' + type: ResourceRef description: | A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured. - update_verb: :POST update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslPolicy' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'SslPolicy' + imports: 'selfLink' diff --git a/mmv1/products/compute/TargetTcpProxy.yaml b/mmv1/products/compute/TargetTcpProxy.yaml index 65a99baf0d64..b907719fec98 100644 --- a/mmv1/products/compute/TargetTcpProxy.yaml +++ b/mmv1/products/compute/TargetTcpProxy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,63 +11,65 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'TargetTcpProxy' kind: 'compute#targetTcpProxy' -base_url: projects/{{project}}/global/targetTcpProxies -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a TargetTcpProxy resource, which is used by one or more global forwarding rule to route incoming TCP requests to a Backend service. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Setting Up TCP proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy' api: 'https://cloud.google.com/compute/docs/reference/v1/targetTcpProxies' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/global/targetTcpProxies' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_tcp_proxy_basic' + - name: 'target_tcp_proxy_basic' primary_resource_id: 'default' vars: target_tcp_proxy_name: 'test-proxy' backend_service_name: 'backend-service' health_check_name: 'health-check' +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::Integer - name: 'proxyId' - api_name: 'id' + - name: 'proxyId' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -76,32 +78,32 @@ properties: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - immutable: true required: true - - !ruby/object:Api::Type::Enum - name: 'proxyHeader' + immutable: true + - name: 'proxyHeader' + type: Enum description: | Specifies the type of proxy header to append before sending data to the backend. - values: - - :NONE - - :PROXY_V1 - update_verb: :POST update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setProxyHeader' - default_value: :NONE - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - api_name: 'service' - resource: 'BackendService' - imports: 'selfLink' + update_verb: 'POST' + default_value: "NONE" + enum_values: + - 'NONE' + - 'PROXY_V1' + - name: 'backendService' + type: ResourceRef description: | A reference to the BackendService resource. + api_name: service required: true - update_verb: :POST update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setBackendService' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Boolean - name: 'proxyBind' + update_verb: 'POST' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'proxyBind' + type: Boolean description: | This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. diff --git a/mmv1/products/compute/UrlMap.yaml b/mmv1/products/compute/UrlMap.yaml index e0ca9bf62fc2..faf41b8a315a 100644 --- a/mmv1/products/compute/UrlMap.yaml +++ b/mmv1/products/compute/UrlMap.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,278 +11,278 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'UrlMap' kind: 'compute#urlMap' -base_url: projects/{{project}}/global/urlMaps -collection_url_key: 'items' -has_self_link: true description: | UrlMaps are used to route requests to a backend service based on rules that you define for the host and path of an incoming URL. -references: !ruby/object:Api::Resource::ReferenceLinks - api: https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps' +docs: +base_url: 'projects/{{project}}/global/urlMaps' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: "url_map_bucket_and_service" - primary_resource_id: "urlmap" + - name: 'url_map_bucket_and_service' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - login_backend_service_name: "login" - http_health_check_name: "health-check" - backend_bucket_name: "static-asset-backend-bucket" - storage_bucket_name: "static-asset-bucket" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_traffic_director_route" - primary_resource_id: "urlmap" + url_map_name: 'urlmap' + login_backend_service_name: 'login' + http_health_check_name: 'health-check' + backend_bucket_name: 'static-asset-backend-bucket' + storage_bucket_name: 'static-asset-bucket' + - name: 'url_map_traffic_director_route' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - home_backend_service_name: "home" - health_check_name: "health-check" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_traffic_director_route_partial" - primary_resource_id: "urlmap" + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_traffic_director_route_partial' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - home_backend_service_name: "home" - health_check_name: "health-check" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_traffic_director_path" - primary_resource_id: "urlmap" + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_traffic_director_path' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - home_backend_service_name: "home" - health_check_name: "health-check" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_traffic_director_path_partial" - primary_resource_id: "urlmap" + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_traffic_director_path_partial' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - home_backend_service_name: "home" - health_check_name: "health-check" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_header_based_routing" - primary_resource_id: "urlmap" + url_map_name: 'urlmap' + home_backend_service_name: 'home' + health_check_name: 'health-check' + - name: 'url_map_header_based_routing' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - default_backend_service_name: "default" - service_a_backend_service_name: "service-a" - service_b_backend_service_name: "service-b" - health_check_name: "health-check" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_parameter_based_routing" - primary_resource_id: "urlmap" + url_map_name: 'urlmap' + default_backend_service_name: 'default' + service_a_backend_service_name: 'service-a' + service_b_backend_service_name: 'service-b' + health_check_name: 'health-check' + - name: 'url_map_parameter_based_routing' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - default_backend_service_name: "default" - service_a_backend_service_name: "service-a" - service_b_backend_service_name: "service-b" - health_check_name: "health-check" - - !ruby/object:Provider::Terraform::Examples - name: "external_http_lb_mig_backend" - primary_resource_id: "default" + url_map_name: 'urlmap' + default_backend_service_name: 'default' + service_a_backend_service_name: 'service-a' + service_b_backend_service_name: 'service-b' + health_check_name: 'health-check' + - name: 'external_http_lb_mig_backend' + primary_resource_id: 'default' vars: - lb_backend_template: "lb-backend-template" - lb_backend_example: "lb-backend-example" - fw_allow_health_check: "fw-allow-health-check" - lb_ipv4_1: "lb-ipv4-1" - http_basic_check: "http-basic-check" - web_backend_service: "web-backend-service" - web_map_http: "web-map-http" - http_lb_proxy: "http-lb-proxy" - http_content_rule: "http-content-rule" - skip_docs: true - skip_test: true # Very similar to external_http_lb_mig_backend_custom_header + lb_backend_template: 'lb-backend-template' + lb_backend_example: 'lb-backend-example' + fw_allow_health_check: 'fw-allow-health-check' + lb_ipv4_1: 'lb-ipv4-1' + http_basic_check: 'http-basic-check' + web_backend_service: 'web-backend-service' + web_map_http: 'web-map-http' + http_lb_proxy: 'http-lb-proxy' + http_content_rule: 'http-content-rule' ignore_read_extra: - - "metadata" - - "metadata_startup_script" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_path_template_match" - primary_resource_id: "urlmap" + - 'metadata' + - 'metadata_startup_script' + # Very similar to external_http_lb_mig_backend_custom_header + exclude_test: true + exclude_docs: true + - name: 'url_map_path_template_match' + primary_resource_id: 'urlmap' vars: - url_map_name: "urlmap" - cart_backend_service_name: "cart-service" - user_backend_service_name: "user-service" - http_health_check_name: "health-check" - backend_bucket_name: "static-asset-backend-bucket" - storage_bucket_name: "static-asset-bucket" - - !ruby/object:Provider::Terraform::Examples - name: "url_map_custom_error_response_policy" - primary_resource_id: "urlmap" - min_version: beta + url_map_name: 'urlmap' + cart_backend_service_name: 'cart-service' + user_backend_service_name: 'user-service' + http_health_check_name: 'health-check' + backend_bucket_name: 'static-asset-backend-bucket' + storage_bucket_name: 'static-asset-bucket' + - name: 'url_map_custom_error_response_policy' + primary_resource_id: 'urlmap' + min_version: 'beta' vars: - url_map_name: "urlmap" - backend_service_name: "login" - http_health_check_name: "health-check" - storage_bucket_name: "static-asset-bucket" - error_backend_bucket_name: "error-backend-bucket" + url_map_name: 'urlmap' + backend_service_name: 'login' + http_health_check_name: 'health-check' + storage_bucket_name: 'static-asset-bucket' + error_backend_bucket_name: 'error-backend-bucket' +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::ResourceRef - name: 'defaultService' + - name: 'defaultService' + type: ResourceRef + description: |- + The backend service or backend bucket to use when none of the given rules match. exactly_one_of: - - default_service - - default_url_redirect - - default_route_action.0.weighted_backend_services + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - description: |- - The backend service or backend bucket to use when none of the given rules match. - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Integer - name: 'map_id' - api_name: 'id' + - name: 'map_id' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::Fingerprint - name: 'fingerprint' + - name: 'fingerprint' + type: Fingerprint description: | Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + output: true + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' - at_least_one_of: - - header_action.0.request_headers_to_add - - header_action.0.request_headers_to_remove - - header_action.0.response_headers_to_add - - header_action.0.response_headers_to_remove + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String - at_least_one_of: - - header_action.0.request_headers_to_add - - header_action.0.request_headers_to_remove - - header_action.0.response_headers_to_add - - header_action.0.response_headers_to_remove + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' at_least_one_of: - - header_action.0.request_headers_to_add - - header_action.0.request_headers_to_remove - - header_action.0.response_headers_to_add - - header_action.0.response_headers_to_remove + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String - at_least_one_of: - - header_action.0.request_headers_to_add - - header_action.0.request_headers_to_remove - - header_action.0.response_headers_to_add - - header_action.0.response_headers_to_remove + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Array - name: "host_rule" - api_name: 'hostRules' - is_set: true + at_least_one_of: + - 'header_action.0.request_headers_to_add' + - 'header_action.0.request_headers_to_remove' + - 'header_action.0.response_headers_to_add' + - 'header_action.0.response_headers_to_remove' + item_type: + type: String + - name: 'host_rule' + type: Array description: | The list of HostRules to use against the URL. - item_type: !ruby/object:Api::Type::NestedObject + api_name: hostRules + is_set: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::Array - name: 'hosts' - required: true - is_set: true - item_type: Api::Type::String + - name: 'hosts' + type: Array description: | The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. - - !ruby/object:Api::Type::String - name: 'pathMatcher' + is_set: true required: true + item_type: + type: String + - name: 'pathMatcher' + type: String description: | The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion. - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + required: true + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the @@ -290,33 +290,35 @@ properties: `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - - !ruby/object:Api::Type::Array - name: "path_matcher" - api_name: 'pathMatchers' + required: true + immutable: true + - name: 'path_matcher' + type: Array description: | The list of named PathMatchers to use against the URL. - item_type: !ruby/object:Api::Type::NestedObject + api_name: pathMatchers + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'defaultService' + - name: 'defaultService' + type: ResourceRef + description: The backend service or backend bucket to use when none of the given paths match. # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # exactly_one_of: # - path_matchers.0.default_service # - path_matchers.0.default_url_redirect # - path_matchers.0.default_route_action.0.weighted_backend_services - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - description: The backend service or backend bucket to use when none of the given paths match. + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. Provide this property when you create the resource. - - !ruby/object:Api::Type::NestedObject - name: 'defaultCustomErrorResponsePolicy' - min_version: beta + - name: 'defaultCustomErrorResponsePolicy' + type: NestedObject description: | defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. @@ -331,42 +333,43 @@ properties: When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Array - name: 'errorResponseRule' - api_name: errorResponseRules + - name: 'errorResponseRule' + type: Array description: | Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. - item_type: !ruby/object:Api::Type::NestedObject + api_name: errorResponseRules + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'matchResponseCodes' + - name: 'matchResponseCodes' + type: Array description: | Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'path' + item_type: + type: String + - name: 'path' + type: String description: | The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters - - !ruby/object:Api::Type::Integer - name: 'overrideResponseCode' + - name: 'overrideResponseCode' + type: Integer description: | The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - - !ruby/object:Api::Type::ResourceRef - name: 'errorService' - resource: 'BackendBucket' - imports: 'selfLink' + - name: 'errorService' + type: ResourceRef description: | The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket @@ -374,80 +377,85 @@ properties: global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + resource: 'BackendBucket' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::String - name: 'name' - required: true + item_type: + type: String + - name: 'name' + type: String description: | The name to which this PathMatcher is referred by the HostRule. - - !ruby/object:Api::Type::Array - name: 'path_rule' - api_name: pathRules + required: true + - name: 'path_rule' + type: Array description: | The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules @@ -455,27 +463,29 @@ properties: basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set. - item_type: !ruby/object:Api::Type::NestedObject + api_name: pathRules + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'service' + - name: 'service' + type: ResourceRef + description: The backend service or backend bucket to use if any of the given paths match. + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' imports: 'selfLink' - description: The backend service or backend bucket to use if any of the given paths match. - - !ruby/object:Api::Type::Array - name: 'paths' - is_set: true - required: true - item_type: Api::Type::String + - name: 'paths' + type: Array description: | The list of path patterns to match. Each must start with / and the only place a \* is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here. - - !ruby/object:Api::Type::NestedObject - name: 'customErrorResponsePolicy' - min_version: beta + is_set: true + required: true + item_type: + type: String + - name: 'customErrorResponsePolicy' + type: NestedObject description: | customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. @@ -484,19 +494,21 @@ properties: A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Array - name: 'errorResponseRule' - api_name: errorResponseRules + - name: 'errorResponseRule' + type: Array description: | Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. - item_type: !ruby/object:Api::Type::NestedObject + api_name: errorResponseRules + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'matchResponseCodes' + - name: 'matchResponseCodes' + type: Array description: | Valid values include: @@ -505,23 +517,22 @@ properties: - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'path' + item_type: + type: String + - name: 'path' + type: String description: | The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters - - !ruby/object:Api::Type::Integer - name: 'overrideResponseCode' + - name: 'overrideResponseCode' + type: Integer description: | The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - - !ruby/object:Api::Type::ResourceRef - name: "errorService" - resource: "BackendBucket" - imports: 'selfLink' + - name: 'errorService' + type: ResourceRef description: | The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: @@ -531,8 +542,10 @@ properties: If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). - - !ruby/object:Api::Type::NestedObject - name: 'routeAction' + resource: 'BackendBucket' + imports: 'selfLink' + - name: 'routeAction' + type: NestedObject description: | In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -541,59 +554,64 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' - default_value: false + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowHeaders' - item_type: Api::Type::String + default_value: false + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. - - !ruby/object:Api::Type::Array - name: 'allowMethods' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Array - name: 'allowOrigins' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Boolean - name: 'disabled' - required: true + item_type: + type: String + - name: 'disabled' + type: Boolean description: | If true, specifies the CORS policy is disabled. - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' - item_type: Api::Type::String + required: true + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. - - !ruby/object:Api::Type::Integer - name: 'maxAge' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long the results of a preflight request can be cached. This translates to the content for the Access-Control-Max-Age header. - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -603,101 +621,100 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' - required: true + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' required: true + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'delay' + required: true + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' - required: true + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. + required: true properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' - required: true + required: true + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + required: true + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + - name: 'backendService' + type: ResourceRef + description: | + The BackendService resource being mirrored to. required: true + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - description: | - The BackendService resource being mirrored to. - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. properties: - - !ruby/object:Api::Type::Integer - name: 'numRetries' + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Array - name: 'retryConditions' - item_type: Api::Type::String + required: true + - name: 'retryConditions' + type: Array description: | Specifies one or more conditions when this retry rule applies. Valid values are: @@ -721,46 +738,48 @@ properties: header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - - !ruby/object:Api::Type::NestedObject - name: 'timeout' + item_type: + type: String + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + required: true + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - name: 'hostRewrite' + type: String description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' + - name: 'weightedBackendServices' + type: Array description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -770,87 +789,91 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - required: true - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - resource: 'BackendService' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + required: true + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Integer - name: 'weight' - required: true + item_type: + type: String + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -858,38 +881,39 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 - - !ruby/object:Api::Type::NestedObject - name: 'urlRedirect' + required: true + - name: 'urlRedirect' + type: NestedObject description: | When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before @@ -897,8 +921,8 @@ properties: pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -913,23 +937,23 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - required: true + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. - - !ruby/object:Api::Type::Array - name: 'routeRules' + required: true + - name: 'routeRules' + type: Array description: | The list of ordered HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. The order of specifying @@ -937,11 +961,11 @@ properties: action to take effect. Within a given pathMatcher, only one of pathRules or routeRules must be set. routeRules are not supported in UrlMaps intended for External load balancers. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Integer - name: 'priority' - required: true + - name: 'priority' + type: Integer description: | For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated @@ -958,11 +982,9 @@ properties: 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules. - - !ruby/object:Api::Type::ResourceRef - name: 'service' - resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - imports: 'selfLink' + required: true + - name: 'service' + type: ResourceRef description: | The backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, @@ -971,127 +993,136 @@ properties: contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r outeAction.weightedBackendService.backendServiceWeightAction[].headerAction properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Array - name: 'matchRules' + item_type: + type: String + - name: 'matchRules' + type: Array description: | The rules for determining a match. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'fullPathMatch' + - name: 'fullPathMatch' + type: String description: | For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. FullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. - - !ruby/object:Api::Type::Array - name: 'headerMatches' + - name: 'headerMatches' + type: Array description: | Specifies a list of header match criteria, all of which must match corresponding headers in the request. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'exactMatch' + - name: 'exactMatch' + type: String description: | The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". - - !ruby/object:Api::Type::Boolean - name: 'invertMatch' - default_value: false + required: true + - name: 'invertMatch' + type: Boolean description: | If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. Defaults to false. - - !ruby/object:Api::Type::String - name: 'prefixMatch' + default_value: false + - name: 'prefixMatch' + type: String description: | The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::Boolean - name: 'presentMatch' + - name: 'presentMatch' + type: Boolean description: | A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value or not. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::NestedObject - name: 'rangeMatch' + - name: 'rangeMatch' + type: NestedObject description: | The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, @@ -1100,18 +1131,18 @@ properties: exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. properties: - - !ruby/object:Api::Type::Integer - name: 'rangeEnd' - required: true + - name: 'rangeEnd' + type: Integer description: | The end of the range (exclusive). - - !ruby/object:Api::Type::Integer - name: 'rangeStart' required: true + - name: 'rangeStart' + type: Integer description: | The start of the range (inclusive). - - !ruby/object:Api::Type::String - name: 'regexMatch' + required: true + - name: 'regexMatch' + type: String description: | The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: @@ -1120,20 +1151,20 @@ properties: a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::String - name: 'suffixMatch' + - name: 'suffixMatch' + type: String description: | The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - !ruby/object:Api::Type::Boolean - name: 'ignoreCase' - default_value: false + - name: 'ignoreCase' + type: Boolean description: | Specifies that prefixMatch and fullPathMatch matches are case sensitive. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'metadataFilters' + default_value: false + - name: 'metadataFilters' + type: Array description: | Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS @@ -1146,34 +1177,35 @@ properties: here can be overrides those specified in ForwardingRule that refers to this UrlMap. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'filterLabels' - min_size: 1 - max_size: 64 - required: true + - name: 'filterLabels' + type: Array description: | The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long. - - !ruby/object:Api::Type::String - name: 'value' required: true + - name: 'value' + type: String description: | The value of the label must match the specified value. value can have a maximum length of 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'filterMatchCriteria' - required: true + required: true + min_size: 1 + max_size: 64 + - name: 'filterMatchCriteria' + type: Enum description: | Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: @@ -1181,58 +1213,60 @@ properties: provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata. - values: - - :MATCH_ALL - - :MATCH_ANY - - !ruby/object:Api::Type::String - name: 'prefixMatch' + required: true + enum_values: + - 'MATCH_ALL' + - 'MATCH_ANY' + - name: 'prefixMatch' + type: String description: | For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. - - !ruby/object:Api::Type::Array - name: 'queryParameterMatches' + - name: 'queryParameterMatches' + type: Array description: | Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'exactMatch' + - name: 'exactMatch' + type: String description: | The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch must be set. - - !ruby/object:Api::Type::String - name: 'name' - required: true + - name: 'name' + type: String description: | The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails. - - !ruby/object:Api::Type::Boolean - name: 'presentMatch' + required: true + - name: 'presentMatch' + type: Boolean description: | Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch and regexMatch must be set. - - !ruby/object:Api::Type::String - name: 'regexMatch' + - name: 'regexMatch' + type: String description: | The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, exactMatch and regexMatch must be set. - - !ruby/object:Api::Type::String - name: 'regexMatch' + - name: 'regexMatch' + type: String description: | For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, fullPathMatch or regexMatch must be specified. - - !ruby/object:Api::Type::String - name: pathTemplateMatch + - name: 'pathTemplateMatch' + type: String description: | For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch @@ -1243,8 +1277,8 @@ properties: (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total. - - !ruby/object:Api::Type::NestedObject - name: 'routeAction' + - name: 'routeAction' + type: NestedObject description: | In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the @@ -1253,60 +1287,65 @@ properties: routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. properties: - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing properties: - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' - default_value: false + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access- Control-Allow-Credentials header. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'allowHeaders' - item_type: Api::Type::String + default_value: false + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. - - !ruby/object:Api::Type::Array - name: 'allowMethods' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Array - name: 'allowOrigins' - item_type: Api::Type::String + item_type: + type: String + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either allow_origins or allow_origin_regex. - - !ruby/object:Api::Type::Boolean - name: 'disabled' - default_value: false + item_type: + type: String + - name: 'disabled' + type: Boolean description: | If true, specifies the CORS policy is disabled. which indicates that the CORS policy is in effect. Defaults to false. - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' - item_type: Api::Type::String + default_value: false + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. - - !ruby/object:Api::Type::Integer - name: 'maxAge' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long the results of a preflight request can be cached. This translates to the content for the Access-Control-Max-Age header. - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, @@ -1316,100 +1355,99 @@ properties: Loadbalancer for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. properties: - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'delay' + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' + required: true + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' + - name: 'backendService' + type: ResourceRef + description: | + The BackendService resource being mirrored to. required: true - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' resource: 'BackendService' imports: 'selfLink' - description: | - The BackendService resource being mirrored to. - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. properties: - - !ruby/object:Api::Type::Integer - name: 'numRetries' - required: true + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + required: true + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::Array - name: 'retryConditions' - item_type: Api::Type::String + required: true + - name: 'retryConditions' + type: Array description: | Specfies one or more conditions when this retry rule applies. Valid values are: @@ -1433,46 +1471,48 @@ properties: header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - - !ruby/object:Api::Type::NestedObject - name: 'timeout' + item_type: + type: String + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request is has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, the default value is 15 seconds. properties: - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::String - name: 'seconds' - required: true + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + required: true + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service properties: - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - name: 'hostRewrite' + type: String description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'pathTemplateRewrite' + - name: 'pathTemplateRewrite' + type: String description: | Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the @@ -1488,8 +1528,8 @@ properties: Only one of pathPrefixRewrite and pathTemplateRewrite may be specified. - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' + - name: 'weightedBackendServices' + type: Array description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their @@ -1499,87 +1539,91 @@ properties: the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - required: true - resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + required: true + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' - required: true + - name: 'headerName' + type: String description: | The name of the header. - - !ruby/object:Api::Type::String - name: 'headerValue' required: true + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' required: true + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' - item_type: Api::Type::String + required: true + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - - !ruby/object:Api::Type::Integer - name: 'weight' - required: true + item_type: + type: String + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a @@ -1587,39 +1631,40 @@ properties: been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 - - !ruby/object:Api::Type::NestedObject - name: 'urlRedirect' + required: true + - name: 'urlRedirect' + type: NestedObject description: | When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. Defaults to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. Only one of pathRedirect or prefixRedirect must be specified. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1632,22 +1677,22 @@ properties: * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - default_value: false + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. Defaults to false. - - !ruby/object:Api::Type::NestedObject - name: 'defaultUrlRedirect' + default_value: false + - name: 'defaultUrlRedirect' + type: NestedObject # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # exactly_one_of: @@ -1659,37 +1704,37 @@ properties: by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -1704,23 +1749,23 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - required: true + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. This field is required to ensure an empty block is not set. The normal default value is false. - - !ruby/object:Api::Type::NestedObject - name: 'defaultRouteAction' + required: true + - name: 'defaultRouteAction' + type: NestedObject # TODO: (mbang) conflicts also won't work for array path matchers yet, uncomment here once supported. # conflicts: # - path_matcher.path_matcher.default_url_redirect @@ -1732,8 +1777,8 @@ properties: Only one of defaultRouteAction or defaultUrlRedirect must be set. properties: - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' + - name: 'weightedBackendServices' + type: Array # TODO: (mbang) won't work for array path matchers yet, uncomment here once they are supported. # (github.com/hashicorp/terraform-plugin-sdk/issues/470) # exactly_one_of: @@ -1749,21 +1794,20 @@ properties: Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. - - !ruby/object:Api::Type::Integer - name: 'weight' - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntBetween(0, 1000)' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . @@ -1773,8 +1817,10 @@ properties: as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + validation: + function: 'validation.IntBetween(0, 1000)' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. @@ -1782,103 +1828,107 @@ properties: headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + item_type: + type: String + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: | The name of the header to add. - - !ruby/object:Api::Type::String - name: 'headerValue' + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: | The name of the header to add. - - !ruby/object:Api::Type::String - name: 'headerValue' + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service. properties: - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - name: 'hostRewrite' + type: String description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::NestedObject - name: 'timeout' - default_from_api: true + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. + default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. properties: - - !ruby/object:Api::Type::Array - name: 'retryConditions' + - name: 'retryConditions' + type: Array description: | Specfies one or more conditions when this retry rule applies. Valid values are: @@ -1896,99 +1946,105 @@ properties: * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'numRetries' + item_type: + type: String + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - default_value: 1 - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.IntAtLeast(1)' - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + default_value: 1 + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The full or partial URL to the BackendService resource being mirrored to. required: true - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) properties: - - !ruby/object:Api::Type::Array - name: 'allowOrigins' + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowMethods' + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowHeaders' + item_type: + type: String + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' + item_type: + type: String + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'maxAge' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. default_value: false - - !ruby/object:Api::Type::Boolean - name: 'disabled' + - name: 'disabled' + type: Boolean description: | If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. default_value: false - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a @@ -1997,55 +2053,54 @@ properties: timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. properties: - - !ruby/object:Api::Type::NestedObject - name: 'delay' + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - - !ruby/object:Api::Type::Integer - name: 'nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.FloatBetween(0, 100)' - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.IntBetween(200, 599)' - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.FloatBetween(0, 100)' - - !ruby/object:Api::Type::NestedObject - name: 'defaultCustomErrorResponsePolicy' - min_version: beta + - name: 'defaultCustomErrorResponsePolicy' + type: NestedObject description: | defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. @@ -2060,42 +2115,43 @@ properties: When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Array - name: 'errorResponseRule' - api_name: errorResponseRules + - name: 'errorResponseRule' + type: Array description: | Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. - item_type: !ruby/object:Api::Type::NestedObject + api_name: errorResponseRules + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Array - name: 'matchResponseCodes' + - name: 'matchResponseCodes' + type: Array description: | Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'path' + item_type: + type: String + - name: 'path' + type: String description: | The full path to a file within backendBucket. For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters. - - !ruby/object:Api::Type::Integer - name: 'overrideResponseCode' + - name: 'overrideResponseCode' + type: Integer description: | The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - - !ruby/object:Api::Type::ResourceRef - name: "errorService" - resource: "BackendBucket" - imports: 'selfLink' + - name: 'errorService' + type: ResourceRef description: | The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: @@ -2105,80 +2161,83 @@ properties: If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). - - !ruby/object:Api::Type::Array - name: "test" - api_name: tests + resource: 'BackendBucket' + imports: 'selfLink' + - name: 'test' + type: Array description: | The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. - item_type: !ruby/object:Api::Type::NestedObject + api_name: tests + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of this test case. - - !ruby/object:Api::Type::String - name: 'host' - required: true + - name: 'host' + type: String description: | Host portion of the URL. - - !ruby/object:Api::Type::String - name: 'path' required: true + - name: 'path' + type: String description: | Path portion of the URL. - - !ruby/object:Api::Type::ResourceRef - name: 'service' - resource: 'BackendService' - imports: 'selfLink' required: true + - name: 'service' + type: ResourceRef description: The backend service or backend bucket link that should be matched by this test. - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - - !ruby/object:Api::Type::NestedObject - name: 'defaultUrlRedirect' - exactly_one_of: - - default_service - - default_url_redirect - - default_route_action.0.weighted_backend_services - conflicts: - - default_route_action + required: true + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'defaultUrlRedirect' + type: NestedObject description: | When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. + conflicts: + - default_route_action + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' properties: - - !ruby/object:Api::Type::String - name: 'hostRedirect' + - name: 'hostRedirect' + type: String description: | The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters. - - !ruby/object:Api::Type::Boolean - name: 'httpsRedirect' - default_value: false + - name: 'httpsRedirect' + type: Boolean description: | If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. - - !ruby/object:Api::Type::String - name: 'pathRedirect' + default_value: false + - name: 'pathRedirect' + type: String description: | The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::String - name: 'prefixRedirect' + - name: 'prefixRedirect' + type: String description: | The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters. - - !ruby/object:Api::Type::Enum - name: 'redirectResponseCode' + - name: 'redirectResponseCode' + type: Enum description: | The HTTP Status code to use for this RedirectAction. Supported values are: @@ -2193,25 +2252,23 @@ properties: * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - skip_docs_values: true - values: - - :FOUND - - :MOVED_PERMANENTLY_DEFAULT - - :PERMANENT_REDIRECT - - :SEE_OTHER - - :TEMPORARY_REDIRECT - - !ruby/object:Api::Type::Boolean - name: 'stripQuery' - required: true + enum_values: + - 'FOUND' + - 'MOVED_PERMANENTLY_DEFAULT' + - 'PERMANENT_REDIRECT' + - 'SEE_OTHER' + - 'TEMPORARY_REDIRECT' + exclude_docs_values: true + - name: 'stripQuery' + type: Boolean description: | If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. This field is required to ensure an empty block is not set. The normal default value is false. - - !ruby/object:Api::Type::NestedObject - name: 'defaultRouteAction' - conflicts: - - default_url_redirect + required: true + - name: 'defaultRouteAction' + type: NestedObject description: | defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. @@ -2219,13 +2276,11 @@ properties: is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. + conflicts: + - default_url_redirect properties: - - !ruby/object:Api::Type::Array - name: 'weightedBackendServices' - exactly_one_of: - - default_service - - default_url_redirect - - default_route_action.0.weighted_backend_services + - name: 'weightedBackendServices' + type: Array description: | A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. @@ -2236,26 +2291,31 @@ properties: advanced routing actions like Url rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy - item_type: !ruby/object:Api::Type::NestedObject + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' + exactly_one_of: + - 'default_service' + - 'default_url_redirect' + - 'default_route_action.0.weighted_backend_services' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight. - - !ruby/object:Api::Type::Integer - name: 'weight' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'weight' + type: Integer description: | Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . @@ -2265,10 +2325,10 @@ properties: as determined by the BackendService's session affinity policy. The value must be between 0 and 1000 - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.IntBetween(0, 1000)' - - !ruby/object:Api::Type::NestedObject - name: 'headerAction' + - name: 'headerAction' + type: NestedObject description: | Specifies changes to request and response headers that need to take effect for the selected backendService. @@ -2276,139 +2336,143 @@ properties: headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. properties: - - !ruby/object:Api::Type::Array - name: 'requestHeadersToRemove' + - name: 'requestHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'requestHeadersToAdd' + item_type: + type: String + - name: 'requestHeadersToAdd' + type: Array description: | Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: | The name of the header to add. - - !ruby/object:Api::Type::String - name: 'headerValue' + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false - - !ruby/object:Api::Type::Array - name: 'responseHeadersToRemove' + - name: 'responseHeadersToRemove' + type: Array description: | A list of header names for headers that need to be removed from the response prior to sending the response back to the client. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'responseHeadersToAdd' + item_type: + type: String + - name: 'responseHeadersToAdd' + type: Array description: | Headers to add the response prior to sending the response back to the client. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'headerName' + - name: 'headerName' + type: String description: | The name of the header to add. - - !ruby/object:Api::Type::String - name: 'headerValue' + - name: 'headerValue' + type: String description: | The value of the header to add. - - !ruby/object:Api::Type::Boolean - name: 'replace' + - name: 'replace' + type: Boolean description: | If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. default_value: false - - !ruby/object:Api::Type::NestedObject - name: 'urlRewrite' + - name: 'urlRewrite' + type: NestedObject description: | The spec to modify the URL of the request, prior to forwarding the request to the matched service. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::String - name: 'pathPrefixRewrite' + - name: 'pathPrefixRewrite' + type: String description: | Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters. at_least_one_of: - - default_route_action.0.url_rewrite.0.path_prefix_rewrite - - default_route_action.0.url_rewrite.0.host_rewrite - - !ruby/object:Api::Type::String - name: 'hostRewrite' + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + - name: 'hostRewrite' + type: String description: | Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters. at_least_one_of: - - default_route_action.0.url_rewrite.0.path_prefix_rewrite - - default_route_action.0.url_rewrite.0.host_rewrite - - !ruby/object:Api::Type::NestedObject - name: 'timeout' - default_from_api: true + - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' + - 'default_route_action.0.url_rewrite.0.host_rewrite' + - name: 'timeout' + type: NestedObject description: | Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. + default_from_api: true at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: - - default_route_action.0.timeout.0.seconds - - default_route_action.0.timeout.0.nanos - - !ruby/object:Api::Type::Integer - name: 'nanos' + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: - - default_route_action.0.timeout.0.seconds - - default_route_action.0.timeout.0.nanos - - !ruby/object:Api::Type::NestedObject - name: 'retryPolicy' + - 'default_route_action.0.timeout.0.seconds' + - 'default_route_action.0.timeout.0.nanos' + - name: 'retryPolicy' + type: NestedObject description: | Specifies the retry policy associated with this route. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::Array - name: 'retryConditions' + - name: 'retryConditions' + type: Array description: | Specfies one or more conditions when this retry rule applies. Valid values are: @@ -2427,204 +2491,210 @@ properties: * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable at_least_one_of: - - default_route_action.0.retry_policy.0.retry_conditions - - default_route_action.0.retry_policy.0.num_retries - - default_route_action.0.retry_policy.0.per_try_timeout - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'numRetries' + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + item_type: + type: String + - name: 'numRetries' + type: Integer description: | Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. at_least_one_of: - - default_route_action.0.retry_policy.0.retry_conditions - - default_route_action.0.retry_policy.0.num_retries - - default_route_action.0.retry_policy.0.per_try_timeout - default_value: 1 - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' + validation: function: 'validation.IntAtLeast(1)' - - !ruby/object:Api::Type::NestedObject - name: 'perTryTimeout' + default_value: 1 + - name: 'perTryTimeout' + type: NestedObject description: | Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route. at_least_one_of: - - default_route_action.0.retry_policy.0.retry_conditions - - default_route_action.0.retry_policy.0.num_retries - - default_route_action.0.retry_policy.0.per_try_timeout + - 'default_route_action.0.retry_policy.0.retry_conditions' + - 'default_route_action.0.retry_policy.0.num_retries' + - 'default_route_action.0.retry_policy.0.per_try_timeout' properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: - - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds - - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos - - !ruby/object:Api::Type::Integer - name: 'nanos' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: - - default_route_action.0.retry_policy.0.per_try_timeout.0.seconds - - default_route_action.0.retry_policy.0.per_try_timeout.0.nanos - - !ruby/object:Api::Type::NestedObject - name: 'requestMirrorPolicy' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' + - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' + - name: 'requestMirrorPolicy' + type: NestedObject description: | Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::ResourceRef - name: 'backendService' - resource: 'BackendService' - custom_expand: 'templates/terraform/custom_expand/reference_to_backend.erb' - imports: 'selfLink' + - name: 'backendService' + type: ResourceRef description: | The full or partial URL to the BackendService resource being mirrored to. required: true - - !ruby/object:Api::Type::NestedObject - name: 'corsPolicy' + custom_expand: 'templates/terraform/custom_expand/reference_to_backend.tmpl' + resource: 'BackendService' + imports: 'selfLink' + - name: 'corsPolicy' + type: NestedObject description: | The specification for allowing client side cross-origin requests. Please see [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::Array - name: 'allowOrigins' + - name: 'allowOrigins' + type: Array description: | Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowOriginRegexes' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowOriginRegexes' + type: Array description: | Specifies the regular expression patterns that match allowed origins. For regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowMethods' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowMethods' + type: Array description: | Specifies the content for the Access-Control-Allow-Methods header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'allowHeaders' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'allowHeaders' + type: Array description: | Specifies the content for the Access-Control-Allow-Headers header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'exposeHeaders' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'exposeHeaders' + type: Array description: | Specifies the content for the Access-Control-Expose-Headers header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - item_type: Api::Type::String - - !ruby/object:Api::Type::Integer - name: 'maxAge' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + item_type: + type: String + - name: 'maxAge' + type: Integer description: | Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - - !ruby/object:Api::Type::Boolean - name: 'allowCredentials' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + - name: 'allowCredentials' + type: Boolean description: | In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. - default_value: false at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - - !ruby/object:Api::Type::Boolean - name: 'disabled' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'disabled' + type: Boolean description: | If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. - default_value: false at_least_one_of: - - default_route_action.0.cors_policy.0.allow_origins - - default_route_action.0.cors_policy.0.allow_origin_regexes - - default_route_action.0.cors_policy.0.allow_methods - - default_route_action.0.cors_policy.0.allow_headers - - default_route_action.0.cors_policy.0.expose_headers - - default_route_action.0.cors_policy.0.max_age - - default_route_action.0.cors_policy.0.allow_credentials - - default_route_action.0.cors_policy.0.disabled - - !ruby/object:Api::Type::NestedObject - name: 'faultInjectionPolicy' + - 'default_route_action.0.cors_policy.0.allow_origins' + - 'default_route_action.0.cors_policy.0.allow_origin_regexes' + - 'default_route_action.0.cors_policy.0.allow_methods' + - 'default_route_action.0.cors_policy.0.allow_headers' + - 'default_route_action.0.cors_policy.0.expose_headers' + - 'default_route_action.0.cors_policy.0.max_age' + - 'default_route_action.0.cors_policy.0.allow_credentials' + - 'default_route_action.0.cors_policy.0.disabled' + default_value: false + - name: 'faultInjectionPolicy' + type: NestedObject description: | The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a @@ -2633,81 +2703,81 @@ properties: timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. at_least_one_of: - - default_route_action.0.weighted_backend_services - - default_route_action.0.url_rewrite - - default_route_action.0.timeout - - default_route_action.0.retry_policy - - default_route_action.0.request_mirror_policy - - default_route_action.0.cors_policy - - default_route_action.0.fault_injection_policy + - 'default_route_action.0.weighted_backend_services' + - 'default_route_action.0.url_rewrite' + - 'default_route_action.0.timeout' + - 'default_route_action.0.retry_policy' + - 'default_route_action.0.request_mirror_policy' + - 'default_route_action.0.cors_policy' + - 'default_route_action.0.fault_injection_policy' properties: - - !ruby/object:Api::Type::NestedObject - name: 'delay' + - name: 'delay' + type: NestedObject description: | The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay - - default_route_action.0.fault_injection_policy.0.abort + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' properties: - - !ruby/object:Api::Type::NestedObject - name: 'fixedDelay' + - name: 'fixedDelay' + type: NestedObject description: | Specifies the value of the fixed delay interval. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay - - default_route_action.0.fault_injection_policy.0.delay.0.percentage + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' properties: - - !ruby/object:Api::Type::String - name: 'seconds' + - name: 'seconds' + type: String description: | Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos - - !ruby/object:Api::Type::Integer - name: 'nanos' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + - name: 'nanos' + type: Integer description: | Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos - - !ruby/object:Api::Type::Double - name: 'percentage' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay - - default_route_action.0.fault_injection_policy.0.delay.0.percentage - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' + - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' + validation: function: 'validation.FloatBetween(0, 100)' - - !ruby/object:Api::Type::NestedObject - name: 'abort' + - name: 'abort' + type: NestedObject description: | The specification for how client requests are aborted as part of fault injection. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.delay - - default_route_action.0.fault_injection_policy.0.abort + - 'default_route_action.0.fault_injection_policy.0.delay' + - 'default_route_action.0.fault_injection_policy.0.abort' properties: - - !ruby/object:Api::Type::Integer - name: 'httpStatus' + - name: 'httpStatus' + type: Integer description: | The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.abort.0.http_status - - default_route_action.0.fault_injection_policy.0.abort.0.percentage - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: function: 'validation.IntBetween(200, 599)' - - !ruby/object:Api::Type::Double - name: 'percentage' + - name: 'percentage' + type: Double description: | The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive. at_least_one_of: - - default_route_action.0.fault_injection_policy.0.abort.0.http_status - - default_route_action.0.fault_injection_policy.0.abort.0.percentage - validation: !ruby/object:Provider::Terraform::Validation + - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' + - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' + validation: function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/VpnGateway.yaml b/mmv1/products/compute/VpnGateway.yaml index 7103c8baa316..6b3996e130e0 100644 --- a/mmv1/products/compute/VpnGateway.yaml +++ b/mmv1/products/compute/VpnGateway.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,43 +11,44 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'VpnGateway' kind: 'compute#targetVpnGateway' -base_url: projects/{{project}}/regions/{{region}}/targetVpnGateways -collection_url_key: 'items' -immutable: true -has_self_link: true description: | Represents a VPN gateway running in GCP. This virtual device is managed by Google, but used only by you. -references: !ruby/object:Api::Resource::ReferenceLinks - api: https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +references: + guides: + api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways' +docs: + warning: | + Classic VPN is deprecating certain functionality on October 31, 2021. For more information, + see the [Classic VPN partial deprecation page](https://cloud.google.com/network-connectivity/docs/vpn/deprecations/classic-vpn-deprecation). +base_url: 'projects/{{project}}/regions/{{region}}/targetVpnGateways' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' -docs: !ruby/object:Provider::Terraform::Docs - warning: | - Classic VPN is deprecating certain functionality on October 31, 2021. For more information, - see the [Classic VPN partial deprecation page](https://cloud.google.com/network-connectivity/docs/vpn/deprecations/classic-vpn-deprecation). +collection_url_key: 'items' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'target_vpn_gateway_basic' + - name: 'target_vpn_gateway_basic' primary_resource_id: 'target_gateway' vars: target_vpn_gateway_name: 'vpn-1' @@ -59,27 +60,27 @@ examples: vpn_tunnel_name: 'tunnel1' route_name: 'route1' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: | The region this gateway should sit in. required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: 'An optional description of this resource.' immutable: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with @@ -90,17 +91,17 @@ properties: character, which cannot be a dash. required: true immutable: true - - !ruby/object:Api::Type::Integer - name: 'gateway_id' - api_name: 'id' + - name: 'gateway_id' + type: Integer description: 'The unique identifier for the resource.' + api_name: id output: true - - !ruby/object:Api::Type::ResourceRef - name: 'network' - resource: 'Network' - imports: 'selfLink' + - name: 'network' + type: ResourceRef description: | The network this VPN gateway is accepting traffic for. required: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Network' + imports: 'selfLink' diff --git a/mmv1/products/compute/VpnTunnel.yaml b/mmv1/products/compute/VpnTunnel.yaml index 66c8a484d333..3ea736cda072 100644 --- a/mmv1/products/compute/VpnTunnel.yaml +++ b/mmv1/products/compute/VpnTunnel.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,40 +11,44 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'VpnTunnel' kind: 'compute#vpnTunnel' description: 'VPN tunnel resource.' -immutable: true -base_url: projects/{{project}}/regions/{{region}}/vpnTunnels -collection_url_key: 'items' -has_self_link: true -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' 'Networks and Tunnel Routing': 'https://cloud.google.com/vpn/docs/concepts/choosing-networks-routing' api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation +docs: +base_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels' +has_self_link: true +immutable: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' kind: 'compute#operation' path: 'name' - base_url: '{{op_id}}' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error/errors' message: 'message' +collection_url_key: 'items' +custom_code: + constants: 'templates/terraform/constants/vpn_tunnel.tmpl' + encoder: 'templates/terraform/encoders/vpn_tunnel.go.tmpl' + post_create: 'templates/terraform/post_create/labels.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'vpn_tunnel_basic' + - name: 'vpn_tunnel_basic' primary_resource_id: 'tunnel1' vars: vpn_tunnel_name: 'tunnel-1' @@ -54,38 +58,33 @@ examples: esp_forwarding_rule_name: 'fr-esp' udp500_forwarding_rule_name: 'fr-udp500' udp4500_forwarding_rule_name: 'fr-udp4500' - route_name: - 'route1' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/vpn_tunnel.erb - encoder: templates/terraform/encoders/vpn_tunnel.go.erb - post_create: templates/terraform/post_create/labels.erb + route_name: 'route1' parameters: - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'name' + - name: 'region' + type: ResourceRef description: 'The region where the tunnel is located. If unset, is set to the region of `target_vpn_gateway`.' required: false default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'name' properties: - - !ruby/object:Api::Type::String - name: 'tunnel_id' - api_name: 'id' + - name: 'tunnel_id' + type: String description: 'The unique identifier for the resource. This identifier is defined by the server.' + api_name: id output: true - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 @@ -95,100 +94,100 @@ properties: be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | An optional description of this resource. immutable: true - - !ruby/object:Api::Type::ResourceRef - name: 'targetVpnGateway' + - name: 'targetVpnGateway' + type: ResourceRef description: | URL of the Target VPN gateway with which this VPN tunnel is associated. + immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'VpnGateway' imports: 'selfLink' - immutable: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'vpnGateway' + - name: 'vpnGateway' + type: ResourceRef description: | URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a `google_compute_ha_vpn_gateway` resource. + immutable: true + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'HaVpnGateway' imports: 'selfLink' - immutable: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'vpnGatewayInterface' + - name: 'vpnGatewayInterface' + type: Integer description: | The interface ID of the VPN gateway with which this VPN tunnel is associated. immutable: true send_empty_value: true - - !ruby/object:Api::Type::ResourceRef - name: 'peerExternalGateway' - resource: 'ExternalVpnGateway' - imports: 'selfLink' + - name: 'peerExternalGateway' + type: ResourceRef + description: | + URL of the peer side external VPN gateway to which this VPN tunnel is connected. immutable: true conflicts: - peer_gcp_gateway - description: | - URL of the peer side external VPN gateway to which this VPN tunnel is connected. - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Integer - name: 'peerExternalGatewayInterface' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'ExternalVpnGateway' + imports: 'selfLink' + - name: 'peerExternalGatewayInterface' + type: Integer description: | The interface ID of the external VPN gateway to which this VPN tunnel is connected. send_empty_value: true - - !ruby/object:Api::Type::ResourceRef - name: 'peerGcpGateway' - conflicts: - - peer_external_gateway + - name: 'peerGcpGateway' + type: ResourceRef description: | URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a `google_compute_ha_vpn_gateway` resource. + conflicts: + - peer_external_gateway + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' resource: 'HaVpnGateway' imports: 'selfLink' - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::ResourceRef - name: 'router' + - name: 'router' + type: ResourceRef description: | URL of router resource to be used for dynamic routing. + immutable: true + custom_expand: 'templates/terraform/custom_expand/compute_full_url.tmpl' resource: 'Router' imports: 'selfLink' - immutable: true - custom_expand: 'templates/terraform/custom_expand/compute_full_url.erb' - - !ruby/object:Api::Type::String - name: 'peerIp' + - name: 'peerIp' + type: String description: | IP address of the peer VPN gateway. Only IPv4 is supported. - validation: !ruby/object:Provider::Terraform::Validation - function: 'validatePeerAddr' default_from_api: true - - !ruby/object:Api::Type::String - name: 'sharedSecret' + validation: + function: 'validatePeerAddr' + - name: 'sharedSecret' + type: String description: | Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. required: true - sensitive: true ignore_read: true - - !ruby/object:Api::Type::String - name: 'sharedSecretHash' + sensitive: true + - name: 'sharedSecretHash' + type: String description: | Hash of the shared secret. output: true - - !ruby/object:Api::Type::Integer - name: 'ikeVersion' + - name: 'ikeVersion' + type: Integer description: | IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2. default_value: 2 - - !ruby/object:Api::Type::Array - name: 'localTrafficSelector' + - name: 'localTrafficSelector' + type: Array description: | Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, @@ -196,9 +195,10 @@ properties: Only IPv4 is supported. is_set: true default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'remoteTrafficSelector' + item_type: + type: String + - name: 'remoteTrafficSelector' + type: Array description: | Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, @@ -206,20 +206,23 @@ properties: Only IPv4 is supported. is_set: true default_from_api: true - item_type: Api::Type::String - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + item_type: + type: String + - name: 'labels' + type: KeyValueLabels description: Labels to apply to this VpnTunnel. - update_verb: :POST update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' - - !ruby/object:Api::Type::Fingerprint - name: 'labelFingerprint' + update_verb: 'POST' + - name: 'labelFingerprint' + type: Fingerprint description: | The fingerprint used for optimistic locking of this resource. Used internally during updates. - update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' - update_verb: :POST - - !ruby/object:Api::Type::String - name: 'detailedStatus' output: true + update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' + update_verb: 'POST' + key_expander: '' + - name: 'detailedStatus' + type: String description: 'Detailed status message for the VPN tunnel.' + output: true diff --git a/mmv1/products/compute/Zone.yaml b/mmv1/products/compute/Zone.yaml index 08f0095c5288..34004e805885 100644 --- a/mmv1/products/compute/Zone.yaml +++ b/mmv1/products/compute/Zone.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,58 +11,66 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Zone' kind: 'compute#zone' -base_url: projects/{{project}}/zones -collection_url_key: 'items' -has_self_link: true -readonly: true description: 'Represents a Zone resource.' # Used as a resource reference exclude: true +readonly: true +docs: +base_url: 'projects/{{project}}/zones' +has_self_link: true +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +collection_url_key: 'items' +custom_code: +parameters: properties: - - !ruby/object:Api::Type::Time - name: 'creationTimestamp' + - name: 'creationTimestamp' + type: Time description: 'Creation timestamp in RFC3339 text format.' output: true - - !ruby/object:Api::Type::NestedObject - name: 'deprecated' + - name: 'deprecated' + type: NestedObject description: 'The deprecation status associated with this machine type.' + output: true properties: - - !ruby/object:Api::Type::Time - name: 'deleted' + - name: 'deleted' + type: Time description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it. output: true - - !ruby/object:Api::Type::Time - name: 'deprecated' + - name: 'deprecated' + type: Time description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it. output: true - - !ruby/object:Api::Type::Time - name: 'obsolete' + - name: 'obsolete' + type: Time description: | An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it. output: true - - !ruby/object:Api::Type::String - name: 'replacement' + - name: 'replacement' + type: String description: | The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource. output: true - - !ruby/object:Api::Type::Enum - name: 'state' + - name: 'state' + type: Enum description: | The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource @@ -70,39 +78,39 @@ properties: warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error. - values: - - :DEPRECATED - - :OBSOLETE - - :DELETED output: true - output: true - - !ruby/object:Api::Type::String - name: 'description' + enum_values: + - 'DEPRECATED' + - 'OBSOLETE' + - 'DELETED' + - name: 'description' + type: String description: 'An optional textual description of the resource.' output: true - - !ruby/object:Api::Type::Integer - name: 'id' + - name: 'id' + type: Integer description: 'The unique identifier for the resource.' output: true - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: 'Name of the resource.' - - !ruby/object:Api::Type::ResourceRef - name: 'region' - resource: 'Region' - imports: 'selfLink' + - name: 'region' + type: ResourceRef description: 'The region where the zone is located.' output: true - custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.erb' - - !ruby/object:Api::Type::Enum - name: 'status' + custom_expand: 'templates/terraform/custom_expand/resourceref_with_validation.go.tmpl' + resource: 'Region' + imports: 'selfLink' + - name: 'status' + type: Enum description: 'The status of the zone.' - values: - - :UP - - :DOWN output: true - - !ruby/object:Api::Type::Array - name: 'availableCpuPlatforms' + enum_values: + - 'UP' + - 'DOWN' + - name: 'availableCpuPlatforms' + type: Array description: 'The available CPU platforms in this zone' - item_type: Api::Type::String output: true + item_type: + type: String diff --git a/mmv1/products/compute/go_Address.yaml b/mmv1/products/compute/go_Address.yaml deleted file mode 100644 index 7c55a613f836..000000000000 --- a/mmv1/products/compute/go_Address.yaml +++ /dev/null @@ -1,236 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Address' -kind: 'compute#address' -description: | - Represents an Address resource. - - Each virtual machine instance has an ephemeral internal IP address and, - optionally, an external IP address. To communicate between instances on - the same network, you can use an instance's internal IP address. To - communicate with the Internet and instances outside of the same network, - you must specify the instance's external IP address. - - Internal IP addresses are ephemeral and only belong to an instance for - the lifetime of the instance; if the instance is deleted and recreated, - the instance is assigned a new internal IP address, either by Compute - Engine or by you. External IP addresses can be either ephemeral or - static. -references: - guides: - 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/instances-and-network' - 'Reserving a Static Internal IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address' - api: 'https://cloud.google.com/compute/docs/reference/beta/addresses' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/addresses' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - post_create: 'templates/terraform/post_create/go/labels.tmpl' -examples: - - name: 'address_basic' - primary_resource_id: 'ip_address' - vars: - address_name: 'my-address' - - name: 'address_with_subnetwork' - primary_resource_id: 'internal_with_subnet_and_address' - vars: - address_name: 'my-internal-address' - network_name: 'my-network' - subnetwork_name: 'my-subnet' - - name: 'address_with_gce_endpoint' - primary_resource_id: 'internal_with_gce_endpoint' - vars: - address_name: 'my-internal-address-' - - name: 'address_with_shared_loadbalancer_vip' - primary_resource_id: 'internal_with_shared_loadbalancer_vip' - vars: - address_name: 'my-internal-address' - skip_docs: true - - name: 'instance_with_ip' - primary_resource_id: 'static' - vars: - address_name: 'ipv4-address' - instance_name: 'vm-instance' - - name: 'compute_address_ipsec_interconnect' - primary_resource_id: 'ipsec-interconnect-address' - vars: - address_name: 'test-address' - network_name: 'test-network' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created address should reside. - If it is not provided, the provider region is used. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'address' - type: String - description: | - The static external IP address represented by this resource. - The IP address must be inside the specified subnetwork, - if any. Set by the API if undefined. - default_from_api: true - - name: 'addressType' - type: Enum - description: | - The type of address to reserve. - Note: if you set this argument's value as `INTERNAL` you need to leave the `network_tier` argument unset in that resource block. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "EXTERNAL" - enum_values: - - 'INTERNAL' - - 'EXTERNAL' - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` - which means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - validation: - regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - - name: 'purpose' - type: String - description: | - The purpose of this resource, which can be one of the following values. - - * GCE_ENDPOINT for addresses that are used by VM instances, alias IP - ranges, load balancers, and similar resources. - - * SHARED_LOADBALANCER_VIP for an address that can be used by multiple - internal load balancers. - - * VPC_PEERING for addresses that are reserved for VPC peer networks. - - * IPSEC_INTERCONNECT for addresses created from a private IP range that - are reserved for a VLAN attachment in an HA VPN over Cloud Interconnect - configuration. These addresses are regional resources. - - * PRIVATE_SERVICE_CONNECT for a private network address that is used to - configure Private Service Connect. Only global internal addresses can use - this purpose. - - This should only be set when using an Internal address. - default_from_api: true - - name: 'networkTier' - type: Enum - description: | - The networking tier used for configuring this address. If this field is not - specified, it is assumed to be PREMIUM. - This argument should not be used when configuring Internal addresses, because [network tier cannot be set for internal traffic; it's always Premium](https://cloud.google.com/network-tiers/docs/overview). - default_from_api: true - enum_values: - - 'PREMIUM' - - 'STANDARD' - - name: 'subnetwork' - type: ResourceRef - description: | - The URL of the subnetwork in which to reserve the address. If an IP - address is specified, it must be within the subnetwork's IP range. - This field can only be used with INTERNAL type with - GCE_ENDPOINT/DNS_RESOLVER purposes. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'users' - type: Array - description: 'The URLs of the resources that are using this address.' - output: true - item_type: - type: String - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this address. A list of key->value pairs. - update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/regions/{{region}}/addresses/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'network' - type: ResourceRef - description: | - The URL of the network in which to reserve the address. This field - can only be used with INTERNAL type with the VPC_PEERING and - IPSEC_INTERCONNECT purposes. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'prefixLength' - type: Integer - description: | - The prefix length if the resource represents an IP range. - default_from_api: true - - name: 'ipVersion' - type: Enum - description: | - The IP Version that will be used by this address. The default value is `IPV4`. - diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' - enum_values: - - 'IPV4' - - 'IPV6' - - name: 'ipv6EndpointType' - type: Enum - description: | - The endpoint type of this address, which should be VM or NETLB. This is - used for deciding which type of endpoint this address can be used after - the external IPv6 address reservation. - enum_values: - - 'VM' - - 'NETLB' diff --git a/mmv1/products/compute/go_Autoscaler.yaml b/mmv1/products/compute/go_Autoscaler.yaml deleted file mode 100644 index d34abc20405f..000000000000 --- a/mmv1/products/compute/go_Autoscaler.yaml +++ /dev/null @@ -1,426 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Autoscaler' -kind: 'compute#autoscaler' -description: | - Represents an Autoscaler resource. - - Autoscalers allow you to automatically scale virtual machine instances in - managed instance groups according to an autoscaling policy that you - define. -references: - guides: - 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/autoscalers' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/autoscalers' -has_self_link: true -update_url: 'projects/{{project}}/zones/{{zone}}/autoscalers?autoscaler={{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'autoscaler_single_instance' - primary_resource_id: 'default' - min_version: 'beta' - vars: - autoscaler_name: 'my-autoscaler' - instance_template_name: 'my-instance-template' - target_pool_name: 'my-target-pool' - igm_name: 'my-igm' - provider_name: 'google-beta' - provider_alias: '' - test_vars_overrides: - 'provider_name': '"google-beta.us-central1"' - 'provider_alias': '"alias = \"us-central1\""' - - name: 'autoscaler_basic' - primary_resource_id: 'foobar' - vars: - autoscaler_name: 'my-autoscaler' - instance_template_name: 'my-instance-template' - target_pool_name: 'my-target-pool' - igm_name: 'my-igm' -parameters: - - name: 'zone' - type: ResourceRef - description: | - URL of the zone where the instance group resides. - required: false - immutable: true - ignore_read: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'autoscalingPolicy' - type: NestedObject - description: | - The configuration parameters for the autoscaling algorithm. You can - define one or more of the policies for an autoscaler: cpuUtilization, - customMetricUtilizations, and loadBalancingUtilization. - - If none of these are specified, the default will be to autoscale based - on cpuUtilization to 0.6 or 60%. - required: true - properties: - - name: 'minReplicas' - type: Integer - description: | - The minimum number of replicas that the autoscaler can scale down - to. This cannot be less than 0. If not provided, autoscaler will - choose a default value depending on maximum number of instances - allowed. - api_name: minNumReplicas - required: true - send_empty_value: true - - name: 'maxReplicas' - type: Integer - description: | - The maximum number of instances that the autoscaler can scale up - to. This is required when creating or updating an autoscaler. The - maximum number of replicas should not be lower than minimal number - of replicas. - api_name: maxNumReplicas - required: true - send_empty_value: true - - name: 'cooldownPeriod' - type: Integer - description: | - The number of seconds that the autoscaler should wait before it - starts collecting information from a new instance. This prevents - the autoscaler from collecting information when the instance is - initializing, during which the collected usage would not be - reliable. The default time autoscaler waits is 60 seconds. - - Virtual machine initialization times might vary because of - numerous factors. We recommend that you test how long an - instance may take to initialize. To do this, create an instance - and time the startup process. - api_name: coolDownPeriodSec - default_value: 60 - - name: 'mode' - type: String - description: | - Defines operating mode for this policy. - default_value: "ON" - - name: 'scaleDownControl' - type: NestedObject - description: | - Defines scale down controls to reduce the risk of response latency - and outages due to abrupt scale-in events - min_version: 'beta' - required: false - default_from_api: true - properties: - - name: 'maxScaledDownReplicas' - type: NestedObject - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' - - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' - properties: - - name: 'fixed' - type: Integer - description: | - Specifies a fixed number of VM instances. This must be a positive - integer. - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' - - name: 'percent' - type: Integer - description: | - Specifies a percentage of instances between 0 to 100%, inclusive. - For example, specify 80 for 80%. - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' - - name: 'timeWindowSec' - type: Integer - description: | - How long back autoscaling should look when computing recommendations - to include directives regarding slower scale down, as described above. - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' - - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' - - name: 'scaleInControl' - type: NestedObject - description: | - Defines scale in controls to reduce the risk of response latency - and outages due to abrupt scale-in events - properties: - - name: 'maxScaledInReplicas' - type: NestedObject - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' - - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' - properties: - - name: 'fixed' - type: Integer - description: | - Specifies a fixed number of VM instances. This must be a positive - integer. - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' - - name: 'percent' - type: Integer - description: | - Specifies a percentage of instances between 0 to 100%, inclusive. - For example, specify 80 for 80%. - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' - - name: 'timeWindowSec' - type: Integer - description: | - How long back autoscaling should look when computing recommendations - to include directives regarding slower scale down, as described above. - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' - - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' - - name: 'cpuUtilization' - type: NestedObject - description: | - Defines the CPU utilization policy that allows the autoscaler to - scale based on the average CPU utilization of a managed instance - group. - default_from_api: true - properties: - - name: 'target' - type: Double - description: | - The target CPU utilization that the autoscaler should maintain. - Must be a float value in the range (0, 1]. If not specified, the - default is 0.6. - - If the CPU level is below the target utilization, the autoscaler - scales down the number of instances until it reaches the minimum - number of instances you specified or until the average CPU of - your instances reaches the target utilization. - - If the average CPU is above the target utilization, the autoscaler - scales up until it reaches the maximum number of instances you - specified or until the average utilization reaches the target - utilization. - api_name: utilizationTarget - required: true - - name: 'predictiveMethod' - type: String - description: | - Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: - - - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. - - - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "NONE" - - name: 'metric' - type: Array - description: | - Configuration parameters of autoscaling based on a custom metric. - api_name: customMetricUtilizations - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The identifier (type) of the Stackdriver Monitoring metric. - The metric cannot have negative values. - - The metric must have a value type of INT64 or DOUBLE. - api_name: metric - required: true - - name: 'singleInstanceAssignment' - type: Double - description: | - If scaling is based on a per-group metric value that represents the - total amount of work to be done or resource usage, set this value to - an amount assigned for a single instance of the scaled group. - The autoscaler will keep the number of instances proportional to the - value of this metric, the metric itself should not change value due - to group resizing. - - For example, a good metric to use with the target is - `pubsub.googleapis.com/subscription/num_undelivered_messages` - or a custom metric exporting the total number of requests coming to - your instances. - - A bad example would be a metric exporting an average or median - latency, since this value can't include a chunk assignable to a - single instance, it could be better used with utilization_target - instead. - min_version: 'beta' - - name: 'target' - type: Double - description: | - The target value of the metric that autoscaler should - maintain. This must be a positive value. A utilization - metric scales number of virtual machines handling requests - to increase or decrease proportionally to the metric. - - For example, a good metric to use as a utilizationTarget is - www.googleapis.com/compute/instance/network/received_bytes_count. - The autoscaler will work to keep this value constant for each - of the instances. - api_name: utilizationTarget - - name: 'type' - type: Enum - description: | - Defines how target utilization value is expressed for a - Stackdriver Monitoring metric. - api_name: utilizationTargetType - enum_values: - - 'GAUGE' - - 'DELTA_PER_SECOND' - - 'DELTA_PER_MINUTE' - - name: 'filter' - type: String - description: | - A filter string to be used as the filter string for - a Stackdriver Monitoring TimeSeries.list API call. - This filter is used to select a specific TimeSeries for - the purpose of autoscaling and to determine whether the metric - is exporting per-instance or per-group data. - - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without - any functions for each selector. - You can specify the metric in both the filter string and in the - metric field. However, if specified in both places, the metric must - be identical. - - The monitored resource type determines what kind of values are - expected for the metric. If it is a gce_instance, the autoscaler - expects the metric to include a separate TimeSeries for each - instance in a group. In such a case, you cannot filter on resource - labels. - - If the resource type is any other value, the autoscaler expects - this metric to contain values that apply to the entire autoscaled - instance group and resource label filtering can be performed to - point autoscaler at the correct TimeSeries to scale upon. - This is called a per-group metric for the purpose of autoscaling. - - If not specified, the type defaults to gce_instance. - - You should provide a filter that is selective enough to pick just - one TimeSeries for the autoscaled group or for each of the instances - (if you are using gce_instance resource type). If multiple - TimeSeries are returned upon the query execution, the autoscaler - will sum their respective values to obtain its scaling value. - min_version: 'beta' - default_value: "resource.type = gce_instance" - - name: 'loadBalancingUtilization' - type: NestedObject - description: | - Configuration parameters of autoscaling based on a load balancer. - properties: - - name: 'target' - type: Double - description: | - Fraction of backend capacity utilization (set in HTTP(s) load - balancing configuration) that autoscaler should maintain. Must - be a positive float value. If not defined, the default is 0.8. - api_name: utilizationTarget - required: true - - name: 'scalingSchedules' - type: Map - description: | - Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. - key_name: 'name' - key_description: | - A name for the schedule. - value_type: - name: scalingSchedule - type: NestedObject - properties: - - name: 'minRequiredReplicas' - type: Integer - description: | - Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. - required: true - send_empty_value: true - - name: 'schedule' - type: String - description: | - The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). - required: true - - name: 'timeZone' - type: String - description: | - The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. - default_value: "UTC" - - name: 'durationSec' - type: Integer - description: | - The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. - required: true - - name: 'disabled' - type: Boolean - description: | - A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. - default_value: false - - name: 'description' - type: String - description: | - A description of a scaling schedule. - - name: 'target' - type: ResourceRef - description: | - URL of the managed instance group that this autoscaler will scale. - required: true - custom_expand: 'templates/terraform/custom_expand/go/compute_full_url.tmpl' - resource: 'InstanceGroupManager' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_BackendBucket.yaml b/mmv1/products/compute/go_BackendBucket.yaml deleted file mode 100644 index d65a522c5c3c..000000000000 --- a/mmv1/products/compute/go_BackendBucket.yaml +++ /dev/null @@ -1,283 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BackendBucket' -kind: 'compute#backendBucket' -description: | - Backend buckets allow you to use Google Cloud Storage buckets with HTTP(S) - load balancing. - - An HTTP(S) load balancer can direct traffic to specified URLs to a - backend bucket rather than a backend service. It can send requests for - static content to a Cloud Storage bucket and requests for dynamic content - to a virtual machine instance. -references: - guides: - 'Using a Cloud Storage bucket as a load balancer backend': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket' - api: 'https://cloud.google.com/compute/docs/reference/v1/backendBuckets' -docs: -base_url: 'projects/{{project}}/global/backendBuckets' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - parent_resource_attribute: 'name' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/global/backendBuckets/{{name}}' - - '{{name}}' - min_version: 'beta' -custom_code: - encoder: 'templates/terraform/encoders/go/compute_backend_bucket.go.tmpl' - post_create: 'templates/terraform/post_create/go/compute_backend_bucket_security_policy.go.tmpl' - post_update: 'templates/terraform/post_create/go/compute_backend_bucket_security_policy.go.tmpl' -examples: - - name: 'backend_bucket_basic' - primary_resource_id: 'image_backend' - primary_resource_name: 'fmt.Sprintf("tf-test-image-backend-bucket%s", context["random_suffix"])' - vars: - backend_bucket_name: 'image-backend-bucket' - bucket_name: 'image-store-bucket' - - name: 'backend_bucket_full' - primary_resource_id: 'image_backend_full' - vars: - backend_bucket_name: 'image-backend-bucket-full' - bucket_name: 'image-store-bucket-full' - skip_docs: true - - name: 'backend_bucket_security_policy' - primary_resource_id: 'image_backend' - vars: - backend_bucket_name: 'image-backend-bucket' - bucket_name: 'image-store-bucket' - - name: 'backend_bucket_query_string_whitelist' - primary_resource_id: 'image_backend' - vars: - backend_bucket_name: 'image-backend-bucket' - - name: 'backend_bucket_include_http_headers' - primary_resource_id: 'image_backend' - vars: - backend_bucket_name: 'image-backend-bucket' - - name: 'external_cdn_lb_with_backend_bucket' - primary_resource_id: 'default' - vars: - my_bucket: 'my-bucket' - index_page: 'index-page' - 404_page: '404-page' - test_object: 'test-object' - example_ip: 'example-ip' - http_lb_forwarding_rule: 'http-lb-forwarding-rule' - http_lb_proxy: 'http-lb-proxy' - http_lb: 'http-lb' - cat_backend_bucket: 'cat-backend-bucket' - skip_docs: true - - name: 'backend_bucket_bypass_cache' - primary_resource_id: 'image_backend' - vars: - backend_bucket_name: 'image-backend-bucket' - bucket_name: 'image-store-bucket' - skip_docs: true - - name: 'backend_bucket_coalescing' - primary_resource_id: 'image_backend' - vars: - backend_bucket_name: 'image-backend-bucket' - bucket_name: 'image-store-bucket' - skip_docs: true -parameters: -properties: - - name: 'bucketName' - type: String - description: 'Cloud Storage bucket name.' - required: true - - name: 'cdnPolicy' - type: NestedObject - description: 'Cloud CDN configuration for this Backend Bucket.' - default_from_api: true - properties: - - name: 'cacheKeyPolicy' - type: NestedObject - description: 'The CacheKeyPolicy for this CdnPolicy.' - properties: - - name: 'queryStringWhitelist' - type: Array - description: | - Names of query string parameters to include in cache keys. - Default parameters are always included. '&' and '=' will - be percent encoded and not treated as delimiters. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - item_type: - type: String - - name: 'includeHttpHeaders' - type: Array - description: | - Allows HTTP request headers (by name) to be used in the - cache key. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - item_type: - type: String - - name: 'signedUrlCacheMaxAgeSec' - type: Integer - description: | - Maximum number of seconds the response to a signed URL request will - be considered fresh. After this time period, - the response will be revalidated before being served. - When serving responses to signed URL requests, - Cloud CDN will internally behave as though - all responses from this backend had a "Cache-Control: public, - max-age=[TTL]" header, regardless of any existing Cache-Control - header. The actual headers served in responses will not be altered. - send_empty_value: true - - name: 'defaultTtl' - type: Integer - description: | - Specifies the default TTL for cached content served by this origin for responses - that do not have an existing valid TTL (max-age or s-max-age). - default_from_api: true - send_empty_value: true - - name: 'maxTtl' - type: Integer - description: | - Specifies the maximum allowed TTL for cached content served by this origin. - default_from_api: true - - name: 'clientTtl' - type: Integer - description: | - Specifies the maximum allowed TTL for cached content served by this origin. - default_from_api: true - send_empty_value: true - - name: 'negativeCaching' - type: Boolean - description: | - Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. - default_from_api: true - send_empty_value: true - - name: 'negativeCachingPolicy' - type: Array - description: | - Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. - Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. - item_type: - type: NestedObject - properties: - - name: 'code' - type: Integer - description: | - The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 - can be specified as values, and you cannot specify a status code more than once. - - name: 'ttl' - type: Integer - description: | - The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s - (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. - send_empty_value: true - - name: 'cacheMode' - type: Enum - description: | - Specifies the cache setting for all responses from this backend. - The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC - default_from_api: true - enum_values: - - 'USE_ORIGIN_HEADERS' - - 'FORCE_CACHE_ALL' - - 'CACHE_ALL_STATIC' - - name: 'serveWhileStale' - type: Integer - description: | - Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. - default_from_api: true - send_empty_value: true - - name: 'requestCoalescing' - type: Boolean - description: | - If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin. - send_empty_value: true - - name: 'bypassCacheOnRequestHeaders' - type: Array - description: | - Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The header field name to match on when bypassing cache. Values are case-insensitive. - max_size: 5 - - name: 'compressionMode' - type: Enum - description: | - Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. - enum_values: - - 'AUTOMATIC' - - 'DISABLED' - - name: 'edgeSecurityPolicy' - type: String - description: | - The security policy associated with this backend bucket. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'customResponseHeaders' - type: Array - description: | - Headers that the HTTP/S load balancer should add to proxied responses. - item_type: - type: String - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional textual description of the resource; provided by the - client when the resource is created. - - name: 'enableCdn' - type: Boolean - description: 'If true, enable Cloud CDN for this BackendBucket.' - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - immutable: true - validation: - regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' diff --git a/mmv1/products/compute/go_BackendBucketSignedUrlKey.yaml b/mmv1/products/compute/go_BackendBucketSignedUrlKey.yaml deleted file mode 100644 index f7a24f705d2d..000000000000 --- a/mmv1/products/compute/go_BackendBucketSignedUrlKey.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BackendBucketSignedUrlKey' -kind: 'compute#BackendBucketSignedUrlKey' -description: | - A key for signing Cloud CDN signed URLs for BackendBuckets. -references: - guides: - 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendBuckets' -docs: -base_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}' -self_link: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}' -create_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}/addSignedUrlKey' -delete_url: 'projects/{{project}}/global/backendBuckets/{{backend_bucket}}/deleteSignedUrlKey?keyName={{name}}' -delete_verb: 'POST' -immutable: true -mutex: 'signedUrlKey/{{project}}/backendBuckets/{{backend_bucket}}/' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - name -nested_query: - keys: - - cdnPolicy - - signedUrlKeyNames - is_list_of_ids: true - modify_by_patch: false -custom_code: -exclude_tgc: true -examples: - - name: 'backend_bucket_signed_url_key' - primary_resource_id: 'backend_key' - vars: - key_name: 'test-key' - backend_name: 'test-signed-backend-bucket' - bucket_name: 'test-storage-bucket' - external_providers: ["random", "time"] - skip_test: true -parameters: - - name: 'backendBucket' - type: ResourceRef - description: | - The backend bucket this signed URL key belongs. - required: true - immutable: true - ignore_read: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'BackendBucket' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the signed URL key. - api_name: keyName - required: true - immutable: true - validation: - regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - - name: 'keyValue' - type: String - description: | - 128-bit key value used for signing the URL. The key value must be a - valid RFC 4648 Section 5 base64url encoded string. - required: true - immutable: true - ignore_read: true - sensitive: true diff --git a/mmv1/products/compute/go_BackendService.yaml b/mmv1/products/compute/go_BackendService.yaml deleted file mode 100644 index 7bc25a46fb42..000000000000 --- a/mmv1/products/compute/go_BackendService.yaml +++ /dev/null @@ -1,1332 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BackendService' -kind: 'compute#backendService' -description: | - A Backend Service defines a group of virtual machines that will serve - traffic for load balancing. This resource is a global backend service, - appropriate for external load balancing or self-managed internal load balancing. - For managed internal load balancing, use a regional backend service instead. - - Currently self-managed internal load balancing is only available in beta. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/backend-service' - api: 'https://cloud.google.com/compute/docs/reference/v1/backendServices' -docs: -base_url: 'projects/{{project}}/global/backendServices' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - allowed_iam_role: 'roles/compute.admin' - parent_resource_attribute: 'name' - iam_conditions_request_type: 'QUERY_PARAM' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - min_version: 'beta' -custom_code: - constants: 'templates/terraform/constants/go/backend_service.go.tmpl' - encoder: 'templates/terraform/encoders/go/backend_service.go.tmpl' - decoder: 'templates/terraform/decoders/go/backend_service.go.tmpl' - post_create: 'templates/terraform/post_create/go/compute_backend_service_security_policy.go.tmpl' - post_update: 'templates/terraform/post_create/go/compute_backend_service_security_policy.go.tmpl' -schema_version: 1 -examples: - - name: 'backend_service_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-backend-service%s", context["random_suffix"])' - vars: - backend_service_name: 'backend-service' - http_health_check_name: 'health-check' - - name: 'backend_service_external_iap' - primary_resource_id: 'default' - vars: - backend_service_name: 'tf-test-backend-service-external' - - name: 'backend_service_cache_simple' - primary_resource_id: 'default' - vars: - backend_service_name: 'backend-service' - http_health_check_name: 'health-check' - - name: 'backend_service_cache_include_http_headers' - primary_resource_id: 'default' - vars: - backend_service_name: 'backend-service' - - name: 'backend_service_cache_include_named_cookies' - primary_resource_id: 'default' - vars: - backend_service_name: 'backend-service' - - name: 'backend_service_cache' - primary_resource_id: 'default' - vars: - backend_service_name: 'backend-service' - http_health_check_name: 'health-check' - - name: 'backend_service_cache_bypass_cache_on_request_headers' - primary_resource_id: 'default' - vars: - backend_service_name: 'backend-service' - http_health_check_name: 'health-check' - - name: 'backend_service_traffic_director_round_robin' - primary_resource_id: 'default' - min_version: 'beta' - vars: - backend_service_name: 'backend-service' - health_check_name: 'health-check' - - name: 'backend_service_traffic_director_ring_hash' - primary_resource_id: 'default' - min_version: 'beta' - vars: - backend_service_name: 'backend-service' - health_check_name: 'health-check' - - name: 'backend_service_network_endpoint' - primary_resource_id: 'default' - min_version: 'beta' - vars: - backend_service_name: 'backend-service' - neg_name: 'network-endpoint' - - name: 'backend_service_external_managed' - primary_resource_id: 'default' - vars: - backend_service_name: 'backend-service' - health_check_name: 'health-check' -parameters: -properties: - - name: 'affinityCookieTtlSec' - type: Integer - description: | - Lifetime of cookies in seconds if session_affinity is - GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts - only until the end of the browser session (or equivalent). The - maximum allowed value for TTL is one day. - - When the load balancing scheme is INTERNAL, this field is not used. - - name: 'backend' - type: Array - description: | - The set of backends that serve this BackendService. - api_name: backends - is_set: true - set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' - item_type: - type: NestedObject - properties: - - name: 'balancingMode' - type: Enum - description: | - Specifies the balancing mode for this backend. - - For global HTTP(S) or TCP/SSL load balancing, the default is - UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) - and CONNECTION (for TCP/SSL). - - See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) - for an explanation of load balancing modes. - default_value: "UTILIZATION" - enum_values: - - 'UTILIZATION' - - 'RATE' - - 'CONNECTION' - - name: 'capacityScaler' - type: Double - description: | - A multiplier applied to the group's maximum servicing capacity - (based on UTILIZATION, RATE or CONNECTION). - - Default value is 1, which means the group will serve up to 100% - of its configured capacity (depending on balancingMode). A - setting of 0 means the group is completely drained, offering - 0% of its available Capacity. Valid range is [0.0,1.0]. - send_empty_value: true - default_value: 1.0 - - name: 'description' - type: String - description: | - An optional description of this resource. - Provide this property when you create the resource. - - name: 'group' - type: String - description: | - The fully-qualified URL of an Instance Group or Network Endpoint - Group resource. In case of instance group this defines the list - of instances that serve traffic. Member virtual machine - instances from each instance group must live in the same zone as - the instance group itself. No two backends in a backend service - are allowed to use same Instance Group resource. - - For Network Endpoint Groups this defines list of endpoints. All - endpoints of Network Endpoint Group must be hosted on instances - located in the same zone as the Network Endpoint Group. - - Backend services cannot mix Instance Group and - Network Endpoint Group backends. - - Note that you must specify an Instance Group or Network Endpoint - Group resource using the fully-qualified URL, rather than a - partial URL. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link.go.tmpl' - - name: 'maxConnections' - type: Integer - description: | - The max number of simultaneous connections for the group. Can - be used with either CONNECTION or UTILIZATION balancing modes. - - For CONNECTION mode, either maxConnections or one - of maxConnectionsPerInstance or maxConnectionsPerEndpoint, - as appropriate for group type, must be set. - default_from_api: true - - name: 'maxConnectionsPerInstance' - type: Integer - description: | - The max number of simultaneous connections that a single - backend instance can handle. This is used to calculate the - capacity of the group. Can be used in either CONNECTION or - UTILIZATION balancing modes. - - For CONNECTION mode, either maxConnections or - maxConnectionsPerInstance must be set. - default_from_api: true - - name: 'maxConnectionsPerEndpoint' - type: Integer - description: | - The max number of simultaneous connections that a single backend - network endpoint can handle. This is used to calculate the - capacity of the group. Can be used in either CONNECTION or - UTILIZATION balancing modes. - - For CONNECTION mode, either - maxConnections or maxConnectionsPerEndpoint must be set. - default_from_api: true - - name: 'maxRate' - type: Integer - description: | - The max requests per second (RPS) of the group. - - Can be used with either RATE or UTILIZATION balancing modes, - but required if RATE mode. For RATE mode, either maxRate or one - of maxRatePerInstance or maxRatePerEndpoint, as appropriate for - group type, must be set. - default_from_api: true - - name: 'maxRatePerInstance' - type: Double - description: | - The max requests per second (RPS) that a single backend - instance can handle. This is used to calculate the capacity of - the group. Can be used in either balancing mode. For RATE mode, - either maxRate or maxRatePerInstance must be set. - default_from_api: true - - name: 'maxRatePerEndpoint' - type: Double - description: | - The max requests per second (RPS) that a single backend network - endpoint can handle. This is used to calculate the capacity of - the group. Can be used in either balancing mode. For RATE mode, - either maxRate or maxRatePerEndpoint must be set. - default_from_api: true - - name: 'maxUtilization' - type: Double - description: | - Used when balancingMode is UTILIZATION. This ratio defines the - CPU utilization target for the group. Valid range is [0.0, 1.0]. - default_from_api: true - - name: 'circuitBreakers' - type: NestedObject - description: | - Settings controlling the volume of connections to a backend service. This field - is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. - properties: - - name: 'connectTimeout' - type: NestedObject - description: | - The timeout for new network connections to hosts. - min_version: 'beta' - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. - - name: 'maxRequestsPerConnection' - type: Integer - description: | - Maximum requests for a single backend connection. This parameter - is respected by both the HTTP/1.1 and HTTP/2 implementations. If - not specified, there is no limit. Setting this parameter to 1 - will effectively disable keep alive. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - - name: 'maxConnections' - type: Integer - description: | - The maximum number of connections to the backend cluster. - Defaults to 1024. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 1024 - - name: 'maxPendingRequests' - type: Integer - description: | - The maximum number of pending requests to the backend cluster. - Defaults to 1024. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 1024 - - name: 'maxRequests' - type: Integer - description: | - The maximum number of parallel requests to the backend cluster. - Defaults to 1024. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 1024 - - name: 'maxRetries' - type: Integer - description: | - The maximum number of parallel retries to the backend cluster. - Defaults to 3. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 3 - - name: 'compressionMode' - type: Enum - description: | - Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. - enum_values: - - 'AUTOMATIC' - - 'DISABLED' - - name: 'consistentHash' - type: NestedObject - description: | - Consistent Hash-based load balancing can be used to provide soft session - affinity based on HTTP headers, cookies or other properties. This load balancing - policy is applicable only for HTTP connections. The affinity to a particular - destination host will be lost when one or more hosts are added/removed from the - destination service. This field specifies parameters that control consistent - hashing. This field only applies if the load_balancing_scheme is set to - INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is - set to MAGLEV or RING_HASH. - properties: - - name: 'httpCookie' - type: NestedObject - description: | - Hash is based on HTTP Cookie. This field describes a HTTP cookie - that will be used as the hash key for the consistent hash load - balancer. If the cookie is not present, it will be generated. - This field is applicable if the sessionAffinity is set to HTTP_COOKIE. - at_least_one_of: - - 'consistent_hash.0.http_cookie' - - 'consistent_hash.0.http_header_name' - - 'consistent_hash.0.minimum_ring_size' - properties: - - name: 'ttl' - type: NestedObject - description: | - Lifetime of the cookie. - at_least_one_of: - - 'consistent_hash.0.http_cookie.0.ttl' - - 'consistent_hash.0.http_cookie.0.name' - - 'consistent_hash.0.http_cookie.0.path' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. - - name: 'name' - type: String - description: | - Name of the cookie. - at_least_one_of: - - 'consistent_hash.0.http_cookie.0.ttl' - - 'consistent_hash.0.http_cookie.0.name' - - 'consistent_hash.0.http_cookie.0.path' - - name: 'path' - type: String - description: | - Path to set for the cookie. - at_least_one_of: - - 'consistent_hash.0.http_cookie.0.ttl' - - 'consistent_hash.0.http_cookie.0.name' - - 'consistent_hash.0.http_cookie.0.path' - - name: 'httpHeaderName' - type: String - description: | - The hash based on the value of the specified header field. - This field is applicable if the sessionAffinity is set to HEADER_FIELD. - at_least_one_of: - - 'consistent_hash.0.http_cookie' - - 'consistent_hash.0.http_header_name' - - 'consistent_hash.0.minimum_ring_size' - - name: 'minimumRingSize' - type: Integer - description: | - The minimum number of virtual nodes to use for the hash ring. - Larger ring sizes result in more granular load - distributions. If the number of hosts in the load balancing pool - is larger than the ring size, each host will be assigned a single - virtual node. - Defaults to 1024. - at_least_one_of: - - 'consistent_hash.0.http_cookie' - - 'consistent_hash.0.http_header_name' - - 'consistent_hash.0.minimum_ring_size' - default_value: 1024 - - name: 'cdnPolicy' - type: NestedObject - description: 'Cloud CDN configuration for this BackendService.' - default_from_api: true - properties: - - name: 'cacheKeyPolicy' - type: NestedObject - description: 'The CacheKeyPolicy for this CdnPolicy.' - at_least_one_of: - - 'cdn_policy.0.cache_key_policy' - - 'cdn_policy.0.signed_url_cache_max_age_sec' - properties: - - name: 'includeHost' - type: Boolean - description: | - If true requests to different hosts will be cached separately. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - - name: 'includeProtocol' - type: Boolean - description: | - If true, http and https requests will be cached separately. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - - name: 'includeQueryString' - type: Boolean - description: | - If true, include query string parameters in the cache key - according to query_string_whitelist and - query_string_blacklist. If neither is set, the entire query - string will be included. - - If false, the query string will be excluded from the cache - key entirely. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - - name: 'queryStringBlacklist' - type: Array - description: | - Names of query string parameters to exclude in cache keys. - - All other parameters will be included. Either specify - query_string_whitelist or query_string_blacklist, not both. - '&' and '=' will be percent encoded and not treated as - delimiters. - is_set: true - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'queryStringWhitelist' - type: Array - description: | - Names of query string parameters to include in cache keys. - - All other parameters will be excluded. Either specify - query_string_whitelist or query_string_blacklist, not both. - '&' and '=' will be percent encoded and not treated as - delimiters. - is_set: true - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'includeHttpHeaders' - type: Array - description: | - Allows HTTP request headers (by name) to be used in the - cache key. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'includeNamedCookies' - type: Array - description: | - Names of cookies to include in cache keys. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_http_headers' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'signedUrlCacheMaxAgeSec' - type: Integer - description: | - Maximum number of seconds the response to a signed URL request - will be considered fresh, defaults to 1hr (3600s). After this - time period, the response will be revalidated before - being served. - - When serving responses to signed URL requests, Cloud CDN will - internally behave as though all responses from this backend had a - "Cache-Control: public, max-age=[TTL]" header, regardless of any - existing Cache-Control header. The actual headers served in - responses will not be altered. - at_least_one_of: - - 'cdn_policy.0.cache_key_policy' - - 'cdn_policy.0.signed_url_cache_max_age_sec' - default_value: 3600 - - name: 'defaultTtl' - type: Integer - description: | - Specifies the default TTL for cached content served by this origin for responses - that do not have an existing valid TTL (max-age or s-max-age). - default_from_api: true - - name: 'maxTtl' - type: Integer - description: | - Specifies the maximum allowed TTL for cached content served by this origin. - default_from_api: true - - name: 'clientTtl' - type: Integer - description: | - Specifies the maximum allowed TTL for cached content served by this origin. - default_from_api: true - - name: 'negativeCaching' - type: Boolean - description: | - Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. - default_from_api: true - send_empty_value: true - - name: 'negativeCachingPolicy' - type: Array - description: | - Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. - Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. - item_type: - type: NestedObject - properties: - - name: 'code' - type: Integer - description: | - The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 - can be specified as values, and you cannot specify a status code more than once. - - name: 'ttl' - type: Integer - description: | - The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s - (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. - send_empty_value: true - - name: 'cacheMode' - type: Enum - description: | - Specifies the cache setting for all responses from this backend. - The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC - default_from_api: true - enum_values: - - 'USE_ORIGIN_HEADERS' - - 'FORCE_CACHE_ALL' - - 'CACHE_ALL_STATIC' - - name: 'serveWhileStale' - type: Integer - description: | - Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. - default_from_api: true - send_empty_value: true - - name: 'bypassCacheOnRequestHeaders' - type: Array - description: | - Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. - The cache is bypassed for all cdnPolicy.cacheMode settings. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The header field name to match on when bypassing cache. Values are case-insensitive. - required: true - - name: 'connectionDraining' - type: NestedObject - description: | - Settings for connection draining - flatten_object: true - properties: - - name: 'connection_draining_timeout_sec' - type: Integer - description: | - Time for which instance will be drained (not accept new - connections, but still work to finish started). - api_name: drainingTimeoutSec - default_value: 300 - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'customRequestHeaders' - type: Array - description: | - Headers that the HTTP/S load balancer should add to proxied - requests. - is_set: true - item_type: - type: String - - name: 'customResponseHeaders' - type: Array - description: | - Headers that the HTTP/S load balancer should add to proxied - responses. - is_set: true - item_type: - type: String - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in this - object. This field is used in optimistic locking. - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'enableCDN' - type: Boolean - description: | - If true, enable Cloud CDN for this BackendService. - - name: 'healthChecks' - type: Array - description: | - The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource - for health checking this BackendService. Currently at most one health - check can be specified. - - A health check must be specified unless the backend service uses an internet - or serverless NEG as a backend. - - For internal load balancing, a URL to a HealthCheck resource must be specified instead. - is_set: true - set_hash_func: 'tpgresource.SelfLinkRelativePathHash' - custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link_array.go.tmpl' - item_type: - type: String - min_size: 1 - max_size: 1 - - name: 'generated_id' - type: Integer - description: - 'The unique identifier for the resource. This identifier is defined by the - server.' - api_name: id - output: true - - name: 'iap' - type: NestedObject - description: Settings for enabling Cloud Identity Aware Proxy - send_empty_value: true - properties: - - name: 'enabled' - type: Boolean - description: Whether the serving infrastructure will authenticate and authorize all incoming requests. - required: true - - name: 'oauth2ClientId' - type: String - description: | - OAuth2 Client ID for IAP - - name: 'oauth2ClientSecret' - type: String - description: | - OAuth2 Client Secret for IAP - ignore_read: true - sensitive: true - send_empty_value: true - - name: 'oauth2ClientSecretSha256' - type: String - description: | - OAuth2 Client Secret SHA-256 for IAP - sensitive: true - output: true - - name: 'loadBalancingScheme' - type: Enum - description: | - Indicates whether the backend service will be used with internal or - external load balancing. A backend service created for one type of - load balancing cannot be used with the other. For more information, refer to - [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). - immutable: true - default_value: "EXTERNAL" - enum_values: - - 'EXTERNAL' - - 'INTERNAL_SELF_MANAGED' - - 'INTERNAL_MANAGED' - - 'EXTERNAL_MANAGED' - - name: 'localityLbPolicy' - type: Enum - description: | - The load balancing algorithm used within the scope of the locality. - The possible values are: - - * `ROUND_ROBIN`: This is a simple policy in which each healthy backend - is selected in round robin order. - - * `LEAST_REQUEST`: An O(1) algorithm which selects two random healthy - hosts and picks the host which has fewer active requests. - - * `RING_HASH`: The ring/modulo hash load balancer implements consistent - hashing to backends. The algorithm has the property that the - addition/removal of a host from a set of N hosts only affects - 1/N of the requests. - - * `RANDOM`: The load balancer selects a random healthy host. - - * `ORIGINAL_DESTINATION`: Backend host is selected based on the client - connection metadata, i.e., connections are opened - to the same address as the destination address of - the incoming connection before the connection - was redirected to the load balancer. - - * `MAGLEV`: used as a drop in replacement for the ring hash load balancer. - Maglev is not as stable as ring hash but has faster table lookup - build times and host selection times. For more information about - Maglev, refer to https://ai.google/research/pubs/pub44824 - - * `WEIGHTED_MAGLEV`: Per-instance weighted Load Balancing via health check - reported weights. If set, the Backend Service must - configure a non legacy HTTP-based Health Check, and - health check replies are expected to contain - non-standard HTTP response header field - X-Load-Balancing-Endpoint-Weight to specify the - per-instance weights. If set, Load Balancing is weight - based on the per-instance weights reported in the last - processed health check replies, as long as every - instance either reported a valid weight or had - UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains - equal-weight. - - This field is applicable to either: - - * A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, - and loadBalancingScheme set to INTERNAL_MANAGED. - * A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. - * A regional backend service with loadBalancingScheme set to EXTERNAL (External Network - Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External - Network Load Balancing. The default is MAGLEV. - - If session_affinity is not NONE, and this field is not set to MAGLEV, WEIGHTED_MAGLEV, - or RING_HASH, session affinity settings will not take effect. - - Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced - by a URL map that is bound to target gRPC proxy that has validate_for_proxyless - field set to true. - enum_values: - - 'ROUND_ROBIN' - - 'LEAST_REQUEST' - - 'RING_HASH' - - 'RANDOM' - - 'ORIGINAL_DESTINATION' - - 'MAGLEV' - - 'WEIGHTED_MAGLEV' - - name: 'localityLbPolicies' - type: Array - description: | - A list of locality load balancing policies to be used in order of - preference. Either the policy or the customPolicy field should be set. - Overrides any value set in the localityLbPolicy field. - - localityLbPolicies is only supported when the BackendService is referenced - by a URL Map that is referenced by a target gRPC proxy that has the - validateForProxyless field set to true. - item_type: - description: | - Container for either a built-in LB policy supported by gRPC or Envoy or - a custom one implemented by the end user. - type: NestedObject - properties: - - name: 'policy' - type: NestedObject - description: | - The configuration for a built-in load balancing policy. - exactly_one_of: - - 'policy' - - 'customPolicy' - properties: - - name: 'name' - type: Enum - description: | - The name of a locality load balancer policy to be used. The value - should be one of the predefined ones as supported by localityLbPolicy, - although at the moment only ROUND_ROBIN is supported. - - This field should only be populated when the customPolicy field is not - used. - - Note that specifying the same policy more than once for a backend is - not a valid configuration and will be rejected. - - The possible values are: - - * `ROUND_ROBIN`: This is a simple policy in which each healthy backend - is selected in round robin order. - - * `LEAST_REQUEST`: An O(1) algorithm which selects two random healthy - hosts and picks the host which has fewer active requests. - - * `RING_HASH`: The ring/modulo hash load balancer implements consistent - hashing to backends. The algorithm has the property that the - addition/removal of a host from a set of N hosts only affects - 1/N of the requests. - - * `RANDOM`: The load balancer selects a random healthy host. - - * `ORIGINAL_DESTINATION`: Backend host is selected based on the client - connection metadata, i.e., connections are opened - to the same address as the destination address of - the incoming connection before the connection - was redirected to the load balancer. - - * `MAGLEV`: used as a drop in replacement for the ring hash load balancer. - Maglev is not as stable as ring hash but has faster table lookup - build times and host selection times. For more information about - Maglev, refer to https://ai.google/research/pubs/pub44824 - required: true - enum_values: - - 'ROUND_ROBIN' - - 'LEAST_REQUEST' - - 'RING_HASH' - - 'RANDOM' - - 'ORIGINAL_DESTINATION' - - 'MAGLEV' - - name: 'customPolicy' - type: NestedObject - description: | - The configuration for a custom policy implemented by the user and - deployed with the client. - exactly_one_of: - - 'policy' - - 'customPolicy' - properties: - - name: 'name' - type: String - description: | - Identifies the custom policy. - - The value should match the type the custom implementation is registered - with on the gRPC clients. It should follow protocol buffer - message naming conventions and include the full path (e.g. - myorg.CustomLbPolicy). The maximum length is 256 characters. - - Note that specifying the same custom policy more than once for a - backend is not a valid configuration and will be rejected. - required: true - - name: 'data' - type: String - description: | - An optional, arbitrary JSON object with configuration data, understood - by a locally installed custom policy implementation. - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'outlierDetection' - type: NestedObject - description: | - Settings controlling eviction of unhealthy hosts from the load balancing pool. - Applicable backend service types can be a global backend service with the - loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. - properties: - - name: 'baseEjectionTime' - type: NestedObject - description: | - The base time that a host is ejected for. The real time is equal to the base - time multiplied by the number of times the host has been ejected. Defaults to - 30000ms or 30s. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'consecutiveErrors' - type: Integer - description: | - Number of errors before a host is ejected from the connection pool. When the - backend host is accessed over HTTP, a 5xx return code qualifies as an error. - Defaults to 5. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'consecutiveGatewayFailure' - type: Integer - description: | - The number of consecutive gateway failures (502, 503, 504 status or connection - errors that are mapped to one of those status codes) before a consecutive - gateway failure ejection occurs. Defaults to 5. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'enforcingConsecutiveErrors' - type: Integer - description: | - The percentage chance that a host will be actually ejected when an outlier - status is detected through consecutive 5xx. This setting can be used to disable - ejection or to ramp it up slowly. Defaults to 100. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'enforcingConsecutiveGatewayFailure' - type: Integer - description: | - The percentage chance that a host will be actually ejected when an outlier - status is detected through consecutive gateway failures. This setting can be - used to disable ejection or to ramp it up slowly. Defaults to 0. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'enforcingSuccessRate' - type: Integer - description: | - The percentage chance that a host will be actually ejected when an outlier - status is detected through success rate statistics. This setting can be used to - disable ejection or to ramp it up slowly. Defaults to 100. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'interval' - type: NestedObject - description: | - Time interval between ejection sweep analysis. This can result in both new - ejections as well as hosts being returned to service. Defaults to 10 seconds. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'maxEjectionPercent' - type: Integer - description: | - Maximum percentage of hosts in the load balancing pool for the backend service - that can be ejected. Defaults to 10%. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'successRateMinimumHosts' - type: Integer - description: | - The number of hosts in a cluster that must have enough request volume to detect - success rate outliers. If the number of hosts is less than this setting, outlier - detection via success rate statistics is not performed for any host in the - cluster. Defaults to 5. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'successRateRequestVolume' - type: Integer - description: | - The minimum number of total requests that must be collected in one interval (as - defined by the interval duration above) to include this host in success rate - based outlier detection. If the volume is lower than this setting, outlier - detection via success rate statistics is not performed for that host. Defaults - to 100. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'successRateStdevFactor' - type: Integer - description: | - This factor is used to determine the ejection threshold for success rate outlier - ejection. The ejection threshold is the difference between the mean success - rate, and the product of this factor and the standard deviation of the mean - success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided - by a thousand to get a double. That is, if the desired factor is 1.9, the - runtime value should be 1900. Defaults to 1900. - # 'port' is deprecated - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'portName' - type: String - description: | - Name of backend port. The same name should appear in the instance - groups referenced by this service. Required when the load balancing - scheme is EXTERNAL. - default_from_api: true - - name: 'protocol' - type: Enum - description: | - The protocol this BackendService uses to communicate with backends. - The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer - types and may result in errors if used with the GA API. **NOTE**: With protocol “UNSPECIFIED”, - the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing - with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. - default_from_api: true - enum_values: - - 'HTTP' - - 'HTTPS' - - 'HTTP2' - - 'TCP' - - 'SSL' - - 'GRPC' - - 'UNSPECIFIED' - - name: 'securityPolicy' - type: String - description: | - The security policy associated with this backend service. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'edgeSecurityPolicy' - type: String - description: | - The resource URL for the edge security policy associated with this backend service. - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'securitySettings' - type: NestedObject - description: | - The security settings that apply to this backend service. This field is applicable to either - a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and - load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the - load_balancing_scheme set to INTERNAL_SELF_MANAGED. - properties: - - name: 'clientTlsPolicy' - type: ResourceRef - description: | - ClientTlsPolicy is a resource that specifies how a client should authenticate - connections to backends of a service. This resource itself does not affect - configuration unless it is attached to a backend service resource. - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - resource: 'ClientTlsPolicy' - imports: 'name' - - name: 'subjectAltNames' - type: Array - description: | - A list of alternate names to verify the subject identity in the certificate. - If specified, the client will verify that the server certificate's subject - alt name matches one of the specified values. - item_type: - type: String - - name: 'awsV4Authentication' - type: NestedObject - description: | - The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. - Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. - properties: - - name: 'accessKeyId' - type: String - description: | - The identifier of an access key used for s3 bucket authentication. - - name: 'accessKey' - type: String - description: | - The access key used for s3 bucket authentication. - Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. - ignore_read: true - sensitive: true - send_empty_value: true - - name: 'accessKeyVersion' - type: String - description: | - The optional version identifier for the access key. You can use this to keep track of different iterations of your access key. - - name: 'originRegion' - type: String - description: | - The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. - For example, "us-east-1" for AWS or "us-ashburn-1" for OCI. - - name: 'sessionAffinity' - type: Enum - description: | - Type of session affinity to use. The default is NONE. Session affinity is - not applicable if the protocol is UDP. - default_from_api: true - enum_values: - - 'NONE' - - 'CLIENT_IP' - - 'CLIENT_IP_PORT_PROTO' - - 'CLIENT_IP_PROTO' - - 'GENERATED_COOKIE' - - 'HEADER_FIELD' - - 'HTTP_COOKIE' - - name: 'timeoutSec' - type: Integer - description: | - The backend service timeout has a different meaning depending on the type of load balancer. - For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). - The default is 30 seconds. - The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. - default_from_api: true - - name: 'logConfig' - type: NestedObject - description: | - This field denotes the logging options for the load balancer traffic served by this backend service. - If logging is enabled, logs will be exported to Stackdriver. - default_from_api: true - properties: - - name: 'enable' - type: Boolean - description: | - Whether to enable logging for the load balancer traffic served by this backend service. - send_empty_value: true - at_least_one_of: - - 'log_config.0.enable' - - 'log_config.0.sample_rate' - - name: 'sampleRate' - type: Double - description: | - This field can only be specified if logging is enabled for this backend service. The value of - the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer - where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. - The default value is 1.0. - at_least_one_of: - - 'log_config.0.enable' - - 'log_config.0.sample_rate' - diff_suppress_func: 'suppressWhenDisabled' - default_value: 1.0 - - name: 'serviceLbPolicy' - type: String - description: | - URL to networkservices.ServiceLbPolicy resource. - Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global. diff --git a/mmv1/products/compute/go_BackendServiceSignedUrlKey.yaml b/mmv1/products/compute/go_BackendServiceSignedUrlKey.yaml deleted file mode 100644 index 5b6ed7d594b0..000000000000 --- a/mmv1/products/compute/go_BackendServiceSignedUrlKey.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'BackendServiceSignedUrlKey' -kind: 'compute#BackendServiceSignedUrlKey' -description: | - A key for signing Cloud CDN signed URLs for Backend Services. -references: - guides: - 'Using Signed URLs': 'https://cloud.google.com/cdn/docs/using-signed-urls/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/backendServices' -docs: -base_url: 'projects/{{project}}/global/backendServices/{{backend_service}}' -self_link: 'projects/{{project}}/global/backendServices/{{backend_service}}' -create_url: 'projects/{{project}}/global/backendServices/{{backend_service}}/addSignedUrlKey' -delete_url: 'projects/{{project}}/global/backendServices/{{backend_service}}/deleteSignedUrlKey?keyName={{name}}' -delete_verb: 'POST' -immutable: true -mutex: 'signedUrlKey/{{project}}/backendServices/{{backend_service}}/' -exclude_import: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - name -nested_query: - keys: - - cdnPolicy - - signedUrlKeyNames - is_list_of_ids: true - modify_by_patch: false -custom_code: -exclude_tgc: true -examples: - - name: 'backend_service_signed_url_key' - primary_resource_id: 'backend_key' - vars: - key_name: 'test-key' - backend_name: 'my-backend-service' - igm_name: 'my-webservers' - external_providers: ["random", "time"] - skip_test: true -parameters: - - name: 'backendService' - type: ResourceRef - description: | - The backend service this signed URL key belongs. - required: true - immutable: true - ignore_read: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'BackendService' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the signed URL key. - api_name: keyName - required: true - immutable: true - validation: - regex: '^(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)$' - - name: 'keyValue' - type: String - description: | - 128-bit key value used for signing the URL. The key value must be a - valid RFC 4648 Section 5 base64url encoded string. - required: true - immutable: true - ignore_read: true - sensitive: true diff --git a/mmv1/products/compute/go_Disk.yaml b/mmv1/products/compute/go_Disk.yaml deleted file mode 100644 index dbd62234755c..000000000000 --- a/mmv1/products/compute/go_Disk.yaml +++ /dev/null @@ -1,517 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Disk' -kind: 'compute#disk' -description: | - Persistent disks are durable storage devices that function similarly to - the physical disks in a desktop or a server. Compute Engine manages the - hardware behind these devices to ensure data redundancy and optimize - performance for you. Persistent disks are available as either standard - hard disk drives (HDD) or solid-state drives (SSD). - - Persistent disks are located independently from your virtual machine - instances, so you can detach or move persistent disks to keep your data - even after you delete your instances. Persistent disk performance scales - automatically with size, so you can resize your existing persistent disks - or add more persistent disks to an instance to meet your performance and - storage space requirements. - - Add a persistent disk to your instance when you need reliable and - affordable storage with consistent performance characteristics. -references: - guides: - 'Adding a persistent disk': 'https://cloud.google.com/compute/docs/disks/add-persistent-disk' - api: 'https://cloud.google.com/compute/docs/reference/v1/disks' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/disks' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' - - '{{name}}' -custom_code: - constants: 'templates/terraform/constants/go/disk.tmpl' - encoder: 'templates/terraform/encoders/go/disk.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/hyper_disk.go.tmpl' - decoder: 'templates/terraform/decoders/go/disk.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/detach_disk.tmpl' -custom_diff: - - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)' - - 'hyperDiskIopsUpdateDiffSupress' -examples: - - name: 'disk_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' - vars: - disk_name: 'test-disk' - - name: 'disk_async' - primary_resource_id: 'primary' - primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' - vars: - disk_name: 'async-test-disk' - secondary_disk_name: 'async-secondary-test-disk' - - name: 'disk_features' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-test-disk%s", context["random_suffix"])' - vars: - disk_name: 'test-disk-features' -parameters: - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the disk resides.' - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' - - name: 'sourceImageEncryptionKey' - type: NestedObject - description: | - The customer-supplied encryption key of the source image. Required if - the source image is protected by a customer-supplied encryption key. - immutable: true - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied - encryption key that protects this resource. - output: true - - name: 'kmsKeySelfLink' - type: String - description: | - The self link of the encryption key used to encrypt the disk. Also called KmsKeyName - in the cloud console. Your project's Compute Engine System service account - (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have - `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. - See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys - api_name: kmsKeyName - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account used for the encryption request for the given KMS key. - If absent, the Compute Engine Service Agent service account is used. - - name: 'sourceImageId' - type: String - description: | - The ID value of the image used to create this disk. This value - identifies the exact image that was used to create this persistent - disk. For example, if you created the persistent disk from an image - that was later deleted and recreated under the same name, the source - image ID would identify the exact version of the image that was used. - output: true - - name: 'diskEncryptionKey' - type: NestedObject - description: | - Encrypts the disk using a customer-supplied encryption key. - - After you encrypt a disk with a customer-supplied key, you must - provide the same key if you use the disk later (e.g. to create a disk - snapshot or an image, or to attach the disk to a virtual machine). - - Customer-supplied encryption keys do not protect access to metadata of - the disk. - - If you do not provide an encryption key when creating the disk, then - the disk will be encrypted using an automatically generated key and - you do not need to provide a key to use the disk later. - immutable: true - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - sensitive: true - - name: 'rsaEncryptedKey' - type: String - description: | - Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit - customer-supplied encryption key to either encrypt or decrypt - this resource. You can provide either the rawKey or the rsaEncryptedKey. - sensitive: true - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied - encryption key that protects this resource. - output: true - - name: 'kmsKeySelfLink' - type: String - description: | - The self link of the encryption key used to encrypt the disk. Also called KmsKeyName - in the cloud console. Your project's Compute Engine System service account - (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have - `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. - See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys - api_name: kmsKeyName - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account used for the encryption request for the given KMS key. - If absent, the Compute Engine Service Agent service account is used. - - name: 'snapshot' - type: ResourceRef - description: | - The source snapshot used to create this disk. You can provide this as - a partial or full URL to the resource. If the snapshot is in another - project than this disk, you must supply a full URL. For example, the - following are valid values: - - * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` - * `projects/project/global/snapshots/snapshot` - * `global/snapshots/snapshot` - * `snapshot` - api_name: sourceSnapshot - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Snapshot' - imports: 'selfLink' - - name: 'sourceSnapshotEncryptionKey' - type: NestedObject - description: | - The customer-supplied encryption key of the source snapshot. Required - if the source snapshot is protected by a customer-supplied encryption - key. - immutable: true - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - name: 'kmsKeySelfLink' - type: String - description: | - The self link of the encryption key used to encrypt the disk. Also called KmsKeyName - in the cloud console. Your project's Compute Engine System service account - (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have - `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. - See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys - api_name: kmsKeyName - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied - encryption key that protects this resource. - output: true - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account used for the encryption request for the given KMS key. - If absent, the Compute Engine Service Agent service account is used. - - name: 'sourceSnapshotId' - type: String - description: | - The unique ID of the snapshot used to create this disk. This value - identifies the exact snapshot that was used to create this persistent - disk. For example, if you created the persistent disk from a snapshot - that was later deleted and recreated under the same name, the source - snapshot ID would identify the exact version of the snapshot that was - used. - output: true -properties: - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'lastAttachTimestamp' - type: Time - description: 'Last attach timestamp in RFC3339 text format.' - output: true - - name: 'lastDetachTimestamp' - type: Time - description: 'Last detach timestamp in RFC3339 text format.' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this disk. A list of key->value pairs. - update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/setLabels' - update_verb: 'POST' - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'size' - type: Integer - description: | - Size of the persistent disk, specified in GB. You can specify this - field when creating a persistent disk using the `image` or - `snapshot` parameter, or specify it alone to create an empty - persistent disk. - - If you specify this field along with `image` or `snapshot`, - the value must not be less than the size of the image - or the size of the snapshot. - - ~>**NOTE** If you change the size, Terraform updates the disk size - if upsizing is detected but recreates the disk if downsizing is requested. - You can add `lifecycle.prevent_destroy` in the config to prevent destroying - and recreating. - api_name: sizeGb - default_from_api: true - update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}/resize' - update_verb: 'POST' - - name: 'users' - type: Array - description: | - Links to the users of the disk (attached instances) in form: - project/zones/zone/instances/instance - output: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'user' - type: ResourceRef - description: 'A reference to a user of this disk' - resource: 'Instance' - imports: 'selfLink' - - name: 'physicalBlockSizeBytes' - type: Integer - description: | - Physical block size of the persistent disk, in bytes. If not present - in a request, a default value is used. Currently supported sizes - are 4096 and 16384, other sizes may be added in the future. - If an unsupported value is requested, the error message will list - the supported values for the caller's project. - default_from_api: true - - name: 'interface' - type: String - description: | - Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. - min_version: 'beta' - url_param_only: true - diff_suppress_func: 'AlwaysDiffSuppress' - default_value: "SCSI" - deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' - - name: 'sourceDisk' - type: String - description: | - The source disk used to create this disk. You can provide this as a partial or full URL to the resource. - For example, the following are valid values: - - * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/disks/{disk} - * https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/disks/{disk} - * projects/{project}/zones/{zone}/disks/{disk} - * projects/{project}/regions/{region}/disks/{disk} - * zones/{zone}/disks/{disk} - * regions/{region}/disks/{disk} - diff_suppress_func: 'sourceDiskDiffSupress' - - name: 'sourceDiskId' - type: String - description: | - The ID value of the disk used to create this image. This value may - be used to determine whether the image was taken from the current - or a previous instance of a given disk name. - output: true - - name: 'DiskId' - type: String - description: | - The unique identifier for the resource. This identifier is defined by the server. - api_name: id - output: true - - name: 'type' - type: ResourceRef - description: | - URL of the disk type resource describing which disk type to use to - create the disk. Provide this when creating the disk. - diff_suppress_func: 'tpgresource.CompareResourceNames' - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - default_value: "pd-standard" - resource: 'DiskType' - imports: 'selfLink' - - name: 'image' - type: String - description: | - The image from which to initialize this disk. This can be - one of: the image's `self_link`, `projects/{project}/global/images/{image}`, - `projects/{project}/global/images/family/{family}`, `global/images/{image}`, - `global/images/family/{family}`, `family/{family}`, `{project}/{family}`, - `{project}/{image}`, `{family}`, or `{image}`. If referred by family, the - images names must include the family name. If they don't, use the - [google_compute_image data source](/docs/providers/google/d/compute_image.html). - For instance, the image `centos-6-v20180104` includes its family name `centos-6`. - These images can be referred by family name here. - api_name: sourceImage - immutable: true - diff_suppress_func: 'DiskImageDiffSuppress' - - name: 'resourcePolicies' - type: Array - description: | - Resource policies applied to this disk for automatic snapshot creations. - - ~>**NOTE** This value does not support updating the - resource policy, as resource policies can not be updated more than - one at a time. Use - [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) - to allow for updating the resource policy attached to the disk. - min_version: 'beta' - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'resourcePolicy' - type: ResourceRef - description: - 'A resource policy applied to this disk for automatic snapshot - creations.' - resource: 'ResourcePolicy' - imports: 'selfLink' - - name: 'enableConfidentialCompute' - type: Boolean - description: | - Whether this disk is using confidential compute mode. - Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true - required: false - default_from_api: true - - name: 'multiWriter' - type: Boolean - description: | - Indicates whether or not the disk can be read/write attached to more than one instance. - min_version: 'beta' - - name: 'provisionedIops' - type: Integer - description: | - Indicates how many IOPS must be provisioned for the disk. - Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk - allows for an update of IOPS every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it - required: false - default_from_api: true - update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedIops' - update_verb: 'PATCH' - - name: 'provisionedThroughput' - type: Integer - description: | - Indicates how much Throughput must be provisioned for the disk. - Note: Updating currently is only supported by hyperdisk skus without the need to delete and recreate the disk, hyperdisk - allows for an update of Throughput every 4 hours. To update your hyperdisk more frequently, you'll need to manually delete and recreate it - default_from_api: true - update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=provisionedThroughput' - update_verb: 'PATCH' - - name: 'asyncPrimaryDisk' - type: NestedObject - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - properties: - - name: 'disk' - type: String - description: | - Primary disk for asynchronous disk replication. - required: true - - name: 'guestOsFeatures' - type: Array - description: | - A list of features to enable on the guest operating system. - Applicable only for bootable disks. - is_set: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: String - description: | - The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - required: true - - name: 'licenses' - type: Array - description: Any applicable license URI. - immutable: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'license' - type: ResourceRef - description: 'An applicable license URI' - resource: 'License' - imports: 'selfLink' - - name: 'storagePool' - type: String - description: | - The URL of the storage pool in which the new disk is created. - For example: - * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} - * /projects/{project}/zones/{zone}/storagePools/{storagePool} - required: false - immutable: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'accessMode' - type: String - description: | - The accessMode of the disk. - For example: - * READ_WRITE_SINGLE - * READ_WRITE_MANY - * READ_ONLY_SINGLE - required: false - immutable: false - default_from_api: true - update_url: 'projects/{{project}}/zones/{{zone}}/disks/{{name}}?paths=accessMode' - update_verb: 'PATCH' diff --git a/mmv1/products/compute/go_DiskResourcePolicyAttachment.yaml b/mmv1/products/compute/go_DiskResourcePolicyAttachment.yaml deleted file mode 100644 index 744b21f80c6b..000000000000 --- a/mmv1/products/compute/go_DiskResourcePolicyAttachment.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DiskResourcePolicyAttachment' -description: | - Adds existing resource policies to a disk. You can only add one policy - which will be applied to this disk for scheduling snapshot creation. - - ~> **Note:** This resource does not support regional disks (`google_compute_region_disk`). For regional disks, please refer to [`google_compute_region_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_disk_resource_policy_attachment) -docs: -id_format: '{{project}}/{{zone}}/{{disk}}/{{name}}' -base_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' -self_link: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}' -create_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}/addResourcePolicies' -delete_url: 'projects/{{project}}/zones/{{zone}}/disks/{{disk}}/removeResourcePolicies' -delete_verb: 'POST' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - name -nested_query: - keys: - - resourcePolicies - is_list_of_ids: true - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_disk_resource_policies_attachment.go.tmpl' - decoder: 'templates/terraform/decoders/go/compute_disk_resource_policies_attachment.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_disk_resource_policies_attachment.go.tmpl' -examples: - - name: 'disk_resource_policy_attachment_basic' - primary_resource_id: 'attachment' - vars: - disk_name: 'my-disk' - policy_name: 'my-resource-policy' -parameters: - - name: 'disk' - type: ResourceRef - description: | - The name of the disk in which the resource policies are attached to. - url_param_only: true - required: true - resource: 'Disk' - imports: 'name' - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the disk resides.' - url_param_only: true - required: false - ignore_read: true - default_from_api: true - resource: 'Zone' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The resource policy to be attached to the disk for scheduling snapshot - creation. Do not specify the self link. - required: true diff --git a/mmv1/products/compute/go_DiskType.yaml b/mmv1/products/compute/go_DiskType.yaml deleted file mode 100644 index ca11c8ebb5d0..000000000000 --- a/mmv1/products/compute/go_DiskType.yaml +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DiskType' -kind: 'compute#diskType' -description: | - Represents a DiskType resource. A DiskType resource represents the type - of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a disk - type, use the disk type's full or partial URL. -# TODO(nelsonjr): Temporarily make DiskType virtual so no tests gets -# triggered for create. Implement support for read only objects, and delete -# the virtual tag -# | readonly: true -exclude: true -readonly: true -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/diskTypes' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'items' -custom_code: -parameters: - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the disk type resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'defaultDiskSizeGb' - type: Integer - description: 'Server-defined default disk size in GB.' - output: true - - name: 'deprecated' - type: NestedObject - description: 'The deprecation status associated with this disk type.' - output: true - properties: - - name: 'deleted' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to DELETED. - output: true - - name: 'deprecated' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to DEPRECATED. - output: true - - name: 'obsolete' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to OBSOLETE. - output: true - - name: 'replacement' - type: String - description: | - The URL of the suggested replacement for a deprecated resource. The - suggested replacement resource must be the same kind of resource as - the deprecated resource. - output: true - - name: 'state' - type: Enum - description: | - The deprecation state of this resource. This can be DEPRECATED, - OBSOLETE, or DELETED. Operations which create a new resource using a - DEPRECATED resource will return successfully, but with a warning - indicating the deprecated resource and recommending its replacement. - Operations which use OBSOLETE or DELETED resources will be rejected - and result in an error. - output: true - enum_values: - - 'DEPRECATED' - - 'OBSOLETE' - - 'DELETED' - - name: 'description' - type: String - description: 'An optional description of this resource.' - output: true - - name: 'id' - type: Integer - description: 'The unique identifier for the resource.' - output: true - - name: 'name' - type: String - description: 'Name of the resource.' - - name: 'validDiskSize' - type: String - description: | - An optional textual description of the valid disk size, such as - "10GB-10TB". - output: true diff --git a/mmv1/products/compute/go_ExternalVpnGateway.yaml b/mmv1/products/compute/go_ExternalVpnGateway.yaml deleted file mode 100644 index 763cc50878f6..000000000000 --- a/mmv1/products/compute/go_ExternalVpnGateway.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ExternalVpnGateway' -kind: 'compute#externalVpnGateway' -description: | - Represents a VPN gateway managed outside of GCP. -references: - guides: - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/externalVpnGateways' -docs: -base_url: 'projects/{{project}}/global/externalVpnGateways' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'external_vpn_gateway' - primary_resource_id: 'external_gateway' - vars: - ha_vpn_gateway_name: 'ha-vpn' - network_name: 'network-1' - external_gateway_name: 'external-gateway' - global_address_name: 'global-address' - router_name: 'ha-vpn-router1' - skip_vcr: true - - name: 'only_external_vpn_gateway_full' - primary_resource_id: 'external_gateway' - vars: - external_gateway_name: 'external-gateway' - skip_docs: true -parameters: -properties: - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'labels' - type: KeyValueLabels - description: 'Labels for the external VPN gateway resource.' - update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/global/externalVpnGateways/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - - name: 'redundancyType' - type: Enum - description: | - Indicates the redundancy type of this external VPN gateway - enum_values: - - 'FOUR_IPS_REDUNDANCY' - - 'SINGLE_IP_INTERNALLY_REDUNDANT' - - 'TWO_IPS_REDUNDANCY' - - name: 'interface' - type: Array - description: | - A list of interfaces on this external VPN gateway. - api_name: interfaces - item_type: - type: NestedObject - properties: - - name: 'id' - type: Integer - description: | - The numeric ID for this interface. Allowed values are based on the redundancy type - of this external VPN gateway - * `0 - SINGLE_IP_INTERNALLY_REDUNDANT` - * `0, 1 - TWO_IPS_REDUNDANCY` - * `0, 1, 2, 3 - FOUR_IPS_REDUNDANCY` - send_empty_value: true - - name: 'ipAddress' - type: String - description: | - IP address of the interface in the external VPN gateway. - Only IPv4 is supported. This IP address can be either from - your on-premise gateway or another Cloud provider's VPN gateway, - it cannot be an IP address from Google Compute Engine. diff --git a/mmv1/products/compute/go_Firewall.yaml b/mmv1/products/compute/go_Firewall.yaml deleted file mode 100644 index 0b36c5309d57..000000000000 --- a/mmv1/products/compute/go_Firewall.yaml +++ /dev/null @@ -1,333 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Firewall' -kind: 'compute#firewall' -description: | - Each network has its own firewall controlling access to and from the - instances. - - All traffic to instances, even from other instances, is blocked by the - firewall unless firewall rules are created to allow it. - - The default network has automatically created firewall rules that are - shown in default firewall rules. No manually created network has - automatically created firewall rules except for a default "allow" rule for - outgoing traffic and a default "deny" for incoming traffic. For all - networks except the default network, you must create any firewall rules - you need. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/vpc/docs/firewalls' - api: 'https://cloud.google.com/compute/docs/reference/v1/firewalls' -docs: - optional_properties: | - * `enable_logging` - (Optional, Deprecated) This field denotes whether to enable logging for a particular firewall rule. - If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config` -base_url: 'projects/{{project}}/global/firewalls' -has_self_link: true -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/firewall.tmpl' - constants: 'templates/terraform/constants/go/firewall.tmpl' -custom_diff: - - 'resourceComputeFirewallEnableLoggingCustomizeDiff' - - 'resourceComputeFirewallSourceFieldsCustomizeDiff' -schema_version: 1 -migrate_state: 'resourceComputeFirewallMigrateState' -examples: - - name: 'firewall_basic' - primary_resource_id: 'default' - vars: - firewall_name: 'test-firewall' - network_name: 'test-network' - - name: 'firewall_with_target_tags' - primary_resource_id: 'rules' - vars: - firewall_name: 'my-firewall-rule' - test_env_vars: - project: 'PROJECT_NAME' -parameters: -properties: - - name: 'allow' - type: Array - description: | - The list of ALLOW rules specified by this firewall. Each rule - specifies a protocol and port-range tuple that describes a permitted - connection. - api_name: allowed - is_set: true - exactly_one_of: - - 'allow' - - 'deny' - set_hash_func: 'resourceComputeFirewallRuleHash' - item_type: - type: NestedObject - properties: - - name: 'protocol' - type: String - description: | - The IP protocol to which this rule applies. The protocol type is - required when creating a firewall rule. This value can either be - one of the following well known protocol strings (tcp, udp, - icmp, esp, ah, sctp, ipip, all), or the IP protocol number. - api_name: IPProtocol - required: true - diff_suppress_func: 'tpgresource.CaseDiffSuppress' - - name: 'ports' - type: Array - description: | - An optional list of ports to which this rule applies. This field - is only applicable for UDP or TCP protocol. Each entry must be - either an integer or a range. If not specified, this rule - applies to connections through any port. - - Example inputs include: [22], [80, 443], and - ["12345-12349"]. - item_type: - type: String - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'deny' - type: Array - description: | - The list of DENY rules specified by this firewall. Each rule specifies - a protocol and port-range tuple that describes a denied connection. - api_name: denied - is_set: true - exactly_one_of: - - 'allow' - - 'deny' - set_hash_func: 'resourceComputeFirewallRuleHash' - item_type: - type: NestedObject - properties: - - name: 'protocol' - type: String - description: | - The IP protocol to which this rule applies. The protocol type is - required when creating a firewall rule. This value can either be - one of the following well known protocol strings (tcp, udp, - icmp, esp, ah, sctp, ipip, all), or the IP protocol number. - api_name: IPProtocol - required: true - diff_suppress_func: 'tpgresource.CaseDiffSuppress' - - name: 'ports' - type: Array - description: | - An optional list of ports to which this rule applies. This field - is only applicable for UDP or TCP protocol. Each entry must be - either an integer or a range. If not specified, this rule - applies to connections through any port. - - Example inputs include: [22], [80, 443], and - ["12345-12349"]. - item_type: - type: String - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - send_empty_value: true - - name: 'destinationRanges' - type: Array - description: | - If destination ranges are specified, the firewall will apply only to - traffic that has destination IP address in these ranges. These ranges - must be expressed in CIDR format. IPv4 or IPv6 ranges are supported. - is_set: true - default_from_api: true - item_type: - type: String - - name: 'direction' - type: Enum - description: | - Direction of traffic to which this firewall applies; default is - INGRESS. Note: For INGRESS traffic, one of `source_ranges`, - `source_tags` or `source_service_accounts` is required. - immutable: true - default_from_api: true - enum_values: - - 'INGRESS' - - 'EGRESS' - - name: 'disabled' - type: Boolean - description: | - Denotes whether the firewall rule is disabled, i.e not applied to the - network it is associated with. When set to true, the firewall rule is - not enforced and the network behaves as if it did not exist. If this - is unspecified, the firewall rule will be enabled. - send_empty_value: true - - name: 'logConfig' - type: NestedObject - description: | - This field denotes the logging options for a particular firewall rule. - If defined, logging is enabled, and logs will be exported to Cloud Logging. - send_empty_value: true - diff_suppress_func: 'diffSuppressEnableLogging' - custom_flatten: 'templates/terraform/custom_flatten/go/firewall_log_config.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/firewall_log_config.go.tmpl' - properties: - - name: 'metadata' - type: Enum - description: | - This field denotes whether to include or exclude metadata for firewall logs. - required: true - enum_values: - - 'EXCLUDE_ALL_METADATA' - - 'INCLUDE_ALL_METADATA' - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' - - name: 'network' - type: ResourceRef - description: | - The name or self_link of the network to attach this firewall to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'priority' - type: Integer - description: | - Priority for this rule. This is an integer between 0 and 65535, both - inclusive. When not specified, the value assumed is 1000. Relative - priorities determine precedence of conflicting rules. Lower value of - priority implies higher precedence (eg, a rule with priority 0 has - higher precedence than a rule with priority 1). DENY rules take - precedence over ALLOW rules having equal priority. - send_empty_value: true - validation: - function: 'validation.IntBetween(0, 65535)' - default_value: 1000 - - name: 'sourceRanges' - type: Array - description: | - If source ranges are specified, the firewall will apply only to - traffic that has source IP address in these ranges. These ranges must - be expressed in CIDR format. One or both of sourceRanges and - sourceTags may be set. If both properties are set, the firewall will - apply to traffic that has source IP address within sourceRanges OR the - source IP that belongs to a tag listed in the sourceTags property. The - connection does not need to match both properties for the firewall to - apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of - `source_ranges`, `source_tags` or `source_service_accounts` is required. - is_set: true - diff_suppress_func: 'diffSuppressSourceRanges' - item_type: - type: String - - name: 'sourceServiceAccounts' - type: Array - description: | - If source service accounts are specified, the firewall will apply only - to traffic originating from an instance with a service account in this - list. Source service accounts cannot be used to control traffic to an - instance's external IP address because service accounts are associated - with an instance, not an IP address. sourceRanges can be set at the - same time as sourceServiceAccounts. If both are set, the firewall will - apply to traffic that has source IP address within sourceRanges OR the - source IP belongs to an instance with service account listed in - sourceServiceAccount. The connection does not need to match both - properties for the firewall to apply. sourceServiceAccounts cannot be - used at the same time as sourceTags or targetTags. For INGRESS traffic, - one of `source_ranges`, `source_tags` or `source_service_accounts` is required. - is_set: true - conflicts: - - source_tags - - target_tags - item_type: - type: String - max_size: 10 - - name: 'sourceTags' - type: Array - description: | - If source tags are specified, the firewall will apply only to traffic - with source IP that belongs to a tag listed in source tags. Source - tags cannot be used to control traffic to an instance's external IP - address. Because tags are associated with an instance, not an IP - address. One or both of sourceRanges and sourceTags may be set. If - both properties are set, the firewall will apply to traffic that has - source IP address within sourceRanges OR the source IP that belongs to - a tag listed in the sourceTags property. The connection does not need - to match both properties for the firewall to apply. For INGRESS traffic, - one of `source_ranges`, `source_tags` or `source_service_accounts` is required. - is_set: true - conflicts: - - source_service_accounts - - target_service_accounts - item_type: - type: String - - name: 'targetServiceAccounts' - type: Array - description: | - A list of service accounts indicating sets of instances located in the - network that may make network connections as specified in allowed[]. - targetServiceAccounts cannot be used at the same time as targetTags or - sourceTags. If neither targetServiceAccounts nor targetTags are - specified, the firewall rule applies to all instances on the specified - network. - is_set: true - conflicts: - - source_tags - - target_tags - item_type: - type: String - max_size: 10 - - name: 'targetTags' - type: Array - description: | - A list of instance tags indicating sets of instances located in the - network that may make network connections as specified in allowed[]. - If no targetTags are specified, the firewall rule applies to all - instances on the specified network. - is_set: true - conflicts: - - source_service_accounts - - target_service_accounts - item_type: - type: String diff --git a/mmv1/products/compute/go_ForwardingRule.yaml b/mmv1/products/compute/go_ForwardingRule.yaml deleted file mode 100644 index e3a13970e4c2..000000000000 --- a/mmv1/products/compute/go_ForwardingRule.yaml +++ /dev/null @@ -1,656 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ForwardingRule' -kind: 'compute#forwardingRule' -description: | - A ForwardingRule resource. A ForwardingRule resource specifies which pool - of target virtual machines to forward a packet to if it matches the given - [IPAddress, IPProtocol, portRange] tuple. -skip_attribution_label: true -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules' - api: 'https://cloud.google.com/compute/docs/reference/v1/forwardingRules' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/forwardingRules' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/compute_forwarding_rule.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/compute_forwarding_rule.go.tmpl' - post_create: 'templates/terraform/post_create/go/labels.tmpl' -custom_diff: - - 'forwardingRuleCustomizeDiff' -legacy_long_form_project: true -examples: - - name: 'internal_http_lb_with_mig_backend' - primary_resource_id: 'google_compute_forwarding_rule' - min_version: 'beta' - vars: - ilb_network_name: 'l7-ilb-network' - proxy_subnet_name: 'l7-ilb-proxy-subnet' - backend_subnet_name: 'l7-ilb-subnet' - forwarding_rule_name: 'l7-ilb-forwarding-rule' - target_http_proxy_name: 'l7-ilb-target-http-proxy' - regional_url_map_name: 'l7-ilb-regional-url-map' - backend_service_name: 'l7-ilb-backend-subnet' - mig_template_name: 'l7-ilb-mig-template' - hc_name: 'l7-ilb-hc' - mig_name: 'l7-ilb-mig1' - fw_allow_iap_hc_name: 'l7-ilb-fw-allow-iap-hc' - fw_allow_ilb_to_backends_name: 'l7-ilb-fw-allow-ilb-to-backends' - vm_test_name: 'l7-ilb-test-vm' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'internal_tcp_udp_lb_with_mig_backend' - primary_resource_id: 'google_compute_forwarding_rule' - min_version: 'beta' - vars: - ilb_network_name: 'l4-ilb-network' - backend_subnet_name: 'l4-ilb-subnet' - forwarding_rule_name: 'l4-ilb-forwarding-rule' - backend_service_name: 'l4-ilb-backend-subnet' - mig_template_name: 'l4-ilb-mig-template' - hc_name: 'l4-ilb-hc' - mig_name: 'l4-ilb-mig1' - fw_allow_hc_name: 'l4-ilb-fw-allow-hc' - fw_allow_ilb_to_backends_name: 'l4-ilb-fw-allow-ilb-to-backends' - fw_allow_ilb_ssh_name: 'l4-ilb-fw-ssh' - vm_test_name: 'l4-ilb-test-vm' - - name: 'forwarding_rule_externallb' - primary_resource_id: 'default' - min_version: 'beta' - vars: - forwarding_rule_name: 'website-forwarding-rule' - backend_name: 'website-backend' - network_name: 'website-net' - ignore_read_extra: - - 'port_range' - - name: 'forwarding_rule_global_internallb' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'website-forwarding-rule' - backend_name: 'website-backend' - network_name: 'website-net' - - name: 'forwarding_rule_basic' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'website-forwarding-rule' - target_pool_name: 'website-target-pool' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'forwarding_rule_l3_default' - primary_resource_id: 'fwd_rule' - min_version: 'beta' - vars: - forwarding_rule_name: 'l3-forwarding-rule' - service_name: 'service' - health_check_name: 'health-check' - - name: 'forwarding_rule_internallb' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'website-forwarding-rule' - backend_name: 'website-backend' - network_name: 'website-net' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'forwarding_rule_http_lb' - primary_resource_id: 'default' - min_version: 'beta' - vars: - forwarding_rule_name: 'website-forwarding-rule' - region_target_http_proxy_name: 'website-proxy' - region_url_map_name: 'website-map' - region_backend_service_name: 'website-backend' - region_health_check_name: 'website-hc' - rigm_name: 'website-rigm' - network_name: 'website-net' - fw_name: 'website-fw' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'forwarding_rule_regional_http_xlb' - primary_resource_id: 'default' - min_version: 'beta' - vars: - forwarding_rule_name: 'website-forwarding-rule' - region_target_http_proxy_name: 'website-proxy' - region_url_map_name: 'website-map' - region_backend_service_name: 'website-backend' - region_health_check_name: 'website-hc' - rigm_name: 'website-rigm' - network_name: 'website-net' - fw_name: 'website-fw' - ip_name: 'website-ip' - ignore_read_extra: - - 'port_range' - - 'target' - - 'ip_address' - - name: 'forwarding_rule_vpc_psc' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'psc-endpoint' - consumer_network_name: 'consumer-net' - ip_name: 'website-ip' - producer_network_name: 'producer-net' - producer_psc_network_name: 'producer-psc-net' - service_attachment_name: 'producer-service' - producer_forwarding_rule_name: 'producer-forwarding-rule' - producer_backend_name: 'producer-service-backend' - producer_healthcheck_name: 'producer-service-health-check' - ignore_read_extra: - - 'port_range' - - 'target' - - 'ip_address' - - name: 'forwarding_rule_vpc_psc_no_automate_dns' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'psc-endpoint' - consumer_network_name: 'consumer-net' - ip_name: 'website-ip' - producer_network_name: 'producer-net' - producer_psc_network_name: 'producer-psc-net' - service_attachment_name: 'producer-service' - producer_forwarding_rule_name: 'producer-forwarding-rule' - producer_backend_name: 'producer-service-backend' - producer_healthcheck_name: 'producer-service-health-check' - ignore_read_extra: - - 'port_range' - - 'target' - - 'ip_address' - - name: 'forwarding_rule_regional_steering' - primary_resource_id: 'steering' - vars: - forwarding_rule_name: 'steering-rule' - ip_name: 'website-ip' - backend_name: 'service-backend' - external_forwarding_rule_name: 'external-forwarding-rule' - - name: 'forwarding_rule_internallb_ipv6' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'ilb-ipv6-forwarding-rule' - backend_name: 'ilb-ipv6-backend' - network_name: 'net-ipv6' - subnet_name: 'subnet-internal-ipv6' - ignore_read_extra: - - 'port_range' - - 'target' -virtual_fields: - - name: 'recreate_closed_psc' - description: - This is used in PSC consumer ForwardingRule to make terraform recreate the ForwardingRule when the status is closed - type: Boolean - default_value: false -parameters: - - name: 'region' - type: ResourceRef - description: | - A reference to the region where the regional forwarding rule resides. - - This field is not applicable to global forwarding rules. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'isMirroringCollector' - type: Boolean - description: | - Indicates whether or not this load balancer can be used as a collector for - packet mirroring. To prevent mirroring loops, instances behind this - load balancer will not have their traffic mirrored even if a - `PacketMirroring` rule applies to them. - - This can only be set to true for load balancers that have their - `loadBalancingScheme` set to `INTERNAL`. - - name: 'forwardingRuleId' - type: Integer - description: | - The unique identifier number for the resource. This identifier is defined by the server. - api_name: id - output: true - - name: 'pscConnectionId' - type: String - description: 'The PSC connection id of the PSC Forwarding Rule.' - output: true - - name: 'pscConnectionStatus' - type: String - description: - 'The PSC connection status of the PSC Forwarding Rule. Possible values: - `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - # This is a multi-resource resource reference (Address, GlobalAddress) - - name: 'IPAddress' - type: String - description: | - IP address for which this forwarding rule accepts traffic. When a client - sends traffic to this IP address, the forwarding rule directs the traffic - to the referenced `target` or `backendService`. - - While creating a forwarding rule, specifying an `IPAddress` is - required under the following circumstances: - - * When the `target` is set to `targetGrpcProxy` and - `validateForProxyless` is set to `true`, the - `IPAddress` should be set to `0.0.0.0`. - * When the `target` is a Private Service Connect Google APIs - bundle, you must specify an `IPAddress`. - - Otherwise, you can optionally specify an IP address that references an - existing static (reserved) IP address resource. When omitted, Google Cloud - assigns an ephemeral IP address. - - Use one of the following formats to specify an IP address while creating a - forwarding rule: - - * IP address number, as in `100.1.2.3` - * IPv6 address range, as in `2600:1234::/96` - * Full resource URL, as in - `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` - * Partial URL or by name, as in: - * `projects/project_id/regions/region/addresses/address-name` - * `regions/region/addresses/address-name` - * `global/addresses/address-name` - * `address-name` - - The forwarding rule's `target` or `backendService`, - and in most cases, also the `loadBalancingScheme`, determine the - type of IP address that you can use. For detailed information, see - [IP address - specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). - - When reading an `IPAddress`, the API always returns the IP - address number. - default_from_api: true - diff_suppress_func: 'InternalIpDiffSuppress' - - name: 'IPProtocol' - type: Enum - description: | - The IP protocol to which this rule applies. - - For protocol forwarding, valid - options are `TCP`, `UDP`, `ESP`, - `AH`, `SCTP`, `ICMP` and - `L3_DEFAULT`. - - The valid IP protocols are different for different load balancing products - as described in [Load balancing - features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). - - A Forwarding Rule with protocol L3_DEFAULT can attach with target instance or - backend service with UNSPECIFIED protocol. - A forwarding rule with "L3_DEFAULT" IPProtocal cannot be attached to a backend service with TCP or UDP. - default_from_api: true - diff_suppress_func: 'tpgresource.CaseDiffSuppress' - enum_values: - - 'TCP' - - 'UDP' - - 'ESP' - - 'AH' - - 'SCTP' - - 'ICMP' - - 'L3_DEFAULT' - - name: 'backendService' - type: ResourceRef - description: | - Identifies the backend service to which the forwarding rule sends traffic. - - Required for Internal TCP/UDP Load Balancing and Network Load Balancing; - must be omitted for all other load balancer types. - custom_expand: 'templates/terraform/custom_expand/go/self_link_from_name.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'loadBalancingScheme' - type: Enum - description: | - Specifies the forwarding rule type. - - For more information about forwarding rules, refer to - [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). - default_value: "EXTERNAL" - enum_values: - - 'EXTERNAL' - - 'EXTERNAL_MANAGED' - - 'INTERNAL' - - 'INTERNAL_MANAGED' - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is created. - The name must be 1-63 characters long, and comply with - [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). - - Specifically, the name must be 1-63 characters long and match the regular - expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first - character must be a lowercase letter, and all following characters must - be a dash, lowercase letter, or digit, except the last character, which - cannot be a dash. - - For Private Service Connect forwarding rules that forward traffic to Google - APIs, the forwarding rule name must be a 1-20 characters string with - lowercase letters and numbers and must start with a letter. - required: true - - name: 'network' - type: ResourceRef - description: | - This field is not used for external load balancing. - - For Internal TCP/UDP Load Balancing, this field identifies the network that - the load balanced IP should belong to for this Forwarding Rule. - If the subnetwork is specified, the network of the subnetwork will be used. - If neither subnetwork nor this field is specified, the default network will - be used. - - For Private Service Connect forwarding rules that forward traffic to Google - APIs, a network must be provided. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'portRange' - type: String - description: | - The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. - Only packets addressed to ports in the specified range will be forwarded - to the backends configured with this forwarding rule. - - The `portRange` field has the following limitations: - * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, - and - * It's applicable only to the following products: external passthrough - Network Load Balancers, internal and external proxy Network Load - Balancers, internal and external Application Load Balancers, external - protocol forwarding, and Classic VPN. - * Some products have restrictions on what ports can be used. See - [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) - for details. - - For external forwarding rules, two or more forwarding rules cannot use the - same `[IPAddress, IPProtocol]` pair, and cannot have overlapping - `portRange`s. - - For internal forwarding rules within the same VPC network, two or more - forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and - cannot have overlapping `portRange`s. - - @pattern: \d+(?:-\d+)? - default_from_api: true - diff_suppress_func: 'PortRangeDiffSuppress' - - name: 'ports' - type: Array - description: | - The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. - Only packets addressed to ports in the specified range will be forwarded - to the backends configured with this forwarding rule. - - The `ports` field has the following limitations: - * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, - and - * It's applicable only to the following products: internal passthrough - Network Load Balancers, backend service-based external passthrough Network - Load Balancers, and internal protocol forwarding. - * You can specify a list of up to five ports by number, separated by - commas. The ports can be contiguous or discontiguous. - - For external forwarding rules, two or more forwarding rules cannot use the - same `[IPAddress, IPProtocol]` pair if they share at least one port - number. - - For internal forwarding rules within the same VPC network, two or more - forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair if - they share at least one port number. - - @pattern: \d+(?:-\d+)? - is_set: true - custom_expand: 'templates/terraform/custom_expand/go/set_to_list.tmpl' - item_type: - type: String - max_size: 5 - - name: 'subnetwork' - type: ResourceRef - description: | - This field identifies the subnetwork that the load balanced IP should - belong to for this Forwarding Rule, used in internal load balancing and - network load balancing with IPv6. - - If the network specified is in auto subnet mode, this field is optional. - However, a subnetwork must be specified if the network is in custom subnet - mode or when creating external forwarding rule with IPv6. - # This is a multi-resource resource reference (TargetHttp(s)Proxy, - # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, - # TargetInstance) - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'target' - type: String - description: | - The URL of the target resource to receive the matched traffic. For - regional forwarding rules, this target must be in the same region as the - forwarding rule. For global forwarding rules, this target must be a global - load balancing resource. - - The forwarded traffic must be of a type appropriate to the target object. - * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). - * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: - * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). - * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). - - For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. - update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setTarget' - update_verb: 'POST' - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - custom_expand: 'templates/terraform/custom_expand/go/self_link_from_name.tmpl' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'allowGlobalAccess' - type: Boolean - description: | - This field is used along with the `backend_service` field for - internal load balancing or with the `target` field for internal - TargetInstance. - - If the field is set to `TRUE`, clients can access ILB from all - regions. - - Otherwise only allows access from clients in the same region as the - internal load balancer. - send_empty_value: true - update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' - update_verb: 'PATCH' - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this forwarding rule. A list of key->value pairs. - update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}/setLabels' - update_verb: 'POST' - - name: 'allPorts' - type: Boolean - description: | - The `ports`, `portRange`, and `allPorts` fields are mutually exclusive. - Only packets addressed to ports in the specified range will be forwarded - to the backends configured with this forwarding rule. - - The `allPorts` field has the following limitations: - * It requires that the forwarding rule `IPProtocol` be TCP, UDP, SCTP, or - L3_DEFAULT. - * It's applicable only to the following products: internal passthrough - Network Load Balancers, backend service-based external passthrough Network - Load Balancers, and internal and external protocol forwarding. - * Set this field to true to allow packets addressed to any port or packets - lacking destination port information (for example, UDP fragments after the - first fragment) to be forwarded to the backends configured with this - forwarding rule. The L3_DEFAULT protocol requires `allPorts` be set to - true. - - name: 'networkTier' - type: Enum - description: | - This signifies the networking tier used for configuring - this load balancer and can only take the following values: - `PREMIUM`, `STANDARD`. - - For regional ForwardingRule, the valid values are `PREMIUM` and - `STANDARD`. For GlobalForwardingRule, the valid value is - `PREMIUM`. - - If this field is not specified, it is assumed to be `PREMIUM`. - If `IPAddress` is specified, this value must be equal to the - networkTier of the Address. - immutable: true - default_from_api: true - enum_values: - - 'PREMIUM' - - 'STANDARD' - - name: 'serviceDirectoryRegistrations' - type: Array - description: | - Service Directory resources to register this forwarding rule with. - - Currently, only supports a single Service Directory resource. - immutable: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'namespace' - type: String - description: | - Service Directory namespace to register the forwarding rule under. - immutable: true - default_from_api: true - - name: 'service' - type: String - description: | - Service Directory service to register the forwarding rule under. - immutable: true - min_size: 0 - max_size: 1 - - name: 'serviceLabel' - type: String - description: | - An optional prefix to the service name for this Forwarding Rule. - If specified, will be the first label of the fully qualified service - name. - - The label must be 1-63 characters long, and comply with RFC1035. - Specifically, the label must be 1-63 characters long and match the - regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first - character must be a lowercase letter, and all following characters - must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - - This field is only used for INTERNAL load balancing. - validation: - function: 'verify.ValidateGCEName' - - name: 'serviceName' - type: String - description: | - The internal fully qualified service name for this Forwarding Rule. - - This field is only used for INTERNAL load balancing. - output: true - - name: 'sourceIpRanges' - type: Array - description: - If not empty, this Forwarding Rule will only forward the traffic when the - source IP address matches one of the IP addresses or CIDR ranges set here. - Note that a Forwarding Rule can only have up to 64 source IP ranges, and - this field can only be used with a regional Forwarding Rule whose scheme - is EXTERNAL. Each sourceIpRange entry should be either an IP address (for - example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). - immutable: true - item_type: - type: String - - name: 'baseForwardingRule' - type: String - description: - '[Output Only] The URL for the corresponding base Forwarding Rule. By base - Forwarding Rule, we mean the Forwarding Rule that has the same IP address, - protocol, and port settings with the current Forwarding Rule, but without - sourceIPRanges specified. Always empty if the current Forwarding Rule does - not have sourceIPRanges specified.' - output: true - - name: 'allowPscGlobalAccess' - type: Boolean - description: - This is used in PSC consumer ForwardingRule to control whether the PSC - endpoint can be accessed from another region. - send_empty_value: true - update_url: 'projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}' - update_verb: 'PATCH' - update_id: 'allowPscGlobalAccess' - fingerprint_name: 'fingerprint' - - name: 'noAutomateDnsZone' - type: Boolean - description: - This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. - Non-PSC forwarding rules do not use this field. - immutable: true - ignore_read: true - send_empty_value: true - - name: 'ipVersion' - type: Enum - description: | - The IP address version that will be used by this forwarding rule. - Valid options are IPV4 and IPV6. - - If not set, the IPv4 address will be used by default. - immutable: true - default_from_api: true - enum_values: - - 'IPV4' - - 'IPV6' diff --git a/mmv1/products/compute/go_GlobalAddress.yaml b/mmv1/products/compute/go_GlobalAddress.yaml deleted file mode 100644 index 056511a5f12d..000000000000 --- a/mmv1/products/compute/go_GlobalAddress.yaml +++ /dev/null @@ -1,153 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'GlobalAddress' -kind: 'compute#address' -description: | - Represents a Global Address resource. Global addresses are used for - HTTP(S) load balancing. -references: - guides: - 'Reserving a Static External IP Address': 'https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address' - api: 'https://cloud.google.com/compute/docs/reference/v1/globalAddresses' -docs: -base_url: 'projects/{{project}}/global/addresses' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - pre_create: 'templates/terraform/pre_create/go/compute_global_address.go.tmpl' - post_create: 'templates/terraform/post_create/go/labels.tmpl' -examples: - - name: 'global_address_basic' - primary_resource_id: 'default' - vars: - global_address_name: 'global-appserver-ip' - - name: 'global_address_private_services_connect' - primary_resource_id: 'default' - min_version: 'beta' - vars: - global_address_name: 'global-psconnect-ip' - network_name: 'my-network-name' -parameters: -properties: - - name: 'address' - type: String - description: | - The IP address or beginning of the address range represented by this - resource. This can be supplied as an input to reserve a specific - address or omitted to allow GCP to choose a valid one for you. - default_from_api: true - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this address. A list of key->value pairs. - update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/global/addresses/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'ipVersion' - type: Enum - description: | - The IP Version that will be used by this address. The default value is `IPV4`. - diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("IPV4")' - enum_values: - - 'IPV4' - - 'IPV6' - - name: 'prefixLength' - type: Integer - description: | - The prefix length of the IP range. If not present, it means the - address field is a single IP address. - - This field is not applicable to addresses with addressType=INTERNAL - when purpose=PRIVATE_SERVICE_CONNECT - default_from_api: true - - name: 'addressType' - type: Enum - description: | - The type of the address to reserve. - - * EXTERNAL indicates public/external single IP address. - * INTERNAL indicates internal IP ranges belonging to some network. - diff_suppress_func: 'tpgresource.EmptyOrDefaultStringSuppress("EXTERNAL")' - default_value: "EXTERNAL" - enum_values: - - 'EXTERNAL' - - 'INTERNAL' - - name: 'purpose' - type: String - description: | - The purpose of the resource. Possible values include: - - * VPC_PEERING - for peer networks - - * PRIVATE_SERVICE_CONNECT - for ([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html) only) Private Service Connect networks - - name: 'network' - type: ResourceRef - description: | - The URL of the network in which to reserve the IP range. The IP range - must be in RFC1918 space. The network cannot be deleted if there are - any reserved IP ranges referring to it. - - This should only be set when using an Internal address. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_GlobalForwardingRule.yaml b/mmv1/products/compute/go_GlobalForwardingRule.yaml deleted file mode 100644 index 708e9064d70e..000000000000 --- a/mmv1/products/compute/go_GlobalForwardingRule.yaml +++ /dev/null @@ -1,522 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'GlobalForwardingRule' -kind: 'compute#forwardingRule' -description: | - Represents a GlobalForwardingRule resource. Global forwarding rules are - used to forward traffic to the correct load balancer for HTTP load - balancing. Global forwarding rules can only be used for HTTP load - balancing. - - For more information, see https://cloud.google.com/compute/docs/load-balancing/http/ -skip_attribution_label: true -docs: -base_url: 'projects/{{project}}/global/forwardingRules' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - post_create: 'templates/terraform/post_create/go/labels.tmpl' -legacy_long_form_project: true -examples: - - name: 'external_ssl_proxy_lb_mig_backend' - primary_resource_id: 'default' - vars: - ssl_proxy_xlb_network: 'ssl-proxy-xlb-network' - ssl_proxy_xlb_subnet: 'ssl-proxy-xlb-subnet' - ssl_proxy_xlb_ip: 'ssl-proxy-xlb-ip' - default_cert: 'default-cert' - test_proxy: 'test-proxy' - ssl_proxy_xlb_forwarding_rule: 'ssl-proxy-xlb-forwarding-rule' - ssl_proxy_xlb_backend_service: 'ssl-proxy-xlb-backend-service' - ssl_proxy_health_check: 'ssl-proxy-health-check' - ssl_proxy_xlb_mig_template: 'ssl-proxy-xlb-mig-template' - ssl_proxy_xlb_mig1: 'ssl-proxy-xlb-mig1' - ssl_proxy_xlb_fw_allow_hc: 'ssl-proxy-xlb-fw-allow-hc' - ignore_read_extra: - - 'port_range' - - 'target' - - 'ip_address' - skip_test: true - - name: 'external_tcp_proxy_lb_mig_backend' - primary_resource_id: 'default' - min_version: 'beta' - vars: - tcp_proxy_xlb_network: 'tcp-proxy-xlb-network' - tcp_proxy_xlb_subnet: 'tcp-proxy-xlb-subnet' - tcp_proxy_xlb_ip: 'tcp-proxy-xlb-ip' - tcp_proxy_xlb_forwarding_rule: 'tcp-proxy-xlb-forwarding-rule' - test_proxy_health_check: 'test-proxy-health-check' - tcp_proxy_xlb_backend_service: 'tcp-proxy-xlb-backend-service' - tcp_proxy_health_check: 'tcp-proxy-health-check' - tcp_proxy_xlb_mig_template: 'tcp-proxy-xlb-mig-template' - tcp_proxy_xlb_mig1: 'tcp-proxy-xlb-mig1' - tcp_proxy_xlb_fw_allow_hc: 'tcp-proxy-xlb-fw-allow-hc' - ignore_read_extra: - - 'port_range' - - 'target' - - 'ip_address' - - name: 'external_http_lb_mig_backend_custom_header' - primary_resource_id: 'default' - min_version: 'beta' - vars: - xlb_network_name: 'l7-xlb-network' - backend_subnet_name: 'l7-xlb-subnet' - address_name: 'l7-xlb-static-ip' - forwarding_rule_name: 'l7-xlb-forwarding-rule' - target_http_proxy_name: 'l7-xlb-target-http-proxy' - url_map_name: 'l7-xlb-url-map' - backend_service_name: 'l7-xlb-backend-service' - mig_template_name: 'l7-xlb-mig-template' - hc_name: 'l7-xlb-hc' - mig_name: 'l7-xlb-mig1' - fw_allow_hc_name: 'l7-xlb-fw-allow-hc' - ignore_read_extra: - - 'port_range' - - 'target' - - 'ip_address' - - name: 'global_forwarding_rule_http' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'global-rule' - http_proxy_name: 'target-proxy' - backend_service_name: 'backend' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'global_forwarding_rule_internal' - primary_resource_id: 'default' - min_version: 'beta' - vars: - forwarding_rule_name: 'global-rule' - http_proxy_name: 'target-proxy' - backend_service_name: 'backend' - igm_name: 'igm-internal' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'global_forwarding_rule_external_managed' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'global-rule' - http_proxy_name: 'target-proxy' - backend_service_name: 'backend' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'global_forwarding_rule_hybrid' - primary_resource_id: 'default' - vars: - forwarding_rule_name: 'global-rule' - http_proxy_name: 'target-proxy' - network_name: 'my-network' - internal_network_name: 'my-internal-network' - subnetwork_name: 'my-subnetwork' - default_backend_service_name: 'backend-default' - hybrid_backend_service_name: 'backend-hybrid' - internal_backend_service_name": 'backend-internal' - default_neg_name: 'default-neg' - hybrid_neg_name: 'hybrid-neg' - internal_neg_name: 'internal-neg' - health_check_name: 'health-check' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'global_internal_http_lb_with_mig_backend' - primary_resource_id: 'google_compute_forwarding_rule' - min_version: 'beta' - vars: - gilb_network_name: 'l7-gilb-network' - proxy_subnet_name: 'l7-gilb-proxy-subnet' - backend_subnet_name: 'l7-gilb-subnet' - forwarding_rule_name: 'l7-gilb-forwarding-rule' - target_http_proxy_name: 'l7-gilb-target-http-proxy' - url_map_name: 'l7-gilb-url-map' - backend_service_name: 'l7-gilb-backend-subnet' - mig_template_name: 'l7-gilb-mig-template' - hc_name: 'l7-gilb-hc' - mig_name: 'l7-gilb-mig1' - fw_allow_iap_hc_name: 'l7-gilb-fw-allow-iap-hc' - fw_allow_gilb_to_backends_name: 'l7-gilb-fw-allow-gilb-to-backends' - vm_test_name: 'l7-gilb-test-vm' - ignore_read_extra: - - 'port_range' - - 'target' - - name: 'private_service_connect_google_apis' - primary_resource_id: 'default' - min_version: 'beta' - vars: - network_name: 'my-network' - subnetwork_name: 'my-subnetwork' - global_address_name: 'global-psconnect-ip' - forwarding_rule_name: 'globalrule' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'ip_address' - - name: 'private_service_connect_google_apis_no_automate_dns' - primary_resource_id: 'default' - min_version: 'beta' - vars: - network_name: 'my-network' - subnetwork_name: 'my-subnetwork' - global_address_name: 'global-psconnect-ip' - forwarding_rule_name: 'globalrule' - test_env_vars: - project: 'PROJECT_NAME' - ignore_read_extra: - - 'ip_address' -parameters: -properties: - - name: 'pscConnectionId' - type: String - description: 'The PSC connection id of the PSC Forwarding Rule.' - output: true - - name: 'pscConnectionStatus' - type: String - description: - 'The PSC connection status of the PSC Forwarding Rule. Possible values: - `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - # This is a multi-resource resource reference (Address, GlobalAddress) - - name: 'IPAddress' - type: String - description: | - IP address for which this forwarding rule accepts traffic. When a client - sends traffic to this IP address, the forwarding rule directs the traffic - to the referenced `target`. - - While creating a forwarding rule, specifying an `IPAddress` is - required under the following circumstances: - - * When the `target` is set to `targetGrpcProxy` and - `validateForProxyless` is set to `true`, the - `IPAddress` should be set to `0.0.0.0`. - * When the `target` is a Private Service Connect Google APIs - bundle, you must specify an `IPAddress`. - - Otherwise, you can optionally specify an IP address that references an - existing static (reserved) IP address resource. When omitted, Google Cloud - assigns an ephemeral IP address. - - Use one of the following formats to specify an IP address while creating a - forwarding rule: - - * IP address number, as in `100.1.2.3` - * IPv6 address range, as in `2600:1234::/96` - * Full resource URL, as in - `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` - * Partial URL or by name, as in: - * `projects/project_id/regions/region/addresses/address-name` - * `regions/region/addresses/address-name` - * `global/addresses/address-name` - * `address-name` - - The forwarding rule's `target`, - and in most cases, also the `loadBalancingScheme`, determine the - type of IP address that you can use. For detailed information, see - [IP address - specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). - - When reading an `IPAddress`, the API always returns the IP - address number. - default_from_api: true - diff_suppress_func: 'InternalIpDiffSuppress' - - name: 'IPProtocol' - type: Enum - description: | - The IP protocol to which this rule applies. - - For protocol forwarding, valid - options are `TCP`, `UDP`, `ESP`, - `AH`, `SCTP`, `ICMP` and - `L3_DEFAULT`. - - The valid IP protocols are different for different load balancing products - as described in [Load balancing - features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). - default_from_api: true - diff_suppress_func: 'tpgresource.CaseDiffSuppress' - enum_values: - - 'TCP' - - 'UDP' - - 'ESP' - - 'AH' - - 'SCTP' - - 'ICMP' - - name: 'ipVersion' - type: Enum - description: | - The IP Version that will be used by this global forwarding rule. - enum_values: - - 'IPV4' - - 'IPV6' - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this forwarding rule. A list of key->value pairs. - update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'loadBalancingScheme' - type: Enum - description: | - Specifies the forwarding rule type. - - For more information about forwarding rules, refer to - [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). - default_value: "EXTERNAL" - enum_values: - - 'EXTERNAL' - - 'EXTERNAL_MANAGED' - - 'INTERNAL_MANAGED' - - 'INTERNAL_SELF_MANAGED' - - name: 'metadataFilters' - type: Array - description: | - Opaque filter criteria used by Loadbalancer to restrict routing - configuration to a limited set xDS compliant clients. In their xDS - requests to Loadbalancer, xDS clients present node metadata. If a - match takes place, the relevant routing configuration is made available - to those proxies. - - For each metadataFilter in this list, if its filterMatchCriteria is set - to MATCH_ANY, at least one of the filterLabels must match the - corresponding label provided in the metadata. If its filterMatchCriteria - is set to MATCH_ALL, then all of its filterLabels must match with - corresponding labels in the provided metadata. - - metadataFilters specified here can be overridden by those specified in - the UrlMap that this ForwardingRule references. - - metadataFilters only applies to Loadbalancers that have their - loadBalancingScheme set to INTERNAL_SELF_MANAGED. - item_type: - type: NestedObject - properties: - - name: 'filterMatchCriteria' - type: Enum - description: | - Specifies how individual filterLabel matches within the list of - filterLabels contribute towards the overall metadataFilter match. - - MATCH_ANY - At least one of the filterLabels must have a matching - label in the provided metadata. - MATCH_ALL - All filterLabels must have matching labels in the - provided metadata. - required: true - enum_values: - - 'MATCH_ANY' - - 'MATCH_ALL' - - name: 'filterLabels' - type: Array - description: | - The list of label value pairs that must match labels in the - provided metadata based on filterMatchCriteria - - This list must not be empty and can have at the most 64 entries. - required: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the metadata label. The length must be between - 1 and 1024 characters, inclusive. - required: true - - name: 'value' - type: String - description: | - The value that the label must match. The value has a maximum - length of 1024 characters. - required: true - min_size: 1 - max_size: 64 - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is created. - The name must be 1-63 characters long, and comply with - [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). - - Specifically, the name must be 1-63 characters long and match the regular - expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first - character must be a lowercase letter, and all following characters must - be a dash, lowercase letter, or digit, except the last character, which - cannot be a dash. - - For Private Service Connect forwarding rules that forward traffic to Google - APIs, the forwarding rule name must be a 1-20 characters string with - lowercase letters and numbers and must start with a letter. - required: true - - name: 'network' - type: ResourceRef - description: | - This field is not used for external load balancing. - - For Internal TCP/UDP Load Balancing, this field identifies the network that - the load balanced IP should belong to for this Forwarding Rule. - If the subnetwork is specified, the network of the subnetwork will be used. - If neither subnetwork nor this field is specified, the default network will - be used. - - For Private Service Connect forwarding rules that forward traffic to Google - APIs, a network must be provided. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'portRange' - type: String - description: | - The `portRange` field has the following limitations: - * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, - and - * It's applicable only to the following products: external passthrough - Network Load Balancers, internal and external proxy Network Load - Balancers, internal and external Application Load Balancers, external - protocol forwarding, and Classic VPN. - * Some products have restrictions on what ports can be used. See - [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) - for details. - - For external forwarding rules, two or more forwarding rules cannot use the - same `[IPAddress, IPProtocol]` pair, and cannot have overlapping - `portRange`s. - - For internal forwarding rules within the same VPC network, two or more - forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and - cannot have overlapping `portRange`s. - - @pattern: \d+(?:-\d+)? - diff_suppress_func: 'PortRangeDiffSuppress' - - name: 'subnetwork' - type: ResourceRef - description: | - This field identifies the subnetwork that the load balanced IP should - belong to for this Forwarding Rule, used in internal load balancing and - network load balancing with IPv6. - - If the network specified is in auto subnet mode, this field is optional. - However, a subnetwork must be specified if the network is in custom subnet - mode or when creating external forwarding rule with IPv6. - # This is a multi-resource resource reference (TargetHttp(s)Proxy, - # TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, - # TargetInstance) - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'target' - type: String - description: | - The URL of the target resource to receive the matched traffic. For - regional forwarding rules, this target must be in the same region as the - forwarding rule. For global forwarding rules, this target must be a global - load balancing resource. - - The forwarded traffic must be of a type appropriate to the target object. - * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). - * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: - * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). - * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). - - For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. - required: true - update_url: 'projects/{{project}}/global/forwardingRules/{{name}}/setTarget' - update_verb: 'POST' - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'serviceDirectoryRegistrations' - type: Array - description: | - Service Directory resources to register this forwarding rule with. - - Currently, only supports a single Service Directory resource. - immutable: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'namespace' - type: String - description: | - Service Directory namespace to register the forwarding rule under. - immutable: true - default_from_api: true - - name: 'serviceDirectoryRegion' - type: String - description: | - [Optional] Service Directory region to register this global forwarding rule under. - Default to "us-central1". Only used for PSC for Google APIs. All PSC for - Google APIs Forwarding Rules on the same network should use the same Service - Directory region. - immutable: true - min_size: 0 - max_size: 1 - - name: 'sourceIpRanges' - type: Array - description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). - immutable: true - item_type: - type: String - - name: 'baseForwardingRule' - type: String - description: '[Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.' - output: true - - name: 'allowPscGlobalAccess' - type: Boolean - description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. - min_version: 'beta' - - name: 'noAutomateDnsZone' - type: Boolean - description: - This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. - Non-PSC forwarding rules do not use this field. - immutable: true - ignore_read: true - send_empty_value: true diff --git a/mmv1/products/compute/go_GlobalNetworkEndpoint.yaml b/mmv1/products/compute/go_GlobalNetworkEndpoint.yaml deleted file mode 100644 index 6971b7160623..000000000000 --- a/mmv1/products/compute/go_GlobalNetworkEndpoint.yaml +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'GlobalNetworkEndpoint' -kind: 'compute#networkEndpoint' -description: | - A Global Network endpoint represents a IP address and port combination that exists outside of GCP. - **NOTE**: Global network endpoints cannot be created outside of a - global network endpoint group. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -docs: -id_format: '{{project}}/{{global_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' -base_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}' -self_link: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/listNetworkEndpoints' -create_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/attachNetworkEndpoints' -read_verb: 'POST' -delete_url: 'projects/{{project}}/global/networkEndpointGroups/{{global_network_endpoint_group}}/detachNetworkEndpoints' -delete_verb: 'POST' -immutable: true -mutex: 'networkEndpoint/{{project}}/{{global_network_endpoint_group}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - ipAddress - - fqdn - - port -nested_query: - keys: - - items - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_global_network_endpoint.go.tmpl' - decoder: 'templates/terraform/decoders/go/network_endpoint.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_global_network_endpoint.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/compute_global_network_endpoint.go.tmpl' -exclude_tgc: true -examples: - - name: 'global_network_endpoint' - primary_resource_id: 'default-endpoint' - vars: - neg_name: 'my-lb-neg' - skip_test: true -parameters: - - name: 'globalNetworkEndpointGroup' - type: ResourceRef - description: | - The global network endpoint group this endpoint is part of. - url_param_only: true - required: true - ignore_read: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - resource: 'GlobalNetworkEndpointGroup' - imports: 'name' -properties: - - name: 'port' - type: Integer - description: | - Port number of the external endpoint. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' - validation: - function: 'validation.IntAtLeast(1)' - - name: 'ipAddress' - type: String - description: | - IPv4 address external endpoint. - - name: 'fqdn' - type: String - description: | - Fully qualified domain name of network endpoint. - This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. - at_least_one_of: - - 'fqdn' - - 'ip_address' diff --git a/mmv1/products/compute/go_GlobalNetworkEndpointGroup.yaml b/mmv1/products/compute/go_GlobalNetworkEndpointGroup.yaml deleted file mode 100644 index fe76b39a76f3..000000000000 --- a/mmv1/products/compute/go_GlobalNetworkEndpointGroup.yaml +++ /dev/null @@ -1,94 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'GlobalNetworkEndpointGroup' -kind: 'compute#networkEndpointGroup' -description: | - A global network endpoint group contains endpoints that reside outside of Google Cloud. - Currently a global network endpoint group can only support a single endpoint. - - Recreating a global network endpoint group that's in use by another resource will give a - `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` - to avoid this type of error. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -docs: -base_url: 'projects/{{project}}/global/networkEndpointGroups' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'global_network_endpoint_group' - primary_resource_id: 'neg' - vars: - neg_name: 'my-lb-neg' - - name: 'global_network_endpoint_group_ip_address' - primary_resource_id: 'neg' - vars: - neg_name: 'my-lb-neg' -parameters: -properties: - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'networkEndpointType' - type: Enum - description: | - Type of network endpoints in this network endpoint group. - required: true - enum_values: - - 'INTERNET_IP_PORT' - - 'INTERNET_FQDN_PORT' - - name: 'defaultPort' - type: Integer - description: | - The default port used if the port number is not specified in the - network endpoint. diff --git a/mmv1/products/compute/go_HaVpnGateway.yaml b/mmv1/products/compute/go_HaVpnGateway.yaml deleted file mode 100644 index ec6ec91a0fa3..000000000000 --- a/mmv1/products/compute/go_HaVpnGateway.yaml +++ /dev/null @@ -1,174 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'HaVpnGateway' -kind: 'compute#vpnGateway' -description: | - Represents a VPN gateway running in GCP. This virtual device is managed - by Google, but used only by you. This type of VPN Gateway allows for the creation - of VPN solutions with higher availability than classic Target VPN Gateways. -references: - guides: - 'Choosing a VPN': 'https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn' - 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnGateways' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/vpnGateways' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'ha_vpn_gateway_basic' - primary_resource_id: 'ha_gateway1' - vars: - ha_vpn_gateway1_name: 'ha-vpn-1' - network1_name: 'network1' - - name: 'ha_vpn_gateway_ipv6' - primary_resource_id: 'ha_gateway1' - vars: - ha_vpn_gateway1_name: 'ha-vpn-1' - network1_name: 'network1' - - name: 'ha_vpn_gateway_gcp_to_gcp' - primary_resource_id: 'ha_gateway1' - vars: - ha_vpn_gateway1_name: 'ha-vpn-1' - network1_name: 'network1' - router1_name: 'ha-vpn-router1' - ha_vpn_gateway2_name: 'ha-vpn-2' - network2_name: 'network2' - router2_name: 'ha-vpn-router2' - skip_test: true - skip_docs: true - skip_vcr: true - - name: 'compute_ha_vpn_gateway_encrypted_interconnect' - primary_resource_id: 'vpn-gateway' - vars: - ha_vpn_gateway_name: 'test-ha-vpngw' - interconnect_attachment1_name: 'test-interconnect-attachment1' - interconnect_attachment2_name: 'test-interconnect-attachment2' - address1_name: 'test-address1' - address2_name: 'test-address2' - router_name: 'test-router' - network_name: 'test-network' - skip_test: true -parameters: - - name: 'region' - type: ResourceRef - description: | - The region this gateway should sit in. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' - - name: 'network' - type: ResourceRef - description: | - The network this VPN gateway is accepting traffic for. - required: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'stackType' - type: Enum - description: | - The stack type for this VPN gateway to identify the IP protocols that are enabled. - If not specified, IPV4_ONLY will be used. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "IPV4_ONLY" - enum_values: - - 'IPV4_ONLY' - - 'IPV4_IPV6' - - 'IPV6_ONLY' - - name: 'gatewayIpVersion' - type: Enum - description: | - The IP family of the gateway IPs for the HA-VPN gateway interfaces. If not specified, IPV4 will be used. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "IPV4" - enum_values: - - 'IPV4' - - 'IPV6' - - name: 'vpnInterfaces' - type: Array - description: | - A list of interfaces on this VPN gateway. - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'id' - type: Integer - description: 'The numeric ID of this VPN gateway interface.' - - name: 'ipAddress' - type: String - description: 'The external IP address for this VPN gateway interface.' - output: true - - name: 'interconnectAttachment' - type: ResourceRef - description: | - URL of the interconnect attachment resource. When the value - of this field is present, the VPN Gateway will be used for - IPsec-encrypted Cloud Interconnect; all Egress or Ingress - traffic for this VPN Gateway interface will go through the - specified interconnect attachment resource. - - Not currently available publicly. - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'InterconnectAttachment' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_HealthCheck.yaml b/mmv1/products/compute/go_HealthCheck.yaml deleted file mode 100644 index 43ef731d0ada..000000000000 --- a/mmv1/products/compute/go_HealthCheck.yaml +++ /dev/null @@ -1,885 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'HealthCheck' -kind: 'compute#healthCheck' -description: | - Health Checks determine whether instances are responsive and able to do work. - They are an important part of a comprehensive load balancing configuration, - as they enable monitoring instances behind load balancers. - - Health Checks poll instances at a specified interval. Instances that - do not respond successfully to some number of probes in a row are marked - as unhealthy. No new connections are sent to unhealthy instances, - though existing connections will continue. The health check will - continue to poll unhealthy instances. If an instance later responds - successfully to some number of consecutive probes, it is marked - healthy again and can receive new connections. - - ~>**NOTE**: Legacy HTTP(S) health checks must be used for target pool-based network - load balancers. See the [official guide](https://cloud.google.com/load-balancing/docs/health-check-concepts#selecting_hc) - for choosing a type of health check. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks' -docs: -base_url: 'projects/{{project}}/global/healthChecks' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/health_check.tmpl' - encoder: 'templates/terraform/encoders/go/health_check_type.tmpl' -custom_diff: - - 'healthCheckCustomizeDiff' -examples: - - name: 'health_check_tcp' - primary_resource_id: 'tcp-health-check' - vars: - health_check_name: 'tcp-health-check' - - name: 'health_check_tcp_full' - primary_resource_id: 'tcp-health-check' - vars: - health_check_name: 'tcp-health-check' - - name: 'health_check_ssl' - primary_resource_id: 'ssl-health-check' - vars: - health_check_name: 'ssl-health-check' - - name: 'health_check_ssl_full' - primary_resource_id: 'ssl-health-check' - vars: - health_check_name: 'ssl-health-check' - - name: 'health_check_http' - primary_resource_id: 'http-health-check' - vars: - health_check_name: 'http-health-check' - - name: 'health_check_http_full' - primary_resource_id: 'http-health-check' - vars: - health_check_name: 'http-health-check' - - name: 'health_check_https' - primary_resource_id: 'https-health-check' - vars: - health_check_name: 'https-health-check' - - name: 'health_check_https_full' - primary_resource_id: 'https-health-check' - vars: - health_check_name: 'https-health-check' - - name: 'health_check_http2' - primary_resource_id: 'http2-health-check' - vars: - health_check_name: 'http2-health-check' - - name: 'health_check_http2_full' - primary_resource_id: 'http2-health-check' - vars: - health_check_name: 'http2-health-check' - - name: 'health_check_grpc' - primary_resource_id: 'grpc-health-check' - vars: - health_check_name: 'grpc-health-check' - - name: 'health_check_grpc_full' - primary_resource_id: 'grpc-health-check' - vars: - health_check_name: 'grpc-health-check' - - name: 'health_check_with_logging' - primary_resource_id: 'health-check-with-logging' - min_version: 'beta' - vars: - health_check_name: 'tcp-health-check' - - name: 'compute_health_check_http_source_regions' - primary_resource_id: 'http-health-check-with-source-regions' - vars: - health_check_name: 'http-health-check' - - name: 'compute_health_check_https_source_regions' - primary_resource_id: 'https-health-check-with-source-regions' - vars: - health_check_name: 'https-health-check' - - name: 'compute_health_check_tcp_source_regions' - primary_resource_id: 'tcp-health-check-with-source-regions' - vars: - health_check_name: 'tcp-health-check' -parameters: -properties: - - name: 'checkIntervalSec' - type: Integer - description: | - How often (in seconds) to send a health check. The default value is 5 - seconds. - default_value: 5 - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - send_empty_value: true - - name: 'healthyThreshold' - type: Integer - description: | - A so-far unhealthy instance will be marked healthy after this many - consecutive successes. The default value is 2. - default_value: 2 - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - immutable: true - - name: 'timeoutSec' - type: Integer - description: | - How long (in seconds) to wait before claiming failure. - The default value is 5 seconds. It is invalid for timeoutSec to have - greater value than checkIntervalSec. - default_value: 5 - - name: 'sourceRegions' - type: Array - description: | - The list of cloud regions from which health checks are performed. If - any regions are specified, then exactly 3 regions should be specified. - The region names must be valid names of Google Cloud regions. This can - only be set for global health check. If this list is non-empty, then - there are restrictions on what other health check fields are supported - and what other resources can use this health check: - - * SSL, HTTP2, and GRPC protocols are not supported. - - * The TCP request field is not supported. - - * The proxyHeader field for HTTP, HTTPS, and TCP is not supported. - - * The checkIntervalSec field must be at least 30. - - * The health check cannot be used with BackendService nor with managed - instance group auto-healing. - item_type: - type: String - min_size: 3 - max_size: 3 - - name: 'unhealthyThreshold' - type: Integer - description: | - A so-far healthy instance will be marked unhealthy after this many - consecutive failures. The default value is 2. - default_value: 2 - - name: 'type' - type: Enum - description: |- - The type of the health check. One of HTTP, HTTPS, TCP, or SSL. - output: true - enum_values: - - 'TCP' - - 'SSL' - - 'HTTP' - - 'HTTPS' - - 'HTTP2' - - name: 'httpHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'host' - type: String - description: | - The value of the host header in the HTTP health check request. - If left empty (default value), the public IP on behalf of which this health - check is performed will be used. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'requestPath' - type: String - description: | - The request path of the HTTP health check request. - The default value is /. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - default_value: "/" - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTP health check request. - The default value is 80. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, HTTP health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'httpsHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'host' - type: String - description: | - The value of the host header in the HTTPS health check request. - If left empty (default value), the public IP on behalf of which this health - check is performed will be used. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'requestPath' - type: String - description: | - The request path of the HTTPS health check request. - The default value is /. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - default_value: "/" - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTPS health check request. - The default value is 443. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, HTTPS health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'tcpHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'request' - type: String - description: | - The application data to send once the TCP connection has been - established (default value is empty). If both request and response are - empty, the connection establishment alone will indicate health. The request - data can only be ASCII. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the TCP health check request. - The default value is 443. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, TCP health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'sslHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'request' - type: String - description: | - The application data to send once the SSL connection has been - established (default value is empty). If both request and response are - empty, the connection establishment alone will indicate health. The request - data can only be ASCII. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the SSL health check request. - The default value is 443. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, SSL health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'http2HealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'host' - type: String - description: | - The value of the host header in the HTTP2 health check request. - If left empty (default value), the public IP on behalf of which this health - check is performed will be used. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'requestPath' - type: String - description: | - The request path of the HTTP2 health check request. - The default value is /. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - default_value: "/" - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTP2 health check request. - The default value is 443. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, HTTP2 health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'grpcHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'port' - type: Integer - description: | - The port number for the health check request. - Must be specified if portName and portSpecification are not set - or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, gRPC health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'grpcServiceName' - type: String - description: | - The gRPC service name for the health check. - The value of grpcServiceName has the following meanings by convention: - - Empty serviceName means the overall status of all services at the backend. - - Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. - The grpcServiceName can only be ASCII. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - - name: 'logConfig' - type: NestedObject - description: | - Configure logging on this health check. - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/health_check_log_config.go.tmpl' - properties: - - name: 'enable' - type: Boolean - description: | - Indicates whether or not to export logs. This is false by default, - which means no health check logging will be done. - default_value: false diff --git a/mmv1/products/compute/go_HttpHealthCheck.yaml b/mmv1/products/compute/go_HttpHealthCheck.yaml deleted file mode 100644 index e88b8fa0d9a8..000000000000 --- a/mmv1/products/compute/go_HttpHealthCheck.yaml +++ /dev/null @@ -1,124 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'HttpHealthCheck' -kind: 'compute#httpHealthCheck' -description: | - An HttpHealthCheck resource. This resource defines a template for how - individual VMs should be checked for health, via HTTP. - - ~> **Note:** google_compute_http_health_check is a legacy health check. - The newer [google_compute_health_check](/docs/providers/google/r/compute_health_check.html) - should be preferred for all uses except - [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) - which still require the legacy version. -references: - guides: - 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' - api: 'https://cloud.google.com/compute/docs/reference/v1/httpHealthChecks' -docs: -base_url: 'projects/{{project}}/global/httpHealthChecks' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'http_health_check_basic' - primary_resource_id: 'default' - vars: - http_health_check_name: 'authentication-health-check' -parameters: -properties: - - name: 'checkIntervalSec' - type: Integer - description: | - How often (in seconds) to send a health check. The default value is 5 - seconds. - default_value: 5 - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'healthyThreshold' - type: Integer - description: | - A so-far unhealthy instance will be marked healthy after this many - consecutive successes. The default value is 2. - default_value: 2 - - name: 'host' - type: String - description: | - The value of the host header in the HTTP health check request. If - left empty (default value), the public IP on behalf of which this - health check is performed will be used. - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - immutable: true - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTP health check request. - The default value is 80. - default_value: 80 - - name: 'requestPath' - type: String - description: | - The request path of the HTTP health check request. - The default value is /. - default_value: "/" - - name: 'timeoutSec' - type: Integer - description: | - How long (in seconds) to wait before claiming failure. - The default value is 5 seconds. It is invalid for timeoutSec to have - greater value than checkIntervalSec. - default_value: 5 - - name: 'unhealthyThreshold' - type: Integer - description: | - A so-far healthy instance will be marked unhealthy after this many - consecutive failures. The default value is 2. - default_value: 2 diff --git a/mmv1/products/compute/go_HttpsHealthCheck.yaml b/mmv1/products/compute/go_HttpsHealthCheck.yaml deleted file mode 100644 index 26ae15e47605..000000000000 --- a/mmv1/products/compute/go_HttpsHealthCheck.yaml +++ /dev/null @@ -1,124 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'HttpsHealthCheck' -kind: 'compute#httpsHealthCheck' -description: | - An HttpsHealthCheck resource. This resource defines a template for how - individual VMs should be checked for health, via HTTPS. - - ~> **Note:** google_compute_https_health_check is a legacy health check. - The newer [google_compute_health_check](/docs/providers/google/r/compute_health_check.html) - should be preferred for all uses except - [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) - which still require the legacy version. -references: - guides: - 'Adding Health Checks': 'https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks' - api: 'https://cloud.google.com/compute/docs/reference/v1/httpsHealthChecks' -docs: -base_url: 'projects/{{project}}/global/httpsHealthChecks' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'https_health_check_basic' - primary_resource_id: 'default' - vars: - https_health_check_name: 'authentication-health-check' -parameters: -properties: - - name: 'checkIntervalSec' - type: Integer - description: | - How often (in seconds) to send a health check. The default value is 5 - seconds. - default_value: 5 - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'healthyThreshold' - type: Integer - description: | - A so-far unhealthy instance will be marked healthy after this many - consecutive successes. The default value is 2. - default_value: 2 - - name: 'host' - type: String - description: | - The value of the host header in the HTTPS health check request. If - left empty (default value), the public IP on behalf of which this - health check is performed will be used. - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - immutable: true - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTPS health check request. - The default value is 443. - default_value: 443 - - name: 'requestPath' - type: String - description: | - The request path of the HTTPS health check request. - The default value is /. - default_value: "/" - - name: 'timeoutSec' - type: Integer - description: | - How long (in seconds) to wait before claiming failure. - The default value is 5 seconds. It is invalid for timeoutSec to have - greater value than checkIntervalSec. - default_value: 5 - - name: 'unhealthyThreshold' - type: Integer - description: | - A so-far healthy instance will be marked unhealthy after this many - consecutive failures. The default value is 2. - default_value: 2 diff --git a/mmv1/products/compute/go_Image.yaml b/mmv1/products/compute/go_Image.yaml deleted file mode 100644 index a69df4bbe8b3..000000000000 --- a/mmv1/products/compute/go_Image.yaml +++ /dev/null @@ -1,276 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Image' -kind: 'compute#image' -description: | - Represents an Image resource. - - Google Compute Engine uses operating system images to create the root - persistent disks for your instances. You specify an image when you create - an instance. Images contain a boot loader, an operating system, and a - root file system. Linux operating system images are also capable of - running containers on Compute Engine. - - Images can be either public or custom. - - Public images are provided and maintained by Google, open-source - communities, and third-party vendors. By default, all projects have - access to these images and can use them to create instances. Custom - images are available only to your project. You can create a custom image - from root persistent disks and other images. Then, use the custom image - to create an instance. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/images' - api: 'https://cloud.google.com/compute/docs/reference/v1/images' -docs: -base_url: 'projects/{{project}}/global/images' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - allowed_iam_role: 'roles/compute.imageUser' - parent_resource_attribute: 'image' - iam_conditions_request_type: 'QUERY_PARAM' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: -examples: - - name: 'image_basic' - primary_resource_id: 'example' - primary_resource_name: 'fmt.Sprintf("tf-test-example-image%s", context["random_suffix"])' - vars: - image_name: 'example-image' - - name: 'image_guest_os' - primary_resource_id: 'example' - vars: - image_name: 'example-image' - - name: 'image_basic_storage_location' - primary_resource_id: 'example' - vars: - image_name: 'example-sl-image' - primary_resource_name: 'fmt.Sprintf("tf-test-sl-example-image%s", context["random_suffix"])' -parameters: -properties: - - name: 'archiveSizeBytes' - type: Integer - description: | - Size of the image tar.gz archive stored in Google Cloud Storage (in - bytes). - output: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'storageLocations' - type: Array - description: | - Cloud Storage bucket storage location of the image - (regional or multi-regional). - Reference link: https://cloud.google.com/compute/docs/reference/rest/v1/images - default_from_api: true - item_type: - type: String - - name: 'diskSizeGb' - type: Integer - description: | - Size of the image when restored onto a persistent disk (in GB). - # TODO(alexstephen): Build family support. - # Families use a different API - default_from_api: true - - name: 'family' - type: String - description: | - The name of the image family to which this image belongs. You can - create disks by specifying an image family instead of a specific - image name. The image family always returns its latest image that is - not deprecated. The name of the image family must comply with - RFC1035. - - name: 'guestOsFeatures' - type: Array - description: | - A list of features to enable on the guest operating system. - Applicable only for bootable images. - is_set: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: Enum - description: | - The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - required: true - enum_values: - - 'MULTI_IP_SUBNET' - - 'SECURE_BOOT' - - 'SEV_CAPABLE' - - 'UEFI_COMPATIBLE' - - 'VIRTIO_SCSI_MULTIQUEUE' - - 'WINDOWS' - - 'GVNIC' - - 'SEV_LIVE_MIGRATABLE' - - 'SEV_SNP_CAPABLE' - - 'SUSPEND_RESUME_COMPATIBLE' - - 'TDX_CAPABLE' - - 'SEV_LIVE_MIGRATABLE_V2' - - name: 'imageEncryptionKey' - type: NestedObject - description: | - Encrypts the image using a customer-supplied encryption key. - - After you encrypt an image with a customer-supplied key, you must - provide the same key if you use the image later (e.g. to create a - disk from the image) - properties: - - name: 'kmsKeySelfLink' - type: String - description: | - The self link of the encryption key that is stored in Google Cloud - KMS. - api_name: kmsKeyName - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - custom_flatten: 'templates/terraform/custom_flatten/go/image_kms_key_name.go.tmpl' - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account being used for the encryption request for the - given KMS key. If absent, the Compute Engine default service - account is used. - - name: 'labels' - type: KeyValueLabels - description: Labels to apply to this Image. - update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/global/images/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'licenses' - type: Array - description: Any applicable license URI. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'license' - type: ResourceRef - description: 'An applicable license URI' - resource: 'License' - imports: 'selfLink' - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - - name: 'rawDisk' - type: NestedObject - description: The parameters of the raw disk image. - ignore_read: true - properties: - - name: 'containerType' - type: Enum - description: | - The format used to encode and transmit the block device, which - should be TAR. This is just a container and transmission format - and not a runtime format. Provided by the client when the disk - image is created. - default_value: "TAR" - enum_values: - - 'TAR' - - name: 'sha1' - type: String - description: | - An optional SHA1 checksum of the disk image before unpackaging. - This is provided by the client when the disk image is created. - # TODO(alexstephen): Figure out cross-module ResourceRefs - api_name: sha1Checksum - - name: 'source' - type: String - description: | - The full Google Cloud Storage URL where disk storage is stored - You must provide either this property or the sourceDisk property - but not both. - required: true - - name: 'sourceDisk' - type: ResourceRef - description: | - The source disk to create this image based on. - You must provide either this property or the - rawDisk.source property but not both to create an image. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Disk' - imports: 'selfLink' - - name: 'sourceImage' - type: ResourceRef - description: | - URL of the source image used to create this image. In order to create an image, you must provide the full or partial - URL of one of the following: - - * The selfLink URL - * This property - * The rawDisk.source URL - * The sourceDisk URL - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Image' - imports: 'selfLink' - - name: 'sourceSnapshot' - type: ResourceRef - description: | - URL of the source snapshot used to create this image. - - In order to create an image, you must provide the full or partial URL of one of the following: - - * The selfLink URL - * This property - * The sourceImage URL - * The rawDisk.source URL - * The sourceDisk URL - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Snapshot' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_Instance.yaml b/mmv1/products/compute/go_Instance.yaml deleted file mode 100644 index 5d2eba3bf9d1..000000000000 --- a/mmv1/products/compute/go_Instance.yaml +++ /dev/null @@ -1,670 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Instance' -kind: 'compute#instance' -description: | - An instance is a virtual machine (VM) hosted on Google's infrastructure. -exclude_resource: true -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/instances' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - allowed_iam_role: 'roles/compute.osLogin' - parent_resource_attribute: 'instance_name' - iam_conditions_request_type: 'QUERY_PARAM' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: -examples: - - name: 'instance_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' - vars: - instance_name: 'my-instance' -parameters: - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the machine resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'canIpForward' - type: Boolean - description: | - Allows this instance to send and receive packets with non-matching - destination or source IPs. This is required if you plan to use this - instance to forward routes. - - name: 'cpuPlatform' - type: String - description: The CPU platform used by this instance. - output: true - - name: 'creationTimestamp' - type: String - description: Creation timestamp in RFC3339 text format. - output: true - - name: 'deletionProtection' - type: Boolean - description: Whether the resource should be protected against deletion. - # The code for this update is custom because MM doesn't support - # sending empty bodies + the new option as a request parameter. - update_url: '/projects/{{project}}/zones/{{zone}}/instances/{resourceId}/setDeletionProtection' - update_verb: 'POST' - - name: 'disks' - type: Array - description: | - An array of disks that are associated with the instances that are - created from this template. - immutable: true - item_type: - type: NestedObject - properties: - - name: 'autoDelete' - type: Boolean - description: | - Specifies whether the disk will be auto-deleted when the - instance is deleted (but not when the disk is detached from - the instance). - - Tip: Disks should be set to autoDelete=true - so that leftover disks are not left behind on machine - deletion. - - name: 'boot' - type: Boolean - description: | - Indicates that this is a boot disk. The virtual machine will - use the first partition of the disk for its root filesystem. - - name: 'deviceName' - type: String - description: | - Specifies a unique device name of your choice that is - reflected into the /dev/disk/by-id/google-* tree of a Linux - operating system running within the instance. This name can - be used to reference the device for mounting, resizing, and - so on, from within the instance. - - name: 'diskEncryptionKey' - type: NestedObject - description: | - Encrypts or decrypts a disk using a customer-supplied - encryption key. - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, - encoded in RFC 4648 base64 to either encrypt or decrypt - this resource. - - name: 'rsaEncryptedKey' - type: String - description: | - Specifies an RFC 4648 base64 encoded, RSA-wrapped - 2048-bit customer-supplied encryption key to either - encrypt or decrypt this resource. - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the - customer-supplied encryption key that protects this - resource. - output: true - - name: 'index' - type: Integer - description: | - Assigns a zero-based index to this disk, where 0 is - reserved for the boot disk. For example, if you have many - disks attached to an instance, each disk would have a - unique index number. If not specified, the server will - choose an appropriate value. - - name: 'initializeParams' - type: NestedObject - description: | - Specifies the parameters for a new disk that will be - created alongside the new instance. Use initialization - parameters to create boot disks or local SSDs attached to - the new instance. - immutable: true - properties: - - name: 'diskName' - type: String - description: | - Specifies the disk name. If not specified, the default - is to use the name of the instance. - - name: 'diskSizeGb' - type: Integer - description: Specifies the size of the disk in base-2 GB. - # diskStorageType - deprecated - - name: 'diskType' - type: ResourceRef - description: | - Reference to a disk type. - Specifies the disk type to use to create the instance. - If not specified, the default is pd-standard. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'DiskType' - imports: 'selfLink' - - name: 'sourceImage' - type: String - description: | - The source image to create this disk. When creating a - new instance, one of initializeParams.sourceImage or - disks.source is required. To create a disk with one of - the public operating system images, specify the image - by its family name. - - name: 'provisionedIops' - type: Integer - description: | - Indicates how many IOPS to provision for the disk. This - sets the number of I/O operations per second that the - disk can handle. Note: Updating currently is only supported for - hyperdisk skus via disk update api/gcloud without the need to - delete and recreate the disk, hyperdisk allows for an update of - IOPS every 4 hours. To update your hyperdisk more frequently, - you'll need to manually delete and recreate it. - - name: 'provisionedThroughput' - type: Integer - description: | - Indicates how much throughput to provision for the disk. - This sets the number of throughput mb per second that - the disk can handle. Note: Updating currently is only supported - for hyperdisk skus via disk update api/gcloud without the need - to delete and recreate the disk, hyperdisk allows for an update - of throughput every 4 hours. To update your hyperdisk more - frequently, you'll need to manually delete and recreate it. - - name: 'enableConfidentialCompute' - type: Boolean - description: | - Whether this disk is using confidential compute mode. - Note: Only supported on hyperdisk skus, disk_encryption_key - is required when setting to true. - - name: 'sourceImageEncryptionKey' - type: NestedObject - description: | - The customer-supplied encryption key of the source - image. Required if the source image is protected by a - customer-supplied encryption key. - - Instance templates do not store customer-supplied - encryption keys, so you cannot create disks for - instances in a managed instance group if the source - images are encrypted with your own keys. - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption - key, encoded in RFC 4648 base64 to either encrypt - or decrypt this resource. - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the - customer-supplied encryption key that protects this - resource. - output: true - - name: 'storagePool' - type: String - description: | - The URL of the storage pool in which the new disk is created. - For example: - * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/storagePools/{storagePool} - * /projects/{project}/zones/{zone}/storagePools/{storagePool} - required: false - immutable: true - - name: 'interface' - type: Enum - description: | - Specifies the disk interface to use for attaching this - disk, which is either SCSI or NVME. The default is SCSI. - Persistent disks must always use SCSI and the request will - fail if you attempt to attach a persistent disk in any - other format than SCSI. - enum_values: - - 'SCSI' - - 'NVME' - - name: 'mode' - type: Enum - description: | - The mode in which to attach this disk, either READ_WRITE or - READ_ONLY. If not specified, the default is to attach the - disk in READ_WRITE mode. - enum_values: - - 'READ_WRITE' - - 'READ_ONLY' - - name: 'source' - type: ResourceRef - description: | - Reference to a disk. When creating a new instance, - one of initializeParams.sourceImage or disks.source is required. - - If desired, you can also attach existing non-root - persistent disks using this property. This field is only - applicable for persistent disks. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Disk' - imports: 'selfLink' - - name: 'type' - type: Enum - description: | - Specifies the type of the disk, either SCRATCH or - PERSISTENT. If not specified, the default is PERSISTENT. - enum_values: - - 'SCRATCH' - - 'PERSISTENT' - - name: 'licenses' - type: Array - description: 'Any applicable publicly visible licenses.' - output: true - item_type: - type: String - - name: 'guestAccelerators' - type: Array - description: | - List of the type and count of accelerator cards attached to the - instance - item_type: - type: NestedObject - properties: - - name: 'acceleratorCount' - type: Integer - description: | - The number of the guest accelerator cards exposed to this - instance. - # TODO(alexstephen): Change to ResourceRef once AcceleratorType is - # created. - - name: 'acceleratorType' - type: String - description: | - Full or partial URL of the accelerator type resource to expose - to this instance. - - name: 'hostname' - type: String - description: | - The hostname of the instance to be created. The specified hostname - must be RFC1035 compliant. If hostname is not specified, the default - hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the - global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when - using zonal DNS. - - name: 'id' - type: Integer - description: | - The unique identifier for the resource. This identifier is defined by - the server. - output: true - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this instance. A list of key->value pairs. - update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setLabels' - update_verb: 'POST' - - name: 'metadata' - type: KeyValuePairs - description: | - The metadata key/value pairs to assign to instances that are - created from this template. These pairs can consist of custom - metadata or predefined keys. - - name: 'machineType' - type: ResourceRef - description: 'A reference to a machine type which defines VM kind.' - update_url: 'projects/{{project}}/zones/{{zone}}/instances/{{name}}/setMachineType' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'MachineType' - imports: 'selfLink' - - name: 'minCpuPlatform' - type: String - description: | - Specifies a minimum CPU platform for the VM instance. Applicable - values are the friendly names of CPU platforms - - name: 'name' - type: String - description: | - The name of the resource, provided by the client when initially - creating the resource. The resource name must be 1-63 characters long, - and comply with RFC1035. Specifically, the name must be 1-63 - characters long and match the regular expression - `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a - lowercase letter, and all following characters must be a dash, - lowercase letter, or digit, except the last character, which cannot - be a dash. - - name: 'networkInterfaces' - type: Array - description: | - An array of configurations for this interface. This specifies - how this interface is configured to interact with other - network services, such as connecting to the internet. Only - one network interface is supported per instance. - item_type: - type: NestedObject - properties: - - name: 'accessConfigs' - type: Array - description: | - An array of configurations for this interface. Currently, only - one access config, ONE_TO_ONE_NAT, is supported. If there are no - accessConfigs specified, then this instance will have no - external internet access. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name of this access configuration. The - default and recommended name is External NAT but you can - use any arbitrary string you would like. For example, My - external IP or Network Access. - required: true - - name: 'natIP' - type: ResourceRef - description: | - Reference to an address. - An external IP address associated with this instance. - Specify an unused static external IP address available to - the project or leave this field undefined to use an IP - from a shared ephemeral IP address pool. If you specify a - static external IP address, it must live in the same - region as the zone of the instance. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Address' - imports: 'address' - - name: 'type' - type: Enum - description: | - The type of configuration. The default and only option is - ONE_TO_ONE_NAT. - required: true - enum_values: - - 'ONE_TO_ONE_NAT' - - name: 'setPublicPtr' - type: Boolean - description: | - Specifies whether a public DNS PTR record should be - created to map the external IP address of the instance - to a DNS domain name. - - name: 'publicPtrDomainName' - type: String - description: | - The DNS domain name for the public PTR record. You can - set this field only if the setPublicPtr field is - enabled. - - name: 'networkTier' - type: Enum - description: | - This signifies the networking tier used for configuring - this access configuration. If an AccessConfig is - specified without a valid external IP address, an - ephemeral IP will be created with this networkTier. If an - AccessConfig with a valid external IP address is - specified, it must match that of the networkTier - associated with the Address resource owning that IP. - enum_values: - - 'PREMIUM' - - 'STANDARD' - - name: 'aliasIpRanges' - type: Array - description: | - An array of alias IP ranges for this network interface. Can - only be specified for network interfaces on subnet-mode - networks. - item_type: - type: NestedObject - properties: - - name: 'ipCidrRange' - type: String - description: | - The IP CIDR range represented by this alias IP range. - This IP CIDR range must belong to the specified - subnetwork and cannot contain IP addresses reserved by - system or used by other network interfaces. This range - may be a single IP address (e.g. 10.2.3.4), a netmask - (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24). - - name: 'subnetworkRangeName' - type: String - description: | - Optional subnetwork secondary range name specifying - the secondary range from which to allocate the IP - CIDR range for this alias IP range. If left - unspecified, the primary range of the subnetwork will - be used. - - name: 'internalIpv6PrefixLength' - type: String - description: | - The prefix length of the primary internal IPv6 range. - - name: 'ipv6Address' - type: String - description: | - An IPv6 internal network address for this network interface. - If not specified, Google Cloud will automatically assign an - internal IPv6 address from the instance's subnetwork. - - name: 'name' - type: String - description: | - The name of the network interface, generated by the - server. For network devices, these are eth0, eth1, etc - output: true - - name: 'network' - type: ResourceRef - description: | - Specifies the title of an existing network. When creating - an instance, if neither the network nor the subnetwork is specified, - the default network global/networks/default is used; if the network - is not specified but the subnetwork is specified, the network is - inferred. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'networkIP' - type: String - description: | - An IPv4 internal network address to assign to the - instance for this network interface. If not specified - by the user, an unused internal IP is assigned by the - system. - - name: 'subnetwork' - type: ResourceRef - description: | - Reference to a VPC network. - If the network resource is in legacy mode, do not - provide this property. If the network is in auto - subnet mode, providing the subnetwork is optional. If - the network is in custom subnet mode, then this field - should be specified. - # networkInterfaces.kind is not necessary for convergence. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'networkAttachment' - type: ResourceRef - description: | - The URL of the network attachment that this interface should connect to in the following format: - projects/{projectNumber}/regions/{region_name}/networkAttachments/{network_attachment_name}. - resource: 'networkAttachment' - imports: 'selfLink' - - name: 'scheduling' - type: NestedObject - description: Sets the scheduling options for this instance. - properties: - - name: 'automaticRestart' - type: Boolean - description: | - Specifies whether the instance should be automatically restarted - if it is terminated by Compute Engine (not terminated by a user). - You can only set the automatic restart option for standard - instances. Preemptible instances cannot be automatically - restarted. - - name: 'onHostMaintenance' - type: String - description: | - Defines the maintenance behavior for this instance. For standard - instances, the default behavior is MIGRATE. For preemptible - instances, the default and only possible behavior is TERMINATE. - For more information, see Setting Instance Scheduling Options. - - name: 'preemptible' - type: Boolean - description: | - Defines whether the instance is preemptible. This can only be set - during instance creation, it cannot be set or changed after the - instance has been created. - - name: 'serviceAccounts' - type: Array - description: | - A list of service accounts, with their specified scopes, authorized - for this instance. Only one service account per VM instance is - supported. - item_type: - type: NestedObject - properties: - - name: 'email' - type: String - description: Email address of the service account. - - name: 'scopes' - type: Array - description: | - The list of scopes to be made available for this service - account. - item_type: - type: String - - name: 'shieldedInstanceConfig' - type: NestedObject - description: - Configuration for various parameters related to shielded instances. - # The code for this update method is custom because MM does not support - # sending just the nested properties - update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' - update_verb: 'PATCH' - properties: - - name: 'enableSecureBoot' - type: Boolean - description: Defines whether the instance has Secure Boot enabled. - update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' - update_verb: 'PATCH' - - name: 'enableVtpm' - type: Boolean - description: Defines whether the instance has the vTPM enabled - update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' - update_verb: 'PATCH' - - name: 'enableIntegrityMonitoring' - type: Boolean - description: - Defines whether the instance has integrity monitoring enabled. - update_url: 'projects/{{project}}/instances/{{name}}/updateShieldedInstanceConfig' - update_verb: 'PATCH' - - name: 'confidentialInstanceConfig' - type: NestedObject - description: - 'Configuration for confidential computing (requires setting the machine - type to any of the n2d-* types and a boot disk of type pd-ssd).' - properties: - - name: 'enableConfidentialCompute' - type: Boolean - description: Enables confidential computing with AMD SEV. - at_least_one_of: - - 'confidential_instance_config.0.enable_confidential_compute' - - 'confidential_instance_config.0.confidential_instance_type' - deprecation_message: '`enableConfidentialCompute` is deprecated and will be removed in a future major release. Use `confidentialInstanceType: SEV` instead.' - - name: 'confidentialInstanceType' - type: Enum - description: | - The confidential computing technology the instance uses. - SEV is an AMD feature. TDX is an Intel feature. One of the following - values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = - "AMD Milan" is currently required. TDX is only available in beta. - at_least_one_of: - - 'confidential_instance_config.0.enable_confidential_compute' - - 'confidential_instance_config.0.confidential_instance_type' - enum_values: - - 'SEV' - - 'SEV_SNP' - - 'TDX' - - name: 'status' - type: Enum - description: | - The status of the instance. One of the following values: - PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, - and TERMINATED. - - As a user, use RUNNING to keep a machine "on" and TERMINATED to - turn a machine off - # GCP API shows this as output: true. - # This is incorrect because you can make actions on the Instance (start, stop) - # In an idempotent world, the best way to express these actions is to - # change the status value. - enum_values: - - 'PROVISIONING' - - 'STAGING' - - 'RUNNING' - - 'STOPPING' - - 'SUSPENDING' - - 'SUSPENDED' - - 'TERMINATED' - - name: 'statusMessage' - type: String - description: An optional, human-readable explanation of the status. - output: true - - name: 'tags' - type: NestedObject - description: | - A list of tags to apply to this instance. Tags are used to identify - valid sources or targets for network firewalls and are specified by - the client during instance creation. The tags can be later modified - by the setTags method. Each tag within the list must comply with - RFC1035. - properties: - - name: 'fingerprint' - type: String - description: | - Specifies a fingerprint for this request, which is essentially a - hash of the metadata's contents and used for optimistic locking. - The fingerprint is initially generated by Compute Engine and - changes after every request to modify or update metadata. You - must always provide an up-to-date fingerprint hash in order to - update or change metadata. - - name: 'items' - type: Array - description: | - An array of tags. Each tag must be 1-63 characters long, and - comply with RFC1035. - item_type: - type: String diff --git a/mmv1/products/compute/go_InstanceGroup.yaml b/mmv1/products/compute/go_InstanceGroup.yaml deleted file mode 100644 index f647746e873c..000000000000 --- a/mmv1/products/compute/go_InstanceGroup.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InstanceGroup' -kind: 'compute#instanceGroup' -description: | - Represents an Instance Group resource. Instance groups are self-managed - and can contain identical or different instances. Instance groups do not - use an instance template. Unlike managed instance groups, you must create - and add instances to an instance group manually. -exclude: true -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -parameters: - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the instance group resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - # 'fingerprint' not applicable to state convergence. - - name: 'id' - type: Integer - description: 'A unique identifier for this instance group.' - output: true - - name: 'name' - type: String - description: | - The name of the instance group. - The name must be 1-63 characters long, and comply with RFC1035. - - name: 'namedPorts' - type: Array - description: | - Assigns a name to a port number. - For example: {name: "http", port: 80}. - - This allows the system to reference ports by the assigned name - instead of a port number. Named ports can also contain multiple - ports. - - For example: [{name: "http", port: 80},{name: "http", port: 8080}] - - Named ports apply to all instances in this instance group. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name for this named port. - The name must be 1-63 characters long, and comply with RFC1035. - - name: 'port' - type: Integer - description: | - The port number, which can be a value between 1 and 65535. - - name: 'network' - type: ResourceRef - description: | - The network to which all instances in the instance group belong. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'region' - type: ResourceRef - description: | - The region where the instance group is located - (for regional resources). - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'selfLink' - - name: 'subnetwork' - type: ResourceRef - description: | - The subnetwork to which all instances in the instance group belong. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_InstanceGroupManager.yaml b/mmv1/products/compute/go_InstanceGroupManager.yaml deleted file mode 100644 index 395d3d79857c..000000000000 --- a/mmv1/products/compute/go_InstanceGroupManager.yaml +++ /dev/null @@ -1,220 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InstanceGroupManager' -kind: 'compute#instanceGroupManager' -description: | - Creates a managed instance group using the information that you specify in - the request. After the group is created, it schedules an action to create - instances in the group using the specified instance template. This - operation is marked as DONE when the group is created even if the - instances in the group have not yet been created. You must separately - verify the status of the individual instances. - - A managed instance group can have up to 1000 VM instances per group. -exclude: true -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -parameters: - - name: 'zone' - type: ResourceRef - description: 'The zone the managed instance group resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'baseInstanceName' - type: String - description: | - The base instance name to use for instances in this group. The value - must be 1-58 characters long. Instances are named by appending a - hyphen and a random four-character string to the base instance name. - The base instance name must comply with RFC1035. - required: true - - name: 'creationTimestamp' - type: Time - description: | - The creation timestamp for this managed instance group in RFC3339 - text format. - output: true - - name: 'currentActions' - type: NestedObject - description: | - The list of instance actions and the number of instances in this - managed instance group that are scheduled for each of those actions. - output: true - properties: - - name: 'abandoning' - type: Integer - description: | - The total number of instances in the managed instance group that - are scheduled to be abandoned. Abandoning an instance removes it - from the managed instance group without deleting it. - output: true - - name: 'creating' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be created or are currently being created. If the - group fails to create any of these instances, it tries again until - it creates the instance successfully. - - If you have disabled creation retries, this field will not be - populated; instead, the creatingWithoutRetries field will be - populated. - output: true - - name: 'creatingWithoutRetries' - type: Integer - description: | - The number of instances that the managed instance group will - attempt to create. The group attempts to create each instance only - once. If the group fails to create any of these instances, it - decreases the group's targetSize value accordingly. - output: true - - name: 'deleting' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be deleted or are currently being deleted. - output: true - - name: 'none' - type: Integer - description: | - The number of instances in the managed instance group that are - running and have no scheduled actions. - output: true - - name: 'recreating' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be recreated or are currently being being recreated. - Recreating an instance deletes the existing root persistent disk - and creates a new disk from the image that is defined in the - instance template. - output: true - - name: 'refreshing' - type: Integer - description: | - The number of instances in the managed instance group that are - being reconfigured with properties that do not require a restart - or a recreate action. For example, setting or removing target - pools for the instance. - output: true - - name: 'restarting' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be restarted or are currently being restarted. - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - immutable: true - - name: 'id' - type: Integer - description: 'A unique identifier for this resource' - output: true - - name: 'instanceGroup' - type: ResourceRef - description: 'The instance group being managed' - output: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'InstanceGroup' - imports: 'selfLink' - - name: 'instanceTemplate' - type: ResourceRef - description: | - The instance template that is specified for this managed instance - group. The group uses this template to create all new instances in the - managed instance group. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'InstanceTemplate' - imports: 'selfLink' - - name: 'name' - type: String - description: | - The name of the managed instance group. The name must be 1-63 - characters long, and comply with RFC1035. - required: true - - name: 'namedPorts' - type: Array - description: - Named ports configured for the Instance Groups complementary to this - Instance Group Manager. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name for this named port. The name must be 1-63 characters - long, and comply with RFC1035. - - name: 'port' - type: Integer - description: - The port number, which can be a value between 1 and 65535. - - name: 'region' - type: ResourceRef - description: | - The region this managed instance group resides - (for regional resources). - output: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'selfLink' - - name: 'targetPools' - type: Array - description: | - TargetPool resources to which instances in the instanceGroup field are - added. The target pools automatically apply to all of the instances in - the managed instance group. - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'targetPool' - type: ResourceRef - description: 'The targetPool to receive managed instances.' - resource: 'TargetPool' - imports: 'selfLink' - - name: 'targetSize' - type: Integer - description: | - The target number of running instances for this managed instance - group. Deleting or abandoning instances reduces this number. Resizing - the group changes this number. diff --git a/mmv1/products/compute/go_InstanceGroupMembership.yaml b/mmv1/products/compute/go_InstanceGroupMembership.yaml deleted file mode 100644 index 8b9c31172f23..000000000000 --- a/mmv1/products/compute/go_InstanceGroupMembership.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InstanceGroupMembership' -kind: 'compute#instanceGroup' -description: | - Represents the Instance membership to the Instance Group. - - -> **NOTE** You can use this resource instead of the `instances` field in the - `google_compute_instance_group`, however it's not recommended to use it alongside this field. - It might cause inconsistencies, as they can end up competing over control. - - -> **NOTE** This resource has been added to avoid a situation, where after - Instance is recreated, it's removed from Instance Group and it's needed to - perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. -references: - guides: - 'Add instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/addInstances' - 'Remove instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/removeInstances' - 'List instances': 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups' -docs: -id_format: '{{project}}/{{zone}}/{{instance_group}}/{{instance}}' -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}' -self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/listInstances' -create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/addInstances' -read_verb: 'POST' -delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/removeInstances' -delete_verb: 'POST' -immutable: true -mutex: 'instanceGroups/{{project}}/zones/{{zone}}/{{instance_group}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - instance -nested_query: - keys: - - items - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_instance_group_membership.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_instance_group_membership.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/compute_instance_group_membership.go.tmpl' -exclude_tgc: true -examples: - - name: 'instance_group_membership' - vars: - network_name: 'network' - instance_group_name: 'instance-group' - instance_name: 'instance' - skip_test: true -parameters: - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the instance group resides.' - url_param_only: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' - - name: 'instanceGroup' - type: ResourceRef - description: | - Represents an Instance Group resource name that the instance belongs to. - url_param_only: true - required: true - ignore_read: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - resource: 'InstanceGroup' - imports: 'name' -properties: - - name: 'instance' - type: ResourceRef - description: 'An instance being added to the InstanceGroup' - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/full_to_relative_path.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Instance' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_InstanceGroupNamedPort.yaml b/mmv1/products/compute/go_InstanceGroupNamedPort.yaml deleted file mode 100644 index b5f75c41bb05..000000000000 --- a/mmv1/products/compute/go_InstanceGroupNamedPort.yaml +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InstanceGroupNamedPort' -description: | - Mange the named ports setting for a managed instance group without - managing the group as whole. This resource is primarily intended for use - with GKE-generated groups that shouldn't otherwise be managed by other - tools. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroup' -docs: -id_format: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' -self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' -create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' -delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/setNamedPorts' -delete_verb: 'POST' -immutable: true -mutex: 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}' -import_format: - - 'projects/{{project}}/zones/{{zone}}/instanceGroups/{{group}}/{{port}}/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - port - - name -nested_query: - keys: - - namedPorts - is_list_of_ids: false - modify_by_patch: true -custom_code: - encoder: 'templates/terraform/encoders/go/normalize_group.go.tmpl' -examples: - - name: 'instance_group_named_port_gke' - primary_resource_id: 'my_port' - vars: - network_name: 'container-network' - subnetwork_name: 'container-subnetwork' - gke_cluster_name: 'my-cluster' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - skip_vcr: true -parameters: - - name: 'group' - type: ResourceRef - description: | - The name of the instance group. - url_param_only: true - required: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - resource: 'InstanceGroup' - imports: 'name' - - name: 'zone' - type: ResourceRef - description: | - The zone of the instance group. - url_param_only: true - required: false - ignore_read: true - default_from_api: true - resource: 'Zone' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The name for this named port. The name must be 1-63 characters - long, and comply with RFC1035. - required: true - - name: 'port' - type: Integer - description: The port number, which can be a value between 1 and 65535. - required: true diff --git a/mmv1/products/compute/go_InstanceSettings.yaml b/mmv1/products/compute/go_InstanceSettings.yaml deleted file mode 100644 index a249f423c9ad..000000000000 --- a/mmv1/products/compute/go_InstanceSettings.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InstanceSettings' -kind: 'compute#instanceSettings' -description: | - Represents an Instance Settings resource. Instance settings are centralized configuration parameters that allow users to configure the default values for specific VM parameters that are normally set using GCE instance API methods. -references: - guides: - 'Update Instance Settings': 'https://cloud.google.com/compute/docs/metadata/setting-custom-metadata#set-custom-project-zonal-metadata' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/instanceSettings' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings' -self_link: 'projects/{{project}}/zones/{{zone}}/instanceSettings' -create_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' -create_verb: 'PATCH' -update_url: 'projects/{{project}}/zones/{{zone}}/instanceSettings?update_mask=*' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/zones/{{zone}}/instanceSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - custom_delete: 'templates/terraform/custom_delete/go/clear_instance_settings.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -examples: - - name: 'instance_settings_basic' - primary_resource_id: 'gce_instance_settings' -parameters: - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the machine resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'fingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - custom_expand: 'templates/terraform/custom_expand/go/compute_instance_settings_fingerprint.tmpl' - - name: 'metadata' - type: NestedObject - description: | - The metadata key/value pairs assigned to all the instances in the corresponding scope. - properties: - - name: 'items' - type: KeyValuePairs - description: | - A metadata key/value items map. The total size of all keys and values must be less than 512KB diff --git a/mmv1/products/compute/go_Interconnect.yaml b/mmv1/products/compute/go_Interconnect.yaml deleted file mode 100644 index a43e4f6f9a88..000000000000 --- a/mmv1/products/compute/go_Interconnect.yaml +++ /dev/null @@ -1,403 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Interconnect' -kind: 'compute#Interconnect' -description: | - Represents an Interconnect resource. The Interconnect resource is a dedicated connection between - Google's network and your on-premises network. -references: - guides: - 'Create a Dedicated Interconnect': 'https://cloud.google.com/network-connectivity/docs/interconnect/concepts/dedicated-overview' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/interconnects' -docs: -base_url: 'projects/{{project}}/global/interconnects' -self_link: 'projects/{{project}}/global/interconnects/{{name}}' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 10000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/interconnect.go.tmpl' -examples: - - name: 'compute_interconnect_basic' - primary_resource_id: 'example-interconnect' - vars: - interconnect_name: 'example-interconnect' - customer_name: 'example_customer' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - skip_test: true - - name: 'compute_interconnect_basic_test' - primary_resource_id: 'example-interconnect' - vars: - interconnect_name: 'example-interconnect' - skip_docs: true -parameters: -properties: - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create the resource. - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is created. The name must be - 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first - character must be a lowercase letter, and all following characters must be a dash, - lowercase letter, or digit, except the last character, which cannot be a dash. - required: true - immutable: true - validation: - regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - name: 'location' - type: ResourceRef - description: | - URL of the InterconnectLocation object that represents where this connection is to be provisioned. - required: true - immutable: true - resource: 'InterconnectLocations' - imports: 'selfLink' - - name: 'linkType' - type: Enum - description: | - Type of link requested. Note that this field indicates the speed of each of the links in the - bundle, not the speed of the entire bundle. Can take one of the following values: - - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics. - - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. - required: true - immutable: true - enum_values: - - 'LINK_TYPE_ETHERNET_10G_LR' - - 'LINK_TYPE_ETHERNET_100G_LR' - - name: 'requestedLinkCount' - type: Integer - description: | - Target number of physical links in the link bundle, as requested by the customer. - required: true - immutable: true - - name: 'interconnectType' - type: Enum - description: | - Type of interconnect. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED. - Can take one of the following values: - - PARTNER: A partner-managed interconnection shared between customers though a partner. - - DEDICATED: A dedicated physical interconnection with the customer. - required: true - immutable: true - diff_suppress_func: 'InterconnectTypeDiffSuppress' - enum_values: - - 'DEDICATED' - - 'PARTNER' - - 'IT_PRIVATE' - - name: 'adminEnabled' - type: Boolean - description: | - Administrative status of the interconnect. When this is set to true, the Interconnect is - functional and can carry traffic. When set to false, no packets can be carried over the - interconnect and no BGP routes are exchanged over it. By default, the status is set to true. - send_empty_value: true - default_value: true - - name: 'nocContactEmail' - type: String - description: | - Email address to contact the customer NOC for operations and maintenance notifications - regarding this Interconnect. If specified, this will be used for notifications in addition to - all other forms described, such as Cloud Monitoring logs alerting and Cloud Notifications. - This field is required for users who sign up for Cloud Interconnect using workforce identity - federation. - - name: 'customerName' - type: String - description: | - Customer name, to put in the Letter of Authorization as the party authorized to request a - crossconnect. - required: true - immutable: true - - name: 'operationalStatus' - type: Enum - description: | - The current status of this Interconnect's functionality, which can take one of the following: - - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may - be provisioned on this Interconnect. - - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be - provisioned on this Interconnect. - - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No - attachments may be provisioned or updated on this Interconnect. - output: true - enum_values: - - 'OS_ACTIVE' - - 'OS_UNPROVISIONED' - - 'OS_UNDER_MAINTENANCE' - - name: 'provisionedLinkCount' - type: Integer - description: | - Number of links actually provisioned in this interconnect. - output: true - - name: 'interconnectAttachments' - type: Array - description: | - A list of the URLs of all InterconnectAttachments configured to use this Interconnect. - output: true - item_type: - type: String - - name: 'peerIpAddress' - type: String - description: | - IP address configured on the customer side of the Interconnect link. - The customer should configure this IP address during turnup when prompted by Google NOC. - This can be used only for ping tests. - output: true - - name: 'googleIpAddress' - type: String - description: | - IP address configured on the Google side of the Interconnect link. - This can be used only for ping tests. - output: true - - name: 'googleReferenceId' - type: String - description: | - Google reference ID to be used when raising support tickets with Google or otherwise to debug - backend connectivity issues. - output: true - - name: 'expectedOutages' - type: Array - description: A list of outages expected for this Interconnect. - output: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Unique identifier for this outage notification. - output: true - - name: 'description' - type: String - description: | - A description about the purpose of the outage. - output: true - - name: 'source' - type: Enum - description: | - The party that generated this notification. Note that the value of NSRC_GOOGLE has been - deprecated in favor of GOOGLE. Can take the following value: - - GOOGLE: this notification as generated by Google. - output: true - enum_values: - - 'GOOGLE' - - name: 'state' - type: Enum - description: | - State of this notification. Note that the versions of this enum prefixed with "NS_" have - been deprecated in favor of the unprefixed values. Can take one of the following values: - - ACTIVE: This outage notification is active. The event could be in the past, present, - or future. See startTime and endTime for scheduling. - - CANCELLED: The outage associated with this notification was cancelled before the - outage was due to start. - - COMPLETED: The outage associated with this notification is complete. - output: true - enum_values: - - 'ACTIVE' - - 'CANCELLED' - - 'COMPLETED' - - name: 'issueType' - type: Enum - description: | - Form this outage is expected to take. Note that the versions of this enum prefixed with - "IT_" have been deprecated in favor of the unprefixed values. Can take one of the - following values: - - OUTAGE: The Interconnect may be completely out of service for some or all of the - specified window. - - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain - up, but with reduced bandwidth. - output: true - enum_values: - - 'OUTAGE' - - 'PARTIAL_OUTAGE' - - name: 'affectedCircuits' - type: Array - description: | - If issueType is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be - affected. - output: true - item_type: - type: String - - name: 'startTime' - type: String - description: | - Scheduled start time for the outage (milliseconds since Unix epoch). - output: true - - name: 'endTime' - type: String - description: | - Scheduled end time for the outage (milliseconds since Unix epoch). - output: true - - name: 'circuitInfos' - type: Array - description: A list of CircuitInfo objects, that describe the individual circuits in this LAG. - output: true - item_type: - type: NestedObject - properties: - - name: 'googleCircuitId' - type: String - description: | - Google-assigned unique ID for this circuit. Assigned at circuit turn-up. - output: true - - name: 'googleDemarcId' - type: String - description: | - Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by - Google to the customer in the LOA. - output: true - - name: 'customerDemarcId' - type: String - description: | - Customer-side demarc ID for this circuit. - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Labels for this resource. These can only be added or modified by the setLabels - method. Each label key/value pair must comply with RFC1035. Label values may be empty. - - name: 'labelFingerprint' - type: Fingerprint - description: | - A fingerprint for the labels being applied to this Interconnect, which is essentially a hash - of the labels set used for optimistic locking. The fingerprint is initially generated by - Compute Engine and changes after every request to modify or update labels. - You must always provide an up-to-date fingerprint hash in order to update or change labels, - otherwise the request will fail with error 412 conditionNotMet. - output: true - - name: 'state' - type: Enum - description: | - The current state of Interconnect functionality, which can take one of the following values: - - ACTIVE: The Interconnect is valid, turned up and ready to use. - Attachments may be provisioned on this Interconnect. - - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may b - provisioned on this Interconnect. - - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may - be provisioned or updated on this Interconnect. - output: true - enum_values: - - 'ACTIVE' - - 'UNPROVISIONED' - - 'UNDER_MAINTENANCE' - - name: 'satisfiesPzs' - type: Boolean - description: Reserved for future use. - output: true - - name: 'macsec' - type: NestedObject - description: | - Configuration that enables Media Access Control security (MACsec) on the Cloud - Interconnect connection between Google and your on-premises router. - properties: - - name: 'preSharedKeys' - type: Array - description: | - A keychain placeholder describing a set of named key objects along with their - start times. A MACsec CKN/CAK is generated for each key in the key chain. - Google router automatically picks the key with the most recent startTime when establishing - or re-establishing a MACsec secure link. - required: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - A name for this pre-shared key. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character - must be a lowercase letter, and all following characters must be a dash, lowercase - letter, or digit, except the last character, which cannot be a dash. - required: true - validation: - regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - name: 'startTime' - type: String - description: | - A RFC3339 timestamp on or after which the key is valid. startTime can be in the - future. If the keychain has a single key, startTime can be omitted. If the keychain - has multiple keys, startTime is mandatory for each key. The start times of keys must - be in increasing order. The start times of two consecutive keys must be at least 6 - hours apart. - - name: 'failOpen' - type: Boolean - description: | - If set to true, the Interconnect connection is configured with a should-secure - MACsec security policy, that allows the Google router to fallback to cleartext - traffic if the MKA session cannot be established. By default, the Interconnect - connection is configured with a must-secure security policy that drops all traffic - if the MKA session cannot be established with your router. - - name: 'macsecEnabled' - type: Boolean - description: | - Enable or disable MACsec on this Interconnect connection. - MACsec enablement fails if the MACsec object is not specified. - - name: 'remoteLocation' - type: String - description: | - Indicates that this is a Cross-Cloud Interconnect. This field specifies the location outside - of Google's network that the interconnect is connected to. - - name: 'requestedFeatures' - type: Array - description: | - interconnects.list of features requested for this Interconnect connection. Options: IF_MACSEC ( - If specified then the connection is created on MACsec capable hardware ports. If not - specified, the default value is false, which allocates non-MACsec capable ports first if - available). Note that MACSEC is still technically allowed for compatibility reasons, but it - does not work with the API, and will be removed in an upcoming major version. - item_type: - type: Enum - description: | - interconnects.list of features requested for this Interconnect connection - enum_values: - - 'MACSEC' - - 'IF_MACSEC' - - name: 'availableFeatures' - type: Array - description: | - interconnects.list of features available for this Interconnect connection. Can take the value: - MACSEC. If present then the Interconnect connection is provisioned on MACsec capable hardware - ports. If not present then the Interconnect connection is provisioned on non-MACsec capable - ports and MACsec isn't supported and enabling MACsec fails). - output: true - item_type: - type: String diff --git a/mmv1/products/compute/go_InterconnectAttachment.yaml b/mmv1/products/compute/go_InterconnectAttachment.yaml deleted file mode 100644 index 34e9be6dac7a..000000000000 --- a/mmv1/products/compute/go_InterconnectAttachment.yaml +++ /dev/null @@ -1,341 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'InterconnectAttachment' -kind: 'compute#interconnectAttachment' -description: | - Represents an InterconnectAttachment (VLAN attachment) resource. For more - information, see Creating VLAN Attachments. -docs: -base_url: 'projects/{{project}}/regions/{{region}}/interconnectAttachments' -has_self_link: true -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/interconnect_attachment.go.tmpl' - post_create: 'templates/terraform/post_create/go/interconnect_attachment.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/interconnect_attachment.go.tmpl' -examples: - - name: 'interconnect_attachment_basic' - primary_resource_id: 'on_prem' - vars: - interconnect_attachment_name: 'on-prem-attachment' - router_name: 'router-1' - network_name: 'network-1' - - name: 'interconnect_attachment_dedicated' - primary_resource_id: 'on_prem' - vars: - interconnect_name: 'interconenct-1' - interconnect_attachment_name: 'on-prem-attachment' - router_name: 'router-1' - network_name: 'network-1' - skip_docs: true - - name: 'compute_interconnect_attachment_ipsec_encryption' - primary_resource_id: 'ipsec-encrypted-interconnect-attachment' - vars: - interconnect_attachment_name: 'test-interconnect-attachment' - address_name: 'test-address' - router_name: 'test-router' - network_name: 'test-network' -parameters: - - name: 'region' - type: ResourceRef - description: | - Region where the regional interconnect attachment resides. - required: false - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'selfLink' -properties: - - name: 'adminEnabled' - type: Boolean - description: | - Whether the VLAN attachment is enabled or disabled. When using - PARTNER type this will Pre-Activate the interconnect attachment - send_empty_value: true - default_value: true - - name: 'cloudRouterIpAddress' - type: String - description: | - IPv4 address + prefix length to be configured on Cloud Router - Interface for this interconnect attachment. - output: true - - name: 'customerRouterIpAddress' - type: String - description: | - IPv4 address + prefix length to be configured on the customer - router subinterface for this interconnect attachment. - output: true - - name: 'interconnect' - type: String - description: | - URL of the underlying Interconnect object that this attachment's - traffic will traverse through. Required if type is DEDICATED, must not - be set if type is PARTNER. - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'mtu' - type: String - description: | - Maximum Transmission Unit (MTU), in bytes, of packets passing through - this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int_to_string.go.tmpl' - - name: 'bandwidth' - type: Enum - description: | - Provisioned bandwidth capacity for the interconnect attachment. - For attachments of type DEDICATED, the user can set the bandwidth. - For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. - Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, - Defaults to BPS_10G - default_from_api: true - enum_values: - - 'BPS_50M' - - 'BPS_100M' - - 'BPS_200M' - - 'BPS_300M' - - 'BPS_400M' - - 'BPS_500M' - - 'BPS_1G' - - 'BPS_2G' - - 'BPS_5G' - - 'BPS_10G' - - 'BPS_20G' - - 'BPS_50G' - - name: 'edgeAvailabilityDomain' - type: String - description: | - Desired availability domain for the attachment. Only available for type - PARTNER, at creation time. For improved reliability, customers should - configure a pair of attachments with one per availability domain. The - selected availability domain will be provided to the Partner via the - pairing key so that the provisioned circuit will lie in the specified - domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. - immutable: true - default_from_api: true - - name: 'pairingKey' - type: String - description: | - [Output only for type PARTNER. Not present for DEDICATED]. The opaque - identifier of an PARTNER attachment used to initiate provisioning with - a selected partner. Of the form "XXXXX/region/domain" - output: true - - name: 'partnerAsn' - type: String - description: | - [Output only for type PARTNER. Not present for DEDICATED]. Optional - BGP ASN for the router that should be supplied by a layer 3 Partner if - they configured BGP on behalf of the customer. - output: true - - name: 'privateInterconnectInfo' - type: NestedObject - description: | - Information specific to an InterconnectAttachment. This property - is populated if the interconnect that this is attached to is of type DEDICATED. - output: true - properties: - - name: 'tag8021q' - type: Integer - description: | - 802.1q encapsulation tag to be used for traffic between - Google and the customer, going to and from this network and region. - output: true - - name: 'type' - type: Enum - description: | - The type of InterconnectAttachment you wish to create. Defaults to - DEDICATED. - immutable: true - default_from_api: true - enum_values: - - 'DEDICATED' - - 'PARTNER' - - 'PARTNER_PROVIDER' - - name: 'state' - type: Enum - description: | - [Output Only] The current state of this attachment's functionality. - output: true - enum_values: - - 'ACTIVE' - - 'DEFUNCT' - - 'PARTNER_REQUEST_RECEIVED' - - 'PENDING_CUSTOMER' - - 'PENDING_PARTNER' - - 'STATE_UNSPECIFIED' - - name: 'googleReferenceId' - type: String - description: | - Google reference ID, to be used when raising support tickets with - Google or otherwise to debug backend connectivity issues. - output: true - - name: 'router' - type: ResourceRef - description: | - URL of the cloud router to be used for dynamic routing. This router must be in - the same region as this InterconnectAttachment. The InterconnectAttachment will - automatically connect the Interconnect to the network & region within which the - Cloud Router is configured. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Router' - imports: 'selfLink' - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is created. The - name must be 1-63 characters long, and comply with RFC1035. Specifically, the - name must be 1-63 characters long and match the regular expression - `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a - lowercase letter, and all following characters must be a dash, lowercase - letter, or digit, except the last character, which cannot be a dash. - required: true - immutable: true - validation: - regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - name: 'candidateSubnets' - type: Array - description: | - Up to 16 candidate prefixes that can be used to restrict the allocation - of cloudRouterIpAddress and customerRouterIpAddress for this attachment. - All prefixes must be within link-local address space (169.254.0.0/16) - and must be /29 or shorter (/28, /27, etc). Google will attempt to select - an unused /29 from the supplied candidate prefix(es). The request will - fail if all possible /29s are in use on Google's edge. If not supplied, - Google will randomly select an unused /29 from all of link-local space. - immutable: true - ignore_read: true - item_type: - type: String - - name: 'vlanTag8021q' - type: Integer - description: | - The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When - using PARTNER type this will be managed upstream. - immutable: true - default_from_api: true - - name: 'ipsecInternalAddresses' - type: Array - description: | - URL of addresses that have been reserved for the interconnect attachment, - Used only for interconnect attachment that has the encryption option as - IPSEC. - The addresses must be RFC 1918 IP address ranges. When creating HA VPN - gateway over the interconnect attachment, if the attachment is configured - to use an RFC 1918 IP address, then the VPN gateway's IP address will be - allocated from the IP address range specified here. - For example, if the HA VPN gateway's interface 0 is paired to this - interconnect attachment, then an RFC 1918 IP address for the VPN gateway - interface 0 will be allocated from the IP address specified for this - interconnect attachment. - If this field is not specified for interconnect attachment that has - encryption option as IPSEC, later on when creating HA VPN gateway on this - interconnect attachment, the HA VPN gateway's IP address will be - allocated from regional external IP address pool. - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'ipsecInternalAddress' - type: ResourceRef - description: | - URL of an address that has been reserved for the interconnect - attachment. - resource: 'Address' - imports: 'selfLink' - - name: 'encryption' - type: Enum - description: | - Indicates the user-supplied encryption option of this interconnect - attachment. Can only be specified at attachment creation for PARTNER or - DEDICATED attachments. - * NONE - This is the default value, which means that the VLAN attachment - carries unencrypted traffic. VMs are able to send traffic to, or receive - traffic from, such a VLAN attachment. - * IPSEC - The VLAN attachment carries only encrypted traffic that is - encrypted by an IPsec device, such as an HA VPN gateway or third-party - IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, - such a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN - attachment must be created with this option. - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "NONE" - enum_values: - - 'NONE' - - 'IPSEC' - - name: 'stackType' - type: Enum - description: | - The stack type for this interconnect attachment to identify whether the IPv6 - feature is enabled or not. If not specified, IPV4_ONLY will be used. - This field can be both set at interconnect attachments creation and update - interconnect attachment operations. - default_from_api: true - enum_values: - - 'IPV4_IPV6' - - 'IPV4_ONLY' - - name: 'cloudRouterIpv6Address' - type: String - description: | - IPv6 address + prefix length to be configured on Cloud Router - Interface for this interconnect attachment. - output: true - - name: 'customerRouterIpv6Address' - type: String - description: | - IPv6 address + prefix length to be configured on the customer - router subinterface for this interconnect attachment. - output: true - - name: 'subnetLength' - type: Integer - description: | - Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, - except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a - constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure - remote location fall into this category. In these cases, the default value is 30, and - requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it - gives Google Cloud Support more debugging visibility. - immutable: true - ignore_read: true diff --git a/mmv1/products/compute/go_License.yaml b/mmv1/products/compute/go_License.yaml deleted file mode 100644 index 7774d584f274..000000000000 --- a/mmv1/products/compute/go_License.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'License' -kind: 'compute#license' -description: | - A License resource represents a software license. Licenses are used to - track software usage in images, persistent disks, snapshots, and virtual - machine instances. -# Used as a resource reference -exclude: true -readonly: true -docs: -base_url: '/projects/{{project}}/global/licenses' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'items' -custom_code: -parameters: -properties: - - name: 'name' - type: String - description: | - Name of the resource. The name is 1-63 characters long - and complies with RFC1035. - output: true - - name: 'chargesUseFee' - type: Boolean - description: | - If true, the customer will be charged license fee for - running software that contains this license on an instance. - output: true diff --git a/mmv1/products/compute/go_MachineImage.yaml b/mmv1/products/compute/go_MachineImage.yaml deleted file mode 100644 index 0eaa8c794e23..000000000000 --- a/mmv1/products/compute/go_MachineImage.yaml +++ /dev/null @@ -1,142 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'MachineImage' -kind: 'compute#machineImage' -description: | - Represents a Machine Image resource. Machine images store all the configuration, - metadata, permissions, and data from one or more disks required to create a - Virtual machine (VM) instance. -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/machine-images' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/machineImages' -docs: -base_url: 'projects/{{project}}/global/machineImages' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - allowed_iam_role: 'roles/compute.admin' - parent_resource_attribute: 'machine_image' - iam_conditions_request_type: 'QUERY_PARAM' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: -examples: - - name: 'machine_image_basic' - primary_resource_id: 'image' - primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' - vars: - vm_name: 'my-vm' - image_name: 'my-image' - - name: 'compute_machine_image_kms' - primary_resource_id: 'image' - primary_resource_name: 'fmt.Sprintf("tf-test-my-image%s", context["random_suffix"])' - vars: - vm_name: 'my-vm' - image_name: 'my-image' - key_name: 'key' - keyring_name: 'keyring' - test_vars_overrides: - 'policyChanged': 'acctest.BootstrapPSARole(t, "service-", "compute-system", "roles/cloudkms.cryptoKeyEncrypterDecrypter")' -parameters: -properties: - - name: 'name' - type: String - description: 'Name of the resource.' - min_version: 'beta' - required: true - - name: 'description' - type: String - description: 'A text description of the resource.' - min_version: 'beta' - - name: 'sourceInstance' - type: ResourceRef - description: - 'The source instance used to create the machine image. You can provide - this as a partial or full URL to the resource.' - min_version: 'beta' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Instance' - imports: 'selfLink' - - name: 'storageLocations' - type: Array - description: | - The regional or multi-regional Cloud Storage bucket location where the machine image is stored. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'guestFlush' - type: Boolean - description: | - Specify this to create an application consistent machine image by informing the OS to prepare for the snapshot process. - Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS). - min_version: 'beta' - - name: 'machineImageEncryptionKey' - type: NestedObject - description: | - Encrypts the machine image using a customer-supplied encryption key. - - After you encrypt a machine image with a customer-supplied key, you must - provide the same key if you use the machine image later (e.g. to create a - instance from the image) - min_version: 'beta' - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - min_version: 'beta' - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the - customer-supplied encryption key that protects this resource. - min_version: 'beta' - output: true - - name: 'kmsKeyName' - type: String - description: | - The name of the encryption key that is stored in Google Cloud KMS. - min_version: 'beta' - diff_suppress_func: 'tpgresource.CompareCryptoKeyVersions' - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account used for the encryption request for the given KMS key. - If absent, the Compute Engine Service Agent service account is used. - min_version: 'beta' diff --git a/mmv1/products/compute/go_MachineType.yaml b/mmv1/products/compute/go_MachineType.yaml deleted file mode 100644 index 7df93a83dfcf..000000000000 --- a/mmv1/products/compute/go_MachineType.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'MachineType' -kind: 'compute#machineType' -description: | - Represents a MachineType resource. Machine types determine the virtualized - hardware specifications of your virtual machine instances, such as the - amount of memory or number of virtual CPUs. -exclude: true -readonly: true -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/machineTypes' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'items' -custom_code: -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'deprecated' - type: NestedObject - description: 'The deprecation status associated with this machine type.' - output: true - properties: - - name: 'deleted' - type: Time - description: | - An optional RFC3339 timestamp on or after which the state of this - resource is intended to change to DELETED. This is only - informational and the status will not change unless the client - explicitly changes it. - output: true - - name: 'deprecated' - type: Time - description: | - An optional RFC3339 timestamp on or after which the state of this - resource is intended to change to DEPRECATED. This is only - informational and the status will not change unless the client - explicitly changes it. - output: true - - name: 'obsolete' - type: Time - description: | - An optional RFC3339 timestamp on or after which the state of this - resource is intended to change to OBSOLETE. This is only - informational and the status will not change unless the client - explicitly changes it. - output: true - - name: 'replacement' - type: String - description: | - The URL of the suggested replacement for a deprecated resource. - The suggested replacement resource must be the same kind of - resource as the deprecated resource. - output: true - - name: 'state' - type: Enum - description: | - The deprecation state of this resource. This can be DEPRECATED, - OBSOLETE, or DELETED. Operations which create a new resource - using a DEPRECATED resource will return successfully, but with a - warning indicating the deprecated resource and recommending its - replacement. Operations which use OBSOLETE or DELETED resources - will be rejected and result in an error. - output: true - enum_values: - - 'DEPRECATED' - - 'OBSOLETE' - - 'DELETED' - - name: 'description' - type: String - description: 'An optional textual description of the resource.' - output: true - - name: 'guestCpus' - type: Integer - description: | - The number of virtual CPUs that are available to the instance. - output: true - - name: 'id' - type: Integer - description: 'The unique identifier for the resource.' - output: true - - name: 'isSharedCpu' - type: Boolean - description: | - Whether this machine type has a shared CPU. See Shared-core machine - types for more information. - output: true - - name: 'maximumPersistentDisks' - type: Integer - description: 'Maximum persistent disks allowed.' - output: true - - name: 'maximumPersistentDisksSizeGb' - type: Integer - description: 'Maximum total persistent disks size (GB) allowed.' - output: true - - name: 'memoryMb' - type: Integer - description: | - The amount of physical memory available to the instance, defined in - MB. - output: true - - name: 'name' - type: String - description: 'Name of the resource.' - - name: 'zone' - type: ResourceRef - description: 'The zone the machine type is defined.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' diff --git a/mmv1/products/compute/go_ManagedSslCertificate.yaml b/mmv1/products/compute/go_ManagedSslCertificate.yaml deleted file mode 100644 index 18c4f8028e3e..000000000000 --- a/mmv1/products/compute/go_ManagedSslCertificate.yaml +++ /dev/null @@ -1,147 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ManagedSslCertificate' -kind: 'compute#sslCertificate' -description: | - An SslCertificate resource, used for HTTPS load balancing. This resource - represents a certificate for which the certificate secrets are created and - managed by Google. - - For a resource where you provide the key, see the - SSL Certificate resource. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' -docs: - warning: | - This resource should be used with extreme caution! Provisioning an SSL - certificate is complex. Ensure that you understand the lifecycle of a - certificate before attempting complex tasks like cert rotation automatically. - This resource will "return" as soon as the certificate object is created, - but post-creation the certificate object will go through a "provisioning" - process. The provisioning process can complete only when the domain name - for which the certificate is created points to a target pool which, itself, - points at the certificate. Depending on your DNS provider, this may take - some time, and migrating from self-managed certificates to Google-managed - certificates may entail some downtime while the certificate provisions. - - In conclusion: Be extremely cautious. -base_url: 'projects/{{project}}/global/sslCertificates' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 30 - update_minutes: 30 - delete_minutes: 30 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 30 - update_minutes: 30 - delete_minutes: 30 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/compute_managed_ssl_certificate.go.tmpl' -examples: - - name: 'managed_ssl_certificate_basic' - primary_resource_id: 'default' - vars: - cert_name: 'test-cert' - proxy_name: 'test-proxy' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - dns_zone_name: 'dnszone' - forwarding_rule_name: 'forwarding-rule' - http_health_check_name: 'http-health-check' - - name: 'managed_ssl_certificate_recreation' - primary_resource_id: 'cert' - external_providers: ["random", "time"] - skip_vcr: true -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'certificate_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - - These are in the same namespace as the managed SSL certificates. - - name: 'managed' - type: NestedObject - description: | - Properties relevant to a managed certificate. These will be used if the - certificate is managed (as indicated by a value of `MANAGED` in `type`). - properties: - - name: 'domains' - type: Array - description: | - Domains for which a managed SSL certificate will be valid. Currently, - there can be up to 100 domains in this list. - required: true - diff_suppress_func: 'AbsoluteDomainSuppress' - item_type: - type: String - max_size: 100 - - name: 'type' - type: Enum - description: | - Enum field whose value is always `MANAGED` - used to signal to the API - which type this is. - default_value: "MANAGED" - enum_values: - - 'MANAGED' - - name: 'subjectAlternativeNames' - type: Array - description: | - Domains associated with the certificate via Subject Alternative Name. - output: true - item_type: - type: String - - name: 'expireTime' - type: Time - description: | - Expire time of the certificate in RFC3339 text format. - output: true diff --git a/mmv1/products/compute/go_Network.yaml b/mmv1/products/compute/go_Network.yaml deleted file mode 100644 index 690cdd17dc0c..000000000000 --- a/mmv1/products/compute/go_Network.yaml +++ /dev/null @@ -1,182 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Network' -kind: 'compute#network' -description: | - Manages a VPC network or legacy network resource on GCP. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks' -docs: -base_url: 'projects/{{project}}/global/networks' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - encoder: 'templates/terraform/encoders/go/compute_network.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/compute_network.go.tmpl' - decoder: 'templates/terraform/decoders/go/compute_network.go.tmpl' - post_create: 'templates/terraform/post_create/go/compute_network_delete_default_route.tmpl' -examples: - - name: 'network_basic' - primary_resource_id: 'vpc_network' - vars: - network_name: 'vpc-network' - - name: 'network_custom_mtu' - primary_resource_id: 'vpc_network' - vars: - network_name: 'vpc-network' - test_env_vars: - project: 'PROJECT_NAME' - - name: 'network_custom_firewall_enforcement_order' - primary_resource_id: 'vpc_network' - vars: - network_name: 'vpc-network' - test_env_vars: - project: 'PROJECT_NAME' -virtual_fields: - - name: 'delete_default_routes_on_create' - description: | - If set to `true`, default routes (`0.0.0.0/0`) will be deleted - immediately after network creation. Defaults to `false`. - type: Boolean - default_value: false -parameters: -properties: - - name: 'description' - type: String - description: | - An optional description of this resource. The resource must be - recreated to modify this field. - immutable: true - - name: 'gateway_ipv4' - type: String - description: | - The gateway address for default routing out of the network. This value - is selected by GCP. - api_name: gatewayIPv4 - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' - - name: 'numericId' - type: String - description: | - The unique identifier for the resource. This identifier is defined by the server. - output: true - - name: 'autoCreateSubnetworks' - type: Boolean - description: | - When set to `true`, the network is created in "auto subnet mode" and - it will create a subnet for each region automatically across the - `10.128.0.0/9` address range. - - When set to `false`, the network is created in "custom subnet mode" so - the user can explicitly connect subnetwork resources. - immutable: true - send_empty_value: true - default_value: true - - name: 'routingConfig' - type: NestedObject - description: | - The network-level routing configuration for this network. Used by Cloud - Router to determine what type of network-wide routing behavior to - enforce. - update_url: 'projects/{{project}}/global/networks/{{name}}' - update_verb: 'PATCH' - flatten_object: true - properties: - - name: 'routingMode' - type: Enum - description: | - The network-wide routing mode to use. If set to `REGIONAL`, this - network's cloud routers will only advertise routes with subnetworks - of this network in the same region as the router. If set to `GLOBAL`, - this network's cloud routers will advertise routes with all - subnetworks of this network, across regions. - required: false - default_from_api: true - update_url: 'projects/{{project}}/global/networks/{{name}}' - update_verb: 'PATCH' - enum_values: - - 'REGIONAL' - - 'GLOBAL' - - name: 'mtu' - type: Integer - description: | - Maximum Transmission Unit in bytes. The default value is 1460 bytes. - The minimum value for this field is 1300 and the maximum value is 8896 bytes (jumbo frames). - Note that packets larger than 1500 bytes (standard Ethernet) can be subject to TCP-MSS clamping or dropped - with an ICMP `Fragmentation-Needed` message if the packets are routed to the Internet or other VPCs - with varying MTUs. - immutable: true - default_from_api: true - - name: 'enableUlaInternalIpv6' - type: Boolean - description: | - Enable ULA internal ipv6 on this network. Enabling this feature will assign - a /48 from google defined ULA prefix fd20::/20. - immutable: true - - name: 'internalIpv6Range' - type: String - description: | - When enabling ula internal ipv6, caller optionally can specify the /48 range - they want from the google defined ULA prefix fd20::/20. The input must be a - valid /48 ULA IPv6 address and must be within the fd20::/20. Operation will - fail if the speficied /48 is already in used by another resource. - If the field is not speficied, then a /48 range will be randomly allocated from fd20::/20 and returned via this field. - immutable: true - default_from_api: true - - name: 'networkFirewallPolicyEnforcementOrder' - type: Enum - description: | - Set the order that Firewall Rules and Firewall Policies are evaluated. - update_url: 'projects/{{project}}/global/networks/{{name}}' - update_verb: 'PATCH' - default_value: "AFTER_CLASSIC_FIREWALL" - enum_values: - - 'BEFORE_CLASSIC_FIREWALL' - - 'AFTER_CLASSIC_FIREWALL' diff --git a/mmv1/products/compute/go_NetworkAttachment.yaml b/mmv1/products/compute/go_NetworkAttachment.yaml deleted file mode 100644 index 635bee8c5862..000000000000 --- a/mmv1/products/compute/go_NetworkAttachment.yaml +++ /dev/null @@ -1,187 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkAttachment' -kind: 'compute#networkAttachment' -description: | - A network attachment is a resource that lets a producer Virtual Private Cloud (VPC) network initiate connections to a consumer VPC network through a Private Service Connect interface. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/vpc/docs/about-network-attachments' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkAttachments' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/networkAttachments' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'network_attachment_basic' - primary_resource_id: 'default' - vars: - resource_name: 'basic-network-attachment' - network_name: 'basic-network' - subnetwork_name: 'basic-subnetwork' - accepted_producer_project_name: 'prj-accepted' - rejected_producer_project_name: 'prj-rejected' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - - name: 'network_attachment_instance_usage' - primary_resource_id: 'default' - min_version: 'beta' - vars: - resource_name: 'basic-network-attachment' - network_name: 'basic-network' - subnetwork_name: 'basic-subnetwork' - instance_name: 'basic-instance' -parameters: - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - required: true - - name: 'region' - type: ResourceRef - description: | - URL of the region where the network attachment resides. This field applies only to the region resource. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body. - required: true - immutable: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'kind' - type: String - description: 'Type of the resource.' - output: true - - name: 'id' - type: String - description: 'The unique identifier for the resource type. The server generates this identifier.' - output: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create the resource. - - name: 'selfLink' - type: String - description: 'Server-defined URL for the resource.' - output: true - - name: 'selfLinkWithId' - type: String - description: | - Server-defined URL for this resource's resource id. - output: true - - name: 'connectionPreference' - type: Enum - description: | - The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules. - required: true - enum_values: - - 'ACCEPT_AUTOMATIC' - - 'ACCEPT_MANUAL' - - 'INVALID' - - name: 'connectionEndpoints' - type: Array - description: | - An array of connections for all the producers connected to this network attachment. - output: true - item_type: - type: NestedObject - properties: - - name: 'status' - type: String - description: | - The status of a connected endpoint to this network attachment. - output: true - - name: 'projectIdOrNum' - type: String - description: | - The project id or number of the interface to which the IP was assigned. - output: true - - name: 'subnetwork' - type: String - description: | - The subnetwork used to assign the IP to the producer instance network interface. - output: true - - name: 'ipAddress' - type: String - description: | - The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless. - output: true - - name: 'secondaryIpCidrRanges' - type: String - description: | - Alias IP ranges from the same subnetwork. - output: true - - name: 'subnetworks' - type: Array - description: | - An array of URLs where each entry is the URL of a subnet provided by the service consumer to use for endpoints in the producers that connect to this network attachment. - required: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'subnet' - type: ResourceRef - description: | - A subnet that is provided to set this network attachment. - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'producerRejectLists' - type: Array - description: | - Projects that are not allowed to connect to this network attachment. The project can be specified using its id or number. - item_type: - type: String - - name: 'producerAcceptLists' - type: Array - description: | - Projects that are allowed to connect to this network attachment. The project can be specified using its id or number. - item_type: - type: String - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in this object. This - field is used in optimistic locking. An up-to-date fingerprint must be provided in order to patch. - output: true - - name: 'network' - type: String - description: | - The URL of the network which the Network Attachment belongs to. Practically it is inferred by fetching the network of the first subnetwork associated. - Because it is required that all the subnetworks must be from the same network, it is assured that the Network Attachment belongs to the same network as all the subnetworks. - output: true diff --git a/mmv1/products/compute/go_NetworkEdgeSecurityService.yaml b/mmv1/products/compute/go_NetworkEdgeSecurityService.yaml deleted file mode 100644 index b5a0b831a7a6..000000000000 --- a/mmv1/products/compute/go_NetworkEdgeSecurityService.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkEdgeSecurityService' -kind: 'compute#networkEdgeSecurityService' -description: | - Google Cloud Armor network edge security service resource. -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/armor/docs/advanced-network-ddos' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networkEdgeSecurityServices' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices' -self_link: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' -create_url: 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices?networkEdgeSecurityService={{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -exclude_sweeper: true -examples: - - name: 'compute_network_edge_security_service_basic' - primary_resource_id: 'default' - vars: - resource_name: 'my-edge-security-service' - test_env_vars: - project_id: 'PROJECT_NAME' -parameters: - - name: 'region' - type: ResourceRef - description: | - The region of the gateway security policy. - min_version: 'beta' - url_param_only: true - required: false - immutable: true - resource: 'Region' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is created. - min_version: 'beta' - required: true - immutable: true - - name: 'description' - type: String - description: | - Free-text description of the resource. - min_version: 'beta' - - name: 'serviceId' - type: String - description: | - The unique identifier for the resource. This identifier is defined by the server. - api_name: id - min_version: 'beta' - output: true - - name: 'creationTimestamp' - type: String - description: | - Creation timestamp in RFC3339 text format. - min_version: 'beta' - output: true - - name: 'selfLink' - type: String - description: | - Server-defined URL for the resource. - min_version: 'beta' - output: true - - name: 'selfLinkWithServiceId' - type: String - description: | - Server-defined URL for this resource with the resource id. - api_name: selfLinkWithId - min_version: 'beta' - output: true - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. - An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. - min_version: 'beta' - output: true - - name: 'securityPolicy' - type: String - description: | - The resource URL for the network edge security service associated with this network edge security service. - min_version: 'beta' diff --git a/mmv1/products/compute/go_NetworkEndpoint.yaml b/mmv1/products/compute/go_NetworkEndpoint.yaml deleted file mode 100644 index 861d6acbb722..000000000000 --- a/mmv1/products/compute/go_NetworkEndpoint.yaml +++ /dev/null @@ -1,128 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkEndpoint' -kind: 'compute#networkEndpoint' -description: | - A Network endpoint represents a IP address and port combination that is - part of a specific network endpoint group (NEG). NEGs are zonal - collections of these endpoints for GCP resources within a - single subnet. **NOTE**: Network endpoints cannot be created outside of a - network endpoint group. - - -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to - perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -docs: -id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}' -base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' -self_link: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints' -create_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' -read_verb: 'POST' -delete_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints' -delete_verb: 'POST' -immutable: true -mutex: 'networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - instance - - ipAddress - - port -nested_query: - keys: - - items - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_network_endpoint.go.tmpl' - decoder: 'templates/terraform/decoders/go/unwrap_resource.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_network_endpoint.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/compute_network_endpoint.go.tmpl' -exclude_tgc: true -examples: - - name: 'network_endpoint' - primary_resource_id: 'default-endpoint' - vars: - neg_name: 'my-lb-neg' - instance_name: 'endpoint-instance' - network_name: 'neg-network' - subnetwork_name: 'neg-subnetwork' - skip_test: true -parameters: - - name: 'zone' - type: ResourceRef - description: | - Zone where the containing network endpoint group is located. - url_param_only: true - required: false - ignore_read: true - default_from_api: true - resource: 'Zone' - imports: 'name' - - name: 'networkEndpointGroup' - type: ResourceRef - description: | - The network endpoint group this endpoint is part of. - url_param_only: true - required: true - ignore_read: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - resource: 'NetworkEndpointGroup' - imports: 'name' -properties: - - name: 'instance' - type: ResourceRef - description: | - The name for a specific VM instance that the IP address belongs to. - This is required for network endpoints of type GCE_VM_IP_PORT. - The instance must be in the same zone of network endpoint group. - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - resource: 'Instance' - imports: 'name' - - name: 'port' - type: Integer - description: | - Port number of network endpoint. - **Note** `port` is required unless the Network Endpoint Group is created - with the type of `GCE_VM_IP` - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' - - name: 'ipAddress' - type: String - description: | - IPv4 address of network endpoint. The IP address must belong - to a VM in GCE (either the primary IP or as part of an aliased IP - range). - required: true diff --git a/mmv1/products/compute/go_NetworkEndpointGroup.yaml b/mmv1/products/compute/go_NetworkEndpointGroup.yaml deleted file mode 100644 index 12a7f6adfbb3..000000000000 --- a/mmv1/products/compute/go_NetworkEndpointGroup.yaml +++ /dev/null @@ -1,150 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkEndpointGroup' -kind: 'compute#networkEndpointGroup' -description: | - Network endpoint groups (NEGs) are zonal resources that represent - collections of IP address and port combinations for GCP resources within a - single subnet. Each IP address and port combination is called a network - endpoint. - - Network endpoint groups can be used as backends in backend services for - HTTP(S), TCP proxy, and SSL proxy load balancers. You cannot use NEGs as a - backend with internal load balancers. Because NEG backends allow you to - specify IP addresses and ports, you can distribute traffic in a granular - fashion among applications or containers running within VM instances. - - Recreating a network endpoint group that's in use by another resource will give a - `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` - to avoid this type of error. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/compute_network_endpoint_group.go.tmpl' -examples: - - name: 'network_endpoint_group' - primary_resource_id: 'neg' - vars: - neg_name: 'my-lb-neg' - network_name: 'neg-network' - subnetwork_name: 'neg-subnetwork' - - name: 'network_endpoint_group_non_gcp' - primary_resource_id: 'neg' - vars: - neg_name: 'my-lb-neg' - network_name: 'neg-network' -parameters: - - name: 'zone' - type: ResourceRef - description: | - Zone where the network endpoint group is located. - required: false - ignore_read: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'networkEndpointType' - type: Enum - description: | - Type of network endpoints in this network endpoint group. - NON_GCP_PRIVATE_IP_PORT is used for hybrid connectivity network - endpoint groups (see https://cloud.google.com/load-balancing/docs/hybrid). - Note that NON_GCP_PRIVATE_IP_PORT can only be used with Backend Services - that 1) have the following load balancing schemes: EXTERNAL, EXTERNAL_MANAGED, - INTERNAL_MANAGED, and INTERNAL_SELF_MANAGED and 2) support the RATE or - CONNECTION balancing modes. - - Possible values include: GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_IP_PORT, INTERNET_FQDN_PORT, SERVERLESS, and PRIVATE_SERVICE_CONNECT. - default_value: "GCE_VM_IP_PORT" - enum_values: - - 'GCE_VM_IP' - - 'GCE_VM_IP_PORT' - - 'NON_GCP_PRIVATE_IP_PORT' - - 'INTERNET_IP_PORT' - - 'INTERNET_FQDN_PORT' - - 'SERVERLESS' - - 'PRIVATE_SERVICE_CONNECT' - - name: 'size' - type: Integer - description: Number of network endpoints in the network endpoint group. - output: true - - name: 'network' - type: ResourceRef - description: | - The network to which all network endpoints in the NEG belong. - Uses "default" project network if unspecified. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'subnetwork' - type: ResourceRef - description: | - Optional subnetwork to which all network endpoints in the NEG belong. - diff_suppress_func: 'compareOptionalSubnet' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'defaultPort' - type: Integer - description: | - The default port used if the port number is not specified in the - network endpoint. diff --git a/mmv1/products/compute/go_NetworkEndpoints.yaml b/mmv1/products/compute/go_NetworkEndpoints.yaml deleted file mode 100644 index 0320bffeef75..000000000000 --- a/mmv1/products/compute/go_NetworkEndpoints.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkEndpoints' -kind: 'compute#networkEndpoints' -description: | - A set of network endpoints belonging to a network endpoint group (NEG). A - single network endpoint represents a IP address and port combination that is - part of a specific network endpoint group (NEG). NEGs are zonal collections - of these endpoints for GCP resources within a single subnet. **NOTE**: - Network endpoints cannot be created outside of a network endpoint group. - - This resource is authoritative for a single NEG. Any endpoints not specified - by this resource will be deleted when the resource configuration is applied. - - -> **NOTE** In case the Endpoint's Instance is recreated, it's needed to - perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups' -docs: -id_format: '{{project}}/{{zone}}/{{network_endpoint_group}}' -base_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' -self_link: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/listNetworkEndpoints' -create_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' -update_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/attachNetworkEndpoints' -update_verb: 'POST' -read_verb: 'POST' -delete_url: 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/detachNetworkEndpoints' -delete_verb: 'POST' -mutex: 'networkEndpoint/{{project}}/{{zone}}/{{network_endpoint_group}}' -import_format: - - 'projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - networkEndpointGroup -custom_code: - constants: 'templates/terraform/constants/go/network_endpoints.go.tmpl' - encoder: 'templates/terraform/encoders/go/compute_network_endpoints.go.tmpl' - decoder: 'templates/terraform/decoders/go/network_endpoints.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/network_endpoints.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/network_endpoints.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_network_endpoints.go.tmpl' -exclude_tgc: true -examples: - - name: 'network_endpoints' - primary_resource_id: 'default-endpoints' - vars: - neg_name: 'my-lb-neg' - instance_name: 'endpoint-instance' - network_name: 'neg-network' - subnetwork_name: 'neg-subnetwork' - skip_test: true -parameters: - - name: 'zone' - type: ResourceRef - description: | - Zone where the containing network endpoint group is located. - url_param_only: true - required: false - ignore_read: true - default_from_api: true - resource: 'Zone' - imports: 'name' - - name: 'networkEndpointGroup' - type: ResourceRef - description: | - The network endpoint group these endpoints are part of. - url_param_only: true - required: true - ignore_read: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - resource: 'NetworkEndpointGroup' - imports: 'name' -properties: - - name: 'networkEndpoints' - type: Array - description: | - The network endpoints to be added to the enclosing network endpoint group - (NEG). Each endpoint specifies an IP address and port, along with - additional information depending on the NEG type. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'instance' - type: ResourceRef - description: | - The name for a specific VM instance that the IP address belongs to. - This is required for network endpoints of type GCE_VM_IP_PORT. - The instance must be in the same zone as the network endpoint group. - custom_expand: 'templates/terraform/custom_expand/go/resource_from_self_link.go.tmpl' - resource: 'Instance' - imports: 'name' - - name: 'port' - type: Integer - description: | - Port number of network endpoint. - **Note** `port` is required unless the Network Endpoint Group is created - with the type of `GCE_VM_IP` - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' - - name: 'ipAddress' - type: String - description: | - IPv4 address of network endpoint. The IP address must belong - to a VM in GCE (either the primary IP or as part of an aliased IP - range). - required: true diff --git a/mmv1/products/compute/go_NetworkFirewallPolicy.yaml b/mmv1/products/compute/go_NetworkFirewallPolicy.yaml deleted file mode 100644 index feb6e205653a..000000000000 --- a/mmv1/products/compute/go_NetworkFirewallPolicy.yaml +++ /dev/null @@ -1,82 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkFirewallPolicy' -description: "The Compute NetworkFirewallPolicy resource" -docs: -base_url: 'projects/{{project}}/global/firewallPolicies' -self_link: 'projects/{{project}}/global/firewallPolicies/{{name}}' -create_url: 'projects/{{project}}/global/firewallPolicies' -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -legacy_long_form_project: true -examples: - - name: 'network_firewall_policy_full' - primary_resource_id: 'policy' - vars: - policy_name: 'tf-test-policy' -parameters: -properties: - - name: 'creationTimestamp' - type: String - description: Creation timestamp in RFC3339 text format. - output: true - - name: 'name' - type: String - description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - required: true - immutable: true - - name: 'networkFirewallPolicyId' - type: String - description: The unique identifier for the resource. This identifier is defined by the server. - api_name: id - output: true - - name: 'description' - type: String - description: An optional description of this resource. Provide this property when you create the resource. - - name: 'fingerprint' - type: Fingerprint - description: Fingerprint of the resource. This field is used internally during updates of this resource. - output: true - - name: 'selfLink' - type: String - description: Server-defined URL for the resource. - output: true - - name: 'selfLinkWithId' - type: String - description: Server-defined URL for this resource with the resource id. - output: true - - name: 'ruleTupleCount' - type: Integer - description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. - output: true diff --git a/mmv1/products/compute/go_NetworkFirewallPolicyWithRules.yaml b/mmv1/products/compute/go_NetworkFirewallPolicyWithRules.yaml deleted file mode 100644 index c72ae8359957..000000000000 --- a/mmv1/products/compute/go_NetworkFirewallPolicyWithRules.yaml +++ /dev/null @@ -1,673 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkFirewallPolicyWithRules' -description: "The Compute NetworkFirewallPolicy with rules resource" -min_version: 'beta' -docs: -base_url: 'projects/{{project}}/global/firewallPolicies' -self_link: 'projects/{{project}}/global/firewallPolicies/{{name}}' -create_url: 'projects/{{project}}/global/firewallPolicies' -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' - encoder: 'templates/terraform/encoders/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' - decoder: 'templates/terraform/decoders/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' - post_create: 'templates/terraform/post_create/go/resource_compute_network_firewall_policy_with_rules.go.tmpl' -legacy_long_form_project: true -examples: - - name: 'compute_network_firewall_policy_with_rules_full' - primary_resource_id: 'network-firewall-policy-with-rules' - vars: - policy_name: 'tf-fw-policy-with-rules' - address_group_name: 'tf-address-group' - tag_key_name: 'tf-tag-key' - tag_value_name: 'tf-tag-value' - security_profile_group_name: 'tf-security-profile-group' - security_profile_name: 'tf-security-profile' - test_env_vars: - org_id: 'ORG_ID' -parameters: -properties: - - name: 'creationTimestamp' - type: String - description: Creation timestamp in RFC3339 text format. - min_version: 'beta' - output: true - - name: 'name' - type: String - description: | - User-provided name of the Network firewall policy. - The name should be unique in the project in which the firewall policy is created. - The name must be 1-63 characters long, and comply with RFC1035. Specifically, - the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? - which means the first character must be a lowercase letter, and all following characters must be a dash, - lowercase letter, or digit, except the last character, which cannot be a dash. - min_version: 'beta' - required: true - immutable: true - - name: 'networkFirewallPolicyId' - type: String - description: The unique identifier for the resource. This identifier is defined by the server. - api_name: id - min_version: 'beta' - output: true - - name: 'description' - type: String - description: An optional description of this resource. - min_version: 'beta' - - name: 'rule' - type: Array - description: A list of firewall policy rules. - api_name: rules - min_version: 'beta' - required: true - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: | - A description of the rule. - min_version: 'beta' - - name: 'ruleName' - type: String - description: | - An optional name for the rule. This field is not a unique identifier - and can be updated. - min_version: 'beta' - - name: 'priority' - type: Integer - description: | - An integer indicating the priority of a rule in the list. The priority must be a value - between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the - highest priority and 2147483647 is the lowest priority. - min_version: 'beta' - required: true - - name: 'match' - type: NestedObject - description: - A match condition that incoming traffic is evaluated against. If it - evaluates to true, the corresponding 'action' is enforced. - min_version: 'beta' - required: true - properties: - - name: 'srcIpRanges' - type: Array - description: | - Source IP address range in CIDR format. Required for - INGRESS rules. - min_version: 'beta' - item_type: - type: String - - name: 'destIpRanges' - type: Array - description: | - Destination IP address range in CIDR format. Required for - EGRESS rules. - min_version: 'beta' - item_type: - type: String - - name: 'srcAddressGroups' - type: Array - description: | - Address groups which should be matched against the traffic source. - Maximum number of source address groups is 10. - min_version: 'beta' - item_type: - type: String - - name: 'destAddressGroups' - type: Array - description: | - Address groups which should be matched against the traffic destination. - Maximum number of destination address groups is 10. - min_version: 'beta' - item_type: - type: String - - name: 'srcFqdns' - type: Array - description: | - Fully Qualified Domain Name (FQDN) which should be matched against - traffic source. Maximum number of source fqdn allowed is 100. - min_version: 'beta' - item_type: - type: String - - name: 'destFqdns' - type: Array - description: | - Fully Qualified Domain Name (FQDN) which should be matched against - traffic destination. Maximum number of destination fqdn allowed is 100. - min_version: 'beta' - item_type: - type: String - - name: 'srcRegionCodes' - type: Array - description: | - Region codes whose IP addresses will be used to match for source - of traffic. Should be specified as 2 letter country code defined as per - ISO 3166 alpha-2 country codes. ex."US" - Maximum number of source region codes allowed is 5000. - min_version: 'beta' - item_type: - type: String - - name: 'destRegionCodes' - type: Array - description: | - Region codes whose IP addresses will be used to match for destination - of traffic. Should be specified as 2 letter country code defined as per - ISO 3166 alpha-2 country codes. ex."US" - Maximum number of destination region codes allowed is 5000. - min_version: 'beta' - item_type: - type: String - - name: 'srcThreatIntelligences' - type: Array - description: | - Names of Network Threat Intelligence lists. - The IPs in these lists will be matched against traffic source. - min_version: 'beta' - item_type: - type: String - - name: 'destThreatIntelligences' - type: Array - description: | - Names of Network Threat Intelligence lists. - The IPs in these lists will be matched against traffic destination. - min_version: 'beta' - item_type: - type: String - - name: 'layer4Config' - type: Array - description: | - Pairs of IP protocols and ports that the rule should match. - api_name: layer4Configs - min_version: 'beta' - required: true - item_type: - type: NestedObject - properties: - - name: 'ipProtocol' - type: String - description: | - The IP protocol to which this rule applies. The protocol - type is required when creating a firewall rule. - This value can either be one of the following well - known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), - or the IP protocol number. - min_version: 'beta' - required: true - - name: 'ports' - type: Array - description: | - An optional list of ports to which this rule applies. This field - is only applicable for UDP or TCP protocol. Each entry must be - either an integer or a range. If not specified, this rule - applies to connections through any port. - Example inputs include: ["22"], ["80","443"], and - ["12345-12349"]. - min_version: 'beta' - item_type: - type: String - - name: 'srcSecureTag' - type: Array - description: | - List of secure tag values, which should be matched at the source - of the traffic. - For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, - and there is no srcIpRange, this rule will be ignored. - Maximum number of source tag values allowed is 256. - api_name: srcSecureTags - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the secure tag, created with TagManager's TagValue API. - @pattern tagValues/[0-9]+ - min_version: 'beta' - - name: 'state' - type: Enum - description: | - [Output Only] State of the secure tag, either `EFFECTIVE` or - `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted - or its network is deleted. - min_version: 'beta' - output: true - enum_values: - - 'EFFECTIVE' - - 'INEFFECTIVE' - - name: 'targetSecureTag' - type: Array - description: | - A list of secure tags that controls which instances the firewall rule - applies to. If targetSecureTag are specified, then the - firewall rule applies only to instances in the VPC network that have one - of those EFFECTIVE secure tags, if all the target_secure_tag are in - INEFFECTIVE state, then this rule will be ignored. - targetSecureTag may not be set at the same time as - targetServiceAccounts. - If neither targetServiceAccounts nor - targetSecureTag are specified, the firewall rule applies - to all instances on the specified network. - Maximum number of target label tags allowed is 256. - api_name: targetSecureTags - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the secure tag, created with TagManager's TagValue API. - @pattern tagValues/[0-9]+ - min_version: 'beta' - - name: 'state' - type: Enum - description: | - [Output Only] State of the secure tag, either `EFFECTIVE` or - `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted - or its network is deleted. - min_version: 'beta' - output: true - enum_values: - - 'EFFECTIVE' - - 'INEFFECTIVE' - - name: 'action' - type: String - description: | - The Action to perform when the client connection triggers the rule. Can currently be either - "allow", "deny", "apply_security_profile_group" or "goto_next". - min_version: 'beta' - required: true - - name: 'direction' - type: Enum - description: | - The direction in which this rule applies. If unspecified an INGRESS rule is created. - min_version: 'beta' - enum_values: - - 'INGRESS' - - 'EGRESS' - - name: 'enableLogging' - type: Boolean - description: | - Denotes whether to enable logging for a particular rule. - If logging is enabled, logs will be exported to the - configured export destination in Stackdriver. - min_version: 'beta' - send_empty_value: true - - name: 'targetServiceAccounts' - type: Array - description: | - A list of service accounts indicating the sets of - instances that are applied with this rule. - min_version: 'beta' - item_type: - type: String - - name: 'securityProfileGroup' - type: String - description: | - A fully-qualified URL of a SecurityProfile resource instance. - Example: - https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group - Must be specified if action is 'apply_security_profile_group'. - min_version: 'beta' - - name: 'tlsInspect' - type: Boolean - description: | - Boolean flag indicating if the traffic should be TLS decrypted. - It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. - min_version: 'beta' - - name: 'disabled' - type: Boolean - description: | - Denotes whether the firewall policy rule is disabled. When set to true, - the firewall policy rule is not enforced and traffic behaves as if it did - not exist. If this is unspecified, the firewall policy rule will be - enabled. - min_version: 'beta' - - name: 'predefinedRules' - type: Array - description: A list of firewall policy pre-defined rules. - min_version: 'beta' - output: true - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: | - A description of the rule. - min_version: 'beta' - output: true - - name: 'ruleName' - type: String - description: | - An optional name for the rule. This field is not a unique identifier - and can be updated. - min_version: 'beta' - output: true - - name: 'priority' - type: Integer - description: | - An integer indicating the priority of a rule in the list. The priority must be a value - between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the - highest priority and 2147483647 is the lowest priority. - min_version: 'beta' - output: true - - name: 'match' - type: NestedObject - description: - A match condition that incoming traffic is evaluated against. If it - evaluates to true, the corresponding 'action' is enforced. - min_version: 'beta' - output: true - properties: - - name: 'srcIpRanges' - type: Array - description: | - Source IP address range in CIDR format. Required for - INGRESS rules. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'destIpRanges' - type: Array - description: | - Destination IP address range in CIDR format. Required for - EGRESS rules. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'srcAddressGroups' - type: Array - description: | - Address groups which should be matched against the traffic source. - Maximum number of source address groups is 10. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'destAddressGroups' - type: Array - description: | - Address groups which should be matched against the traffic destination. - Maximum number of destination address groups is 10. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'srcFqdns' - type: Array - description: | - Fully Qualified Domain Name (FQDN) which should be matched against - traffic source. Maximum number of source fqdn allowed is 100. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'destFqdns' - type: Array - description: | - Fully Qualified Domain Name (FQDN) which should be matched against - traffic destination. Maximum number of destination fqdn allowed is 100. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'srcRegionCodes' - type: Array - description: | - Region codes whose IP addresses will be used to match for source - of traffic. Should be specified as 2 letter country code defined as per - ISO 3166 alpha-2 country codes. ex."US" - Maximum number of source region codes allowed is 5000. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'destRegionCodes' - type: Array - description: | - Region codes whose IP addresses will be used to match for destination - of traffic. Should be specified as 2 letter country code defined as per - ISO 3166 alpha-2 country codes. ex."US" - Maximum number of destination region codes allowed is 5000. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'srcThreatIntelligences' - type: Array - description: | - Names of Network Threat Intelligence lists. - The IPs in these lists will be matched against traffic source. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'destThreatIntelligences' - type: Array - description: | - Names of Network Threat Intelligence lists. - The IPs in these lists will be matched against traffic destination. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'layer4Config' - type: Array - description: | - Pairs of IP protocols and ports that the rule should match. - api_name: layer4Configs - min_version: 'beta' - output: true - item_type: - type: NestedObject - properties: - - name: 'ipProtocol' - type: String - description: | - The IP protocol to which this rule applies. The protocol - type is required when creating a firewall rule. - This value can either be one of the following well - known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), - or the IP protocol number. - min_version: 'beta' - output: true - - name: 'ports' - type: Array - description: | - An optional list of ports to which this rule applies. This field - is only applicable for UDP or TCP protocol. Each entry must be - either an integer or a range. If not specified, this rule - applies to connections through any port. - Example inputs include: ["22"], ["80","443"], and - ["12345-12349"]. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'srcSecureTag' - type: Array - description: | - List of secure tag values, which should be matched at the source - of the traffic. - For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, - and there is no srcIpRange, this rule will be ignored. - Maximum number of source tag values allowed is 256. - api_name: srcSecureTags - min_version: 'beta' - output: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the secure tag, created with TagManager's TagValue API. - @pattern tagValues/[0-9]+ - min_version: 'beta' - output: true - - name: 'state' - type: Enum - description: | - [Output Only] State of the secure tag, either `EFFECTIVE` or - `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted - or its network is deleted. - min_version: 'beta' - output: true - enum_values: - - 'EFFECTIVE' - - 'INEFFECTIVE' - - name: 'targetSecureTag' - type: Array - description: | - A list of secure tags that controls which instances the firewall rule - applies to. If targetSecureTag are specified, then the - firewall rule applies only to instances in the VPC network that have one - of those EFFECTIVE secure tags, if all the target_secure_tag are in - INEFFECTIVE state, then this rule will be ignored. - targetSecureTag may not be set at the same time as - targetServiceAccounts. - If neither targetServiceAccounts nor - targetSecureTag are specified, the firewall rule applies - to all instances on the specified network. - Maximum number of target label tags allowed is 256. - api_name: targetSecureTags - min_version: 'beta' - output: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the secure tag, created with TagManager's TagValue API. - @pattern tagValues/[0-9]+ - min_version: 'beta' - output: true - - name: 'state' - type: Enum - description: | - [Output Only] State of the secure tag, either `EFFECTIVE` or - `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted - or its network is deleted. - min_version: 'beta' - output: true - enum_values: - - 'EFFECTIVE' - - 'INEFFECTIVE' - - name: 'action' - type: String - description: | - The Action to perform when the client connection triggers the rule. Can currently be either - "allow", "deny", "apply_security_profile_group" or "goto_next". - min_version: 'beta' - output: true - - name: 'direction' - type: Enum - description: | - The direction in which this rule applies. If unspecified an INGRESS rule is created. - min_version: 'beta' - output: true - enum_values: - - 'INGRESS' - - 'EGRESS' - - name: 'enableLogging' - type: Boolean - description: | - Denotes whether to enable logging for a particular rule. - If logging is enabled, logs will be exported to the - configured export destination in Stackdriver. - min_version: 'beta' - output: true - send_empty_value: true - - name: 'targetServiceAccounts' - type: Array - description: | - A list of service accounts indicating the sets of - instances that are applied with this rule. - min_version: 'beta' - output: true - item_type: - type: String - - name: 'securityProfileGroup' - type: String - description: | - A fully-qualified URL of a SecurityProfile resource instance. - Example: - https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group - Must be specified if action is 'apply_security_profile_group'. - min_version: 'beta' - output: true - - name: 'tlsInspect' - type: Boolean - description: | - Boolean flag indicating if the traffic should be TLS decrypted. - It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions. - min_version: 'beta' - output: true - - name: 'disabled' - type: Boolean - description: | - Denotes whether the firewall policy rule is disabled. When set to true, - the firewall policy rule is not enforced and traffic behaves as if it did - not exist. If this is unspecified, the firewall policy rule will be - enabled. - min_version: 'beta' - output: true - - name: 'fingerprint' - type: Fingerprint - description: Fingerprint of the resource. This field is used internally during updates of this resource. - min_version: 'beta' - output: true - - name: 'selfLink' - type: String - description: Server-defined URL for the resource. - min_version: 'beta' - output: true - - name: 'selfLinkWithId' - type: String - description: Server-defined URL for this resource with the resource id. - min_version: 'beta' - output: true - - name: 'ruleTupleCount' - type: Integer - description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. - min_version: 'beta' - output: true diff --git a/mmv1/products/compute/go_NetworkPeeringRoutesConfig.yaml b/mmv1/products/compute/go_NetworkPeeringRoutesConfig.yaml deleted file mode 100644 index 363a1dedf9e5..000000000000 --- a/mmv1/products/compute/go_NetworkPeeringRoutesConfig.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NetworkPeeringRoutesConfig' -description: | - Manage a network peering's route settings without managing the peering as - a whole. This resource is primarily intended for use with GCP-generated - peerings that shouldn't otherwise be managed by other tools. Deleting this - resource is a no-op and the peering will not be modified. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/vpc/docs/vpc-peering' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/networks/updatePeering' -docs: -id_format: 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' -base_url: 'projects/{{project}}/global/networks/{{network}}' -self_link: 'projects/{{project}}/global/networks/{{network}}' -create_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' -create_verb: 'PATCH' -update_url: 'projects/{{project}}/global/networks/{{network}}/updatePeering' -update_verb: 'PATCH' -exclude_delete: true -mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' -import_format: - - 'projects/{{project}}/global/networks/{{network}}/networkPeerings/{{peering}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - peering -nested_query: - keys: - - peerings - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/network_peering_routes_config.go.tmpl' -examples: - - name: 'network_peering_routes_config_basic' - primary_resource_id: 'peering_primary_routes' - vars: - peering_primary_name: 'primary-peering' - peering_secondary_name: 'secondary-peering' - network_primary_name: 'primary-network' - network_secondary_name: 'secondary-network' - - name: 'network_peering_routes_config_gke' - primary_resource_id: 'peering_gke_routes' - vars: - network_name: 'container-network' - subnetwork_name: 'container-subnetwork' - gke_cluster_name: 'private-cluster' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - skip_vcr: true -parameters: - - name: 'network' - type: ResourceRef - description: | - The name of the primary network for the peering. - url_param_only: true - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - resource: 'Network' - imports: 'name' -properties: - - name: 'peering' - type: String - description: | - Name of the peering. - api_name: name - required: true - - name: 'exportCustomRoutes' - type: Boolean - description: | - Whether to export the custom routes to the peer network. - required: true - send_empty_value: true - - name: 'importCustomRoutes' - type: Boolean - description: | - Whether to import the custom routes to the peer network. - required: true - send_empty_value: true diff --git a/mmv1/products/compute/go_NodeGroup.yaml b/mmv1/products/compute/go_NodeGroup.yaml deleted file mode 100644 index c16e81b24363..000000000000 --- a/mmv1/products/compute/go_NodeGroup.yaml +++ /dev/null @@ -1,215 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NodeGroup' -kind: 'compute#NodeGroup' -description: | - Represents a NodeGroup resource to manage a group of sole-tenant nodes. -references: - guides: - 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups' -has_self_link: true -create_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups?initialNodeCount=PRE_CREATE_REPLACE_ME' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - pre_create: 'templates/terraform/pre_create/go/compute_node_group_url_replace.go.tmpl' -examples: - - name: 'node_group_basic' - primary_resource_id: 'nodes' - vars: - group_name: 'soletenant-group' - template_name: 'soletenant-tmpl' - - name: 'node_group_maintenance_interval' - primary_resource_id: 'nodes' - min_version: 'beta' - vars: - group_name: 'soletenant-group' - template_name: 'soletenant-tmpl' - - name: 'node_group_autoscaling_policy' - primary_resource_id: 'nodes' - vars: - group_name: 'soletenant-group' - template_name: 'soletenant-tmpl' - - name: 'node_group_share_settings' - primary_resource_id: 'nodes' - vars: - group_name: 'soletenant-group' - template_name: 'soletenant-tmpl' - guest_project_id: 'project-id' - guest_project_name: 'project-name' - test_env_vars: - org_id: 'ORG_ID' -parameters: - - name: 'zone' - type: ResourceRef - description: | - Zone where this node group is located - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'selfLink' -properties: - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'description' - type: String - description: | - An optional textual description of the resource. - - name: 'name' - type: String - description: | - Name of the resource. - - name: 'nodeTemplate' - type: ResourceRef - description: | - The URL of the node template to which this node group belongs. - required: true - update_url: 'projects/{{project}}/zones/{{zone}}/nodeGroups/{{name}}/setNodeTemplate' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'NodeTemplate' - imports: 'selfLink' - - name: 'size' - type: Integer - description: | - The total number of nodes in the node group. - output: true - - name: 'initialSize' - type: Integer - description: | - The initial number of nodes in the node group. One of `initial_size` or `autoscaling_policy` must be configured on resource creation. - url_param_only: true - - name: 'maintenancePolicy' - type: String - description: | - Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. - default_value: "DEFAULT" - - name: 'maintenanceWindow' - type: NestedObject - description: | - contains properties for the timeframe of maintenance - properties: - - name: 'startTime' - type: String - description: | - instances.start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid. - required: true - - name: 'autoscalingPolicy' - type: NestedObject - description: | - If you use sole-tenant nodes for your workloads, you can use the node - group autoscaler to automatically manage the sizes of your node groups. - - One of `initial_size` or `autoscaling_policy` must be configured on resource creation. - default_from_api: true - properties: - - name: 'mode' - type: Enum - description: | - The autoscaling mode. Set to one of the following: - - OFF: Disables the autoscaler. - - ON: Enables scaling in and scaling out. - - ONLY_SCALE_OUT: Enables only scaling out. - You must use this mode if your node groups are configured to - restart their hosted VMs on minimal servers. - required: true - default_from_api: true - enum_values: - - 'OFF' - - 'ON' - - 'ONLY_SCALE_OUT' - - name: 'minNodes' - type: Integer - description: | - Minimum size of the node group. Must be less - than or equal to max-nodes. The default value is 0. - default_from_api: true - - name: 'maxNodes' - type: Integer - description: | - Maximum size of the node group. Set to a value less than or equal - to 100 and greater than or equal to min-nodes. - required: true - default_from_api: true - - name: 'shareSettings' - type: NestedObject - description: | - Share settings for the node group. - default_from_api: true - properties: - - name: 'shareType' - type: Enum - description: | - Node group sharing type. - required: true - enum_values: - - 'ORGANIZATION' - - 'SPECIFIC_PROJECTS' - - 'LOCAL' - - name: 'projectMap' - type: Map - description: | - A map of project id and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. - key_name: 'id' - key_description: | - The project ID. - value_type: - name: projectConfig - type: NestedObject - properties: - - name: 'projectId' - type: String - description: | - The project id/number should be the same as the key of this project config in the project map. - required: true - - name: 'maintenanceInterval' - type: Enum - description: | - Specifies the frequency of planned maintenance events. Set to one of the following: - - AS_NEEDED: Hosts are eligible to receive infrastructure and hypervisor updates as they become available. - - RECURRENT: Hosts receive planned infrastructure and hypervisor updates on a periodic basis, but not more frequently than every 28 days. This minimizes the number of planned maintenance operations on individual hosts and reduces the frequency of disruptions, both live migrations and terminations, on individual VMs. - min_version: 'beta' - default_from_api: true - enum_values: - - 'AS_NEEDED' - - 'RECURRENT' diff --git a/mmv1/products/compute/go_NodeTemplate.yaml b/mmv1/products/compute/go_NodeTemplate.yaml deleted file mode 100644 index d6a061d91ec1..000000000000 --- a/mmv1/products/compute/go_NodeTemplate.yaml +++ /dev/null @@ -1,178 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'NodeTemplate' -kind: 'compute#nodeTemplate' -description: | - Represents a NodeTemplate resource. Node templates specify properties - for creating sole-tenant nodes, such as node type, vCPU and memory - requirements, node affinity labels, and region. -references: - guides: - 'Sole-Tenant Nodes': 'https://cloud.google.com/compute/docs/nodes/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/nodeTemplates' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/nodeTemplates' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'node_template_basic' - primary_resource_id: 'template' - vars: - template_name: 'soletenant-tmpl' - - name: 'node_template_server_binding' - primary_resource_id: 'template' - vars: - template_name: 'soletenant-with-licenses' - - name: 'node_template_accelerators' - primary_resource_id: 'template' - vars: - template_name: 'soletenant-with-accelerators' -parameters: - - name: 'region' - type: ResourceRef - description: | - Region where nodes using the node template will be created. - If it is not provided, the provider region is used. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'selfLink' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional textual description of the resource.' - - name: 'name' - type: String - description: 'Name of the resource.' - - name: 'nodeAffinityLabels' - type: KeyValuePairs - description: | - Labels to use for node affinity, which will be used in - instance scheduling. - - name: 'nodeType' - type: String - description: | - Node type to use for nodes group that are created from this template. - Only one of nodeTypeFlexibility and nodeType can be specified. - conflicts: - - node_type_flexibility - - name: 'nodeTypeFlexibility' - type: NestedObject - description: | - Flexible properties for the desired node type. Node groups that - use this node template will create nodes of a type that matches - these properties. Only one of nodeTypeFlexibility and nodeType can - be specified. - conflicts: - - node_type - properties: - - name: 'cpus' - type: String - description: | - Number of virtual CPUs to use. - at_least_one_of: - - 'node_type_flexibility.0.cpus' - - 'node_type_flexibility.0.memory' - - name: 'memory' - type: String - description: | - Physical memory available to the node, defined in MB. - at_least_one_of: - - 'node_type_flexibility.0.cpus' - - 'node_type_flexibility.0.memory' - - name: 'localSsd' - type: String - description: | - Use local SSD - output: true - - name: 'serverBinding' - type: NestedObject - description: | - The server binding policy for nodes using this template. Determines - where the nodes should restart following a maintenance event. - default_from_api: true - properties: - - name: 'type' - type: Enum - description: | - Type of server binding policy. If `RESTART_NODE_ON_ANY_SERVER`, - nodes using this template will restart on any physical server - following a maintenance event. - - If `RESTART_NODE_ON_MINIMAL_SERVER`, nodes using this template - will restart on the same physical server following a maintenance - event, instead of being live migrated to or restarted on a new - physical server. This option may be useful if you are using - software licenses tied to the underlying server characteristics - such as physical sockets or cores, to avoid the need for - additional licenses when maintenance occurs. However, VMs on such - nodes will experience outages while maintenance is applied. - required: true - enum_values: - - 'RESTART_NODE_ON_ANY_SERVER' - - 'RESTART_NODE_ON_MINIMAL_SERVERS' - - name: 'accelerators' - type: Array - description: | - List of the type and count of accelerator cards attached to the - node template - item_type: - type: NestedObject - properties: - - name: 'acceleratorCount' - type: Integer - description: | - The number of the guest accelerator cards exposed to this - node template. - - name: 'acceleratorType' - type: String - description: | - Full or partial URL of the accelerator type resource to expose - to this node template. - - name: 'cpuOvercommitType' - type: Enum - description: | - CPU overcommit. - default_value: "NONE" - enum_values: - - 'ENABLED' - - 'NONE' diff --git a/mmv1/products/compute/go_OrganizationSecurityPolicy.yaml b/mmv1/products/compute/go_OrganizationSecurityPolicy.yaml deleted file mode 100644 index c9033fe12929..000000000000 --- a/mmv1/products/compute/go_OrganizationSecurityPolicy.yaml +++ /dev/null @@ -1,93 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'OrganizationSecurityPolicy' -description: | - Organization security policies are used to control incoming/outgoing traffic. -min_version: 'beta' -references: - guides: - 'Creating a firewall policy': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-policy' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies' -docs: -id_format: 'locations/global/securityPolicies/{{policy_id}}' -base_url: 'locations/global/securityPolicies?parentId={{parent}}' -self_link: 'locations/global/securityPolicies/{{policy_id}}' -create_url: 'locations/global/securityPolicies?parentId={{parent}}' -update_verb: 'PATCH' -import_format: - - 'locations/global/securityPolicies/{{policy_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/org_security_policy.go.tmpl' - post_delete: 'templates/terraform/post_delete/go/org_security_policy.go.tmpl' - post_update: 'templates/terraform/post_update/go/org_security_policy.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -examples: - - name: 'organization_security_policy_basic' - primary_resource_id: 'policy' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' -parameters: - - name: 'parent' - type: String - description: | - The parent of this OrganizationSecurityPolicy in the Cloud Resource Hierarchy. - Format: organizations/{organization_id} or folders/{folder_id} - min_version: 'beta' - required: true - immutable: true -properties: - - name: 'displayName' - type: String - description: | - A textual name of the security policy. - min_version: 'beta' - required: true - immutable: true - - name: 'description' - type: String - description: | - A textual description for the organization security policy. - min_version: 'beta' - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. This field is used internally during - updates of this resource. - min_version: 'beta' - output: true - - name: 'policy_id' - type: String - description: | - The unique identifier for the resource. This identifier is defined by the server. - api_name: id - min_version: 'beta' - output: true - - name: 'type' - type: Enum - description: | - The type indicates the intended use of the security policy. - For organization security policies, the only supported type - is "FIREWALL". - min_version: 'beta' - immutable: true - default_value: "FIREWALL" - enum_values: - - 'FIREWALL' diff --git a/mmv1/products/compute/go_OrganizationSecurityPolicyAssociation.yaml b/mmv1/products/compute/go_OrganizationSecurityPolicyAssociation.yaml deleted file mode 100644 index 3101fac1305e..000000000000 --- a/mmv1/products/compute/go_OrganizationSecurityPolicyAssociation.yaml +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'OrganizationSecurityPolicyAssociation' -description: | - An association for the OrganizationSecurityPolicy. -min_version: 'beta' -references: - guides: - 'Associating a policy with the organization or folder': 'https://cloud.google.com/vpc/docs/using-firewall-policies#associate' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addAssociation' -docs: -id_format: '{{policy_id}}/association/{{name}}' -base_url: '{{policy_id}}' -self_link: '{{policy_id}}/getAssociation?name={{name}}' -create_url: '{{policy_id}}/addAssociation' -delete_url: '{{policy_id}}/removeAssociation?name={{name}}' -delete_verb: 'POST' -immutable: true -import_format: - - '{{%policy_id}}/association/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/org_security_policy_association.go.tmpl' - post_delete: 'templates/terraform/post_create/go/org_security_policy_association.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -read_error_transform: 'transformSecurityPolicyAssociationReadError' -examples: - - name: 'organization_security_policy_association_basic' - primary_resource_id: 'policy' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' -parameters: - - name: 'policyId' - type: String - description: | - The security policy ID of the association. - api_name: securityPolicyId - min_version: 'beta' - url_param_only: true - required: true -properties: - - name: 'name' - type: String - description: | - The name for an association. - min_version: 'beta' - required: true - - name: 'attachmentId' - type: String - description: | - The resource that the security policy is attached to. - min_version: 'beta' - required: true - - name: 'displayName' - type: String - description: | - The display name of the security policy of the association. - min_version: 'beta' - output: true diff --git a/mmv1/products/compute/go_OrganizationSecurityPolicyRule.yaml b/mmv1/products/compute/go_OrganizationSecurityPolicyRule.yaml deleted file mode 100644 index 54fa3324ecf7..000000000000 --- a/mmv1/products/compute/go_OrganizationSecurityPolicyRule.yaml +++ /dev/null @@ -1,202 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'OrganizationSecurityPolicyRule' -description: | - A rule for the OrganizationSecurityPolicy. -min_version: 'beta' -references: - guides: - 'Creating firewall rules': 'https://cloud.google.com/vpc/docs/using-firewall-policies#create-rules' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addRule' -docs: -id_format: '{{policy_id}}/priority/{{priority}}' -base_url: '{{policy_id}}' -self_link: '{{policy_id}}/getRule?priority={{priority}}' -create_url: '{{policy_id}}/addRule?priority={{priority}}' -update_url: '{{policy_id}}/patchRule?priority={{priority}}' -update_verb: 'POST' -delete_url: '{{policy_id}}/removeRule?priority={{priority}}' -delete_verb: 'POST' -import_format: - - '{{%policy_id}}/priority/{{priority}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/org_security_policy_rule.go.tmpl' - post_delete: 'templates/terraform/post_create/go/org_security_policy_rule.go.tmpl' - post_update: 'templates/terraform/post_create/go/org_security_policy_rule.go.tmpl' - test_check_destroy: 'templates/terraform/custom_check_destroy/go/skip_delete_during_test.go.tmpl' -examples: - - name: 'organization_security_policy_rule_basic' - primary_resource_id: 'policy' - min_version: 'beta' - test_env_vars: - org_id: 'ORG_ID' -parameters: - - name: 'policyId' - type: String - description: | - The ID of the OrganizationSecurityPolicy this rule applies to. - min_version: 'beta' - url_param_only: true - required: true - immutable: true -properties: - - name: 'description' - type: String - description: | - A description of the rule. - min_version: 'beta' - - name: 'priority' - type: Integer - description: | - An integer indicating the priority of a rule in the list. The priority must be a value - between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the - highest priority and 2147483647 is the lowest prority. - min_version: 'beta' - required: true - immutable: true - - name: 'match' - type: NestedObject - description: - A match condition that incoming traffic is evaluated against. If it - evaluates to true, the corresponding 'action' is enforced. - min_version: 'beta' - required: true - properties: - - name: 'description' - type: String - description: | - A description of the rule. - min_version: 'beta' - - name: 'versionedExpr' - type: Enum - description: | - Preconfigured versioned expression. For organization security policy rules, - the only supported type is "FIREWALL". - min_version: 'beta' - default_value: "FIREWALL" - enum_values: - - 'FIREWALL' - - name: 'config' - type: NestedObject - description: The configuration options for matching the rule. - min_version: 'beta' - required: true - properties: - - name: 'srcIpRanges' - type: Array - description: | - Source IP address range in CIDR format. Required for - INGRESS rules. - min_version: 'beta' - exactly_one_of: - - 'match.0.config.0.src_ip_ranges' - - 'match.0.config.0.dest_ip_ranges' - item_type: - type: String - - name: 'destIpRanges' - type: Array - description: | - Destination IP address range in CIDR format. Required for - EGRESS rules. - min_version: 'beta' - exactly_one_of: - - 'match.0.config.0.src_ip_ranges' - - 'match.0.config.0.dest_ip_ranges' - item_type: - type: String - - name: 'layer4Config' - type: Array - description: | - Pairs of IP protocols and ports that the rule should match. - api_name: layer4Configs - min_version: 'beta' - required: true - item_type: - type: NestedObject - properties: - - name: 'ipProtocol' - type: String - description: | - The IP protocol to which this rule applies. The protocol - type is required when creating a firewall rule. - This value can either be one of the following well - known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), - or the IP protocol number. - min_version: 'beta' - required: true - - name: 'ports' - type: Array - description: | - An optional list of ports to which this rule applies. This field - is only applicable for UDP or TCP protocol. Each entry must be - either an integer or a range. If not specified, this rule - applies to connections through any port. - - Example inputs include: ["22"], ["80","443"], and - ["12345-12349"]. - min_version: 'beta' - item_type: - type: String - - name: 'action' - type: String - description: | - The Action to perform when the client connection triggers the rule. Can currently be either - "allow", "deny" or "goto_next". - min_version: 'beta' - required: true - - name: 'preview' - type: Boolean - description: | - If set to true, the specified action is not enforced. - min_version: 'beta' - - name: 'direction' - type: Enum - description: | - The direction in which this rule applies. If unspecified an INGRESS rule is created. - min_version: 'beta' - enum_values: - - 'INGRESS' - - 'EGRESS' - - name: 'targetResources' - type: Array - description: | - A list of network resource URLs to which this rule applies. - This field allows you to control which network's VMs get - this rule. If this field is left blank, all VMs - within the organization will receive the rule. - min_version: 'beta' - item_type: - type: String - - name: 'enableLogging' - type: Boolean - description: | - Denotes whether to enable logging for a particular rule. - If logging is enabled, logs will be exported to the - configured export destination in Stackdriver. - min_version: 'beta' - send_empty_value: true - - name: 'targetServiceAccounts' - type: Array - description: | - A list of service accounts indicating the sets of - instances that are applied with this rule. - min_version: 'beta' - item_type: - type: String diff --git a/mmv1/products/compute/go_PacketMirroring.yaml b/mmv1/products/compute/go_PacketMirroring.yaml deleted file mode 100644 index 63a6871bda00..000000000000 --- a/mmv1/products/compute/go_PacketMirroring.yaml +++ /dev/null @@ -1,203 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PacketMirroring' -description: | - Packet Mirroring mirrors traffic to and from particular VM instances. - You can use the collected traffic to help you detect security threats - and monitor application performance. -references: - guides: - 'Using Packet Mirroring': 'https://cloud.google.com/vpc/docs/using-packet-mirroring#creating' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/packetMirrorings' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/packetMirrorings' -self_link: 'projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}}' -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'compute_packet_mirroring_full' - primary_resource_id: 'foobar' - vars: - instance_name: 'my-instance' - subnetwork_name: 'my-subnetwork' - service_name: 'my-service' - hc_name: 'my-healthcheck' - mirroring_name: 'my-mirroring' - ilb_rule_name: 'my-ilb' - network_name: 'my-network' -parameters: -properties: - - name: 'name' - type: String - description: The name of the packet mirroring rule - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: A human-readable description of the rule. - immutable: true - - name: 'region' - type: String - description: | - The Region in which the created address should reside. - If it is not provided, the provider region is used. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'network' - type: NestedObject - description: | - Specifies the mirrored VPC network. Only packets in this network - will be mirrored. All mirrored VMs should have a NIC in the given - network. All mirrored subnetworks should belong to the given network. - required: true - immutable: true - properties: - - name: 'url' - type: ResourceRef - description: - The full self_link URL of the network where this rule is active. - required: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'priority' - type: Integer - description: | - Since only one rule can be active at a time, priority is - used to break ties in the case of two rules that apply to - the same instances. - required: false - default_from_api: true - - name: 'collectorIlb' - type: NestedObject - description: | - The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) - that will be used as collector for mirrored traffic. The - specified forwarding rule must have is_mirroring_collector - set to true. - required: true - properties: - - name: 'url' - type: ResourceRef - description: The URL of the forwarding rule. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'ForwardingRule' - imports: 'selfLink' - - name: 'filter' - type: NestedObject - description: | - A filter for mirrored traffic. If unset, all traffic is mirrored. - properties: - - name: 'ipProtocols' - type: Array - description: Possible IP protocols including tcp, udp, icmp and esp - api_name: IPProtocols - item_type: - type: String - - name: 'cidrRanges' - type: Array - description: | - IP CIDR ranges that apply as a filter on the source (ingress) or - destination (egress) IP in the IP header. Only IPv4 is supported. - item_type: - type: String - - name: 'direction' - type: Enum - description: Direction of traffic to mirror. - default_value: "BOTH" - enum_values: - - 'INGRESS' - - 'EGRESS' - - 'BOTH' - - name: 'mirroredResources' - type: NestedObject - description: | - A means of specifying which resources to mirror. - required: true - properties: - - name: 'subnetworks' - type: Array - description: | - All instances in one of these subnetworks will be mirrored. - at_least_one_of: - - 'mirrored_resources.0.subnetworks' - - 'mirrored_resources.0.instances' - - 'mirrored_resources.0.tags' - item_type: - description: - The subnetworks that should be mirrored. Specify at most 5. - type: NestedObject - properties: - - name: 'url' - type: ResourceRef - description: - The URL of the subnetwork where this rule should be active. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'instances' - type: Array - description: | - All the listed instances will be mirrored. Specify at most 50. - at_least_one_of: - - 'mirrored_resources.0.subnetworks' - - 'mirrored_resources.0.instances' - - 'mirrored_resources.0.tags' - item_type: - description: The instances that should be mirrored. - type: NestedObject - properties: - - name: 'url' - type: ResourceRef - description: - The URL of the instances where this rule should be active. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Instance' - imports: 'selfLink' - - name: 'tags' - type: Array - description: | - All instances with these tags will be mirrored. - at_least_one_of: - - 'mirrored_resources.0.subnetworks' - - 'mirrored_resources.0.instances' - - 'mirrored_resources.0.tags' - item_type: - type: String diff --git a/mmv1/products/compute/go_PerInstanceConfig.yaml b/mmv1/products/compute/go_PerInstanceConfig.yaml deleted file mode 100644 index 724932323c04..000000000000 --- a/mmv1/products/compute/go_PerInstanceConfig.yaml +++ /dev/null @@ -1,245 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PerInstanceConfig' -description: | - A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name - across instance group manager operations and can define stateful disks or metadata that are unique to the instance. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' -docs: -id_format: '{{project}}/{{zone}}/{{instance_group_manager}}/{{name}}' -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}' -self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/listPerInstanceConfigs' -create_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/createInstances' -update_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/updatePerInstanceConfigs' -update_verb: 'POST' -read_verb: 'POST' -delete_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/deletePerInstanceConfigs' -delete_verb: 'POST' -mutex: 'instanceGroupManager/{{project}}/{{zone}}/{{instance_group_manager}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - name -nested_query: - keys: - - items - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_per_instance_config.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/compute_per_instance_config.go.tmpl' - post_update: 'templates/terraform/post_update/go/compute_per_instance_config.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/per_instance_config.go.tmpl' -exclude_tgc: true -examples: - - name: 'stateful_igm' - primary_resource_id: 'stateful-instance' - vars: - template_name: 'my-template' - igm_name: 'my-igm' - disk_name: 'my-disk-name' - skip_test: true -virtual_fields: - - name: 'minimal_action' - description: | - The minimal action to perform on the instance during an update. - Default is `NONE`. Possible values are: - * REPLACE - * RESTART - * REFRESH - * NONE - type: String - default_value: "NONE" - - name: 'most_disruptive_allowed_action' - description: | - The most disruptive action to perform on the instance during an update. - Default is `REPLACE`. Possible values are: - * REPLACE - * RESTART - * REFRESH - * NONE - type: String - default_value: "REPLACE" - - name: 'remove_instance_on_destroy' - description: | - When true, deleting this config will immediately remove the underlying instance. - When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. - type: Boolean - default_value: false - - name: 'remove_instance_state_on_destroy' - description: | - When true, deleting this config will immediately remove any specified state from the underlying instance. - When false, deleting this config will *not* immediately remove any state from the underlying instance. - State will be removed on the next instance recreation or update. - type: Boolean - default_value: false -parameters: - - name: 'zone' - type: ResourceRef - description: | - Zone where the containing instance group manager is located - url_param_only: true - required: false - immutable: true - ignore_read: true - default_from_api: true - resource: 'Zone' - imports: 'name' - - name: 'instanceGroupManager' - type: ResourceRef - description: | - The instance group manager this instance config is part of. - url_param_only: true - required: true - immutable: true - resource: 'InstanceGroupManager' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The name for this per-instance config and its corresponding instance. - required: true - immutable: true - - name: 'preservedState' - type: NestedObject - description: 'The preserved state for this instance.' - properties: - - name: 'metadata' - type: KeyValuePairs - description: | - Preserved metadata defined for this instance. This is a list of key->value pairs. - - name: 'disk' - type: Array - description: | - Stateful disks for the instance. - api_name: disks - is_set: true - custom_flatten: 'templates/terraform/custom_flatten/go/preserved_state_disks.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/preserved_state_disks.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'deviceName' - type: String - description: | - A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. - required: true - - name: 'source' - type: String - description: | - The URI of an existing persistent disk to attach under the specified device-name in the format - `projects/project-id/zones/zone/disks/disk-name`. - required: true - - name: 'mode' - type: Enum - description: | - The mode of the disk. - default_value: "READ_WRITE" - enum_values: - - 'READ_ONLY' - - 'READ_WRITE' - - name: 'deleteRule' - type: Enum - description: | - A value that prescribes what should happen to the stateful disk when the VM instance is deleted. - The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. - `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. - `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently - deleted from the instance group. - default_value: "NEVER" - enum_values: - - 'NEVER' - - 'ON_PERMANENT_INSTANCE_DELETION' - - name: 'internalIp' - type: Map - description: | - Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. - api_name: internalIPs - key_name: 'interface_name' - value_type: - name: internalIp - type: NestedObject - properties: - - name: 'autoDelete' - type: Enum - description: | - These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - default_value: "NEVER" - enum_values: - - 'NEVER' - - 'ON_PERMANENT_INSTANCE_DELETION' - - name: 'ipAddress' - type: NestedObject - description: | - Ip address representation - properties: - - name: 'address' - type: ResourceRef - description: | - The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Address' - imports: 'selfLink' - - name: 'externalIp' - type: Map - description: | - Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. - api_name: externalIPs - key_name: 'interface_name' - value_type: - name: externalIp - type: NestedObject - properties: - - name: 'autoDelete' - type: Enum - description: | - These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - default_value: "NEVER" - enum_values: - - 'NEVER' - - 'ON_PERMANENT_INSTANCE_DELETION' - - name: 'ipAddress' - type: NestedObject - description: | - Ip address representation - properties: - - name: 'address' - type: ResourceRef - description: | - The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Address' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_ProjectCloudArmorTier.yaml b/mmv1/products/compute/go_ProjectCloudArmorTier.yaml deleted file mode 100644 index cb4daf09f4b2..000000000000 --- a/mmv1/products/compute/go_ProjectCloudArmorTier.yaml +++ /dev/null @@ -1,74 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ProjectCloudArmorTier' -description: | - Sets the Cloud Armor tier of the project. -references: - guides: - 'Subscribing to Cloud Armor Enterprise': 'https://cloud.google.com/armor/docs/managed-protection-overview#subscribing_to_plus' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/projects/setCloudArmorTier' -docs: -id_format: 'projects/{{project}}' -base_url: 'projects/{{project}}' -create_url: 'projects/{{project}}/setCloudArmorTier' -update_url: 'projects/{{project}}/setCloudArmorTier' -update_verb: 'POST' - -read_query_params: '?fields=cloudArmorTier' -import_format: - - 'projects/{{project}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - custom_delete: 'templates/terraform/custom_delete/go/only_remove_from_state.go.tmpl' -examples: - - name: 'compute_project_cloud_armor_tier_basic' - primary_resource_id: 'cloud_armor_tier_config' - skip_test: true - - name: 'compute_project_cloud_armor_tier_project_set' - primary_resource_id: 'cloud_armor_tier_config' - vars: - project_id: 'your_project_id' - test_env_vars: - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_test: true -parameters: -properties: - - name: 'cloudArmorTier' - type: Enum - description: | - Managed protection tier to be set. - required: true - enum_values: - - 'CA_STANDARD' - - 'CA_ENTERPRISE_PAYGO' diff --git a/mmv1/products/compute/go_PublicAdvertisedPrefix.yaml b/mmv1/products/compute/go_PublicAdvertisedPrefix.yaml deleted file mode 100644 index 5cd3db293ebc..000000000000 --- a/mmv1/products/compute/go_PublicAdvertisedPrefix.yaml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PublicAdvertisedPrefix' -description: | - Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP). -references: - guides: - 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicAdvertisedPrefixes' -docs: -base_url: 'projects/{{project}}/global/publicAdvertisedPrefixes' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'public_advertised_prefixes_basic' - primary_resource_id: 'prefixes' - vars: - prefixes_name: 'my-prefix' - test_env_vars: - desc: 'PAP_DESCRIPTION' - skip_test: true -parameters: -properties: - - name: 'description' - type: String - description: An optional description of this resource. - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` - which means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - - name: 'dnsVerificationIp' - type: String - description: The IPv4 address to be used for reverse DNS verification. - required: true - - name: 'ipCidrRange' - type: String - description: - The IPv4 address range, in CIDR format, represented by this public - advertised prefix. - required: true - - name: 'sharedSecret' - type: String - description: | - Output Only. The shared secret to be used for reverse DNS verification. - output: true diff --git a/mmv1/products/compute/go_PublicDelegatedPrefix.yaml b/mmv1/products/compute/go_PublicDelegatedPrefix.yaml deleted file mode 100644 index 8fbf38ddac9a..000000000000 --- a/mmv1/products/compute/go_PublicDelegatedPrefix.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PublicDelegatedPrefix' -description: | - Represents a PublicDelegatedPrefix for use with bring your own IP addresses (BYOIP). -references: - guides: - 'Using bring your own IP': 'https://cloud.google.com/vpc/docs/using-bring-your-own-ip' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/publicDelegatedPrefixes' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/publicDelegatedPrefixes' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'public_delegated_prefixes_basic' - primary_resource_id: 'prefixes' - vars: - prefixes_name: 'my-prefix' - test_env_vars: - desc: 'PAP_DESCRIPTION' - skip_test: true -parameters: -properties: - - name: 'region' - type: String - description: 'A region where the prefix will reside.' - url_param_only: true - required: true - - name: 'description' - type: String - description: An optional description of this resource. - - name: 'isLiveMigration' - type: Boolean - description: If true, the prefix will be live migrated. - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` - which means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - - name: 'parentPrefix' - type: String - description: - The URL of parent prefix. Either PublicAdvertisedPrefix or - PublicDelegatedPrefix. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'ipCidrRange' - type: String - description: - The IPv4 address range, in CIDR format, represented by this public - advertised prefix. - required: true diff --git a/mmv1/products/compute/go_Region.yaml b/mmv1/products/compute/go_Region.yaml deleted file mode 100644 index da81ccb93b8c..000000000000 --- a/mmv1/products/compute/go_Region.yaml +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Region' -kind: 'compute#region' -description: | - Represents a Region resource. A region is a specific geographical - location where you can run your resources. Each region has one or more - zones -# Used as a resource reference -exclude: true -readonly: true -docs: -base_url: 'projects/{{project}}/regions' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'items' -custom_code: -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'deprecated' - type: NestedObject - description: 'The deprecation state of this resource.' - output: true - properties: - - name: 'deleted' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to DELETED. - - name: 'deprecated' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to DEPRECATED. - output: true - - name: 'obsolete' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to OBSOLETE. - output: true - - name: 'replacement' - type: String - description: | - The URL of the suggested replacement for a deprecated resource. The - suggested replacement resource must be the same kind of resource as - the deprecated resource. - output: true - - name: 'state' - type: Enum - description: | - The deprecation state of this resource. This can be DEPRECATED, - OBSOLETE, or DELETED. Operations which create a new resource using a - DEPRECATED resource will return successfully, but with a warning - indicating the deprecated resource and recommending its replacement. - Operations which use OBSOLETE or DELETED resources will be rejected - and result in an error. - output: true - enum_values: - - 'DEPRECATED' - - 'OBSOLETE' - - 'DELETED' - - name: 'description' - type: String - description: 'An optional description of this resource.' - output: true - - name: 'id' - type: Integer - description: 'The unique identifier for the resource.' - output: true - - name: 'name' - type: String - description: 'Name of the resource.' - - name: 'quotas' - type: Array - description: 'Quotas assigned to this region.' - output: true - item_type: - type: NestedObject - properties: - - name: 'metric' - type: String - description: 'Name of the quota metric.' - output: true - - name: 'limit' - type: Double - description: 'Quota limit for this metric.' - output: true - - name: 'usage' - type: Double - description: 'Current usage of this metric.' - output: true - - name: 'owner' - type: String - description: - 'Owning resource. This is the resource on which this quota is - applied.' - output: true - - name: 'status' - type: Enum - description: | - Status of the region, either UP or DOWN. - output: true - enum_values: - - 'UP' - - 'DOWN' - - name: 'zones' - type: Array - description: 'List of zones within the region' - output: true - item_type: - type: String diff --git a/mmv1/products/compute/go_RegionAutoscaler.yaml b/mmv1/products/compute/go_RegionAutoscaler.yaml deleted file mode 100644 index da1746780c73..000000000000 --- a/mmv1/products/compute/go_RegionAutoscaler.yaml +++ /dev/null @@ -1,406 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionAutoscaler' -kind: 'compute#autoscaler' -description: | - Represents an Autoscaler resource. - - Autoscalers allow you to automatically scale virtual machine instances in - managed instance groups according to an autoscaling policy that you - define. -references: - guides: - 'Autoscaling Groups of Instances': 'https://cloud.google.com/compute/docs/autoscaler/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionAutoscalers' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/autoscalers' -has_self_link: true -update_url: 'projects/{{project}}/regions/{{region}}/autoscalers?autoscaler={{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'region_autoscaler_basic' - primary_resource_id: 'foobar' - vars: - region_autoscaler_name: 'my-region-autoscaler' - instance_template_name: 'my-instance-template' - target_pool_name: 'my-target-pool' - rigm_name: 'my-region-igm' -parameters: - - name: 'region' - type: ResourceRef - description: | - URL of the region where the instance group resides. - required: false - immutable: true - ignore_read: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'autoscalingPolicy' - type: NestedObject - description: | - The configuration parameters for the autoscaling algorithm. You can - define one or more of the policies for an autoscaler: cpuUtilization, - customMetricUtilizations, and loadBalancingUtilization. - - If none of these are specified, the default will be to autoscale based - on cpuUtilization to 0.6 or 60%. - required: true - properties: - - name: 'minReplicas' - type: Integer - description: | - The minimum number of replicas that the autoscaler can scale down - to. This cannot be less than 0. If not provided, autoscaler will - choose a default value depending on maximum number of instances - allowed. - api_name: minNumReplicas - required: true - send_empty_value: true - - name: 'maxReplicas' - type: Integer - description: | - The maximum number of instances that the autoscaler can scale up - to. This is required when creating or updating an autoscaler. The - maximum number of replicas should not be lower than minimal number - of replicas. - api_name: maxNumReplicas - required: true - send_empty_value: true - - name: 'cooldownPeriod' - type: Integer - description: | - The number of seconds that the autoscaler should wait before it - starts collecting information from a new instance. This prevents - the autoscaler from collecting information when the instance is - initializing, during which the collected usage would not be - reliable. The default time autoscaler waits is 60 seconds. - - Virtual machine initialization times might vary because of - numerous factors. We recommend that you test how long an - instance may take to initialize. To do this, create an instance - and time the startup process. - api_name: coolDownPeriodSec - default_value: 60 - - name: 'mode' - type: String - description: | - Defines operating mode for this policy. - default_value: "ON" - - name: 'scaleDownControl' - type: NestedObject - description: | - Defines scale down controls to reduce the risk of response latency - and outages due to abrupt scale-in events - min_version: 'beta' - properties: - - name: 'maxScaledDownReplicas' - type: NestedObject - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' - - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' - properties: - - name: 'fixed' - type: Integer - description: | - Specifies a fixed number of VM instances. This must be a positive - integer. - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' - - name: 'percent' - type: Integer - description: | - Specifies a percentage of instances between 0 to 100%, inclusive. - For example, specify 80 for 80%. - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.fixed' - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas.0.percent' - - name: 'timeWindowSec' - type: Integer - description: | - How long back autoscaling should look when computing recommendations - to include directives regarding slower scale down, as described above. - at_least_one_of: - - 'autoscaling_policy.0.scale_down_control.0.max_scaled_down_replicas' - - 'autoscaling_policy.0.scale_down_control.0.time_window_sec' - - name: 'scaleInControl' - type: NestedObject - description: | - Defines scale in controls to reduce the risk of response latency - and outages due to abrupt scale-in events - properties: - - name: 'maxScaledInReplicas' - type: NestedObject - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' - - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' - properties: - - name: 'fixed' - type: Integer - description: | - Specifies a fixed number of VM instances. This must be a positive - integer. - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' - - name: 'percent' - type: Integer - description: | - Specifies a percentage of instances between 0 to 100%, inclusive. - For example, specify 80 for 80%. - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.fixed' - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas.0.percent' - - name: 'timeWindowSec' - type: Integer - description: | - How long back autoscaling should look when computing recommendations - to include directives regarding slower scale down, as described above. - at_least_one_of: - - 'autoscaling_policy.0.scale_in_control.0.max_scaled_in_replicas' - - 'autoscaling_policy.0.scale_in_control.0.time_window_sec' - - name: 'cpuUtilization' - type: NestedObject - description: | - Defines the CPU utilization policy that allows the autoscaler to - scale based on the average CPU utilization of a managed instance - group. - default_from_api: true - properties: - - name: 'target' - type: Double - description: | - The target CPU utilization that the autoscaler should maintain. - Must be a float value in the range (0, 1]. If not specified, the - default is 0.6. - - If the CPU level is below the target utilization, the autoscaler - scales down the number of instances until it reaches the minimum - number of instances you specified or until the average CPU of - your instances reaches the target utilization. - - If the average CPU is above the target utilization, the autoscaler - scales up until it reaches the maximum number of instances you - specified or until the average utilization reaches the target - utilization. - api_name: utilizationTarget - required: true - - name: 'predictiveMethod' - type: String - description: | - Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: - - - NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. - - - OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "NONE" - - name: 'metric' - type: Array - description: | - Configuration parameters of autoscaling based on a custom metric. - api_name: customMetricUtilizations - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The identifier (type) of the Stackdriver Monitoring metric. - The metric cannot have negative values. - - The metric must have a value type of INT64 or DOUBLE. - api_name: metric - required: true - - name: 'singleInstanceAssignment' - type: Double - description: | - If scaling is based on a per-group metric value that represents the - total amount of work to be done or resource usage, set this value to - an amount assigned for a single instance of the scaled group. - The autoscaler will keep the number of instances proportional to the - value of this metric, the metric itself should not change value due - to group resizing. - - For example, a good metric to use with the target is - `pubsub.googleapis.com/subscription/num_undelivered_messages` - or a custom metric exporting the total number of requests coming to - your instances. - - A bad example would be a metric exporting an average or median - latency, since this value can't include a chunk assignable to a - single instance, it could be better used with utilization_target - instead. - - name: 'target' - type: Double - description: | - The target value of the metric that autoscaler should - maintain. This must be a positive value. A utilization - metric scales number of virtual machines handling requests - to increase or decrease proportionally to the metric. - - For example, a good metric to use as a utilizationTarget is - www.googleapis.com/compute/instance/network/received_bytes_count. - The autoscaler will work to keep this value constant for each - of the instances. - api_name: utilizationTarget - - name: 'type' - type: Enum - description: | - Defines how target utilization value is expressed for a - Stackdriver Monitoring metric. - api_name: utilizationTargetType - enum_values: - - 'GAUGE' - - 'DELTA_PER_SECOND' - - 'DELTA_PER_MINUTE' - - name: 'filter' - type: String - description: | - A filter string to be used as the filter string for - a Stackdriver Monitoring TimeSeries.list API call. - This filter is used to select a specific TimeSeries for - the purpose of autoscaling and to determine whether the metric - is exporting per-instance or per-group data. - - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without - any functions for each selector. - You can specify the metric in both the filter string and in the - metric field. However, if specified in both places, the metric must - be identical. - - The monitored resource type determines what kind of values are - expected for the metric. If it is a gce_instance, the autoscaler - expects the metric to include a separate TimeSeries for each - instance in a group. In such a case, you cannot filter on resource - labels. - - If the resource type is any other value, the autoscaler expects - this metric to contain values that apply to the entire autoscaled - instance group and resource label filtering can be performed to - point autoscaler at the correct TimeSeries to scale upon. - This is called a per-group metric for the purpose of autoscaling. - - If not specified, the type defaults to gce_instance. - - You should provide a filter that is selective enough to pick just - one TimeSeries for the autoscaled group or for each of the instances - (if you are using gce_instance resource type). If multiple - TimeSeries are returned upon the query execution, the autoscaler - will sum their respective values to obtain its scaling value. - - name: 'loadBalancingUtilization' - type: NestedObject - description: | - Configuration parameters of autoscaling based on a load balancer. - properties: - - name: 'target' - type: Double - description: | - Fraction of backend capacity utilization (set in HTTP(s) load - balancing configuration) that autoscaler should maintain. Must - be a positive float value. If not defined, the default is 0.8. - api_name: utilizationTarget - required: true - - name: 'scalingSchedules' - type: Map - description: | - Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler and they can overlap. - key_name: 'name' - key_description: | - A name for the schedule. - value_type: - name: scalingSchedule - type: NestedObject - properties: - - name: 'minRequiredReplicas' - type: Integer - description: | - Minimum number of VM instances that autoscaler will recommend in time intervals starting according to schedule. - required: true - send_empty_value: true - - name: 'schedule' - type: String - description: | - The start timestamps of time intervals when this scaling schedule should provide a scaling signal. This field uses the extended cron format (with an optional year field). - required: true - - name: 'timeZone' - type: String - description: | - The time zone to be used when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. - default_value: "UTC" - - name: 'durationSec' - type: Integer - description: | - The duration of time intervals (in seconds) for which this scaling schedule will be running. The minimum allowed value is 300. - required: true - - name: 'disabled' - type: Boolean - description: | - A boolean value that specifies if a scaling schedule can influence autoscaler recommendations. If set to true, then a scaling schedule has no effect. - default_value: false - - name: 'description' - type: String - description: | - A description of a scaling schedule. - - name: 'target' - type: String - description: | - URL of the managed instance group that this autoscaler will scale. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' diff --git a/mmv1/products/compute/go_RegionBackendService.yaml b/mmv1/products/compute/go_RegionBackendService.yaml deleted file mode 100644 index 33dc130adcd5..000000000000 --- a/mmv1/products/compute/go_RegionBackendService.yaml +++ /dev/null @@ -1,1265 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionBackendService' -kind: 'compute#backendService' -description: | - A Region Backend Service defines a regionally-scoped group of virtual - machines that will serve traffic for load balancing. -references: - guides: - 'Internal TCP/UDP Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/internal/' - api: 'https://cloud.google.com/compute/docs/reference/latest/regionBackendServices' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/backendServices' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - allowed_iam_role: 'roles/compute.admin' - parent_resource_attribute: 'name' - iam_conditions_request_type: 'QUERY_PARAM' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - min_version: 'beta' -custom_code: - constants: 'templates/terraform/constants/go/region_backend_service.go.tmpl' - encoder: 'templates/terraform/encoders/go/region_backend_service.go.tmpl' - decoder: 'templates/terraform/decoders/go/region_backend_service.go.tmpl' - post_create: 'templates/terraform/post_create/go/compute_region_backend_service_security_policy.go.tmpl' -custom_diff: - - 'customDiffRegionBackendService' -schema_version: 1 -migrate_state: 'tpgresource.MigrateStateNoop' -examples: - - name: 'region_backend_service_basic' - primary_resource_id: 'default' - primary_resource_name: 'fmt.Sprintf("tf-test-region-service%s", context["random_suffix"])' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' - - name: 'region_backend_service_external_iap' - primary_resource_id: 'default' - vars: - region_backend_service_name: 'tf-test-region-service-external' - - name: 'region_backend_service_cache' - primary_resource_id: 'default' - min_version: 'beta' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' - - name: 'region_backend_service_ilb_round_robin' - primary_resource_id: 'default' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' - - name: 'region_backend_service_external' - primary_resource_id: 'default' - min_version: 'beta' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' - - name: 'region_backend_service_external_weighted' - primary_resource_id: 'default' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' - - name: 'region_backend_service_ilb_ring_hash' - primary_resource_id: 'default' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' - - name: 'region_backend_service_balancing_mode' - primary_resource_id: 'default' - vars: - region_backend_service_name: 'region-service' - rigm_name: 'rbs-rigm' - region_health_check_name: 'rbs-health-check' - network_name: 'rbs-net' - - name: 'region_backend_service_connection_tracking' - primary_resource_id: 'default' - min_version: 'beta' - vars: - region_backend_service_name: 'region-service' - health_check_name: 'rbs-health-check' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created backend service should reside. - If it is not provided, the provider region is used. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'affinityCookieTtlSec' - type: Integer - description: | - Lifetime of cookies in seconds if session_affinity is - GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts - only until the end of the browser session (or equivalent). The - maximum allowed value for TTL is one day. - - When the load balancing scheme is INTERNAL, this field is not used. - - name: 'backend' - type: Array - description: | - The set of backends that serve this RegionBackendService. - api_name: backends - is_set: true - set_hash_func: 'resourceGoogleComputeBackendServiceBackendHash' - item_type: - type: NestedObject - properties: - - name: 'balancingMode' - type: Enum - description: | - Specifies the balancing mode for this backend. - - See the [Backend Services Overview](https://cloud.google.com/load-balancing/docs/backend-service#balancing-mode) - for an explanation of load balancing modes. - default_value: "UTILIZATION" - enum_values: - - 'UTILIZATION' - - 'RATE' - - 'CONNECTION' - - name: 'capacityScaler' - type: Double - description: | - A multiplier applied to the group's maximum servicing capacity - (based on UTILIZATION, RATE or CONNECTION). - - ~>**NOTE**: This field cannot be set for - INTERNAL region backend services (default loadBalancingScheme), - but is required for non-INTERNAL backend service. The total - capacity_scaler for all backends must be non-zero. - - A setting of 0 means the group is completely drained, offering - 0% of its available Capacity. Valid range is [0.0,1.0]. - send_empty_value: true - - name: 'description' - type: String - description: | - An optional description of this resource. - Provide this property when you create the resource. - - name: 'failover' - type: Boolean - description: | - This field designates whether this is a failover backend. More - than one failover backend can be configured for a given RegionBackendService. - default_from_api: true - - name: 'group' - type: String - description: | - The fully-qualified URL of an Instance Group or Network Endpoint - Group resource. In case of instance group this defines the list - of instances that serve traffic. Member virtual machine - instances from each instance group must live in the same zone as - the instance group itself. No two backends in a backend service - are allowed to use same Instance Group resource. - - For Network Endpoint Groups this defines list of endpoints. All - endpoints of Network Endpoint Group must be hosted on instances - located in the same zone as the Network Endpoint Group. - - Backend services cannot mix Instance Group and - Network Endpoint Group backends. - - When the `load_balancing_scheme` is INTERNAL, only instance groups - are supported. - - Note that you must specify an Instance Group or Network Endpoint - Group resource using the fully-qualified URL, rather than a - partial URL. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link.go.tmpl' - - name: 'maxConnections' - type: Integer - description: | - The max number of simultaneous connections for the group. Can - be used with either CONNECTION or UTILIZATION balancing modes. - Cannot be set for INTERNAL backend services. - - For CONNECTION mode, either maxConnections or one - of maxConnectionsPerInstance or maxConnectionsPerEndpoint, - as appropriate for group type, must be set. - - name: 'maxConnectionsPerInstance' - type: Integer - description: | - The max number of simultaneous connections that a single - backend instance can handle. Cannot be set for INTERNAL backend - services. - - This is used to calculate the capacity of the group. - Can be used in either CONNECTION or UTILIZATION balancing modes. - For CONNECTION mode, either maxConnections or - maxConnectionsPerInstance must be set. - - name: 'maxConnectionsPerEndpoint' - type: Integer - description: | - The max number of simultaneous connections that a single backend - network endpoint can handle. Cannot be set - for INTERNAL backend services. - - This is used to calculate the capacity of the group. Can be - used in either CONNECTION or UTILIZATION balancing modes. For - CONNECTION mode, either maxConnections or - maxConnectionsPerEndpoint must be set. - - name: 'maxRate' - type: Integer - description: | - The max requests per second (RPS) of the group. Cannot be set - for INTERNAL backend services. - - Can be used with either RATE or UTILIZATION balancing modes, - but required if RATE mode. Either maxRate or one - of maxRatePerInstance or maxRatePerEndpoint, as appropriate for - group type, must be set. - - name: 'maxRatePerInstance' - type: Double - description: | - The max requests per second (RPS) that a single backend - instance can handle. This is used to calculate the capacity of - the group. Can be used in either balancing mode. For RATE mode, - either maxRate or maxRatePerInstance must be set. Cannot be set - for INTERNAL backend services. - - name: 'maxRatePerEndpoint' - type: Double - description: | - The max requests per second (RPS) that a single backend network - endpoint can handle. This is used to calculate the capacity of - the group. Can be used in either balancing mode. For RATE mode, - either maxRate or maxRatePerEndpoint must be set. Cannot be set - for INTERNAL backend services. - - name: 'maxUtilization' - type: Double - description: | - Used when balancingMode is UTILIZATION. This ratio defines the - CPU utilization target for the group. Valid range is [0.0, 1.0]. - Cannot be set for INTERNAL backend services. - - name: 'circuitBreakers' - type: NestedObject - description: | - Settings controlling the volume of connections to a backend service. This field - is applicable only when the `load_balancing_scheme` is set to INTERNAL_MANAGED - and the `protocol` is set to HTTP, HTTPS, or HTTP2. - properties: - - name: 'connectTimeout' - type: NestedObject - description: | - The timeout for new network connections to hosts. - min_version: 'beta' - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. - - name: 'maxRequestsPerConnection' - type: Integer - description: | - Maximum requests for a single backend connection. This parameter - is respected by both the HTTP/1.1 and HTTP/2 implementations. If - not specified, there is no limit. Setting this parameter to 1 - will effectively disable keep alive. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - - name: 'maxConnections' - type: Integer - description: | - The maximum number of connections to the backend cluster. - Defaults to 1024. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 1024 - - name: 'maxPendingRequests' - type: Integer - description: | - The maximum number of pending requests to the backend cluster. - Defaults to 1024. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 1024 - - name: 'maxRequests' - type: Integer - description: | - The maximum number of parallel requests to the backend cluster. - Defaults to 1024. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 1024 - - name: 'maxRetries' - type: Integer - description: | - The maximum number of parallel retries to the backend cluster. - Defaults to 3. - at_least_one_of: - - 'circuit_breakers.0.connect_timeout' - - 'circuit_breakers.0.max_requests_per_connection' - - 'circuit_breakers.0.max_connections' - - 'circuit_breakers.0.max_pending_requests' - - 'circuit_breakers.0.max_requests' - - 'circuit_breakers.0.max_retries' - default_value: 3 - - name: 'consistentHash' - type: NestedObject - description: | - Consistent Hash-based load balancing can be used to provide soft session - affinity based on HTTP headers, cookies or other properties. This load balancing - policy is applicable only for HTTP connections. The affinity to a particular - destination host will be lost when one or more hosts are added/removed from the - destination service. This field specifies parameters that control consistent - hashing. - This field only applies when all of the following are true - - * `load_balancing_scheme` is set to INTERNAL_MANAGED - * `protocol` is set to HTTP, HTTPS, or HTTP2 - * `locality_lb_policy` is set to MAGLEV or RING_HASH - properties: - - name: 'httpCookie' - type: NestedObject - description: | - Hash is based on HTTP Cookie. This field describes a HTTP cookie - that will be used as the hash key for the consistent hash load - balancer. If the cookie is not present, it will be generated. - This field is applicable if the sessionAffinity is set to HTTP_COOKIE. - at_least_one_of: - - 'consistent_hash.0.http_cookie' - - 'consistent_hash.0.http_header_name' - - 'consistent_hash.0.minimum_ring_size' - properties: - - name: 'ttl' - type: NestedObject - description: | - Lifetime of the cookie. - at_least_one_of: - - 'consistent_hash.0.http_cookie.0.ttl' - - 'consistent_hash.0.http_cookie.0.name' - - 'consistent_hash.0.http_cookie.0.path' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. - - name: 'name' - type: String - description: | - Name of the cookie. - at_least_one_of: - - 'consistent_hash.0.http_cookie.0.ttl' - - 'consistent_hash.0.http_cookie.0.name' - - 'consistent_hash.0.http_cookie.0.path' - - name: 'path' - type: String - description: | - Path to set for the cookie. - at_least_one_of: - - 'consistent_hash.0.http_cookie.0.ttl' - - 'consistent_hash.0.http_cookie.0.name' - - 'consistent_hash.0.http_cookie.0.path' - - name: 'httpHeaderName' - type: String - description: | - The hash based on the value of the specified header field. - This field is applicable if the sessionAffinity is set to HEADER_FIELD. - at_least_one_of: - - 'consistent_hash.0.http_cookie' - - 'consistent_hash.0.http_header_name' - - 'consistent_hash.0.minimum_ring_size' - - name: 'minimumRingSize' - type: Integer - description: | - The minimum number of virtual nodes to use for the hash ring. - Larger ring sizes result in more granular load - distributions. If the number of hosts in the load balancing pool - is larger than the ring size, each host will be assigned a single - virtual node. - Defaults to 1024. - at_least_one_of: - - 'consistent_hash.0.http_cookie' - - 'consistent_hash.0.http_header_name' - - 'consistent_hash.0.minimum_ring_size' - default_value: 1024 - - name: 'cdnPolicy' - type: NestedObject - description: 'Cloud CDN configuration for this BackendService.' - default_from_api: true - properties: - - name: 'cacheKeyPolicy' - type: NestedObject - description: 'The CacheKeyPolicy for this CdnPolicy.' - at_least_one_of: - - 'cdn_policy.0.cache_key_policy' - - 'cdn_policy.0.signed_url_cache_max_age_sec' - properties: - - name: 'includeHost' - type: Boolean - description: | - If true requests to different hosts will be cached separately. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - - name: 'includeProtocol' - type: Boolean - description: | - If true, http and https requests will be cached separately. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - - name: 'includeQueryString' - type: Boolean - description: | - If true, include query string parameters in the cache key - according to query_string_whitelist and - query_string_blacklist. If neither is set, the entire query - string will be included. - - If false, the query string will be excluded from the cache - key entirely. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - - name: 'queryStringBlacklist' - type: Array - description: | - Names of query string parameters to exclude in cache keys. - - All other parameters will be included. Either specify - query_string_whitelist or query_string_blacklist, not both. - '&' and '=' will be percent encoded and not treated as - delimiters. - is_set: true - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'queryStringWhitelist' - type: Array - description: | - Names of query string parameters to include in cache keys. - - All other parameters will be excluded. Either specify - query_string_whitelist or query_string_blacklist, not both. - '&' and '=' will be percent encoded and not treated as - delimiters. - is_set: true - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'includeNamedCookies' - type: Array - description: | - Names of cookies to include in cache keys. - send_empty_value: true - at_least_one_of: - - 'cdn_policy.0.cache_key_policy.0.include_host' - - 'cdn_policy.0.cache_key_policy.0.include_protocol' - - 'cdn_policy.0.cache_key_policy.0.include_query_string' - - 'cdn_policy.0.cache_key_policy.0.query_string_blacklist' - - 'cdn_policy.0.cache_key_policy.0.query_string_whitelist' - - 'cdn_policy.0.cache_key_policy.0.include_named_cookies' - item_type: - type: String - - name: 'signedUrlCacheMaxAgeSec' - type: Integer - description: | - Maximum number of seconds the response to a signed URL request - will be considered fresh, defaults to 1hr (3600s). After this - time period, the response will be revalidated before - being served. - - When serving responses to signed URL requests, Cloud CDN will - internally behave as though all responses from this backend had a - "Cache-Control: public, max-age=[TTL]" header, regardless of any - existing Cache-Control header. The actual headers served in - responses will not be altered. - at_least_one_of: - - 'cdn_policy.0.cache_key_policy' - - 'cdn_policy.0.signed_url_cache_max_age_sec' - default_value: 3600 - - name: 'defaultTtl' - type: Integer - description: | - Specifies the default TTL for cached content served by this origin for responses - that do not have an existing valid TTL (max-age or s-max-age). - default_from_api: true - - name: 'maxTtl' - type: Integer - description: | - Specifies the maximum allowed TTL for cached content served by this origin. - default_from_api: true - - name: 'clientTtl' - type: Integer - description: | - Specifies the maximum allowed TTL for cached content served by this origin. - default_from_api: true - - name: 'negativeCaching' - type: Boolean - description: | - Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. - default_from_api: true - send_empty_value: true - - name: 'negativeCachingPolicy' - type: Array - description: | - Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. - Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. - item_type: - type: NestedObject - properties: - - name: 'code' - type: Integer - description: | - The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 - can be specified as values, and you cannot specify a status code more than once. - - name: 'ttl' - type: Integer - description: | - The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s - (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL. - min_version: 'beta' - - name: 'cacheMode' - type: Enum - description: | - Specifies the cache setting for all responses from this backend. - The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC - default_from_api: true - enum_values: - - 'USE_ORIGIN_HEADERS' - - 'FORCE_CACHE_ALL' - - 'CACHE_ALL_STATIC' - - name: 'serveWhileStale' - type: Integer - description: | - Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. - - default_from_api: true - send_empty_value: true - - name: 'connectionDraining' - type: NestedObject - description: | - Settings for connection draining - flatten_object: true - properties: - - name: 'connection_draining_timeout_sec' - type: Integer - description: | - Time for which instance will be drained (not accept new - connections, but still work to finish started). - api_name: drainingTimeoutSec - send_empty_value: true - default_value: 300 - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'failoverPolicy' - type: NestedObject - description: | - Policy for failovers. - properties: - - name: 'disableConnectionDrainOnFailover' - type: Boolean - description: | - On failover or failback, this field indicates whether connection drain - will be honored. Setting this to true has the following effect: connections - to the old active pool are not drained. Connections to the new active pool - use the timeout of 10 min (currently fixed). Setting to false has the - following effect: both old and new connections will have a drain timeout - of 10 min. - This can be set to true only if the protocol is TCP. - The default is false. - default_from_api: true - at_least_one_of: - - 'failover_policy.0.disable_connection_drain_on_failover' - - 'failover_policy.0.drop_traffic_if_unhealthy' - - 'failover_policy.0.failover_ratio' - - name: 'dropTrafficIfUnhealthy' - type: Boolean - description: | - This option is used only when no healthy VMs are detected in the primary - and backup instance groups. When set to true, traffic is dropped. When - set to false, new connections are sent across all VMs in the primary group. - The default is false. - default_from_api: true - send_empty_value: true - at_least_one_of: - - 'failover_policy.0.disable_connection_drain_on_failover' - - 'failover_policy.0.drop_traffic_if_unhealthy' - - 'failover_policy.0.failover_ratio' - - name: 'failoverRatio' - type: Double - description: | - The value of the field must be in [0, 1]. If the ratio of the healthy - VMs in the primary backend is at or below this number, traffic arriving - at the load-balanced IP will be directed to the failover backend. - In case where 'failoverRatio' is not set or all the VMs in the backup - backend are unhealthy, the traffic will be directed back to the primary - backend in the "force" mode, where traffic will be spread to the healthy - VMs with the best effort, or to all VMs when no VM is healthy. - This field is only used with l4 load balancing. - at_least_one_of: - - 'failover_policy.0.disable_connection_drain_on_failover' - - 'failover_policy.0.drop_traffic_if_unhealthy' - - 'failover_policy.0.failover_ratio' - - name: 'enableCDN' - type: Boolean - description: | - If true, enable Cloud CDN for this RegionBackendService. - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in this - object. This field is used in optimistic locking. - output: true - - name: 'healthChecks' - type: Array - description: | - The set of URLs to HealthCheck resources for health checking - this RegionBackendService. Currently at most one health - check can be specified. - - A health check must be specified unless the backend service uses an internet - or serverless NEG as a backend. - is_set: true - set_hash_func: 'tpgresource.SelfLinkRelativePathHash' - custom_flatten: 'templates/terraform/custom_flatten/go/guard_self_link_array.go.tmpl' - item_type: - type: String - min_size: 1 - max_size: 1 - - name: 'generated_id' - type: Integer - description: - 'The unique identifier for the resource. This identifier is defined by the - server.' - api_name: id - output: true - - name: 'iap' - type: NestedObject - description: Settings for enabling Cloud Identity Aware Proxy - send_empty_value: true - properties: - - name: 'enabled' - type: Boolean - description: Whether the serving infrastructure will authenticate and authorize all incoming requests. - required: true - - name: 'oauth2ClientId' - type: String - description: | - OAuth2 Client ID for IAP - - name: 'oauth2ClientSecret' - type: String - description: | - OAuth2 Client Secret for IAP - ignore_read: true - sensitive: true - send_empty_value: true - - name: 'oauth2ClientSecretSha256' - type: String - description: | - OAuth2 Client Secret SHA-256 for IAP - sensitive: true - output: true - - name: 'loadBalancingScheme' - type: Enum - description: | - Indicates what kind of load balancing this regional backend service - will be used for. A backend service created for one type of load - balancing cannot be used with the other(s). For more information, refer to - [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service). - immutable: true - default_value: "INTERNAL" - enum_values: - - 'EXTERNAL' - - 'EXTERNAL_MANAGED' - - 'INTERNAL' - - 'INTERNAL_MANAGED' - - name: 'localityLbPolicy' - type: Enum - description: | - The load balancing algorithm used within the scope of the locality. - The possible values are: - - * `ROUND_ROBIN`: This is a simple policy in which each healthy backend - is selected in round robin order. - - * `LEAST_REQUEST`: An O(1) algorithm which selects two random healthy - hosts and picks the host which has fewer active requests. - - * `RING_HASH`: The ring/modulo hash load balancer implements consistent - hashing to backends. The algorithm has the property that the - addition/removal of a host from a set of N hosts only affects - 1/N of the requests. - - * `RANDOM`: The load balancer selects a random healthy host. - - * `ORIGINAL_DESTINATION`: Backend host is selected based on the client - connection metadata, i.e., connections are opened - to the same address as the destination address of - the incoming connection before the connection - was redirected to the load balancer. - - * `MAGLEV`: used as a drop in replacement for the ring hash load balancer. - Maglev is not as stable as ring hash but has faster table lookup - build times and host selection times. For more information about - Maglev, refer to https://ai.google/research/pubs/pub44824 - - * `WEIGHTED_MAGLEV`: Per-instance weighted Load Balancing via health check - reported weights. If set, the Backend Service must - configure a non legacy HTTP-based Health Check, and - health check replies are expected to contain - non-standard HTTP response header field - X-Load-Balancing-Endpoint-Weight to specify the - per-instance weights. If set, Load Balancing is weight - based on the per-instance weights reported in the last - processed health check replies, as long as every - instance either reported a valid weight or had - UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains - equal-weight. - - This field is applicable to either: - - * A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, - and loadBalancingScheme set to INTERNAL_MANAGED. - * A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. - * A regional backend service with loadBalancingScheme set to EXTERNAL (External Network - Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External - Network Load Balancing. The default is MAGLEV. - - If session_affinity is not NONE, and this field is not set to MAGLEV, WEIGHTED_MAGLEV, - or RING_HASH, session affinity settings will not take effect. - - Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced - by a URL map that is bound to target gRPC proxy that has validate_for_proxyless - field set to true. - enum_values: - - 'ROUND_ROBIN' - - 'LEAST_REQUEST' - - 'RING_HASH' - - 'RANDOM' - - 'ORIGINAL_DESTINATION' - - 'MAGLEV' - - 'WEIGHTED_MAGLEV' - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'outlierDetection' - type: NestedObject - description: | - Settings controlling eviction of unhealthy hosts from the load balancing pool. - This field is applicable only when the `load_balancing_scheme` is set - to INTERNAL_MANAGED and the `protocol` is set to HTTP, HTTPS, or HTTP2. - properties: - - name: 'baseEjectionTime' - type: NestedObject - description: | - The base time that a host is ejected for. The real time is equal to the base - time multiplied by the number of times the host has been ejected. Defaults to - 30000ms or 30s. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'consecutiveErrors' - type: Integer - description: | - Number of errors before a host is ejected from the connection pool. When the - backend host is accessed over HTTP, a 5xx return code qualifies as an error. - Defaults to 5. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'consecutiveGatewayFailure' - type: Integer - description: | - The number of consecutive gateway failures (502, 503, 504 status or connection - errors that are mapped to one of those status codes) before a consecutive - gateway failure ejection occurs. Defaults to 5. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'enforcingConsecutiveErrors' - type: Integer - description: | - The percentage chance that a host will be actually ejected when an outlier - status is detected through consecutive 5xx. This setting can be used to disable - ejection or to ramp it up slowly. Defaults to 100. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'enforcingConsecutiveGatewayFailure' - type: Integer - description: | - The percentage chance that a host will be actually ejected when an outlier - status is detected through consecutive gateway failures. This setting can be - used to disable ejection or to ramp it up slowly. Defaults to 0. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'enforcingSuccessRate' - type: Integer - description: | - The percentage chance that a host will be actually ejected when an outlier - status is detected through success rate statistics. This setting can be used to - disable ejection or to ramp it up slowly. Defaults to 100. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'interval' - type: NestedObject - description: | - Time interval between ejection sweep analysis. This can result in both new - ejections as well as hosts being returned to service. Defaults to 10 seconds. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - properties: - - name: 'seconds' - type: Integer - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'maxEjectionPercent' - type: Integer - description: | - Maximum percentage of hosts in the load balancing pool for the backend service - that can be ejected. Defaults to 10%. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'successRateMinimumHosts' - type: Integer - description: | - The number of hosts in a cluster that must have enough request volume to detect - success rate outliers. If the number of hosts is less than this setting, outlier - detection via success rate statistics is not performed for any host in the - cluster. Defaults to 5. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'successRateRequestVolume' - type: Integer - description: | - The minimum number of total requests that must be collected in one interval (as - defined by the interval duration above) to include this host in success rate - based outlier detection. If the volume is lower than this setting, outlier - detection via success rate statistics is not performed for that host. Defaults - to 100. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'successRateStdevFactor' - type: Integer - description: | - This factor is used to determine the ejection threshold for success rate outlier - ejection. The ejection threshold is the difference between the mean success - rate, and the product of this factor and the standard deviation of the mean - success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided - by a thousand to get a double. That is, if the desired factor is 1.9, the - runtime value should be 1900. Defaults to 1900. - at_least_one_of: - - 'outlier_detection.0.base_ejection_time' - - 'outlier_detection.0.consecutive_errors' - - 'outlier_detection.0.consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_consecutive_errors' - - 'outlier_detection.0.enforcing_consecutive_gateway_failure' - - 'outlier_detection.0.enforcing_success_rate' - - 'outlier_detection.0.interval' - - 'outlier_detection.0.max_ejection_percent' - - 'outlier_detection.0.success_rate_minimum_hosts' - - 'outlier_detection.0.success_rate_request_volume' - - 'outlier_detection.0.success_rate_stdev_factor' - - name: 'portName' - type: String - description: | - A named port on a backend instance group representing the port for - communication to the backend VMs in that group. Required when the - loadBalancingScheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED - and the backends are instance groups. The named port must be defined on each - backend instance group. This parameter has no meaning if the backends are NEGs. API sets a - default of "http" if not given. - Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing). - default_from_api: true - - name: 'protocol' - type: Enum - description: | - The protocol this RegionBackendService uses to communicate with backends. - The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer - types and may result in errors if used with the GA API. - # This is removed to avoid breaking terraform, as default values cannot be - # unspecified. Providers should include this as needed via overrides - # default_value: :TCP - default_from_api: true - enum_values: - - 'HTTP' - - 'HTTPS' - - 'HTTP2' - - 'SSL' - - 'TCP' - - 'UDP' - - 'GRPC' - - 'UNSPECIFIED' - - name: 'securityPolicy' - type: String - description: | - The security policy associated with this backend service. - min_version: 'beta' - update_url: 'projects/{{project}}/regions/{{region}}/backendServices/{{name}}/setSecurityPolicy' - update_verb: 'POST' - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'sessionAffinity' - type: Enum - description: | - Type of session affinity to use. The default is NONE. Session affinity is - not applicable if the protocol is UDP. - default_from_api: true - enum_values: - - 'NONE' - - 'CLIENT_IP' - - 'CLIENT_IP_PORT_PROTO' - - 'CLIENT_IP_PROTO' - - 'GENERATED_COOKIE' - - 'HEADER_FIELD' - - 'HTTP_COOKIE' - - 'CLIENT_IP_NO_DESTINATION' - - name: 'connectionTrackingPolicy' - type: NestedObject - description: | - Connection Tracking configuration for this BackendService. - This is available only for Layer 4 Internal Load Balancing and - Network Load Balancing. - min_version: 'beta' - properties: - - name: 'idleTimeoutSec' - type: Integer - description: | - Specifies how long to keep a Connection Tracking entry while there is - no matching traffic (in seconds). - - For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. - - For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. - default_from_api: true - - name: 'trackingMode' - type: Enum - description: | - Specifies the key used for connection tracking. There are two options: - `PER_CONNECTION`: The Connection Tracking is performed as per the - Connection Key (default Hash Method) for the specific protocol. - - `PER_SESSION`: The Connection Tracking is performed as per the - configured Session Affinity. It matches the configured Session Affinity. - default_value: "PER_CONNECTION" - enum_values: - - 'PER_CONNECTION' - - 'PER_SESSION' - - name: 'connectionPersistenceOnUnhealthyBackends' - type: Enum - description: | - Specifies connection persistence when backends are unhealthy. - - If set to `DEFAULT_FOR_PROTOCOL`, the existing connections persist on - unhealthy backends only for connection-oriented protocols (TCP and SCTP) - and only if the Tracking Mode is PER_CONNECTION (default tracking mode) - or the Session Affinity is configured for 5-tuple. They do not persist - for UDP. - - If set to `NEVER_PERSIST`, after a backend becomes unhealthy, the existing - connections on the unhealthy backend are never persisted on the unhealthy - backend. They are always diverted to newly selected healthy backends - (unless all backends are unhealthy). - - If set to `ALWAYS_PERSIST`, existing connections always persist on - unhealthy backends regardless of protocol and session affinity. It is - generally not recommended to use this mode overriding the default. - default_value: "DEFAULT_FOR_PROTOCOL" - enum_values: - - 'DEFAULT_FOR_PROTOCOL' - - 'NEVER_PERSIST' - - 'ALWAYS_PERSIST' - - name: 'enableStrongAffinity' - type: Boolean - description: Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly. - - name: 'timeoutSec' - type: Integer - description: | - The backend service timeout has a different meaning depending on the type of load balancer. - For more information see, [Backend service settings](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices). - The default is 30 seconds. - The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds. - default_from_api: true - - name: 'logConfig' - type: NestedObject - description: | - This field denotes the logging options for the load balancer traffic served by this backend service. - If logging is enabled, logs will be exported to Stackdriver. - default_from_api: true - properties: - - name: 'enable' - type: Boolean - description: | - Whether to enable logging for the load balancer traffic served by this backend service. - send_empty_value: true - at_least_one_of: - - 'log_config.0.enable' - - 'log_config.0.sample_rate' - - name: 'sampleRate' - type: Double - description: | - This field can only be specified if logging is enabled for this backend service. The value of - the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer - where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. - The default value is 1.0. - at_least_one_of: - - 'log_config.0.enable' - - 'log_config.0.sample_rate' - diff_suppress_func: 'suppressWhenDisabled' - default_value: 1.0 - - name: 'network' - type: ResourceRef - description: | - The URL of the network to which this backend service belongs. - This field can only be specified when the load balancing scheme is set to INTERNAL. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'subsetting' - type: NestedObject - description: | - Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. - min_version: 'beta' - properties: - - name: 'policy' - type: Enum - description: | - The algorithm used for subsetting. - required: true - enum_values: - - 'CONSISTENT_HASH_SUBSETTING' diff --git a/mmv1/products/compute/go_RegionCommitment.yaml b/mmv1/products/compute/go_RegionCommitment.yaml deleted file mode 100644 index 56d6948f3cc7..000000000000 --- a/mmv1/products/compute/go_RegionCommitment.yaml +++ /dev/null @@ -1,201 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionCommitment' -kind: 'compute#commitment' -description: | - Represents a regional Commitment resource. - - Creating a commitment resource means that you are purchasing a committed - use contract with an explicit start and end time. You can create commitments - based on vCPUs and memory usage and receive discounted rates. -references: - guides: - 'Committed use discounts for Compute Engine': 'https://cloud.google.com/compute/docs/instances/committed-use-discounts-overview' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionCommitments' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/commitments' -has_self_link: true -exclude_delete: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'compute_region_commitment_basic' - primary_resource_id: 'foobar' - vars: - region_commitment_name: 'my-region-commitment' - skip_test: true - - name: 'compute_region_commitment_full' - primary_resource_id: 'foobar' - vars: - region_commitment_name: 'my-full-commitment' - skip_test: true -parameters: - - name: 'region' - type: ResourceRef - description: | - URL of the region where this commitment may be used. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'commitment_id' - type: Integer - description: 'Unique identifier for the resource.' - api_name: id - output: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'status' - type: Enum - description: | - Status of the commitment with regards to eventual expiration - (each commitment has an end date defined). - output: true - enum_values: - - 'NOT_YET_ACTIVE' - - 'ACTIVE' - - 'EXPIRED' - - name: 'statusMessage' - type: String - description: | - A human-readable explanation of the status. - output: true - - name: 'plan' - type: Enum - description: | - The plan for this commitment, which determines duration and discount rate. - The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years). - required: true - enum_values: - - 'TWELVE_MONTH' - - 'THIRTY_SIX_MONTH' - - name: 'startTimestamp' - type: Time - description: 'Commitment start time in RFC3339 text format.' - output: true - - name: 'endTimestamp' - type: Time - description: 'Commitment end time in RFC3339 text format.' - output: true - - name: 'resources' - type: Array - description: | - A list of commitment amounts for particular resources. - Note that VCPU and MEMORY resource commitments must occur together. - item_type: - type: NestedObject - properties: - - name: 'type' - type: String - description: | - Type of resource for which this commitment applies. - Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR. - - name: 'amount' - type: String - description: | - The amount of the resource purchased (in a type-dependent unit, - such as bytes). For vCPUs, this can just be an integer. For memory, - this must be provided in MB. Memory must be a multiple of 256 MB, - with up to 6.5GB of memory per every vCPU. - - name: 'acceleratorType' - type: String - description: | - Name of the accelerator type resource. Applicable only when the type is ACCELERATOR. - - name: 'type' - type: String - description: | - The type of commitment, which affects the discount rate and the eligible resources. - The type could be one of the following value: `MEMORY_OPTIMIZED`, `ACCELERATOR_OPTIMIZED`, - `GENERAL_PURPOSE_N1`, `GENERAL_PURPOSE_N2`, `GENERAL_PURPOSE_N2D`, `GENERAL_PURPOSE_E2`, - `GENERAL_PURPOSE_T2D`, `GENERAL_PURPOSE_C3`, `COMPUTE_OPTIMIZED_C2`, `COMPUTE_OPTIMIZED_C2D` and - `GRAPHICS_OPTIMIZED_G2` - default_from_api: true - - name: 'category' - type: Enum - description: | - The category of the commitment. Category MACHINE specifies commitments composed of - machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE - specifies commitments composed of software licenses, listed in licenseResources. - Note that only MACHINE commitments should have a Type specified. - default_from_api: true - enum_values: - - 'LICENSE' - - 'MACHINE' - - name: 'licenseResource' - type: NestedObject - description: | - The license specification required as part of a license commitment. - properties: - - name: 'license' - type: String - description: | - Any applicable license URI. - required: true - - name: 'amount' - type: String - description: | - The number of licenses purchased. - - name: 'coresPerLicense' - type: String - description: | - Specifies the core range of the instance for which this license applies. - - name: 'autoRenew' - type: Boolean - description: | - Specifies whether to enable automatic renewal for the commitment. - The default value is false if not specified. - If the field is set to true, the commitment will be automatically renewed for either - one or three years according to the terms of the existing commitment. - default_from_api: true diff --git a/mmv1/products/compute/go_RegionDisk.yaml b/mmv1/products/compute/go_RegionDisk.yaml deleted file mode 100644 index 7fac3d3a0c88..000000000000 --- a/mmv1/products/compute/go_RegionDisk.yaml +++ /dev/null @@ -1,369 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionDisk' -kind: 'compute#disk' -description: | - Persistent disks are durable storage devices that function similarly to - the physical disks in a desktop or a server. Compute Engine manages the - hardware behind these devices to ensure data redundancy and optimize - performance for you. Persistent disks are available as either standard - hard disk drives (HDD) or solid-state drives (SSD). - - Persistent disks are located independently from your virtual machine - instances, so you can detach or move persistent disks to keep your data - even after you delete your instances. Persistent disk performance scales - automatically with size, so you can resize your existing persistent disks - or add more persistent disks to an instance to meet your performance and - storage space requirements. - - Add a persistent disk to your instance when you need reliable and - affordable storage with consistent performance characteristics. -references: - guides: - 'Adding or Resizing Regional Persistent Disks': 'https://cloud.google.com/compute/docs/disks/regional-persistent-disk' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionDisks' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/disks' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - parent_resource_attribute: 'name' - base_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/regions/{{region}}/disks/{{name}}' - - '{{name}}' -custom_code: - encoder: 'templates/terraform/encoders/go/disk.tmpl' - decoder: 'templates/terraform/decoders/go/disk.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/detach_disk.tmpl' -custom_diff: - - 'customdiff.ForceNewIfChange("size", IsDiskShrinkage)' - - 'hyperDiskIopsUpdateDiffSupress' -examples: - - name: 'region_disk_basic' - primary_resource_id: 'regiondisk' - primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' - vars: - region_disk_name: 'my-region-disk' - disk_name: 'my-disk' - snapshot_name: 'my-snapshot' - - name: 'region_disk_async' - primary_resource_id: 'primary' - primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' - vars: - region_disk_name: 'primary-region-disk' - secondary_region_disk_name: 'secondary-region-disk' - - name: 'region_disk_features' - primary_resource_id: 'regiondisk' - primary_resource_name: 'fmt.Sprintf("tf-test-my-region-disk%s", context["random_suffix"])' - vars: - region_disk_name: 'my-region-features-disk' -parameters: - - name: 'region' - type: ResourceRef - description: 'A reference to the region where the disk resides.' - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' - - name: 'diskEncryptionKey' - type: NestedObject - description: | - Encrypts the disk using a customer-supplied encryption key. - - After you encrypt a disk with a customer-supplied key, you must - provide the same key if you use the disk later (e.g. to create a disk - snapshot or an image, or to attach the disk to a virtual machine). - - Customer-supplied encryption keys do not protect access to metadata of - the disk. - - If you do not provide an encryption key when creating the disk, then - the disk will be encrypted using an automatically generated key and - you do not need to provide a key to use the disk later. - immutable: true - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - sensitive: true - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied - encryption key that protects this resource. - output: true - - name: 'kmsKeyName' - type: String - description: | - The name of the encryption key that is stored in Google Cloud KMS. - - name: 'snapshot' - type: ResourceRef - description: | - The source snapshot used to create this disk. You can provide this as - a partial or full URL to the resource. For example, the following are - valid values: - - * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` - * `projects/project/global/snapshots/snapshot` - * `global/snapshots/snapshot` - * `snapshot` - api_name: sourceSnapshot - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Snapshot' - imports: 'selfLink' - - name: 'sourceSnapshotEncryptionKey' - type: NestedObject - description: | - The customer-supplied encryption key of the source snapshot. Required - if the source snapshot is protected by a customer-supplied encryption - key. - immutable: true - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - # TODO(chrisst) Change to ResourceRef once KMS is in Magic Modules - - name: 'kmsKeyName' - type: String - description: | - The name of the encryption key that is stored in Google Cloud KMS. - min_version: 'beta' - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied - encryption key that protects this resource. - output: true - - name: 'sourceSnapshotId' - type: String - description: | - The unique ID of the snapshot used to create this disk. This value - identifies the exact snapshot that was used to create this persistent - disk. For example, if you created the persistent disk from a snapshot - that was later deleted and recreated under the same name, the source - snapshot ID would identify the exact version of the snapshot that was - used. - output: true -properties: - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'lastAttachTimestamp' - type: Time - description: 'Last attach timestamp in RFC3339 text format.' - output: true - - name: 'lastDetachTimestamp' - type: Time - description: 'Last detach timestamp in RFC3339 text format.' - output: true - - name: 'labels' - type: KeyValueLabels - description: | - Labels to apply to this disk. A list of key->value pairs. - update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/setLabels' - update_verb: 'POST' - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'size' - type: Integer - description: | - Size of the persistent disk, specified in GB. You can specify this - field when creating a persistent disk using the sourceImage or - sourceSnapshot parameter, or specify it alone to create an empty - persistent disk. - - If you specify this field along with sourceImage or sourceSnapshot, - the value of sizeGb must not be less than the size of the sourceImage - or the size of the snapshot. - api_name: sizeGb - default_from_api: true - update_url: 'projects/{{project}}/regions/{{region}}/disks/{{name}}/resize' - update_verb: 'POST' - - name: 'users' - type: Array - description: | - Links to the users of the disk (attached instances) in form: - project/zones/zone/instances/instance - output: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'user' - type: ResourceRef - description: 'A reference to a user of this disk' - resource: 'Instance' - imports: 'selfLink' - - name: 'physicalBlockSizeBytes' - type: Integer - description: | - Physical block size of the persistent disk, in bytes. If not present - in a request, a default value is used. Currently supported sizes - are 4096 and 16384, other sizes may be added in the future. - If an unsupported value is requested, the error message will list - the supported values for the caller's project. - default_from_api: true - - name: 'replicaZones' - type: Array - description: 'URLs of the zones where the disk should be replicated to.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'zone' - type: ResourceRef - description: | - A reference to a zone where the disk should be replicated to. - resource: 'Zone' - imports: 'selfLink' - min_size: 2 - max_size: 2 - - name: 'type' - type: ResourceRef - description: | - URL of the disk type resource describing which disk type to use to - create the disk. Provide this when creating the disk. - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - default_value: "pd-standard" - resource: 'RegionDiskType' - imports: 'selfLink' - - name: 'interface' - type: String - description: | - Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. - min_version: 'beta' - url_param_only: true - diff_suppress_func: 'AlwaysDiffSuppress' - default_value: "SCSI" - deprecation_message: '`interface` is deprecated and will be removed in a future major release. This field is no longer used and can be safely removed from your configurations; disk interfaces are automatically determined on attachment.' - - name: 'sourceDisk' - type: String - description: | - The source disk used to create this disk. You can provide this as a partial or full URL to the resource. - For example, the following are valid values: - - * https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/disks/{disk} - * https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/disks/{disk} - * projects/{project}/zones/{zone}/disks/{disk} - * projects/{project}/regions/{region}/disks/{disk} - * zones/{zone}/disks/{disk} - * regions/{region}/disks/{disk} - diff_suppress_func: 'sourceDiskDiffSupress' - - name: 'sourceDiskId' - type: String - description: | - The ID value of the disk used to create this image. This value may - be used to determine whether the image was taken from the current - or a previous instance of a given disk name. - output: true - - name: 'asyncPrimaryDisk' - type: NestedObject - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - properties: - - name: 'disk' - type: String - description: | - Primary disk for asynchronous disk replication. - required: true - - name: 'guestOsFeatures' - type: Array - description: | - A list of features to enable on the guest operating system. - Applicable only for bootable disks. - is_set: true - default_from_api: true - item_type: - type: NestedObject - properties: - - name: 'type' - type: Enum - description: | - The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - required: true - enum_values: - - 'MULTI_IP_SUBNET' - - 'SECURE_BOOT' - - 'SEV_CAPABLE' - - 'UEFI_COMPATIBLE' - - 'VIRTIO_SCSI_MULTIQUEUE' - - 'WINDOWS' - - 'GVNIC' - - 'SEV_LIVE_MIGRATABLE' - - 'SEV_SNP_CAPABLE' - - 'SUSPEND_RESUME_COMPATIBLE' - - 'TDX_CAPABLE' - - name: 'licenses' - type: Array - description: Any applicable license URI. - immutable: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'license' - type: ResourceRef - description: 'An applicable license URI' - resource: 'License' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionDiskResourcePolicyAttachment.yaml b/mmv1/products/compute/go_RegionDiskResourcePolicyAttachment.yaml deleted file mode 100644 index f70f7da5fd89..000000000000 --- a/mmv1/products/compute/go_RegionDiskResourcePolicyAttachment.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionDiskResourcePolicyAttachment' -description: | - Adds existing resource policies to a disk. You can only add one policy - which will be applied to this disk for scheduling snapshot creation. - - ~> **Note:** This resource does not support zonal disks (`google_compute_disk`). For zonal disks, please refer to [`google_compute_disk_resource_policy_attachment`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment) -docs: -id_format: '{{project}}/{{region}}/{{disk}}/{{name}}' -base_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' -self_link: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}' -create_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}/addResourcePolicies' -delete_url: 'projects/{{project}}/regions/{{region}}/disks/{{disk}}/removeResourcePolicies' -delete_verb: 'POST' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - name -nested_query: - keys: - - resourcePolicies - is_list_of_ids: true - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_region_disk_resource_policies_attachment.go.tmpl' - decoder: 'templates/terraform/decoders/go/compute_disk_resource_policies_attachment.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_region_disk_resource_policies_attachment.go.tmpl' -examples: - - name: 'region_disk_resource_policy_attachment_basic' - primary_resource_id: 'attachment' - vars: - base_disk_name: 'my-base-disk' - snapshot_name: 'my-snapshot' - disk_name: 'my-disk' - policy_name: 'my-resource-policy' -parameters: - - name: 'disk' - type: ResourceRef - description: | - The name of the regional disk in which the resource policies are attached to. - url_param_only: true - required: true - resource: 'Disk' - imports: 'name' - - name: 'region' - type: ResourceRef - description: 'A reference to the region where the disk resides.' - url_param_only: true - required: false - default_from_api: true - resource: 'Region' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The resource policy to be attached to the disk for scheduling snapshot - creation. Do not specify the self link. - required: true diff --git a/mmv1/products/compute/go_RegionDiskType.yaml b/mmv1/products/compute/go_RegionDiskType.yaml deleted file mode 100644 index ea29643f962a..000000000000 --- a/mmv1/products/compute/go_RegionDiskType.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionDiskType' -kind: 'compute#diskType' -description: | - Represents a regional DiskType resource. A DiskType resource represents - the type of disk to use, such as a pd-ssd, pd-balanced or pd-standard. To reference a - disk type, use the disk type's full or partial URL. -exclude: true -readonly: true -docs: -base_url: 'projects/{{project}}/regions/{{region}}/diskTypes' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'items' -custom_code: -parameters: - - name: 'region' - type: ResourceRef - description: 'A reference to the region where the disk type resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'defaultDiskSizeGb' - type: Integer - description: 'Server-defined default disk size in GB.' - output: true - - name: 'deprecated' - type: NestedObject - description: 'The deprecation status associated with this disk type.' - output: true - properties: - - name: 'deleted' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to DELETED. - output: true - - name: 'deprecated' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to DEPRECATED. - output: true - - name: 'obsolete' - type: Time - description: | - An optional RFC3339 timestamp on or after which the deprecation state - of this resource will be changed to OBSOLETE. - output: true - - name: 'replacement' - type: String - description: | - The URL of the suggested replacement for a deprecated resource. The - suggested replacement resource must be the same kind of resource as - the deprecated resource. - output: true - - name: 'state' - type: Enum - description: | - The deprecation state of this resource. This can be DEPRECATED, - OBSOLETE, or DELETED. Operations which create a new resource using a - DEPRECATED resource will return successfully, but with a warning - indicating the deprecated resource and recommending its replacement. - Operations which use OBSOLETE or DELETED resources will be rejected - and result in an error. - output: true - enum_values: - - 'DEPRECATED' - - 'OBSOLETE' - - 'DELETED' - - name: 'description' - type: String - description: 'An optional description of this resource.' - output: true - - name: 'id' - type: Integer - description: 'The unique identifier for the resource.' - output: true - - name: 'name' - type: String - description: 'Name of the resource.' - - name: 'validDiskSize' - type: String - description: | - An optional textual description of the valid disk size, such as - "10GB-10TB". - output: true diff --git a/mmv1/products/compute/go_RegionHealthCheck.yaml b/mmv1/products/compute/go_RegionHealthCheck.yaml deleted file mode 100644 index c53f7405f68e..000000000000 --- a/mmv1/products/compute/go_RegionHealthCheck.yaml +++ /dev/null @@ -1,858 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionHealthCheck' -kind: 'compute#healthCheck' -description: | - Health Checks determine whether instances are responsive and able to do work. - They are an important part of a comprehensive load balancing configuration, - as they enable monitoring instances behind load balancers. - - Health Checks poll instances at a specified interval. Instances that - do not respond successfully to some number of probes in a row are marked - as unhealthy. No new connections are sent to unhealthy instances, - though existing connections will continue. The health check will - continue to poll unhealthy instances. If an instance later responds - successfully to some number of consecutive probes, it is marked - healthy again and can receive new connections. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/health-checks' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionHealthChecks' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/healthChecks' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - encoder: 'templates/terraform/encoders/go/health_check_type.tmpl' -custom_diff: - - 'healthCheckCustomizeDiff' -examples: - - name: 'region_health_check_tcp' - primary_resource_id: 'tcp-region-health-check' - vars: - health_check_name: 'tcp-region-health-check' - - name: 'region_health_check_tcp_full' - primary_resource_id: 'tcp-region-health-check' - vars: - health_check_name: 'tcp-region-health-check' - - name: 'region_health_check_ssl' - primary_resource_id: 'ssl-region-health-check' - vars: - health_check_name: 'ssl-region-health-check' - - name: 'region_health_check_ssl_full' - primary_resource_id: 'ssl-region-health-check' - vars: - health_check_name: 'ssl-region-health-check' - - name: 'region_health_check_http' - primary_resource_id: 'http-region-health-check' - vars: - health_check_name: 'http-region-health-check' - - name: 'region_health_check_http_logs' - primary_resource_id: 'http-region-health-check' - min_version: 'beta' - vars: - health_check_name: 'http-region-health-check' - - name: 'region_health_check_http_full' - primary_resource_id: 'http-region-health-check' - vars: - health_check_name: 'http-region-health-check' - - name: 'region_health_check_https' - primary_resource_id: 'https-region-health-check' - vars: - health_check_name: 'https-region-health-check' - - name: 'region_health_check_https_full' - primary_resource_id: 'https-region-health-check' - vars: - health_check_name: 'https-region-health-check' - - name: 'region_health_check_http2' - primary_resource_id: 'http2-region-health-check' - vars: - health_check_name: 'http2-region-health-check' - - name: 'region_health_check_http2_full' - primary_resource_id: 'http2-region-health-check' - vars: - health_check_name: 'http2-region-health-check' - - name: 'region_health_check_grpc' - primary_resource_id: 'grpc-region-health-check' - vars: - health_check_name: 'grpc-region-health-check' - - name: 'region_health_check_grpc_full' - primary_resource_id: 'grpc-region-health-check' - vars: - health_check_name: 'grpc-region-health-check' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created health check should reside. - If it is not provided, the provider region is used. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'selfLink' -properties: - - name: 'checkIntervalSec' - type: Integer - description: | - How often (in seconds) to send a health check. The default value is 5 - seconds. - default_value: 5 - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - send_empty_value: true - - name: 'healthyThreshold' - type: Integer - description: | - A so-far unhealthy instance will be marked healthy after this many - consecutive successes. The default value is 2. - default_value: 2 - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - immutable: true - - name: 'unhealthyThreshold' - type: Integer - description: | - A so-far healthy instance will be marked unhealthy after this many - consecutive failures. The default value is 2. - default_value: 2 - - name: 'timeoutSec' - type: Integer - description: | - How long (in seconds) to wait before claiming failure. - The default value is 5 seconds. It is invalid for timeoutSec to have - greater value than checkIntervalSec. - default_value: 5 - - name: 'type' - type: Enum - description: |- - The type of the health check. One of HTTP, HTTP2, HTTPS, TCP, or SSL. - output: true - enum_values: - - 'TCP' - - 'SSL' - - 'HTTP' - - 'HTTPS' - - 'HTTP2' - - name: 'httpHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'host' - type: String - description: | - The value of the host header in the HTTP health check request. - If left empty (default value), the public IP on behalf of which this health - check is performed will be used. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'requestPath' - type: String - description: | - The request path of the HTTP health check request. - The default value is /. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - default_value: "/" - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTP health check request. - The default value is 80. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, HTTP health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'http_health_check.0.host' - - 'http_health_check.0.request_path' - - 'http_health_check.0.response' - - 'http_health_check.0.port' - - 'http_health_check.0.port_name' - - 'http_health_check.0.proxy_header' - - 'http_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'httpsHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'host' - type: String - description: | - The value of the host header in the HTTPS health check request. - If left empty (default value), the public IP on behalf of which this health - check is performed will be used. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'requestPath' - type: String - description: | - The request path of the HTTPS health check request. - The default value is /. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - default_value: "/" - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTPS health check request. - The default value is 443. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, HTTPS health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'https_health_check.0.host' - - 'https_health_check.0.request_path' - - 'https_health_check.0.response' - - 'https_health_check.0.port' - - 'https_health_check.0.port_name' - - 'https_health_check.0.proxy_header' - - 'https_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'tcpHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'request' - type: String - description: | - The application data to send once the TCP connection has been - established (default value is empty). If both request and response are - empty, the connection establishment alone will indicate health. The request - data can only be ASCII. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the TCP health check request. - The default value is 80. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, TCP health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'tcp_health_check.0.request' - - 'tcp_health_check.0.response' - - 'tcp_health_check.0.port' - - 'tcp_health_check.0.port_name' - - 'tcp_health_check.0.proxy_header' - - 'tcp_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'sslHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'request' - type: String - description: | - The application data to send once the SSL connection has been - established (default value is empty). If both request and response are - empty, the connection establishment alone will indicate health. The request - data can only be ASCII. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the SSL health check request. - The default value is 443. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, SSL health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'ssl_health_check.0.request' - - 'ssl_health_check.0.response' - - 'ssl_health_check.0.port' - - 'ssl_health_check.0.port_name' - - 'ssl_health_check.0.proxy_header' - - 'ssl_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'http2HealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'host' - type: String - description: | - The value of the host header in the HTTP2 health check request. - If left empty (default value), the public IP on behalf of which this health - check is performed will be used. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'requestPath' - type: String - description: | - The request path of the HTTP2 health check request. - The default value is /. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - default_value: "/" - - name: 'response' - type: String - description: | - The bytes to match against the beginning of the response data. If left empty - (the default value), any response will indicate health. The response data - can only be ASCII. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'port' - type: Integer - description: | - The TCP port number for the HTTP2 health check request. - The default value is 443. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to the - backend. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, HTTP2 health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'http2_health_check.0.host' - - 'http2_health_check.0.request_path' - - 'http2_health_check.0.response' - - 'http2_health_check.0.port' - - 'http2_health_check.0.port_name' - - 'http2_health_check.0.proxy_header' - - 'http2_health_check.0.port_specification' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'grpcHealthCheck' - type: NestedObject - exactly_one_of: - - 'http_health_check' - - 'https_health_check' - - 'http2_health_check' - - 'tcp_health_check' - - 'ssl_health_check' - - 'grpc_health_check' - diff_suppress_func: 'portDiffSuppress' - properties: - - name: 'port' - type: Integer - description: | - The port number for the health check request. - Must be specified if portName and portSpecification are not set - or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - - name: 'portName' - type: String - description: | - Port name as defined in InstanceGroup#NamedPort#name. If both port and - port_name are defined, port takes precedence. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - - name: 'portSpecification' - type: Enum - description: | - Specifies how port is selected for health checking, can be one of the - following values: - - * `USE_FIXED_PORT`: The port number in `port` is used for health checking. - - * `USE_NAMED_PORT`: The `portName` is used for health checking. - - * `USE_SERVING_PORT`: For NetworkEndpointGroup, the port specified for each - network endpoint is used for health checking. For other backends, the - port or named port specified in the Backend Service is used for health - checking. - - If not specified, gRPC health check follows behavior specified in `port` and - `portName` fields. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - enum_values: - - 'USE_FIXED_PORT' - - 'USE_NAMED_PORT' - - 'USE_SERVING_PORT' - - name: 'grpcServiceName' - type: String - description: | - The gRPC service name for the health check. - The value of grpcServiceName has the following meanings by convention: - - * Empty serviceName means the overall status of all services at the backend. - * Non-empty serviceName means the health of that gRPC service, as defined by the owner of the service. - - The grpcServiceName can only be ASCII. - at_least_one_of: - - 'grpc_health_check.0.port' - - 'grpc_health_check.0.port_name' - - 'grpc_health_check.0.port_specification' - - 'grpc_health_check.0.grpc_service_name' - - name: 'logConfig' - type: NestedObject - description: | - Configure logging on this health check. - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/health_check_log_config.go.tmpl' - properties: - - name: 'enable' - type: Boolean - description: | - Indicates whether or not to export logs. This is false by default, - which means no health check logging will be done. - default_value: false diff --git a/mmv1/products/compute/go_RegionInstanceGroupManager.yaml b/mmv1/products/compute/go_RegionInstanceGroupManager.yaml deleted file mode 100644 index ef3fb3c81954..000000000000 --- a/mmv1/products/compute/go_RegionInstanceGroupManager.yaml +++ /dev/null @@ -1,227 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionInstanceGroupManager' -kind: 'compute#instanceGroupManager' -description: | - Creates a managed instance group using the information that you specify in - the request. After the group is created, it schedules an action to create - instances in the group using the specified instance template. This - operation is marked as DONE when the group is created even if the - instances in the group have not yet been created. You must separately - verify the status of the individual instances. - - A managed instance group can have up to 1000 VM instances per group. -exclude: true -docs: -base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -parameters: - - name: 'region' - type: ResourceRef - description: 'The region the managed instance group resides.' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'baseInstanceName' - type: String - description: | - The base instance name to use for instances in this group. The value - must be 1-58 characters long. Instances are named by appending a - hyphen and a random four-character string to the base instance name. - The base instance name must comply with RFC1035. - required: true - - name: 'creationTimestamp' - type: Time - description: | - The creation timestamp for this managed instance group in RFC3339 - text format. - output: true - - name: 'currentActions' - type: NestedObject - description: | - The list of instance actions and the number of instances in this - managed instance group that are scheduled for each of those actions. - output: true - properties: - - name: 'abandoning' - type: Integer - description: | - The total number of instances in the managed instance group that - are scheduled to be abandoned. Abandoning an instance removes it - from the managed instance group without deleting it. - output: true - - name: 'creating' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be created or are currently being created. If the - group fails to create any of these instances, it tries again until - it creates the instance successfully. - - If you have disabled creation retries, this field will not be - populated; instead, the creatingWithoutRetries field will be - populated. - output: true - - name: 'creatingWithoutRetries' - type: Integer - description: | - The number of instances that the managed instance group will - attempt to create. The group attempts to create each instance only - once. If the group fails to create any of these instances, it - decreases the group's targetSize value accordingly. - output: true - - name: 'deleting' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be deleted or are currently being deleted. - output: true - - name: 'none' - type: Integer - description: | - The number of instances in the managed instance group that are - running and have no scheduled actions. - output: true - - name: 'recreating' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be recreated or are currently being being recreated. - Recreating an instance deletes the existing root persistent disk - and creates a new disk from the image that is defined in the - instance template. - output: true - - name: 'refreshing' - type: Integer - description: | - The number of instances in the managed instance group that are - being reconfigured with properties that do not require a restart - or a recreate action. For example, setting or removing target - pools for the instance. - output: true - - name: 'restarting' - type: Integer - description: | - The number of instances in the managed instance group that are - scheduled to be restarted or are currently being restarted. - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - immutable: true - - name: 'id' - type: Integer - description: 'A unique identifier for this resource' - output: true - - name: 'instanceGroup' - type: ResourceRef - description: 'The instance group being managed' - output: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'InstanceGroup' - imports: 'selfLink' - - name: 'instanceTemplate' - type: ResourceRef - description: | - The instance template that is specified for this managed instance - group. The group uses this template to create all new instances in the - managed instance group. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'InstanceTemplate' - imports: 'selfLink' - - name: 'name' - type: String - description: | - The name of the managed instance group. The name must be 1-63 - characters long, and comply with RFC1035. - required: true - - name: 'namedPorts' - type: Array - description: - Named ports configured for the Instance Groups complementary to this - Instance Group Manager. - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name for this named port. The name must be 1-63 characters - long, and comply with RFC1035. - - name: 'port' - type: Integer - description: - The port number, which can be a value between 1 and 65535. - - name: 'targetPools' - type: Array - description: | - TargetPool resources to which instances in the instanceGroup field are - added. The target pools automatically apply to all of the instances in - the managed instance group. - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'targetPool' - type: ResourceRef - description: 'The targetPool to receive managed instances.' - resource: 'TargetPool' - imports: 'selfLink' - - name: 'targetSize' - type: Integer - description: | - The target number of running instances for this managed instance - group. Deleting or abandoning instances reduces this number. Resizing - the group changes this number. - - name: 'autoHealingPolicies' - type: Array - description: | - The autohealing policy for this managed instance group - item_type: - type: NestedObject - properties: - - name: 'healthCheck' - type: String - description: | - The URL for the health check that signals autohealing. - - name: 'initialDelaySec' - type: Integer - description: | - The number of seconds that the managed instance group waits - before it applies autohealing policies to new instances or recently recreated instances diff --git a/mmv1/products/compute/go_RegionNetworkEndpoint.yaml b/mmv1/products/compute/go_RegionNetworkEndpoint.yaml deleted file mode 100644 index b8b956c01adf..000000000000 --- a/mmv1/products/compute/go_RegionNetworkEndpoint.yaml +++ /dev/null @@ -1,149 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionNetworkEndpoint' -kind: 'compute#networkEndpoint' -description: | - A Region network endpoint represents a IP address/FQDN and port combination that is - part of a specific network endpoint group (NEG). - - ~> **NOTE**: Network endpoints cannot be created outside of a network endpoint group. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/' - 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' -docs: -id_format: '{{project}}/{{region}}/{{region_network_endpoint_group}}/{{ip_address}}/{{fqdn}}/{{port}}' -base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}' -self_link: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/listNetworkEndpoints' -create_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/attachNetworkEndpoints' -read_verb: 'POST' -delete_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups/{{region_network_endpoint_group}}/detachNetworkEndpoints' -delete_verb: 'POST' -immutable: true -mutex: 'networkEndpoint/{{project}}/{{region}}/{{region_network_endpoint_group}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - ipAddress - - fqdn - - port -nested_query: - keys: - - items - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_region_network_endpoint.go.tmpl' - decoder: 'templates/terraform/decoders/go/network_endpoint.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/compute_region_network_endpoint.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/compute_region_network_endpoint.go.tmpl' -exclude_tgc: true -examples: - - name: 'region_network_endpoint_internet_ip_port' - primary_resource_id: 'region-internet-ip-port-endpoint' - vars: - neg_name: 'ip-port-neg' - network_name: 'network' - - name: 'region_network_endpoint_internet_fqdn_port' - primary_resource_id: 'region-internet-fqdn-port-endpoint' - vars: - neg_name: 'fqdn-port-neg' - network_name: 'network' - - name: 'region_network_endpoint_portmap' - primary_resource_id: 'region_network_endpoint_portmap' - min_version: 'beta' - vars: - network_name: 'network' - subnetwork_name: 'subnetwork' - instance_name: 'instance' - neg_name: 'portmap-neg' - skip_test: true -parameters: - - name: 'region' - type: ResourceRef - description: | - Region where the containing network endpoint group is located. - url_param_only: true - required: false - ignore_read: true - default_from_api: true - resource: 'Region' - imports: 'name' - - name: 'regionNetworkEndpointGroup' - type: ResourceRef - description: | - The network endpoint group this endpoint is part of. - url_param_only: true - required: true - ignore_read: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - resource: 'RegionNetworkEndpointGroup' - imports: 'name' -properties: - - name: 'port' - type: Integer - description: | - Port number of network endpoint. - required: true - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' - validation: - function: 'validation.IntAtLeast(1)' - - name: 'ipAddress' - type: String - description: | - IPv4 address external endpoint. - - This can only be specified when network_endpoint_type of the NEG is INTERNET_IP_PORT. - - name: 'fqdn' - type: String - description: | - Fully qualified domain name of network endpoint. - - This can only be specified when network_endpoint_type of the NEG is INTERNET_FQDN_PORT. - at_least_one_of: - - 'fqdn' - - 'ip_address' - - name: 'clientDestinationPort' - type: Integer - description: | - Client destination port for the `GCE_VM_IP_PORTMAP` NEG. - min_version: 'beta' - custom_flatten: 'templates/terraform/custom_flatten/go/float64_to_int.go.tmpl' - - name: 'instance' - type: ResourceRef - description: | - The name for a specific VM instance that the IP address belongs to. - This is required for network endpoints of type GCE_VM_IP_PORTMAP. - min_version: 'beta' - resource: 'Instance' - imports: 'name' diff --git a/mmv1/products/compute/go_RegionNetworkEndpointGroup.yaml b/mmv1/products/compute/go_RegionNetworkEndpointGroup.yaml deleted file mode 100644 index 916e7fb82e2c..000000000000 --- a/mmv1/products/compute/go_RegionNetworkEndpointGroup.yaml +++ /dev/null @@ -1,321 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionNetworkEndpointGroup' -kind: 'compute#networkEndpointGroup' -description: | - A regional NEG that can support Serverless Products, proxying traffic to - external backends and providing traffic to the PSC port mapping endpoints. - - Recreating a region network endpoint group that's in use by another resource will give a - `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` - to avoid this type of error. -references: - guides: - 'Serverless NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/serverless-neg-concepts' - 'Internet NEGs Official Documentation': 'https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/networkEndpointGroups' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'region_network_endpoint_group_functions' - primary_resource_id: 'function_neg' - vars: - neg_name: 'function-neg' - function_name: 'function-neg' - bucket_name: 'cloudfunctions-function-example-bucket' - zip_path: 'path/to/index.zip' - test_vars_overrides: - 'zip_path': 'acctest.CreateZIPArchiveForCloudFunctionSource(t, "./test-fixtures/http_trigger.js")' - - name: 'region_network_endpoint_group_cloudrun' - primary_resource_id: 'cloudrun_neg' - vars: - neg_name: 'cloudrun-neg' - - name: 'region_network_endpoint_group_appengine' - primary_resource_id: 'appengine_neg' - vars: - neg_name: 'appengine-neg' - - name: 'region_network_endpoint_group_appengine_empty' - primary_resource_id: 'appengine_neg' - vars: - neg_name: 'appengine-neg' - - name: 'region_network_endpoint_group_psc' - primary_resource_id: 'psc_neg' - vars: - neg_name: 'psc-neg' - - name: 'region_network_endpoint_group_psc_service_attachment' - primary_resource_id: 'psc_neg_service_attachment' - vars: - neg_name: 'psc-neg' - network_name: 'psc-network' - subnetwork_name: 'psc-subnetwork' - psc_subnetwork_name: 'psc-subnetwork-nat' - backend_service_name: 'psc-backend' - forwarding_rule_name: 'psc-forwarding-rule' - service_attachment_name: 'psc-service-attachment' - health_check_name: 'psc-healthcheck' - - name: 'region_network_endpoint_group_internet_ip_port' - primary_resource_id: 'region_network_endpoint_group_internet_ip_port' - vars: - neg_name: 'ip-port-neg' - network_name: 'network' - - name: 'region_network_endpoint_group_internet_fqdn_port' - primary_resource_id: 'region_network_endpoint_group_internet_fqdn_port' - vars: - neg_name: 'ip-port-neg' - network_name: 'network' - - name: 'region_network_endpoint_group_portmap' - primary_resource_id: 'region_network_endpoint_group_portmap' - min_version: 'beta' - vars: - network_name: 'network' - subnetwork_name: 'subnetwork' - neg_name: 'portmap-neg' -parameters: - - name: 'region' - type: ResourceRef - description: | - A reference to the region where the regional NEGs reside. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - - name: 'networkEndpointType' - type: Enum - description: | - Type of network endpoints in this network endpoint group. Defaults to SERVERLESS. - default_value: "SERVERLESS" - enum_values: - - 'SERVERLESS' - - 'PRIVATE_SERVICE_CONNECT' - - 'INTERNET_IP_PORT' - - 'INTERNET_FQDN_PORT' - - 'GCE_VM_IP_PORTMAP' - - name: 'pscTargetService' - type: String - description: | - This field is only used for PSC and INTERNET NEGs. - - The target service url used to set up private service connection to - a Google API or a PSC Producer Service Attachment. - - name: 'network' - type: ResourceRef - description: | - This field is only used for PSC and INTERNET NEGs. - - The URL of the network to which all network endpoints in the NEG belong. Uses - "default" project network if unspecified. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'subnetwork' - type: ResourceRef - description: | - This field is only used for PSC NEGs. - - Optional URL of the subnetwork to which all network endpoints in the NEG belong. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'cloudRun' - type: NestedObject - description: | - This field is only used for SERVERLESS NEGs. - - Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. - conflicts: - - cloud_function - - app_engine - - serverless_deployment - properties: - - name: 'service' - type: String - description: | - Cloud Run service is the main resource of Cloud Run. - The service must be 1-63 characters long, and comply with RFC1035. - Example value: "run-service". - at_least_one_of: - - 'cloud_run.0.service' - - 'cloud_run.0.url_mask' - - name: 'tag' - type: String - description: | - Cloud Run tag represents the "named-revision" to provide - additional fine-grained traffic routing information. - The tag must be 1-63 characters long, and comply with RFC1035. - Example value: "revision-0010". - - name: 'urlMask' - type: String - description: | - A template to parse service and tag fields from a request URL. - URL mask allows for routing to multiple Run services without having - to create multiple network endpoint groups and backend services. - - For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" - an be backed by the same Serverless Network Endpoint Group (NEG) with - URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } - and { service="bar2", tag="foo2" } respectively. - at_least_one_of: - - 'cloud_run.0.service' - - 'cloud_run.0.url_mask' - - name: 'appEngine' - type: NestedObject - description: | - This field is only used for SERVERLESS NEGs. - - Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. - send_empty_value: true - allow_empty_object: true - conflicts: - - cloud_run - - cloud_function - - serverless_deployment - properties: - - name: 'service' - type: String - description: | - Optional serving service. - The service name must be 1-63 characters long, and comply with RFC1035. - Example value: "default", "my-service". - - name: 'version' - type: String - description: | - Optional serving version. - The version must be 1-63 characters long, and comply with RFC1035. - Example value: "v1", "v2". - - name: 'urlMask' - type: String - description: | - A template to parse service and version fields from a request URL. - URL mask allows for routing to multiple App Engine services without - having to create multiple Network Endpoint Groups and backend services. - - For example, the request URLs "foo1-dot-appname.appspot.com/v1" and - "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with - URL mask "-dot-appname.appspot.com/". The URL mask will parse - them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively. - - name: 'cloudFunction' - type: NestedObject - description: | - This field is only used for SERVERLESS NEGs. - - Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set. - conflicts: - - cloud_run - - app_engine - - serverless_deployment - properties: - - name: 'function' - type: String - description: | - A user-defined name of the Cloud Function. - The function name is case-sensitive and must be 1-63 characters long. - Example value: "func1". - at_least_one_of: - - 'cloud_function.0.function' - - 'cloud_function.0.url_mask' - - name: 'urlMask' - type: String - description: | - A template to parse function field from a request URL. URL mask allows - for routing to multiple Cloud Functions without having to create - multiple Network Endpoint Groups and backend services. - - For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" - can be backed by the same Serverless NEG with URL mask "/". The URL mask - will parse them to { function = "function1" } and { function = "function2" } respectively. - at_least_one_of: - - 'cloud_function.0.function' - - 'cloud_function.0.url_mask' - - name: 'serverlessDeployment' - type: NestedObject - description: | - This field is only used for SERVERLESS NEGs. - - Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set. - min_version: 'beta' - send_empty_value: true - allow_empty_object: true - conflicts: - - cloud_run - - cloud_function - - app_engine - properties: - - name: 'platform' - type: String - description: | - The platform of the NEG backend target(s). Possible values: - API Gateway: apigateway.googleapis.com - required: true - - name: 'resource' - type: String - description: | - The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. - The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name, - Cloud Functions: The function name, Cloud Run: The service name - - name: 'version' - type: String - description: | - The optional resource version. The version identified by this value is platform-specific and is follows: - API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag - - name: 'urlMask' - type: String - description: | - A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources - on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. - The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID, - App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag - required: false diff --git a/mmv1/products/compute/go_RegionNetworkFirewallPolicy.yaml b/mmv1/products/compute/go_RegionNetworkFirewallPolicy.yaml deleted file mode 100644 index f727fdbc6f72..000000000000 --- a/mmv1/products/compute/go_RegionNetworkFirewallPolicy.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionNetworkFirewallPolicy' -description: "The Compute NetworkFirewallPolicy resource" -docs: -base_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' -self_link: 'projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}' -create_url: 'projects/{{project}}/regions/{{region}}/firewallPolicies' -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -legacy_long_form_project: true -examples: - - name: 'region_network_firewall_policy_full' - primary_resource_id: 'policy' - vars: - policy_name: 'tf-test-policy' -parameters: - - name: 'region' - type: String - description: The region of this resource. - url_param_only: true - immutable: true - default_from_api: true -properties: - - name: 'creationTimestamp' - type: String - description: Creation timestamp in RFC3339 text format. - output: true - - name: 'name' - type: String - description: User-provided name of the Network firewall policy. The name should be unique in the project in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - required: true - immutable: true - - name: 'regionNetworkFirewallPolicyId' - type: String - description: The unique identifier for the resource. This identifier is defined by the server. - api_name: id - output: true - - name: 'description' - type: String - description: An optional description of this resource. Provide this property when you create the resource. - - name: 'fingerprint' - type: Fingerprint - description: Fingerprint of the resource. This field is used internally during updates of this resource. - output: true - - name: 'selfLink' - type: String - description: Server-defined URL for the resource. - output: true - - name: 'selfLinkWithId' - type: String - description: Server-defined URL for this resource with the resource id. - output: true - - name: 'ruleTupleCount' - type: Integer - description: Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples. - output: true diff --git a/mmv1/products/compute/go_RegionPerInstanceConfig.yaml b/mmv1/products/compute/go_RegionPerInstanceConfig.yaml deleted file mode 100644 index 2da626974fda..000000000000 --- a/mmv1/products/compute/go_RegionPerInstanceConfig.yaml +++ /dev/null @@ -1,246 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionPerInstanceConfig' -description: | - A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name - across instance group manager operations and can define stateful disks or metadata that are unique to the instance. - This resource works with regional instance group managers. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/instance-groups/stateful-migs#per-instance_configs' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagers' -docs: -id_format: '{{project}}/{{region}}/{{region_instance_group_manager}}/{{name}}' -base_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}' -self_link: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/listPerInstanceConfigs' -create_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/createInstances' -update_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/updatePerInstanceConfigs' -update_verb: 'POST' -read_verb: 'POST' -delete_url: 'projects/{{project}}/regions/{{region}}/instanceGroupManagers/{{region_instance_group_manager}}/deletePerInstanceConfigs' -delete_verb: 'POST' -mutex: 'instanceGroupManager/{{project}}/{{region}}/{{region_instance_group_manager}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -identity: - - name -nested_query: - keys: - - items - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/compute_per_instance_config.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/compute_per_instance_config.go.tmpl' - post_update: 'templates/terraform/post_update/go/compute_region_per_instance_config.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/region_per_instance_config.go.tmpl' -exclude_tgc: true -examples: - - name: 'stateful_rigm' - primary_resource_id: 'stateful-instance' - vars: - template_name: 'my-template' - igm_name: 'my-rigm' - disk_name: 'my-disk-name' - skip_test: true -virtual_fields: - - name: 'minimal_action' - description: | - The minimal action to perform on the instance during an update. - Default is `NONE`. Possible values are: - * REPLACE - * RESTART - * REFRESH - * NONE - type: String - default_value: "NONE" - - name: 'most_disruptive_allowed_action' - description: | - The most disruptive action to perform on the instance during an update. - Default is `REPLACE`. Possible values are: - * REPLACE - * RESTART - * REFRESH - * NONE - type: String - default_value: "REPLACE" - - name: 'remove_instance_on_destroy' - description: | - When true, deleting this config will immediately remove the underlying instance. - When false, deleting this config will use the behavior as determined by remove_instance_on_destroy. - type: Boolean - default_value: false - - name: 'remove_instance_state_on_destroy' - description: | - When true, deleting this config will immediately remove any specified state from the underlying instance. - When false, deleting this config will *not* immediately remove any state from the underlying instance. - State will be removed on the next instance recreation or update. - type: Boolean - default_value: false -parameters: - - name: 'region' - type: ResourceRef - description: | - Region where the containing instance group manager is located - url_param_only: true - required: false - immutable: true - ignore_read: true - default_from_api: true - resource: 'Region' - imports: 'name' - - name: 'regionInstanceGroupManager' - type: ResourceRef - description: | - The region instance group manager this instance config is part of. - url_param_only: true - required: true - immutable: true - resource: 'RegionInstanceGroupManager' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The name for this per-instance config and its corresponding instance. - required: true - immutable: true - - name: 'preservedState' - type: NestedObject - description: 'The preserved state for this instance.' - properties: - - name: 'metadata' - type: KeyValuePairs - description: | - Preserved metadata defined for this instance. This is a list of key->value pairs. - - name: 'disk' - type: Array - description: | - Stateful disks for the instance. - api_name: disks - is_set: true - custom_flatten: 'templates/terraform/custom_flatten/go/preserved_state_disks.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/preserved_state_disks.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'deviceName' - type: String - description: | - A unique device name that is reflected into the /dev/ tree of a Linux operating system running within the instance. - required: true - - name: 'source' - type: String - description: | - The URI of an existing persistent disk to attach under the specified device-name in the format - `projects/project-id/zones/zone/disks/disk-name`. - required: true - - name: 'mode' - type: Enum - description: | - The mode of the disk. - default_value: "READ_WRITE" - enum_values: - - 'READ_ONLY' - - 'READ_WRITE' - - name: 'deleteRule' - type: Enum - description: | - A value that prescribes what should happen to the stateful disk when the VM instance is deleted. - The available options are `NEVER` and `ON_PERMANENT_INSTANCE_DELETION`. - `NEVER` - detach the disk when the VM is deleted, but do not delete the disk. - `ON_PERMANENT_INSTANCE_DELETION` will delete the stateful disk when the VM is permanently - deleted from the instance group. - default_value: "NEVER" - enum_values: - - 'NEVER' - - 'ON_PERMANENT_INSTANCE_DELETION' - - name: 'internalIp' - type: Map - description: | - Preserved internal IPs defined for this instance. This map is keyed with the name of the network interface. - api_name: internalIPs - key_name: 'interface_name' - value_type: - name: internalIp - type: NestedObject - properties: - - name: 'autoDelete' - type: Enum - description: | - These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - default_value: "NEVER" - enum_values: - - 'NEVER' - - 'ON_PERMANENT_INSTANCE_DELETION' - - name: 'ipAddress' - type: NestedObject - description: | - Ip address representation - properties: - - name: 'address' - type: ResourceRef - description: | - The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Address' - imports: 'selfLink' - - name: 'externalIp' - type: Map - description: | - Preserved external IPs defined for this instance. This map is keyed with the name of the network interface. - api_name: externalIPs - key_name: 'interface_name' - value_type: - name: externalIp - type: NestedObject - properties: - - name: 'autoDelete' - type: Enum - description: | - These stateful IPs will never be released during autohealing, update or VM instance recreate operations. This flag is used to configure if the IP reservation should be deleted after it is no longer used by the group, e.g. when the given instance or the whole group is deleted. - default_value: "NEVER" - enum_values: - - 'NEVER' - - 'ON_PERMANENT_INSTANCE_DELETION' - - name: 'ipAddress' - type: NestedObject - description: | - Ip address representation - properties: - - name: 'address' - type: ResourceRef - description: | - The URL of the reservation for this IP address. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Address' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionSecurityPolicy.yaml b/mmv1/products/compute/go_RegionSecurityPolicy.yaml deleted file mode 100644 index 65d078bd284d..000000000000 --- a/mmv1/products/compute/go_RegionSecurityPolicy.yaml +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionSecurityPolicy' -description: | - Represents a Region Cloud Armor Security Policy resource. -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/armor/docs/security-policy-concepts' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSecurityPolicies' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies' -self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'region_security_policy_basic' - primary_resource_id: 'region-sec-policy-basic' - vars: - sec_policy_name: 'my-sec-policy-basic' - - name: 'region_security_policy_with_ddos_protection_config' - primary_resource_id: 'region-sec-policy-ddos-protection' - vars: - sec_policy_name: 'my-sec-policy-ddos-protection' - - name: 'region_security_policy_with_user_defined_fields' - primary_resource_id: 'region-sec-policy-user-defined-fields' - vars: - sec_policy_name: 'my-sec-policy-user-defined-fields' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created Region Security Policy should reside. - If it is not provided, the provider region is used. - min_version: 'beta' - required: false - immutable: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'policyId' - type: String - description: | - The unique identifier for the resource. This identifier is defined by the server. - api_name: id - min_version: 'beta' - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. - Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - min_version: 'beta' - required: true - immutable: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create the resource. - min_version: 'beta' - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. This field is used internally during - updates of this resource. - min_version: 'beta' - output: true - - name: 'type' - type: Enum - description: | - The type indicates the intended use of the security policy. - - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. - This field can be set only at resource creation time. - min_version: 'beta' - immutable: true - enum_values: - - 'CLOUD_ARMOR' - - 'CLOUD_ARMOR_EDGE' - - 'CLOUD_ARMOR_NETWORK' - - name: 'ddosProtectionConfig' - type: NestedObject - description: | - Configuration for Google Cloud Armor DDOS Proctection Config. - min_version: 'beta' - properties: - - name: 'ddosProtection' - type: Enum - description: | - Google Cloud Armor offers the following options to help protect systems against DDoS attacks: - - STANDARD: basic always-on protection for network load balancers, protocol forwarding, or VMs with public IP addresses. - - ADVANCED: additional protections for Managed Protection Plus subscribers who use network load balancers, protocol forwarding, or VMs with public IP addresses. - - ADVANCED_PREVIEW: flag to enable the security policy in preview mode. - min_version: 'beta' - required: true - enum_values: - - 'ADVANCED' - - 'ADVANCED_PREVIEW' - - 'STANDARD' - - name: 'selfLink' - type: String - description: | - Server-defined URL for the resource. - min_version: 'beta' - output: true - - name: 'selfLinkWithPolicyId' - type: String - description: | - Server-defined URL for this resource with the resource id. - api_name: selfLinkWithId - min_version: 'beta' - output: true - - name: 'userDefinedFields' - type: Array - description: | - Definitions of user-defined fields for CLOUD_ARMOR_NETWORK policies. - A user-defined field consists of up to 4 bytes extracted from a fixed offset in the packet, relative to the IPv4, IPv6, TCP, or UDP header, with an optional mask to select certain bits. - Rules may then specify matching values for these fields. - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The name of this field. Must be unique within the policy. - min_version: 'beta' - - name: 'base' - type: Enum - description: | - The base relative to which 'offset' is measured. Possible values are: - - IPV4: Points to the beginning of the IPv4 header. - - IPV6: Points to the beginning of the IPv6 header. - - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - min_version: 'beta' - required: true - enum_values: - - 'IPV4' - - 'IPV6' - - 'TCP' - - 'UDP' - - name: 'offset' - type: Integer - description: | - Offset of the first byte of the field (in network byte order) relative to 'base'. - min_version: 'beta' - - name: 'size' - type: Integer - description: | - Size of the field in bytes. Valid values: 1-4. - min_version: 'beta' - - name: 'mask' - type: String - description: | - If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. - Encoded as a hexadecimal number (starting with "0x"). - The last byte of the field (in network byte order) corresponds to the least significant byte of the mask. - min_version: 'beta' diff --git a/mmv1/products/compute/go_RegionSecurityPolicyRule.yaml b/mmv1/products/compute/go_RegionSecurityPolicyRule.yaml deleted file mode 100644 index a8ca5e9bfdbd..000000000000 --- a/mmv1/products/compute/go_RegionSecurityPolicyRule.yaml +++ /dev/null @@ -1,575 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionSecurityPolicyRule' -description: | - A rule for the RegionSecurityPolicy. -min_version: 'beta' -references: - guides: - 'Creating region security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' - api: 'https://cloud.google.com/compute/docs/reference/rest/beta/regionSecurityPolicies/addRule' -docs: -id_format: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' -base_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}' -self_link: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' -create_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' -update_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' -update_verb: 'POST' -update_mask: true -delete_url: 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' -delete_verb: 'POST' -import_format: - - 'projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'region_security_policy_rule_basic' - primary_resource_id: 'policy_rule' - min_version: 'beta' - vars: - sec_policy_name: 'policyruletest' - - name: 'region_security_policy_rule_multiple_rules' - primary_resource_id: 'policy_rule_one' - min_version: 'beta' - vars: - sec_policy_name: 'policywithmultiplerules' - - name: 'region_security_policy_rule_with_preconfigured_waf_config' - primary_resource_id: 'policy_rule' - min_version: 'beta' - vars: - sec_policy_name: 'policyruletest' - - name: 'region_security_policy_rule_with_network_match' - primary_resource_id: 'policy_rule_network_match' - min_version: 'beta' - vars: - sec_policy_name: 'policyfornetworkmatch' - skip_test: true -parameters: - - name: 'region' - type: String - description: | - The Region in which the created Region Security Policy rule should reside. - min_version: 'beta' - url_param_only: true - required: true - immutable: true - - name: 'security_policy' - type: String - description: | - The name of the security policy this rule belongs to. - min_version: 'beta' - url_param_only: true - required: true - immutable: true -properties: - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create the resource. - min_version: 'beta' - - name: 'priority' - type: Integer - description: | - An integer indicating the priority of a rule in the list. - The priority must be a positive value between 0 and 2147483647. - Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. - min_version: 'beta' - required: true - immutable: true - - name: 'match' - type: NestedObject - description: | - A match condition that incoming traffic is evaluated against. - If it evaluates to true, the corresponding 'action' is enforced. - min_version: 'beta' - properties: - - name: 'versionedExpr' - type: Enum - description: | - Preconfigured versioned expression. If this field is specified, config must also be specified. - Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. - min_version: 'beta' - enum_values: - - 'SRC_IPS_V1' - - name: 'expr' - type: NestedObject - description: | - User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. - min_version: 'beta' - properties: - - name: 'expression' - type: String - description: | - Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. - min_version: 'beta' - required: true - - name: 'config' - type: NestedObject - description: | - The configuration options available when specifying versionedExpr. - This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. - min_version: 'beta' - properties: - - name: 'srcIpRanges' - type: Array - description: | - CIDR IP address range. Maximum number of srcIpRanges allowed is 10. - min_version: 'beta' - item_type: - type: String - - name: 'preconfiguredWafConfig' - type: NestedObject - description: | - Preconfigured WAF configuration to be applied for the rule. - If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. - min_version: 'beta' - properties: - - name: 'exclusion' - type: Array - description: | - An exclusion to apply during preconfigured WAF evaluation. - api_name: exclusions - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'targetRuleSet' - type: String - description: | - Target WAF rule set to apply the preconfigured WAF exclusion. - min_version: 'beta' - required: true - - name: 'targetRuleIds' - type: Array - description: | - A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. - If omitted, it refers to all the rule IDs under the WAF rule set. - min_version: 'beta' - item_type: - type: String - - name: 'requestHeader' - type: Array - description: | - Request header whose value will be excluded from inspection during preconfigured WAF evaluation. - api_name: requestHeadersToExclude - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'operator' - type: Enum - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - min_version: 'beta' - required: true - enum_values: - - 'CONTAINS' - - 'ENDS_WITH' - - 'EQUALS' - - 'EQUALS_ANY' - - 'STARTS_WITH' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - min_version: 'beta' - - name: 'requestCookie' - type: Array - description: | - Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. - api_name: requestCookiesToExclude - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'operator' - type: Enum - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - min_version: 'beta' - required: true - enum_values: - - 'CONTAINS' - - 'ENDS_WITH' - - 'EQUALS' - - 'EQUALS_ANY' - - 'STARTS_WITH' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - min_version: 'beta' - - name: 'requestUri' - type: Array - description: | - Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. - When specifying this field, the query or fragment part should be excluded. - api_name: requestUrisToExclude - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'operator' - type: Enum - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - min_version: 'beta' - required: true - enum_values: - - 'CONTAINS' - - 'ENDS_WITH' - - 'EQUALS' - - 'EQUALS_ANY' - - 'STARTS_WITH' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - min_version: 'beta' - - name: 'requestQueryParam' - type: Array - description: | - Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. - Note that the parameter can be in the query string or in the POST body. - api_name: requestQueryParamsToExclude - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'operator' - type: Enum - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - min_version: 'beta' - required: true - enum_values: - - 'CONTAINS' - - 'ENDS_WITH' - - 'EQUALS' - - 'EQUALS_ANY' - - 'STARTS_WITH' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - min_version: 'beta' - - name: 'action' - type: String - description: | - The Action to perform when the rule is matched. The following are the valid actions: - - * allow: allow access to target. - - * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. - - * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set. - - * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - - * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. - min_version: 'beta' - required: true - - name: 'rateLimitOptions' - type: NestedObject - description: | - Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. - min_version: 'beta' - update_mask_fields: - - 'rateLimitOptions.rateLimitThreshold' - - 'rateLimitOptions.conformAction' - - 'rateLimitOptions.exceedAction' - - 'rateLimitOptions.enforceOnKey' - - 'rateLimitOptions.enforceOnKeyName' - - 'rateLimitOptions.enforceOnKeyConfigs' - - 'rateLimitOptions.banThreshold' - - 'rateLimitOptions.banDurationSec' - properties: - - name: 'rateLimitThreshold' - type: NestedObject - description: | - Threshold at which to begin ratelimiting. - min_version: 'beta' - properties: - - name: 'count' - type: Integer - description: | - Number of HTTP(S) requests for calculating the threshold. - min_version: 'beta' - - name: 'intervalSec' - type: Integer - description: | - Interval over which the threshold is computed. - min_version: 'beta' - - name: 'conformAction' - type: String - description: | - Action to take for requests that are under the configured rate limit threshold. - Valid option is "allow" only. - min_version: 'beta' - - name: 'exceedAction' - type: String - description: | - Action to take for requests that are above the configured rate limit threshold, to deny with a specified HTTP response code. - Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. - min_version: 'beta' - - name: 'enforceOnKey' - type: Enum - description: | - Determines the key to enforce the rateLimitThreshold on. Possible values are: - * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. - * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - * REGION_CODE: The country/region from which the request originates. - * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - min_version: 'beta' - enum_values: - - 'ALL' - - 'IP' - - 'HTTP_HEADER' - - 'XFF_IP' - - 'HTTP_COOKIE' - - 'HTTP_PATH' - - 'SNI' - - 'REGION_CODE' - - 'TLS_JA3_FINGERPRINT' - - 'USER_IP' - - name: 'enforceOnKeyName' - type: String - description: | - Rate limit key name applicable only for the following key types: - HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. - HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - min_version: 'beta' - - name: 'enforceOnKeyConfigs' - type: Array - description: | - If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. - You can specify up to 3 enforceOnKeyConfigs. - If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'enforceOnKeyType' - type: Enum - description: | - Determines the key to enforce the rateLimitThreshold on. Possible values are: - * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. - * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - * REGION_CODE: The country/region from which the request originates. - * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - min_version: 'beta' - enum_values: - - 'ALL' - - 'IP' - - 'HTTP_HEADER' - - 'XFF_IP' - - 'HTTP_COOKIE' - - 'HTTP_PATH' - - 'SNI' - - 'REGION_CODE' - - 'TLS_JA3_FINGERPRINT' - - 'USER_IP' - - name: 'enforceOnKeyName' - type: String - description: | - Rate limit key name applicable only for the following key types: - HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. - HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - min_version: 'beta' - - name: 'banThreshold' - type: NestedObject - description: | - Can only be specified if the action for the rule is "rate_based_ban". - If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. - min_version: 'beta' - properties: - - name: 'count' - type: Integer - description: | - Number of HTTP(S) requests for calculating the threshold. - min_version: 'beta' - - name: 'intervalSec' - type: Integer - description: | - Interval over which the threshold is computed. - min_version: 'beta' - - name: 'banDurationSec' - type: Integer - description: | - Can only be specified if the action for the rule is "rate_based_ban". - If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - min_version: 'beta' - - name: 'preview' - type: Boolean - description: | - If set to true, the specified action is not enforced. - min_version: 'beta' - - name: 'networkMatch' - type: NestedObject - description: | - A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. - The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). - Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. - Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. - For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. - Example: - networkMatch: srcIpRanges: - "192.0.2.0/24" - "198.51.100.0/24" userDefinedFields: - name: "ipv4_fragment_offset" values: - "1-0x1fff" - The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named "ipv4_fragment_offset" with a value between 1 and 0x1fff inclusive - min_version: 'beta' - update_mask_fields: - - 'network_match.userDefinedFields' - - 'network_match.srcIpRanges' - - 'network_match.destIpRanges' - - 'network_match.ipProtocols' - - 'network_match.srcPorts' - - 'network_match.destPorts' - - 'network_match.srcRegionCodes' - - 'network_match.srcAsns' - properties: - - name: 'userDefinedFields' - type: Array - description: | - User-defined fields. Each element names a defined field and lists the matching values for that field. - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of the user-defined field, as given in the definition. - min_version: 'beta' - - name: 'values' - type: Array - description: | - Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with "0x") number (e.g. "64") or range (e.g. "0x400-0x7ff"). - min_version: 'beta' - item_type: - type: String - - name: 'srcIpRanges' - type: Array - description: | - Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format. - min_version: 'beta' - item_type: - type: String - - name: 'destIpRanges' - type: Array - description: | - Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format. - min_version: 'beta' - item_type: - type: String - - name: 'ipProtocols' - type: Array - description: | - IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. "6"), range (e.g. "253-254"), or one of the following protocol names: "tcp", "udp", "icmp", "esp", "ah", "ipip", or "sctp". - min_version: 'beta' - item_type: - type: String - - name: 'srcPorts' - type: Array - description: | - Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). - min_version: 'beta' - item_type: - type: String - - name: 'destPorts' - type: Array - description: | - Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. "80") or range (e.g. "0-1023"). - min_version: 'beta' - item_type: - type: String - - name: 'srcRegionCodes' - type: Array - description: | - Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address. - min_version: 'beta' - item_type: - type: String - - name: 'srcAsns' - type: Array - description: | - BGP Autonomous System Number associated with the source IP address. - min_version: 'beta' - item_type: - type: Integer diff --git a/mmv1/products/compute/go_RegionSslCertificate.yaml b/mmv1/products/compute/go_RegionSslCertificate.yaml deleted file mode 100644 index 6893009d4216..000000000000 --- a/mmv1/products/compute/go_RegionSslCertificate.yaml +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionSslCertificate' -kind: 'compute#sslCertificate' -description: | - A RegionSslCertificate resource, used for HTTPS load balancing. This resource - provides a mechanism to upload an SSL key and certificate to - the load balancer to serve secure connections from the user. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslCertificates' -docs: - optional_properties: | - * `name_prefix` - (Optional) Creates a unique name beginning with the - specified prefix. Conflicts with `name`. Max length is 54 characters. - Prefixes with lengths longer than 37 characters will use a shortened - UUID that will be more prone to collisions. - Resulting name for a `name_prefix` <= 37 characters: - `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter - Resulting name for a `name_prefix` 38 - 54 characters: - `name_prefix` + YYmmdd + 3 digit incremental counter -base_url: 'projects/{{project}}/regions/{{region}}/sslCertificates' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/ssl_certificate.tmpl' - constants: 'templates/terraform/constants/go/compute_certificate.go.tmpl' -examples: - - name: 'region_ssl_certificate_basic' - primary_resource_id: 'default' - ignore_read_extra: - - 'name_prefix' - skip_vcr: true - - name: 'region_ssl_certificate_random_provider' - primary_resource_id: 'default' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'region_ssl_certificate_target_https_proxies' - primary_resource_id: 'default' - vars: - region_target_https_proxy_name: 'test-proxy' - region_url_map_name: 'url-map' - region_backend_service_name: 'backend-service' - region_health_check_name: 'http-health-check' - ignore_read_extra: - - 'name_prefix' - skip_vcr: true -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created regional ssl certificate should reside. - If it is not provided, the provider region is used. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'certificate' - type: String - description: | - The certificate in PEM format. - The certificate chain must be no greater than 5 certs long. - The chain must include at least one intermediate cert. - required: true - sensitive: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'expireTime' - type: String - description: 'Expire time of the certificate in RFC3339 text format.' - output: true - - name: 'certificate_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - - These are in the same namespace as the managed SSL certificates. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/name_or_name_prefix.go.tmpl' - validation: - function: 'verify.ValidateGCEName' - - name: 'privateKey' - type: String - description: 'The write-only private key in PEM format.' - required: true - immutable: true - ignore_read: true - sensitive: true - diff_suppress_func: 'sha256DiffSuppress' - custom_flatten: 'templates/terraform/custom_flatten/go/sha256.tmpl' diff --git a/mmv1/products/compute/go_RegionSslPolicy.yaml b/mmv1/products/compute/go_RegionSslPolicy.yaml deleted file mode 100644 index baab545b92e2..000000000000 --- a/mmv1/products/compute/go_RegionSslPolicy.yaml +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionSslPolicy' -kind: 'compute#sslPolicy' -description: | - Represents a Regional SSL policy. SSL policies give you the ability to control the - features of SSL that your SSL proxy or HTTPS load balancer negotiates. -references: - guides: - 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionSslPolicies' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/sslPolicies' -has_self_link: true -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/region_ssl_policy.tmpl' -custom_diff: - - 'regionSslPolicyCustomizeDiff' -parameters: - - name: 'region' - type: ResourceRef - description: | - The region where the regional SSL policy resides. - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'profile' - type: Enum - description: | - Profile specifies the set of SSL features that can be used by the - load balancer when negotiating SSL with clients. If using `CUSTOM`, - the set of SSL features to enable must be specified in the - `customFeatures` field. - - See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) - for information on what cipher suites each profile provides. If - `CUSTOM` is used, the `custom_features` attribute **must be set**. - default_value: "COMPATIBLE" - enum_values: - - 'COMPATIBLE' - - 'MODERN' - - 'RESTRICTED' - - 'CUSTOM' - - name: 'minTlsVersion' - type: Enum - description: | - The minimum version of SSL protocol that can be used by the clients - to establish a connection with the load balancer. - default_value: "TLS_1_0" - enum_values: - - 'TLS_1_0' - - 'TLS_1_1' - - 'TLS_1_2' - - name: 'enabledFeatures' - type: Array - description: 'The list of features enabled in the SSL policy.' - is_set: true - output: true - item_type: - type: String - - name: 'customFeatures' - type: Array - description: | - A list of features enabled when the selected profile is CUSTOM. The - method returns the set of features that can be specified in this - list. This field must be empty if the profile is not CUSTOM. - - See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) - for which ciphers are available to use. **Note**: this argument - *must* be present when using the `CUSTOM` profile. This argument - *must not* be present when using any other profile. - is_set: true - send_empty_value: true - item_type: - type: String - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in this - object. This field is used in optimistic locking. - output: true diff --git a/mmv1/products/compute/go_RegionTargetHttpProxy.yaml b/mmv1/products/compute/go_RegionTargetHttpProxy.yaml deleted file mode 100644 index d0c2c2295b89..000000000000 --- a/mmv1/products/compute/go_RegionTargetHttpProxy.yaml +++ /dev/null @@ -1,107 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionTargetHttpProxy' -description: | - Represents a RegionTargetHttpProxy resource, which is used by one or more - forwarding rules to route incoming HTTP requests to a URL map. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpProxies' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'region_target_http_proxy_basic' - primary_resource_id: 'default' - vars: - region_target_http_proxy_name: 'test-proxy' - region_url_map_name: 'url-map' - region_backend_service_name: 'backend-service' - region_health_check_name: 'http-health-check' - - name: 'region_target_http_proxy_https_redirect' - primary_resource_id: 'default' - vars: - region_target_http_proxy_name: 'test-https-redirect-proxy' - region_url_map_name: 'url-map' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created target https proxy should reside. - If it is not provided, the provider region is used. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - - name: 'urlMap' - type: ResourceRef - description: | - A reference to the RegionUrlMap resource that defines the mapping from URL - to the BackendService. - required: true - update_url: 'projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}/setUrlMap' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionUrlMap' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionTargetHttpsProxy.yaml b/mmv1/products/compute/go_RegionTargetHttpsProxy.yaml deleted file mode 100644 index 3a870fb4eb03..000000000000 --- a/mmv1/products/compute/go_RegionTargetHttpsProxy.yaml +++ /dev/null @@ -1,193 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionTargetHttpsProxy' -description: | - Represents a RegionTargetHttpsProxy resource, which is used by one or more - forwarding rules to route incoming HTTPS requests to a URL map. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetHttpsProxies' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - encoder: 'templates/terraform/encoders/go/compute_region_target_https_proxy.go.tmpl' - update_encoder: 'templates/terraform/encoders/go/compute_region_target_https_proxy.go.tmpl' - decoder: 'templates/terraform/decoders/go/compute_region_target_https_proxy.go.tmpl' -examples: - - name: 'region_target_https_proxy_basic' - primary_resource_id: 'default' - vars: - region_target_https_proxy_name: 'test-proxy' - region_ssl_certificate_name: 'my-certificate' - region_url_map_name: 'url-map' - region_backend_service_name: 'backend-service' - region_health_check_name: 'http-health-check' - - name: 'region_target_https_proxy_mtls' - primary_resource_id: 'default' - min_version: 'beta' - vars: - target_https_proxy_name: 'test-mtls-proxy' - ssl_certificate_name: 'my-certificate' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - server_tls_policy_name: 'my-tls-policy' - trust_config_name: 'my-trust-config' - - name: 'region_target_https_proxy_certificate_manager_certificate' - primary_resource_id: 'default' - vars: - region_target_https_proxy_name: 'target-http-proxy' - certificate_manager_certificate_name: 'my-certificate' - region_url_map_name: 'url-map' - region_backend_service_name: 'backend-service' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created target https proxy should reside. - If it is not provided, the provider region is used. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'certificateManagerCertificates' - type: Array - description: | - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. - sslCertificates and certificateManagerCertificates can't be defined together. - Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` - update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' - update_verb: 'POST' - conflicts: - - ssl_certificates - diff_suppress_func: 'tpgresource.CompareResourceNames' - custom_expand: 'templates/terraform/custom_expand/go/certificate_manager_certificate_construct_full_url.go.tmpl' - item_type: - type: String - - name: 'sslCertificates' - type: Array - description: | - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. - At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. - sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. - update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setSslCertificates' - update_verb: 'POST' - conflicts: - - certificate_manager_certificates - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'sslCertificate' - type: ResourceRef - description: 'The SSL certificates used by this TargetHttpsProxy' - resource: 'RegionSslCertificate' - imports: 'selfLink' - - name: 'sslPolicy' - type: ResourceRef - description: | - A reference to the Region SslPolicy resource that will be associated with - the TargetHttpsProxy resource. If not set, the TargetHttpsProxy - resource will not have any SSL policy configured. - update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' - update_verb: 'PATCH' - update_id: 'sslPolicy' - fingerprint_name: 'fingerprint' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionSslPolicy' - imports: 'selfLink' - - name: 'urlMap' - type: ResourceRef - description: | - A reference to the RegionUrlMap resource that defines the mapping from URL - to the RegionBackendService. - required: true - update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}/setUrlMap' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionUrlMap' - imports: 'selfLink' - - name: 'serverTlsPolicy' - type: ResourceRef - description: | - A URL referring to a networksecurity.ServerTlsPolicy - resource that describes how the proxy should authenticate inbound - traffic. serverTlsPolicy only applies to a global TargetHttpsProxy - attached to globalForwardingRules with the loadBalancingScheme - set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. - For details which ServerTlsPolicy resources are accepted with - INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED - loadBalancingScheme consult ServerTlsPolicy documentation. - If left blank, communications are not encrypted. - - If you remove this field from your configuration at the same time as - deleting or recreating a referenced ServerTlsPolicy resource, you will - receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy - within the ServerTlsPolicy resource to avoid this. - update_url: 'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}' - update_verb: 'PATCH' - update_id: 'serverTlsPolicy' - fingerprint_name: 'fingerprint' - resource: 'SslPolicy' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_RegionTargetTcpProxy.yaml b/mmv1/products/compute/go_RegionTargetTcpProxy.yaml deleted file mode 100644 index 66f45937d3fd..000000000000 --- a/mmv1/products/compute/go_RegionTargetTcpProxy.yaml +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionTargetTcpProxy' -description: | - Represents a RegionTargetTcpProxy resource, which is used by one or more - forwarding rules to route incoming TCP requests to a regional TCP proxy load - balancer. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/tcp/internal-proxy' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/regionTargetTcpProxies' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/targetTcpProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'region_target_tcp_proxy_basic' - primary_resource_id: 'default' - vars: - region_target_tcp_proxy_name: 'test-proxy' - region_backend_service_name: 'backend-service' - health_check_name: 'health-check' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the created target TCP proxy should reside. - If it is not provided, the provider region is used. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to - the backend. - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'backendService' - type: ResourceRef - description: | - A reference to the BackendService resource. - api_name: service - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'proxyBind' - type: Boolean - description: | - This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. - default_from_api: true diff --git a/mmv1/products/compute/go_RegionUrlMap.yaml b/mmv1/products/compute/go_RegionUrlMap.yaml deleted file mode 100644 index 8804464c6851..000000000000 --- a/mmv1/products/compute/go_RegionUrlMap.yaml +++ /dev/null @@ -1,2110 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RegionUrlMap' -kind: 'compute#urlMap' -description: | - UrlMaps are used to route requests to a backend service based on rules - that you define for the host and path of an incoming URL. -docs: -base_url: 'projects/{{project}}/regions/{{region}}/urlMaps' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'region_url_map_basic' - primary_resource_id: 'regionurlmap' - vars: - region_url_map_name: 'regionurlmap' - login_region_backend_service_name: 'login' - home_region_backend_service_name: 'home' - region_health_check_name: 'health-check' - - name: 'region_url_map_default_route_action' - primary_resource_id: 'regionurlmap' - vars: - region_url_map_name: 'regionurlmap' - login_region_backend_service_name: 'login' - home_region_backend_service_name: 'home' - region_health_check_name: 'health-check' - - name: 'region_url_map_l7_ilb_path' - primary_resource_id: 'regionurlmap' - vars: - region_url_map_name: 'regionurlmap' - home_region_backend_service_name: 'home' - region_health_check_name: 'health-check' - - name: 'region_url_map_l7_ilb_path_partial' - primary_resource_id: 'regionurlmap' - vars: - region_url_map_name: 'regionurlmap' - home_region_backend_service_name: 'home' - region_health_check_name: 'health-check' - - name: 'region_url_map_l7_ilb_route' - primary_resource_id: 'regionurlmap' - vars: - region_url_map_name: 'regionurlmap' - home_region_backend_service_name: 'home' - region_health_check_name: 'health-check' - - name: 'region_url_map_l7_ilb_route_partial' - primary_resource_id: 'regionurlmap' - vars: - region_url_map_name: 'regionurlmap' - home_region_backend_service_name: 'home' - region_health_check_name: 'health-check' - - name: 'int_https_lb_https_redirect' - primary_resource_id: 'redirect' - min_version: 'beta' - vars: - l7_ilb_network: 'l7-ilb-network' - l7_ilb_proxy_subnet: 'l7-ilb-proxy-subnet' - l7_ilb_subnet: 'l7-ilb-subnet' - l7_ilb_ip: 'l7-ilb-ip' - l7_ilb_forwarding_rule: 'l7-ilb-forwarding-rule' - l7_ilb_target_https_proxy: 'l7-ilb-target-https-proxy' - l7_ilb_regional_url_map: 'l7-ilb-regional-url-map' - l7_ilb_backend_service: 'l7-ilb-backend-service' - l7_ilb_mig_template: 'l7-ilb-mig-template' - l7_ilb_hc: 'l7-ilb-hc' - l7_ilb_mig1: 'l7-ilb-mig1' - l7_ilb_fw_allow_hc: 'l7-ilb-fw-allow-hc' - l7_ilb_fw_allow_ilb_to_backends: 'l7-ilb-fw-allow-ilb-to-backends' - l7_ilb_test_vm: 'l7-ilb-test-vm' - l7_ilb_redirect: 'l7-ilb-redirect' - l7_ilb_target_http_proxy: 'l7-ilb-target-http-proxy' - l7_ilb_redirect_url_map: 'l7-ilb-redirect-url-map' - ignore_read_extra: - - 'target' - - 'ip_address' - skip_test: true - - name: 'regional_external_http_load_balancer' - primary_resource_id: 'default' - min_version: 'beta' - vars: - lb_network: 'lb-network' - backend_subnet: 'backend-subnet' - proxy_only_subnet: 'proxy-only-subnet' - fw_allow_health_check: 'fw-allow-health-check' - fw_allow_proxies: 'fw-allow-proxies' - l7_xlb_backend_template: 'l7-xlb-backend-template' - l7_xlb_backend_example: 'l7-xlb-backend-example' - address_name: 'address-name' - l7_xlb_basic_check: 'l7-xlb-basic-check' - l7_xlb_backend_service: 'l7-xlb-backend-service' - regional_l7_xlb_map: 'regional-l7-xlb-map' - l7_xlb_proxy: 'l7-xlb-proxy' - l7_xlb_forwarding_rule: 'l7-xlb-forwarding-rule' - skip_test: true - skip_docs: true - - name: 'region_url_map_path_template_match' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - home_backend_service_name: 'home-service' - cart_backend_service_name: 'cart-service' - user_backend_service_name: 'user-service' - health_check_name: 'health-check' -parameters: - - name: 'region' - type: ResourceRef - description: | - The Region in which the url map should reside. - If it is not provided, the provider region is used. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'defaultService' - type: ResourceRef - description: | - The full or partial URL of the defaultService resource to which traffic is directed if - none of the hostRules match. If defaultRouteAction is additionally specified, advanced - routing actions like URL Rewrites, etc. take effect prior to sending the request to the - backend. However, if defaultService is specified, defaultRouteAction cannot contain any - weightedBackendServices. Conversely, if routeAction specifies any - weightedBackendServices, service must not be specified. Only one of defaultService, - defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. - exactly_one_of: - - 'default_service' - - 'default_url_redirect' - - 'default_route_action.0.weighted_backend_services' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. - # 'fingerprint' used internally for object consistency. - - name: 'host_rule' - type: Array - description: 'The list of HostRules to use against the URL.' - api_name: hostRules - is_set: true - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: | - An optional description of this HostRule. Provide this property - when you create the resource. - - name: 'hosts' - type: Array - description: | - The list of host patterns to match. They must be valid - hostnames, except * will match any string of ([a-z0-9-.]*). In - that case, * must be the first character and must be followed in - the pattern by either - or .. - is_set: true - required: true - item_type: - type: String - - name: 'pathMatcher' - type: String - description: | - The name of the PathMatcher to use to match the path portion of - the URL if the hostRule matches the URL's host portion. - required: true - - name: 'map_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. This field is used internally during - updates of this resource. - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'path_matcher' - type: Array - description: 'The list of named PathMatchers to use against the URL.' - api_name: pathMatchers - item_type: - type: NestedObject - properties: - - name: 'defaultService' - type: ResourceRef - description: | - A reference to a RegionBackendService resource. This will be used if - none of the pathRules defined by this PathMatcher is matched by - the URL's path portion. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'name' - type: String - description: | - The name to which this PathMatcher is referred by the HostRule. - required: true - - name: 'routeRules' - type: Array - description: | - The list of ordered HTTP route rules. Use this list instead of pathRules when - advanced route matching and routing actions are desired. The order of specifying - routeRules matters: the first rule that matches will cause its specified routing - action to take effect. Within a given pathMatcher, only one of pathRules or - routeRules must be set. routeRules are not supported in UrlMaps intended for - External load balancers. - item_type: - type: NestedObject - properties: - - name: 'priority' - type: Integer - description: | - For routeRules within a given pathMatcher, priority determines the order - in which load balancer will interpret routeRules. RouteRules are evaluated - in order of priority, from the lowest to highest number. The priority of - a rule decreases as its number increases (1, 2, 3, N+1). The first rule - that matches the request is applied. - - You cannot configure two or more routeRules with the same priority. - Priority for each rule must be set to a number between 0 and - 2147483647 inclusive. - - Priority numbers can have gaps, which enable you to add or remove rules - in the future without affecting the rest of the rules. For example, - 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which - you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the - future without any impact on existing rules. - required: true - - name: 'service' - type: ResourceRef - description: | - The region backend service resource to which traffic is - directed if this rule is matched. If routeAction is additionally specified, - advanced routing actions like URL Rewrites, etc. take effect prior to sending - the request to the backend. However, if service is specified, routeAction cannot - contain any weightedBackendService s. Conversely, if routeAction specifies any - weightedBackendServices, service must not be specified. Only one of urlRedirect, - service or routeAction.weightedBackendService must be set. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. The headerAction specified here are applied before - the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r - outeAction.weightedBackendService.backendServiceWeightAction[].headerAction - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'matchRules' - type: Array - description: | - The rules for determining a match. - item_type: - type: NestedObject - properties: - - name: 'fullPathMatch' - type: String - description: | - For satisfying the matchRule condition, the path of the request must exactly - match the value specified in fullPathMatch after removing any query parameters - and anchor that may be part of the original URL. FullPathMatch must be between 1 - and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must - be specified. - - name: 'headerMatches' - type: Array - description: | - Specifies a list of header match criteria, all of which must match corresponding - headers in the request. - item_type: - type: NestedObject - properties: - - name: 'exactMatch' - type: String - description: | - The value should exactly match contents of exactMatch. Only one of exactMatch, - prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - name: 'headerName' - type: String - description: | - The name of the HTTP header to match. For matching against the HTTP request's - authority, use a headerMatch with the header name ":authority". For matching a - request's method, use the headerName ":method". - required: true - - name: 'invertMatch' - type: Boolean - description: | - If set to false, the headerMatch is considered a match if the match criteria - above are met. If set to true, the headerMatch is considered a match if the - match criteria above are NOT met. Defaults to false. - default_value: false - - name: 'prefixMatch' - type: String - description: | - The value of the header must start with the contents of prefixMatch. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. - - name: 'presentMatch' - type: Boolean - description: | - A header with the contents of headerName must exist. The match takes place - whether or not the request's header has a value or not. Only one of exactMatch, - prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - name: 'rangeMatch' - type: NestedObject - description: | - The header value must be an integer and its value must be in the range specified - in rangeMatch. If the header does not contain an integer, number or is empty, - the match fails. For example for a range [-5, 0] - - * -3 will match - * 0 will not match - * 0.25 will not match - * -3someString will not match. - - Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or - rangeMatch must be set. - properties: - - name: 'rangeEnd' - type: Integer - description: | - The end of the range (exclusive). - required: true - - name: 'rangeStart' - type: Integer - description: | - The start of the range (inclusive). - required: true - - name: 'regexMatch' - type: String - description: | - The value of the header must match the regular expression specified in - regexMatch. For regular expression grammar, please see: - en.cppreference.com/w/cpp/regex/ecmascript For matching against a port - specified in the HTTP request, use a headerMatch with headerName set to PORT and - a regular expression that satisfies the RFC2616 Host header's port specifier. - Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or - rangeMatch must be set. - - name: 'suffixMatch' - type: String - description: | - The value of the header must end with the contents of suffixMatch. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. - - name: 'ignoreCase' - type: Boolean - description: | - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. - default_value: false - - name: 'metadataFilters' - type: Array - description: | - Opaque filter criteria used by Loadbalancer to restrict routing configuration to - a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS - clients present node metadata. If a match takes place, the relevant routing - configuration is made available to those proxies. For each metadataFilter in - this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the - filterLabels must match the corresponding label provided in the metadata. If its - filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match - with corresponding labels in the provided metadata. metadataFilters specified - here can be overrides those specified in ForwardingRule that refers to this - UrlMap. metadataFilters only applies to Loadbalancers that have their - loadBalancingScheme set to INTERNAL_SELF_MANAGED. - item_type: - type: NestedObject - properties: - - name: 'filterLabels' - type: Array - description: | - The list of label value pairs that must match labels in the provided metadata - based on filterMatchCriteria This list must not be empty and can have at the - most 64 entries. - required: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of metadata label. The name can have a maximum length of 1024 characters - and must be at least 1 character long. - required: true - - name: 'value' - type: String - description: | - The value of the label must match the specified value. value can have a maximum - length of 1024 characters. - required: true - min_size: 1 - max_size: 64 - - name: 'filterMatchCriteria' - type: Enum - description: | - Specifies how individual filterLabel matches within the list of filterLabels - contribute towards the overall metadataFilter match. Supported values are: - - * MATCH_ANY: At least one of the filterLabels must have a matching label in the - provided metadata. - * MATCH_ALL: All filterLabels must have matching labels in - the provided metadata. - required: true - enum_values: - - 'MATCH_ALL' - - 'MATCH_ANY' - - name: 'prefixMatch' - type: String - description: | - For satisfying the matchRule condition, the request's path must begin with the - specified prefixMatch. prefixMatch must begin with a /. The value must be - between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or - regexMatch must be specified. - - name: 'queryParameterMatches' - type: Array - description: | - Specifies a list of query parameter match criteria, all of which must match - corresponding query parameters in the request. - item_type: - type: NestedObject - properties: - - name: 'exactMatch' - type: String - description: | - The queryParameterMatch matches if the value of the parameter exactly matches - the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch - must be set. - - name: 'name' - type: String - description: | - The name of the query parameter to match. The query parameter must exist in the - request, in the absence of which the request match fails. - required: true - - name: 'presentMatch' - type: Boolean - description: | - Specifies that the queryParameterMatch matches if the request contains the query - parameter, irrespective of whether the parameter has a value or not. Only one of - presentMatch, exactMatch and regexMatch must be set. - - name: 'regexMatch' - type: String - description: | - The queryParameterMatch matches if the value of the parameter matches the - regular expression specified by regexMatch. For the regular expression grammar, - please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, - exactMatch and regexMatch must be set. - - name: 'regexMatch' - type: String - description: | - For satisfying the matchRule condition, the path of the request must satisfy the - regular expression specified in regexMatch after removing any query parameters - and anchor supplied with the original URL. For regular expression grammar please - see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, - fullPathMatch or regexMatch must be specified. - - name: 'pathTemplateMatch' - type: String - description: | - For satisfying the matchRule condition, the path of the request - must match the wildcard pattern specified in pathTemplateMatch - after removing any query parameters and anchor that may be part - of the original URL. - - pathTemplateMatch must be between 1 and 255 characters - (inclusive). The pattern specified by pathTemplateMatch may - have at most 5 wildcard operators and at most 5 variable - captures in total. - - name: 'routeAction' - type: NestedObject - description: | - In response to a matching matchRule, the load balancer performs advanced routing - actions like URL rewrites, header transformations, etc. prior to forwarding the - request to the selected backend. If routeAction specifies any - weightedBackendServices, service must not be set. Conversely if service is set, - routeAction cannot contain any weightedBackendServices. Only one of routeAction - or urlRedirect must be set. - properties: - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see W3C - Recommendation for Cross Origin Resource Sharing - properties: - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the - actual request can include user credentials. This translates to the Access- - Control-Allow-Credentials header. Defaults to false. - default_value: false - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regular expression patterns that match allowed origins. For - regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. An - origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'disabled' - type: Boolean - description: | - If true, specifies the CORS policy is disabled. - which indicates that the CORS policy is in effect. Defaults to false. - default_value: false - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long the results of a preflight request can be cached. This - translates to the content for the Access-Control-Max-Age header. - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the - resiliency of clients to backend service failure. As part of fault injection, - when clients send requests to a backend service, delays can be introduced by - Loadbalancer on a percentage of requests before sending those request to the - backend service. Similarly requests from clients can be aborted by the - Loadbalancer for a percentage of requests. timeout and retry_policy will be - ignored by clients that are configured with a fault_injection_policy. - properties: - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault - injection. - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. The value must be between 200 - and 599 inclusive. - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be - aborted as part of fault injection. The value must be between 0.0 and 100.0 - inclusive. - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault - injection, before being sent to a backend service. - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will - be introduced as part of fault injection. The value must be between 0.0 and - 100.0 inclusive. - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are - shadowed to a separate mirrored backend service. Loadbalancer does not wait for - responses from the shadow service. Prior to sending traffic to the shadow - service, the host / authority header is suffixed with -shadow. - properties: - - name: 'backendService' - type: ResourceRef - description: | - The RegionBackendService resource being mirrored to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - properties: - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. - required: true - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'retryConditions' - type: Array - description: | - Specifies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with - any 5xx response code, or if the backend service does not respond at all, - for example: disconnects, reset, read timeout, connection failure, and refused - streams. - * gateway-error: Similar to 5xx, but only applies to response codes - 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures - connecting to backend services, for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream: Loadbalancer will retry if the backend service resets the stream with a - REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response - header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the - gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response - header is set to resource-exhausted - * unavailable: Loadbalancer will retry if the gRPC status code in - the response header is set to unavailable - item_type: - type: String - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time - the request is has been fully processed (i.e. end-of-stream) up until the - response has been completely processed. Timeout includes all retries. If not - specified, the default value is 15 seconds. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, prior to forwarding the request to - the matched service - properties: - - name: 'hostRewrite' - type: String - description: | - Prior to forwarding the request to the selected service, the request's host - header is replaced with contents of hostRewrite. The value must be between 1 and - 255 characters. - - name: 'pathPrefixRewrite' - type: String - description: | - Prior to forwarding the request to the selected backend service, the matching - portion of the request's path is replaced by pathPrefixRewrite. The value must - be between 1 and 1024 characters. - - name: 'pathTemplateRewrite' - type: String - description: | - Prior to forwarding the request to the selected origin, if the - request matched a pathTemplateMatch, the matching portion of the - request's path is replaced re-written using the pattern specified - by pathTemplateRewrite. - - pathTemplateRewrite must be between 1 and 255 characters - (inclusive), must start with a '/', and must only use variables - captured by the route's pathTemplate matchers. - - pathTemplateRewrite may only be used when all of a route's - MatchRules specify pathTemplate. - - Only one of pathPrefixRewrite and pathTemplateRewrite may be - specified. - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match - occurs. The weights determine the fraction of traffic that flows to their - corresponding backend service. If all traffic needs to go to a single backend - service, there must be one weightedBackendService with weight set to a non 0 - number. Once a backendService is identified and before forwarding the request to - the backend service, advanced routing actions like Url rewrites and header - transformations are applied depending on additional settings specified in this - HttpRouteAction. - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The default RegionBackendService resource. Before - forwarding the request to backendService, the loadbalancer applies any relevant - headerActions specified as part of this backendServiceWeight. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. headerAction specified here take effect before - headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to backendService, computed as weight / - (sum of all weightedBackendService weights in routeAction) . The selection of a - backend service is determined only for new traffic. Once a user's request has - been directed to a backendService, subsequent requests will be sent to the same - backendService as determined by the BackendService's session affinity policy. - The value must be between 0 and 1000 - required: true - - name: 'urlRedirect' - type: NestedObject - description: | - When this rule is matched, the request is redirected to a URL specified by - urlRedirect. If urlRedirect is specified, service or routeAction must not be - set. - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one - that was supplied in the request. The value must be between 1 and 255 - characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. - If set to false, the URL scheme of the redirected request will remain the - same as that of the request. This must only be set for UrlMaps used in - TargetHttpProxys. Setting this true for TargetHttpsProxy is not - permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one - that was supplied in the request. pathRedirect cannot be supplied - together with prefixRedirect. Supply one alone or neither. If neither is - supplied, the path of the original request will be used for the redirect. - The value must be between 1 and 1024 characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the - HttpRouteRuleMatch, retaining the remaining portion of the URL before - redirecting the request. prefixRedirect cannot be supplied together with - pathRedirect. Supply one alone or neither. If neither is supplied, the - path of the original request will be used for the redirect. The value - must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is - removed prior to redirecting the request. If set to false, the query - portion of the original URL is retained. The default value is false. - default_value: false - - name: 'pathRule' - type: Array - description: | - The list of path rules. Use this list instead of routeRules when routing based - on simple path matching is all that's required. The order by which path rules - are specified does not matter. Matches are always done on the longest-path-first - basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* - irrespective of the order in which those paths appear in this list. Within a - given pathMatcher, only one of pathRules or routeRules must be set. - api_name: pathRules - item_type: - type: NestedObject - properties: - - name: 'service' - type: ResourceRef - description: | - The region backend service resource to which traffic is - directed if this rule is matched. If routeAction is additionally specified, - advanced routing actions like URL Rewrites, etc. take effect prior to sending - the request to the backend. However, if service is specified, routeAction cannot - contain any weightedBackendService s. Conversely, if routeAction specifies any - weightedBackendServices, service must not be specified. Only one of urlRedirect, - service or routeAction.weightedBackendService must be set. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'paths' - type: Array - description: | - The list of path patterns to match. Each must start with / and the only place a - \* is allowed is at the end following a /. The string fed to the path matcher - does not include any text after the first ? or #, and those chars are not - allowed here. - is_set: true - required: true - item_type: - type: String - - name: 'routeAction' - type: NestedObject - description: | - In response to a matching path, the load balancer performs advanced routing - actions like URL rewrites, header transformations, etc. prior to forwarding the - request to the selected backend. If routeAction specifies any - weightedBackendServices, service must not be set. Conversely if service is set, - routeAction cannot contain any weightedBackendServices. Only one of routeAction - or urlRedirect must be set. - properties: - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see W3C - Recommendation for Cross Origin Resource Sharing - properties: - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the - actual request can include user credentials. This translates to the Access- - Control-Allow-Credentials header. Defaults to false. - default_value: false - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regular expression patterns that match allowed origins. For - regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. An - origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'disabled' - type: Boolean - description: | - If true, specifies the CORS policy is disabled. - required: true - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long the results of a preflight request can be cached. This - translates to the content for the Access-Control-Max-Age header. - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the - resiliency of clients to backend service failure. As part of fault injection, - when clients send requests to a backend service, delays can be introduced by - Loadbalancer on a percentage of requests before sending those request to the - backend service. Similarly requests from clients can be aborted by the - Loadbalancer for a percentage of requests. timeout and retry_policy will be - ignored by clients that are configured with a fault_injection_policy. - properties: - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault - injection. - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. The value must be between 200 - and 599 inclusive. - required: true - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be - aborted as part of fault injection. The value must be between 0.0 and 100.0 - inclusive. - required: true - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault - injection, before being sent to a backend service. - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - required: true - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will - be introduced as part of fault injection. The value must be between 0.0 and - 100.0 inclusive. - required: true - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are - shadowed to a separate mirrored backend service. Loadbalancer does not wait for - responses from the shadow service. Prior to sending traffic to the shadow - service, the host / authority header is suffixed with -shadow. - properties: - - name: 'backendService' - type: ResourceRef - description: | - The RegionBackendService resource being mirrored to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - properties: - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'retryConditions' - type: Array - description: | - Specifies one or more conditions when this retry rule applies. Valid values are: - - - 5xx: Loadbalancer will attempt a retry if the backend service responds with - any 5xx response code, or if the backend service does not respond at all, - for example: disconnects, reset, read timeout, connection failure, and refused - streams. - - gateway-error: Similar to 5xx, but only applies to response codes - 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures - connecting to backend services, for example due to connection timeouts. - - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - - refused-stream: Loadbalancer will retry if the backend service resets the stream with a - REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - - cancelled: Loadbalancer will retry if the gRPC status code in the response - header is set to cancelled - - deadline-exceeded: Loadbalancer will retry if the - gRPC status code in the response header is set to deadline-exceeded - - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response - header is set to resource-exhausted - - unavailable: Loadbalancer will retry if - the gRPC status code in the response header is set to unavailable - item_type: - type: String - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time - the request is has been fully processed (i.e. end-of-stream) up until the - response has been completely processed. Timeout includes all retries. If not - specified, the default value is 15 seconds. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, prior to forwarding the request to - the matched service - properties: - - name: 'hostRewrite' - type: String - description: | - Prior to forwarding the request to the selected service, the request's host - header is replaced with contents of hostRewrite. The value must be between 1 and - 255 characters. - - name: 'pathPrefixRewrite' - type: String - description: | - Prior to forwarding the request to the selected backend service, the matching - portion of the request's path is replaced by pathPrefixRewrite. The value must - be between 1 and 1024 characters. - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match - occurs. The weights determine the fraction of traffic that flows to their - corresponding backend service. If all traffic needs to go to a single backend - service, there must be one weightedBackendService with weight set to a non 0 - number. Once a backendService is identified and before forwarding the request to - the backend service, advanced routing actions like Url rewrites and header - transformations are applied depending on additional settings specified in this - HttpRouteAction. - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The default RegionBackendService resource. Before - forwarding the request to backendService, the loadbalancer applies any relevant - headerActions specified as part of this backendServiceWeight. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. headerAction specified here take effect before - headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to backendService, computed as weight / - (sum of all weightedBackendService weights in routeAction) . The selection of a - backend service is determined only for new traffic. Once a user's request has - been directed to a backendService, subsequent requests will be sent to the same - backendService as determined by the BackendService's session affinity policy. - The value must be between 0 and 1000 - required: true - - name: 'urlRedirect' - type: NestedObject - description: | - When a path pattern is matched, the request is redirected to a URL specified - by urlRedirect. If urlRedirect is specified, service or routeAction must not - be set. - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one - that was supplied in the request. The value must be between 1 and 255 - characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. - If set to false, the URL scheme of the redirected request will remain the - same as that of the request. This must only be set for UrlMaps used in - TargetHttpProxys. Setting this true for TargetHttpsProxy is not - permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one - that was supplied in the request. pathRedirect cannot be supplied - together with prefixRedirect. Supply one alone or neither. If neither is - supplied, the path of the original request will be used for the redirect. - The value must be between 1 and 1024 characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the - HttpRouteRuleMatch, retaining the remaining portion of the URL before - redirecting the request. prefixRedirect cannot be supplied together with - pathRedirect. Supply one alone or neither. If neither is supplied, the - path of the original request will be used for the redirect. The value - must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is removed - prior to redirecting the request. If set to false, the query portion of the - original URL is retained. - This field is required to ensure an empty block is not set. The normal default value is false. - required: true - - name: 'defaultUrlRedirect' - type: NestedObject - description: | - When none of the specified hostRules match, the request is redirected to a URL specified - by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or - defaultRouteAction must not be set. - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. If set to - false, the URL scheme of the redirected request will remain the same as that of the - request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this - true for TargetHttpsProxy is not permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one that was - supplied in the request. pathRedirect cannot be supplied together with - prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the - original request will be used for the redirect. The value must be between 1 and 1024 - characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or - neither. If neither is supplied, the path of the original request will be used for - the redirect. The value must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is removed prior - to redirecting the request. If set to false, the query portion of the original URL is - retained. - This field is required to ensure an empty block is not set. The normal default value is false. - required: true - - name: 'test' - type: Array - description: | - The list of expected URL mappings. Requests to update this UrlMap will - succeed only if all of the test cases pass. - api_name: tests - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: 'Description of this test case.' - - name: 'host' - type: String - description: 'Host portion of the URL.' - required: true - - name: 'path' - type: String - description: 'Path portion of the URL.' - required: true - - name: 'service' - type: ResourceRef - description: - A reference to expected RegionBackendService resource the given URL - should be mapped to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'defaultUrlRedirect' - type: NestedObject - description: | - When none of the specified hostRules match, the request is redirected to a URL specified - by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or - defaultRouteAction must not be set. - conflicts: - - default_route_action - exactly_one_of: - - 'default_service' - - 'default_url_redirect' - - 'default_route_action.0.weighted_backend_services' - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. If set to - false, the URL scheme of the redirected request will remain the same as that of the - request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this - true for TargetHttpsProxy is not permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one that was - supplied in the request. pathRedirect cannot be supplied together with - prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the - original request will be used for the redirect. The value must be between 1 and 1024 - characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or - neither. If neither is supplied, the path of the original request will be used for - the redirect. The value must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is removed prior - to redirecting the request. If set to false, the query portion of the original URL is - retained. - This field is required to ensure an empty block is not set. The normal default value is false. - required: true - - name: 'defaultRouteAction' - type: NestedObject - description: | - defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. - Only one of defaultRouteAction or defaultUrlRedirect must be set. - URL maps for Classic external HTTP(S) load balancers only support the urlRewrite action within defaultRouteAction. - defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. - conflicts: - - default_url_redirect - properties: - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. - After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - exactly_one_of: - - 'default_service' - - 'default_url_redirect' - - 'default_route_action.0.weighted_backend_services' - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . - The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. - The value must be from 0 to 1000. - validation: - function: 'validation.IntBetween(0, 1000)' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for the selected backendService. - headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. - headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. - Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. - properties: - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request before forwarding the request to the backendService. - item_type: - type: String - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request before forwarding the request to the backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: 'The name of the header.' - - name: 'headerValue' - type: String - description: 'The value of the header to add.' - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - The default value is false. - default_value: false - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response before sending the response back to the client. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response before sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: 'The name of the header.' - - name: 'headerValue' - type: String - description: 'The value of the header to add.' - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - The default value is false. - default_value: false - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, before forwarding the request to the matched service. - urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. - Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'pathPrefixRewrite' - type: String - description: | - Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. - The value must be from 1 to 1024 characters. - at_least_one_of: - - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - - 'default_route_action.0.url_rewrite.0.host_rewrite' - validation: - function: 'validation.StringLenBetween(1, 1024)' - - name: 'hostRewrite' - type: String - description: | - Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. - The value must be from 1 to 255 characters. - at_least_one_of: - - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - - 'default_route_action.0.url_rewrite.0.host_rewrite' - validation: - function: 'validation.StringLenBetween(1, 255)' - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as end-of-stream) up until the response has been processed. Timeout includes all retries. - If not specified, this field uses the largest timeout among all backend services associated with the route. - Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - at_least_one_of: - - 'default_route_action.0.timeout.0.seconds' - - 'default_route_action.0.timeout.0.nanos' - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - at_least_one_of: - - 'default_route_action.0.timeout.0.seconds' - - 'default_route_action.0.timeout.0.nanos' - validation: - function: 'validation.IntBetween(0, 999999999)' - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'retryConditions' - type: Array - description: | - Specifies one or more conditions when this retry policy applies. - Valid values are listed below. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true: cancelled, deadline-exceeded, internal, resource-exhausted, unavailable. - - 5xx : retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - - gateway-error : Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure : a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - - retriable-4xx : a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - - refused-stream : a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - - cancelled : a retry is attempted if the gRPC status code in the response header is set to cancelled. - - deadline-exceeded : a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - - internal : a retry is attempted if the gRPC status code in the response header is set to internal. - - resource-exhausted : a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - - unavailable : a retry is attempted if the gRPC status code in the response header is set to unavailable. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.retry_conditions' - - 'default_route_action.0.retry_policy.0.num_retries' - - 'default_route_action.0.retry_policy.0.per_try_timeout' - item_type: - type: String - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.retry_conditions' - - 'default_route_action.0.retry_policy.0.num_retries' - - 'default_route_action.0.retry_policy.0.per_try_timeout' - validation: - function: 'validation.IntAtLeast(1)' - default_value: 1 - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - - If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - will use the largest timeout among all backend services associated with the route. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.retry_conditions' - - 'default_route_action.0.retry_policy.0.num_retries' - - 'default_route_action.0.retry_policy.0.per_try_timeout' - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - at_least_one_of: - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - validation: - function: 'validation.IntBetween(0, 999999999)' - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. - The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. - Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'backendService' - type: ResourceRef - description: | - The full or partial URL to the RegionBackendService resource being mirrored to. - The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. - Serverless NEG backends are not currently supported as a mirrored backend service. - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'RegionBackendService' - imports: 'selfLink' - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see - [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regualar expression patterns that match allowed origins. For regular expression grammar - please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long results of a preflight request can be cached in seconds. - This translates to the Access-Control-Max-Age header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. - Default is false. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - default_value: false - - name: 'disabled' - type: Boolean - description: | - If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - default_value: false - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. - As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. - Similarly requests from clients can be aborted by the load balancer for a percentage of requests. - timeout and retryPolicy is ignored by clients that are configured with a faultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. - Fault injection is not supported with the global external HTTP(S) load balancer (classic). To see which load balancers support fault injection, see Load balancing: [Routing and traffic management features](https://cloud.google.com/load-balancing/docs/features#routing-traffic-management). - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay' - - 'default_route_action.0.fault_injection_policy.0.abort' - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' - - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - validation: - function: 'validation.IntBetween(0, 999999999)' - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' - - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' - validation: - function: 'validation.FloatBetween(0, 100)' - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault injection. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay' - - 'default_route_action.0.fault_injection_policy.0.abort' - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. - The value must be between 200 and 599 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' - validation: - function: 'validation.IntBetween(200, 599)' - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' - validation: - function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/go_Reservation.yaml b/mmv1/products/compute/go_Reservation.yaml deleted file mode 100644 index 30401dcdd6c1..000000000000 --- a/mmv1/products/compute/go_Reservation.yaml +++ /dev/null @@ -1,246 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Reservation' -description: | - Represents a reservation resource. A reservation ensures that capacity is - held in a specific zone even if the reserved VMs are not running. - - Reservations apply only to Compute Engine, Cloud Dataproc, and Google - Kubernetes Engine VM usage.Reservations do not apply to `f1-micro` or - `g1-small` machine types, preemptible VMs, sole tenant nodes, or other - services not listed above - like Cloud SQL and Dataflow. -references: - guides: - 'Reserving zonal resources': 'https://cloud.google.com/compute/docs/instances/reserving-zonal-resources' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/reservations' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/reservations' -has_self_link: true -update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}' -update_verb: 'PATCH' -update_mask: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - update_encoder: 'templates/terraform/update_encoder/go/reservation.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/shared_reservation_update.go.tmpl' -examples: - - name: 'reservation_basic' - primary_resource_id: 'gce_reservation' - vars: - reservation_name: 'gce-reservation' - - name: 'shared_reservation_basic' - primary_resource_id: 'gce_reservation' - vars: - reservation_name: 'gce-shared-reservation' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' - billing_account: 'BILLING_ACCT' - skip_docs: true - skip_vcr: true -parameters: - - name: 'zone' - type: ResourceRef - description: | - The zone where the reservation is made. - required: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: | - Creation timestamp in RFC3339 text format. - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. - immutable: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'commitment' - type: String - description: | - Full or partial URL to a parent commitment. This field displays for - reservations that are tied to a commitment. - output: true - - name: 'specificReservationRequired' - type: Boolean - description: | - When set to true, only VMs that target this reservation by name can - consume this reservation. Otherwise, it can be consumed by VMs with - affinity for any reservation. Defaults to false. - immutable: true - default_value: false - - name: 'status' - type: String - description: | - The status of the reservation. - output: true - - name: 'shareSettings' - type: NestedObject - description: | - The share setting for reservations. - ignore_read: true - default_from_api: true - properties: - - name: 'shareType' - type: Enum - description: | - Type of sharing for this shared-reservation - immutable: true - default_from_api: true - enum_values: - - 'LOCAL' - - 'SPECIFIC_PROJECTS' - - name: 'projectMap' - type: Map - description: | - A map of project number and project config. This is only valid when shareType's value is SPECIFIC_PROJECTS. - key_name: 'id' - key_description: | - The project id/number which is deleting or adding to the project list. - value_type: - name: projectConfig - type: NestedObject - properties: - - name: 'projectId' - type: String - description: | - The project id/number, should be same as the key of this project config in the project map. - - name: 'specificReservation' - type: NestedObject - description: | - Reservation for instances with specific machine shapes. - required: true - update_url: 'projects/{{project}}/zones/{{zone}}/reservations/{{name}}/resize' - update_verb: 'POST' - properties: - - name: 'count' - type: Integer - description: | - The number of resources that are allocated. - required: true - validation: - function: 'validation.IntAtLeast(1)' - - name: 'inUseCount' - type: Integer - description: | - How many instances are in use. - output: true - - name: 'instanceProperties' - type: NestedObject - description: | - The instance properties for the reservation. - required: true - immutable: true - properties: - - name: 'machineType' - type: String - description: | - The name of the machine type to reserve. - required: true - immutable: true - - name: 'minCpuPlatform' - type: String - description: | - The minimum CPU platform for the reservation. For example, - `"Intel Skylake"`. See - the CPU platform availability reference](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones) - for information on available CPU platforms. - immutable: true - default_from_api: true - - name: 'guestAccelerators' - type: Array - description: | - Guest accelerator type and count. - immutable: true - item_type: - type: NestedObject - properties: - - name: 'acceleratorType' - type: String - description: | - The full or partial URL of the accelerator type to - attach to this instance. For example: - `projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100` - - If you are creating an instance template, specify only the accelerator name. - required: true - immutable: true - - name: 'acceleratorCount' - type: Integer - description: | - The number of the guest accelerator cards exposed to - this instance. - required: true - immutable: true - - name: 'localSsds' - type: Array - description: | - The amount of local ssd to reserve with each instance. This - reserves disks of type `local-ssd`. - immutable: true - item_type: - type: NestedObject - properties: - - name: 'interface' - type: Enum - description: | - The disk interface to use for attaching this disk. - immutable: true - default_value: "SCSI" - enum_values: - - 'SCSI' - - 'NVME' - - name: 'diskSizeGb' - type: Integer - description: | - The size of the disk in base-2 GB. - required: true - immutable: true diff --git a/mmv1/products/compute/go_ResizeRequest.yaml b/mmv1/products/compute/go_ResizeRequest.yaml deleted file mode 100644 index 0ef3a61c7849..000000000000 --- a/mmv1/products/compute/go_ResizeRequest.yaml +++ /dev/null @@ -1,393 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ResizeRequest' -kind: 'compute#instanceGroupManagerResizeRequest' -description: | - Represents a Managed Instance Group Resize Request - - Resize Requests are the Managed Instance Group implementation of Dynamic Workload Scheduler Flex Start. - - With Dynamic Workload Scheduler in Flex Start mode, you submit a GPU capacity request for your AI/ML jobs by indicating how many you need, a duration, and your preferred region. Dynamic Workload Scheduler intelligently persists the request; once the capacity becomes available, it automatically provisions your VMs enabling your workloads to run continuously for the entire duration of the capacity allocation. -references: - guides: - 'QUICKSTART_TITLE': 'https://cloud.google.com/compute/docs/instance-groups/create-resize-requests-mig' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroupManagerResizeRequests' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests' -self_link: 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{instance_group_manager}}/resizeRequests/{{name}}' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - custom_delete: 'templates/terraform/custom_delete/go/compute_mig_resize_request_delete.go.tmpl' -examples: - - name: 'compute_mig_resize_request' - primary_resource_id: 'a3_resize_request' - vars: - resize_request_name: 'a3-dws' -parameters: - - name: 'zone' - type: ResourceRef - description: | - Name of the compute zone scoping this request. Name should conform to RFC1035. - url_param_only: true - required: true - resource: 'Zone' - imports: 'name' - - name: 'instanceGroupManager' - type: ResourceRef - description: | - The name of the managed instance group. The name should conform to RFC1035 or be a resource ID. - Authorization requires the following IAM permission on the specified resource instanceGroupManager: - *compute.instanceGroupManagers.update - url_param_only: true - required: true - resource: 'InstanceGroupManager' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: | - The creation timestamp for this resize request in RFC3339 text format. - output: true - - name: 'state' - type: Enum - description: | - [Output only] Current state of the request. - output: true - enum_values: - - 'CREATING' - - 'ACCEPTED' - - 'FAILED' - - 'SUCCEEDED' - - 'CANCELLED' - - name: 'name' - type: String - description: | - The name of this resize request. The name must be 1-63 characters long, and comply with RFC1035. - required: true - - name: 'description' - type: String - description: | - An optional description of this resize-request. - - name: 'resizeBy' - type: Integer - description: | - The number of instances to be created by this resize request. The group's target size will be increased by this number. - required: true - - name: 'requestedRunDuration' - type: NestedObject - description: | - Requested run duration for instances that will be created by this request. At the end of the run duration instance will be deleted. - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - required: true - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - name: 'status' - type: NestedObject - description: | - [Output only] Status of the request. - output: true - properties: - - name: 'error' - type: NestedObject - description: | - [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. - output: true - properties: - - name: 'errors' - type: NestedObject - description: | - [Output Only] The array of errors encountered while processing this operation. - output: true - properties: - - name: 'code' - type: String - description: | - [Output Only] The error type identifier for this error. - output: true - - name: 'location' - type: String - description: | - Output Only] Indicates the field in the request that caused the error. This property is optional. - output: true - - name: 'message' - type: String - description: | - [Output Only] An optional, human-readable error message. - output: true - - name: 'errorDetails' - type: NestedObject - description: | - [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. - output: true - properties: - - name: 'errorInfo' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'reason' - type: String - description: | - The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. - output: true - - name: 'domain' - type: String - description: | - The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". - output: true - - name: 'metadatas' - type: KeyValuePairs - description: | - Additional structured details about this error. - Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. - output: true - - name: 'quotaInfo' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'metricName' - type: String - description: | - The Compute Engine quota metric name. - output: true - - name: 'limitName' - type: String - description: | - The name of the quota limit. - output: true - - name: 'dimensions' - type: KeyValuePairs - description: | - The map holding related quota dimensions - output: true - - name: 'limit' - type: Integer - description: | - Current effective quota limit. The limit's unit depends on the quota type or metric. - output: true - - name: 'futureLimit' - type: Integer - description: | - Future quota limit being rolled out. The limit's unit depends on the quota type or metric. - output: true - - name: 'rolloutStatus' - type: String - description: | - Rollout status of the future quota limit. - output: true - - name: 'help' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'links' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'description' - type: String - description: | - Describes what the link offers. - output: true - - name: 'url' - type: String - description: | - The URL of the link. - output: true - - name: 'localizedMessage' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'locale' - type: String - description: | - The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" - output: true - - name: 'message' - type: String - description: | - The localized error message in the above locale. - # Status.lastAttempt - output: true - - name: 'lastAttempt' - type: NestedObject - description: | - [Output only] Information about the last attempt to fulfill the request. The value is temporary since the ResizeRequest can retry, as long as it's still active and the last attempt value can either be cleared or replaced with a different error. Since ResizeRequest retries infrequently, the value may be stale and no longer show an active problem. The value is cleared when ResizeRequest transitions to the final state (becomes inactive). If the final state is FAILED the error describing it will be storred in the "error" field only. - output: true - properties: - - name: 'error' - type: NestedObject - description: | - [Output only] Fatal errors encountered during the queueing or provisioning phases of the ResizeRequest that caused the transition to the FAILED state. Contrary to the lastAttempt errors, this field is final and errors are never removed from here, as the ResizeRequest is not going to retry. - output: true - properties: - - name: 'errors' - type: NestedObject - description: | - [Output Only] The array of errors encountered while processing this operation. - output: true - properties: - - name: 'code' - type: String - description: | - [Output Only] The error type identifier for this error. - output: true - - name: 'location' - type: String - description: | - Output Only] Indicates the field in the request that caused the error. This property is optional. - output: true - - name: 'message' - type: String - description: | - [Output Only] An optional, human-readable error message. - output: true - - name: 'errorDetails' - type: NestedObject - description: | - [Output Only] An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED. - output: true - properties: - - name: 'errorInfo' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'reason' - type: String - description: | - The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE. - output: true - - name: 'domain' - type: String - description: | - The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". - output: true - - name: 'metadatas' - type: KeyValuePairs - description: | - Additional structured details about this error. - Keys must match /[a-z][a-zA-Z0-9-_]+/ but should ideally be lowerCamelCase. Also they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request. - output: true - - name: 'quotaInfo' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'metricName' - type: String - description: | - The Compute Engine quota metric name. - output: true - - name: 'limitName' - type: String - description: | - The name of the quota limit. - output: true - - name: 'dimensions' - type: KeyValuePairs - description: | - The map holding related quota dimensions - output: true - - name: 'limit' - type: Integer - description: | - Current effective quota limit. The limit's unit depends on the quota type or metric. - output: true - - name: 'futureLimit' - type: Integer - description: | - Future quota limit being rolled out. The limit's unit depends on the quota type or metric. - output: true - - name: 'rolloutStatus' - type: String - description: | - Rollout status of the future quota limit. - output: true - - name: 'help' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'links' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'description' - type: String - description: | - Describes what the link offers. - output: true - - name: 'url' - type: String - description: | - The URL of the link. - output: true - - name: 'localizedMessage' - type: NestedObject - description: | - [Output Only] - output: true - properties: - - name: 'locale' - type: String - description: | - The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" - output: true - - name: 'message' - type: String - description: | - The localized error message in the above locale. - -#Examples for testing - output: true diff --git a/mmv1/products/compute/go_ResourcePolicy.yaml b/mmv1/products/compute/go_ResourcePolicy.yaml deleted file mode 100644 index 035ab0cc7644..000000000000 --- a/mmv1/products/compute/go_ResourcePolicy.yaml +++ /dev/null @@ -1,373 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ResourcePolicy' -kind: 'compute#resourcePolicy' -description: | - A policy that can be attached to a resource to specify or schedule actions on that resource. -references: - guides: - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/resourcePolicies' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/resourcePolicies' -has_self_link: true -update_url: 'projects/{{project}}/regions/{{region}}/resourcePolicies/{{name}}' -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/compute_resource_policy.go.tmpl' -examples: - - name: 'resource_policy_basic' - primary_resource_id: 'foo' - vars: - name: 'gce-policy' - - name: 'resource_policy_hourly_format' - primary_resource_id: 'foo' - vars: - name: 'gce-policy' - skip_docs: true - - name: 'resource_policy_full' - primary_resource_id: 'bar' - vars: - name: 'gce-policy' - - name: 'resource_policy_placement_policy' - primary_resource_id: 'baz' - vars: - name: 'gce-policy' - - name: 'resource_policy_placement_policy_max_distance' - primary_resource_id: 'baz' - min_version: 'beta' - vars: - name: 'gce-policy' - - name: 'resource_policy_instance_schedule_policy' - primary_resource_id: 'hourly' - vars: - name: 'gce-policy' - - name: 'resource_policy_snapshot_schedule_chain_name' - primary_resource_id: 'hourly' - vars: - name: 'gce-policy' - - name: 'resource_policy_consistency_group' - primary_resource_id: 'cgroup' - vars: - name: 'gce-policy' -parameters: - - name: 'region' - type: ResourceRef - description: Region where resource policy resides. - required: false - immutable: true - ignore_read: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The name of the resource, provided by the client when initially creating - the resource. The resource name must be 1-63 characters long, and comply - with RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])`? which means the - first character must be a lowercase letter, and all following characters - must be a dash, lowercase letter, or digit, except the last character, - which cannot be a dash. - required: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create the resource. - - name: 'snapshotSchedulePolicy' - type: NestedObject - description: | - Policy for creating snapshots of persistent disks. - conflicts: - - group_placement_policy - - instance_schedule_policy - - disk_consistency_group_policy - properties: - - name: 'schedule' - type: NestedObject - description: | - Contains one of an `hourlySchedule`, `dailySchedule`, or `weeklySchedule`. - required: true - properties: - - name: 'hourlySchedule' - type: NestedObject - description: | - The policy will execute every nth hour starting at the specified time. - exactly_one_of: - - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' - - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' - - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' - properties: - - name: 'hoursInCycle' - type: Integer - description: | - The number of hours between snapshots. - required: true - - name: 'startTime' - type: String - description: | - Time within the window to start the operations. - It must be in an hourly format "HH:MM", - where HH : [00-23] and MM : [00] GMT. eg: 21:00 - required: true - diff_suppress_func: 'HourlyFormatSuppressDiff' - validation: - function: 'verify.ValidateHourlyOnly' - - name: 'dailySchedule' - type: NestedObject - description: | - The policy will execute every nth day at the specified time. - exactly_one_of: - - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' - - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' - - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' - properties: - - name: 'daysInCycle' - type: Integer - description: | - Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle. Days in cycle for snapshot schedule policy must be 1. - required: true - - name: 'startTime' - type: String - description: | - This must be in UTC format that resolves to one of - 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, - both 13:00-5 and 08:00 are valid. - required: true - diff_suppress_func: 'HourlyFormatSuppressDiff' - validation: - function: 'verify.ValidateHourlyOnly' - - name: 'weeklySchedule' - type: NestedObject - description: | - Allows specifying a snapshot time for each day of the week. - exactly_one_of: - - 'snapshot_schedule_policy.0.schedule.0.hourly_schedule' - - 'snapshot_schedule_policy.0.schedule.0.daily_schedule' - - 'snapshot_schedule_policy.0.schedule.0.weekly_schedule' - properties: - - name: 'dayOfWeeks' - type: Array - description: | - May contain up to seven (one for each day of the week) snapshot times. - is_set: true - required: true - item_type: - type: NestedObject - properties: - - name: 'startTime' - type: String - description: | - Time within the window to start the operations. - It must be in format "HH:MM", where HH : [00-23] and MM : [00-00] GMT. - required: true - - name: 'day' - type: Enum - description: | - The day of the week to create the snapshot. e.g. MONDAY - required: true - enum_values: - - 'MONDAY' - - 'TUESDAY' - - 'WEDNESDAY' - - 'THURSDAY' - - 'FRIDAY' - - 'SATURDAY' - - 'SUNDAY' - min_size: 1 - max_size: 7 - - name: 'retentionPolicy' - type: NestedObject - description: | - Retention policy applied to snapshots created by this resource policy. - properties: - - name: 'maxRetentionDays' - type: Integer - description: | - Maximum age of the snapshot that is allowed to be kept. - required: true - - name: 'onSourceDiskDelete' - type: Enum - description: | - Specifies the behavior to apply to scheduled snapshots when - the source disk is deleted. - default_value: "KEEP_AUTO_SNAPSHOTS" - enum_values: - - 'KEEP_AUTO_SNAPSHOTS' - - 'APPLY_RETENTION_POLICY' - - name: 'snapshotProperties' - type: NestedObject - description: | - Properties with which the snapshots are created, such as labels. - properties: - - name: 'labels' - type: KeyValuePairs - description: | - A set of key-value pairs. - at_least_one_of: - - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' - - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' - - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' - - name: 'storageLocations' - type: Array - description: | - Cloud Storage bucket location to store the auto snapshot - (regional or multi-regional) - is_set: true - at_least_one_of: - - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' - - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' - - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' - item_type: - type: String - max_size: 1 - - name: 'guestFlush' - type: Boolean - description: | - Whether to perform a 'guest aware' snapshot. - send_empty_value: true - at_least_one_of: - - 'snapshot_schedule_policy.0.snapshot_properties.0.labels' - - 'snapshot_schedule_policy.0.snapshot_properties.0.storage_locations' - - 'snapshot_schedule_policy.0.snapshot_properties.0.guest_flush' - - name: 'chainName' - type: String - description: | - Creates the new snapshot in the snapshot chain labeled with the - specified name. The chain name must be 1-63 characters long and comply - with RFC1035. - - name: 'groupPlacementPolicy' - type: NestedObject - description: | - Resource policy for instances used for placement configuration. - conflicts: - - instance_schedule_policy - - snapshot_schedule_policy - - disk_consistency_group_policy - properties: - - name: 'vmCount' - type: Integer - description: | - Number of VMs in this placement group. Google does not recommend that you use this field - unless you use a compact policy and you want your policy to work only if it contains this - exact number of VMs. - - name: 'availabilityDomainCount' - type: Integer - description: | - The number of availability domains instances will be spread across. If two instances are in different - availability domain, they will not be put in the same low latency network - - name: 'collocation' - type: Enum - description: | - Collocation specifies whether to place VMs inside the same availability domain on the same low-latency network. - Specify `COLLOCATED` to enable collocation. Can only be specified with `vm_count`. If compute instances are created - with a COLLOCATED policy, then exactly `vm_count` instances must be created at the same time with the resource policy - attached. - enum_values: - - 'COLLOCATED' - - name: 'maxDistance' - type: Integer - description: | - Specifies the number of max logical switches. - min_version: 'beta' - - name: 'instanceSchedulePolicy' - type: NestedObject - description: | - Resource policy for scheduling instance operations. - conflicts: - - snapshot_schedule_policy - - group_placement_policy - - disk_consistency_group_policy - properties: - - name: 'vmStartSchedule' - type: NestedObject - description: | - Specifies the schedule for starting instances. - at_least_one_of: - - 'instance_schedule_policy.0.vm_start_schedule' - - 'instance_schedule_policy.0.vm_stop_schedule' - properties: - - name: 'schedule' - type: String - description: | - Specifies the frequency for the operation, using the unix-cron format. - required: true - - name: 'vmStopSchedule' - type: NestedObject - description: | - Specifies the schedule for stopping instances. - at_least_one_of: - - 'instance_schedule_policy.0.vm_start_schedule' - - 'instance_schedule_policy.0.vm_stop_schedule' - properties: - - name: 'schedule' - type: String - description: | - Specifies the frequency for the operation, using the unix-cron format. - required: true - - name: 'timeZone' - type: String - description: | - Specifies the time zone to be used in interpreting the schedule. The value of this field must be a time zone name - from the tz database: http://en.wikipedia.org/wiki/Tz_database. - required: true - - name: 'startTime' - type: String - description: | - The start time of the schedule. The timestamp is an RFC3339 string. - - name: 'expirationTime' - type: String - description: | - The expiration time of the schedule. The timestamp is an RFC3339 string. - - name: 'diskConsistencyGroupPolicy' - type: NestedObject - description: | - Replication consistency group for asynchronous disk replication. - send_empty_value: true - conflicts: - - snapshot_schedule_policy - - group_placement_policy - - instance_schedule_policy - custom_flatten: 'templates/terraform/custom_flatten/go/disk_consistency_group_policy.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/disk_consistency_group_policy.tmpl' - properties: - - name: 'enabled' - type: Boolean - description: | - Enable disk consistency on the resource policy. - required: true - immutable: true diff --git a/mmv1/products/compute/go_Route.yaml b/mmv1/products/compute/go_Route.yaml deleted file mode 100644 index 089cc6ff29b9..000000000000 --- a/mmv1/products/compute/go_Route.yaml +++ /dev/null @@ -1,258 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Route' -kind: 'compute#route' -description: | - Represents a Route resource. - - A route is a rule that specifies how certain packets should be handled by - the virtual network. Routes are associated with virtual machines by tag, - and the set of routes for a particular virtual machine is called its - routing table. For each packet leaving a virtual machine, the system - searches that virtual machine's routing table for a single best matching - route. - - Routes match packets by destination IP address, preferring smaller or more - specific ranges over larger ones. If there is a tie, the system selects - the route with the smallest priority value. If there is still a tie, it - uses the layer three and four packet headers to select just one of the - remaining matching routes. The packet is then forwarded as specified by - the next_hop field of the winning route -- either to another virtual - machine destination, a virtual machine gateway or a Compute - Engine-operated gateway. Packets that do not match any route in the - sending virtual machine's routing table will be dropped. - - A Route resource must have exactly one specification of either - nextHopGateway, nextHopInstance, nextHopIp, nextHopVpnTunnel, or - nextHopIlb. - -references: - guides: - 'Using Routes': 'https://cloud.google.com/vpc/docs/using-routes' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routes' -docs: - optional_properties: | - * `next_hop_instance_zone` - (Optional when `next_hop_instance` is - specified) The zone of the instance specified in - `next_hop_instance`. Omit if `next_hop_instance` is specified as - a URL. -base_url: 'projects/{{project}}/global/routes' -has_self_link: true -immutable: true -mutex: 'projects/{{project}}/global/networks/{{network}}/peerings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/route.tmpl' - constants: 'templates/terraform/constants/go/compute_route.go.tmpl' - decoder: 'templates/terraform/decoders/go/route.tmpl' -error_retry_predicates: - - - 'transport_tpg.IsPeeringOperationInProgress' -examples: - - name: 'route_basic' - primary_resource_id: 'default' - vars: - route_name: 'network-route' - network_name: 'compute-network' - - name: 'route_ilb' - primary_resource_id: 'route-ilb' - vars: - network_name: 'compute-network' - subnet_name: 'compute-subnet' - forwarding_rule_name: 'compute-forwarding-rule' - health_check_name: 'proxy-health-check' - backend_name: 'compute-backend' - route_name: 'route-ilb' - - name: 'route_ilb_vip' - primary_resource_id: 'route-ilb' - min_version: 'beta' - vars: - producer_name: 'producer' - consumer_name: 'consumer' - forwarding_rule_name: 'compute-forwarding-rule' - health_check_name: 'proxy-health-check' - backend_name: 'compute-backend' - route_name: 'route-ilb' -parameters: -properties: - - name: 'destRange' - type: String - description: | - The destination range of outgoing packets that this route applies to. - Only IPv4 is supported. - required: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property - when you create the resource. - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the - last character, which cannot be a dash. - required: true - validation: - regex: '^[a-z]([-a-z0-9]*[a-z0-9])?$' - - name: 'network' - type: ResourceRef - description: 'The network that this route applies to.' - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'priority' - type: Integer - description: | - The priority of this route. Priority is used to break ties in cases - where there is more than one matching route of equal prefix length. - - In the case of two routes with equal prefix length, the one with the - lowest-numbered priority value wins. - - Default value is 1000. Valid range is 0 through 65535. - immutable: true - send_empty_value: true - default_value: 1000 - - name: 'tags' - type: Array - description: 'A list of instance tags to which this route applies.' - is_set: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/set_to_list.tmpl' - item_type: - type: String - - name: 'nextHopGateway' - type: String - description: | - URL to a gateway that should handle matching packets. - Currently, you can only specify the internet gateway, using a full or - partial valid URL: - * `https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway` - * `projects/project/global/gateways/default-internet-gateway` - * `global/gateways/default-internet-gateway` - * The string `default-internet-gateway`. - immutable: true - exactly_one_of: - - 'next_hop_gateway' - - 'next_hop_instance' - - 'next_hop_ip' - - 'next_hop_vpn_tunnel' - - 'next_hop_ilb' - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/route_gateway.tmpl' - - name: 'nextHopInstance' - type: ResourceRef - description: | - URL to an instance that should handle matching packets. - You can specify this as a full or partial URL. For example: - * `https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance` - * `projects/project/zones/zone/instances/instance` - * `zones/zone/instances/instance` - * Just the instance name, with the zone in `next_hop_instance_zone`. - immutable: true - exactly_one_of: - - 'next_hop_gateway' - - 'next_hop_instance' - - 'next_hop_ip' - - 'next_hop_vpn_tunnel' - - 'next_hop_ilb' - custom_expand: 'templates/terraform/custom_expand/go/route_instance.tmpl' - resource: 'Instance' - imports: 'selfLink' - - name: 'nextHopIp' - type: String - description: | - Network IP address of an instance that should handle matching packets. - immutable: true - default_from_api: true - exactly_one_of: - - 'next_hop_gateway' - - 'next_hop_instance' - - 'next_hop_ip' - - 'next_hop_vpn_tunnel' - - 'next_hop_ilb' - - name: 'nextHopVpnTunnel' - type: ResourceRef - description: | - URL to a VpnTunnel that should handle matching packets. - immutable: true - exactly_one_of: - - 'next_hop_gateway' - - 'next_hop_instance' - - 'next_hop_ip' - - 'next_hop_vpn_tunnel' - - 'next_hop_ilb' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'VpnTunnel' - imports: 'selfLink' - - name: 'nextHopNetwork' - type: String - description: | - URL to a Network that should handle matching packets. - output: true - - name: 'nextHopIlb' - type: String - description: | - The IP address or URL to a forwarding rule of type - loadBalancingScheme=INTERNAL that should handle matching - packets. - - With the GA provider you can only specify the forwarding - rule as a partial or full URL. For example, the following - are all valid values: - * 10.128.0.56 - * https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule - * regions/region/forwardingRules/forwardingRule - - When the beta provider, you can also specify the IP address - of a forwarding rule from the same VPC or any peered VPC. - - Note that this can only be used when the destinationRange is - a public (non-RFC 1918) IP CIDR range. - immutable: true - exactly_one_of: - - 'next_hop_gateway' - - 'next_hop_instance' - - 'next_hop_ip' - - 'next_hop_vpn_tunnel' - - 'next_hop_ilb' - diff_suppress_func: 'CompareIpAddressOrSelfLinkOrResourceName' diff --git a/mmv1/products/compute/go_Router.yaml b/mmv1/products/compute/go_Router.yaml deleted file mode 100644 index a444f3212099..000000000000 --- a/mmv1/products/compute/go_Router.yaml +++ /dev/null @@ -1,200 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Router' -kind: 'compute#router' -description: | - Represents a Router resource. -references: - guides: - 'Google Cloud Router': 'https://cloud.google.com/router/docs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/routers' -has_self_link: true -update_verb: 'PATCH' -mutex: 'router/{{region}}/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/router.go.tmpl' -custom_diff: - - 'resourceComputeRouterCustomDiff' -examples: - - name: 'router_basic' - primary_resource_id: 'foobar' - vars: - router_name: 'my-router' - network_name: 'my-network' - ignore_read_extra: - - 'advertisedIpRanges' - - name: 'compute_router_encrypted_interconnect' - primary_resource_id: 'encrypted-interconnect-router' - vars: - router_name: 'test-router' - network_name: 'test-network' - ignore_read_extra: - - 'advertisedIpRanges' -parameters: - - name: 'region' - type: ResourceRef - description: Region where the router resides. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` - which means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - immutable: true - validation: - function: 'verify.ValidateGCEName' - - name: 'description' - type: String - description: | - An optional description of this resource. - send_empty_value: true - - name: 'network' - type: ResourceRef - description: | - A reference to the network to which this router belongs. - required: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'bgp' - type: NestedObject - description: | - BGP information specific to this router. - send_empty_value: true - properties: - - name: 'asn' - type: Integer - description: | - Local BGP Autonomous System Number (ASN). Must be an RFC6996 - private ASN, either 16-bit or 32-bit. The value will be fixed for - this router resource. All VPN tunnels that link to this router - will have the same local ASN. - required: true - validation: - function: 'verify.ValidateRFC6996Asn' - - name: 'advertiseMode' - type: Enum - description: | - User-specified flag to indicate which mode to use for advertisement. - default_value: "DEFAULT" - enum_values: - - 'DEFAULT' - - 'CUSTOM' - - name: 'advertisedGroups' - type: Array - description: | - User-specified list of prefix groups to advertise in custom mode. - This field can only be populated if advertiseMode is CUSTOM and - is advertised to all peers of the router. These groups will be - advertised in addition to any specified prefixes. Leave this field - blank to advertise no custom groups. - - This enum field has the one valid value: ALL_SUBNETS - send_empty_value: true - item_type: - type: String - - name: 'advertisedIpRanges' - type: Array - description: | - User-specified list of individual IP ranges to advertise in - custom mode. This field can only be populated if advertiseMode - is CUSTOM and is advertised to all peers of the router. These IP - ranges will be advertised in addition to any specified groups. - Leave this field blank to advertise no custom IP ranges. - send_empty_value: true - custom_flatten: 'templates/terraform/custom_flatten/go/compute_router_range.go.tmpl' - item_type: - type: NestedObject - properties: - - name: 'range' - type: String - description: | - The IP range to advertise. The value must be a - CIDR-formatted string. - required: true - send_empty_value: true - - name: 'description' - type: String - description: | - User-specified description for the IP range. - send_empty_value: true - - name: 'keepaliveInterval' - type: Integer - description: | - The interval in seconds between BGP keepalive messages that are sent - to the peer. Hold time is three times the interval at which keepalive - messages are sent, and the hold time is the maximum number of seconds - allowed to elapse between successive keepalive messages that BGP - receives from a peer. - - BGP will use the smaller of either the local hold time value or the - peer's hold time value as the hold time for the BGP connection - between the two peers. If set, this value must be between 20 and 60. - The default is 20. - default_value: 20 - - name: 'identifierRange' - type: String - description: | - Explicitly specifies a range of valid BGP Identifiers for this Router. - It is provided as a link-local IPv4 range (from 169.254.0.0/16), of - size at least /30, even if the BGP sessions are over IPv6. It must - not overlap with any IPv4 BGP session ranges. Other vendors commonly - call this router ID. - default_from_api: true - - name: 'encryptedInterconnectRouter' - type: Boolean - description: | - Indicates if a router is dedicated for use with encrypted VLAN - attachments (interconnectAttachments). - immutable: true diff --git a/mmv1/products/compute/go_RouterNat.yaml b/mmv1/products/compute/go_RouterNat.yaml deleted file mode 100644 index fc97f73023bb..000000000000 --- a/mmv1/products/compute/go_RouterNat.yaml +++ /dev/null @@ -1,465 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RouterNat' -description: | - A NAT service created in a router. -references: - guides: - 'Google Cloud Router': 'https://cloud.google.com/router/docs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' -docs: -id_format: '{{project}}/{{region}}/{{router}}/{{name}}' -base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' -self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' -create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' -create_verb: 'PATCH' -update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' -update_verb: 'PATCH' -delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' -delete_verb: 'PATCH' -mutex: 'router/{{region}}/{{router}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'nats' -identity: - - name -nested_query: - keys: - - nats - is_list_of_ids: false - modify_by_patch: true -custom_code: - constants: 'templates/terraform/constants/go/router_nat.go.tmpl' - pre_create: 'templates/terraform/constants/go/router_nat_validate_action_active_range.go.tmpl' - pre_update: 'templates/terraform/constants/go/router_nat_validate_action_active_range.go.tmpl' -custom_diff: - - 'resourceComputeRouterNatDrainNatIpsCustomDiff' -exclude_tgc: true -examples: - - name: 'router_nat_basic' - primary_resource_id: 'nat' - vars: - router_name: 'my-router' - nat_name: 'my-router-nat' - network_name: 'my-network' - subnet_name: 'my-subnetwork' - skip_test: true - - name: 'router_nat_manual_ips' - primary_resource_id: 'nat_manual' - vars: - router_name: 'my-router' - nat_name: 'my-router-nat' - network_name: 'my-network' - subnet_name: 'my-subnetwork' - address_name: 'nat-manual-ip' - skip_test: true - - name: 'router_nat_rules' - primary_resource_id: 'nat_rules' - vars: - router_name: 'my-router' - nat_name: 'my-router-nat' - network_name: 'my-network' - subnet_name: 'my-subnetwork' - address_name1: 'nat-address1' - address_name2: 'nat-address2' - address_name3: 'nat-address3' - skip_test: true - - name: 'router_nat_private' - primary_resource_id: 'nat_type' - min_version: 'beta' - vars: - router_name: 'my-router' - nat_name: 'my-router-nat' - network_name: 'my-network' - subnet_name: 'my-subnetwork' - hub_name: 'my-hub' - spoke_name: 'my-spoke' - skip_test: true -parameters: - - name: 'router' - type: ResourceRef - description: | - The name of the Cloud Router in which this NAT will be configured. - url_param_only: true - required: true - immutable: true - resource: 'Router' - imports: 'name' - - name: 'region' - type: ResourceRef - description: Region where the router and NAT reside. - url_param_only: true - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the NAT service. The name must be 1-63 characters long and - comply with RFC1035. - required: true - immutable: true - validation: - function: 'verify.ValidateRFC1035Name(2, 63)' - - name: 'natIpAllocateOption' - type: Enum - description: | - How external IPs should be allocated for this NAT. Valid values are - `AUTO_ONLY` for only allowing NAT IPs allocated by Google Cloud - Platform, or `MANUAL_ONLY` for only user-allocated NAT IP addresses. - required: false - enum_values: - - 'MANUAL_ONLY' - - 'AUTO_ONLY' - - name: 'natIps' - type: Array - description: | - Self-links of NAT IPs. Only valid if natIpAllocateOption - is set to MANUAL_ONLY. - is_set: true - send_empty_value: true - set_hash_func: computeRouterNatIPsHash - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'address' - type: ResourceRef - description: 'A reference to an address associated with this NAT' - resource: 'Address' - imports: 'selfLink' - - name: 'drainNatIps' - type: Array - description: | - A list of URLs of the IP resources to be drained. These IPs must be - valid static external IPs that have been assigned to the NAT. - is_set: true - send_empty_value: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'address' - type: ResourceRef - description: 'A reference to an address associated with this NAT' - resource: 'Address' - imports: 'selfLink' - - name: 'sourceSubnetworkIpRangesToNat' - type: Enum - description: | - How NAT should be configured per Subnetwork. - If `ALL_SUBNETWORKS_ALL_IP_RANGES`, all of the - IP ranges in every Subnetwork are allowed to Nat. - If `ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES`, all of the primary IP - ranges in every Subnetwork are allowed to Nat. - `LIST_OF_SUBNETWORKS`: A list of Subnetworks are allowed to Nat - (specified in the field subnetwork below). Note that if this field - contains ALL_SUBNETWORKS_ALL_IP_RANGES or - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any - other RouterNat section in any Router for this network in this region. - required: true - enum_values: - - 'ALL_SUBNETWORKS_ALL_IP_RANGES' - - 'ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES' - - 'LIST_OF_SUBNETWORKS' - - name: 'subnetwork' - type: Array - description: | - One or more subnetwork NAT configurations. Only used if - `source_subnetwork_ip_ranges_to_nat` is set to `LIST_OF_SUBNETWORKS` - api_name: subnetworks - is_set: true - send_empty_value: true - set_hash_func: computeRouterNatSubnetworkHash - item_type: - type: NestedObject - properties: - - name: 'name' - type: ResourceRef - description: 'Self-link of subnetwork to NAT' - required: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'sourceIpRangesToNat' - type: Array - description: | - List of options for which source IPs in the subnetwork - should have NAT enabled. Supported values include: - `ALL_IP_RANGES`, `LIST_OF_SECONDARY_IP_RANGES`, - `PRIMARY_IP_RANGE`. - is_set: true - required: true - item_type: - type: String - min_size: 1 - - name: 'secondaryIpRangeNames' - type: Array - description: | - List of the secondary ranges of the subnetwork that are allowed - to use NAT. This can be populated only if - `LIST_OF_SECONDARY_IP_RANGES` is one of the values in - sourceIpRangesToNat - is_set: true - item_type: - type: String - - name: 'minPortsPerVm' - type: Integer - description: | - Minimum number of ports allocated to a VM from this NAT. Defaults to 64 for static port allocation and 32 dynamic port allocation if not set. - default_from_api: true - - name: 'maxPortsPerVm' - type: Integer - description: | - Maximum number of ports allocated to a VM from this NAT. - This field can only be set when enableDynamicPortAllocation is enabled. - - name: 'enableDynamicPortAllocation' - type: Boolean - description: | - Enable Dynamic Port Allocation. - If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. - If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. - If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. - If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. - - Mutually exclusive with enableEndpointIndependentMapping. - default_from_api: true - send_empty_value: true - - name: 'udpIdleTimeoutSec' - type: Integer - description: | - Timeout (in seconds) for UDP connections. Defaults to 30s if not set. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: 30 - - name: 'icmpIdleTimeoutSec' - type: Integer - description: | - Timeout (in seconds) for ICMP connections. Defaults to 30s if not set. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: 30 - - name: 'tcpEstablishedIdleTimeoutSec' - type: Integer - description: | - Timeout (in seconds) for TCP established connections. - Defaults to 1200s if not set. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: 1200 - - name: 'tcpTransitoryIdleTimeoutSec' - type: Integer - description: | - Timeout (in seconds) for TCP transitory connections. - Defaults to 30s if not set. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: 30 - - name: 'tcpTimeWaitTimeoutSec' - type: Integer - description: | - Timeout (in seconds) for TCP connections that are in TIME_WAIT state. - Defaults to 120s if not set. - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: 120 - - name: 'logConfig' - type: NestedObject - description: | - Configuration for logging on NAT - send_empty_value: true - properties: - - name: 'enable' - type: Boolean - description: | - Indicates whether or not to export logs. - required: true - - name: 'filter' - type: Enum - description: | - Specifies the desired filtering of logs on this NAT. - required: true - enum_values: - - 'ERRORS_ONLY' - - 'TRANSLATIONS_ONLY' - - 'ALL' - - name: 'endpointTypes' - type: Array - description: | - Specifies the endpoint Types supported by the NAT Gateway. - Supported values include: - `ENDPOINT_TYPE_VM`, `ENDPOINT_TYPE_SWG`, - `ENDPOINT_TYPE_MANAGED_PROXY_LB`. - immutable: true - default_from_api: true - item_type: - type: String - min_size: 1 - - name: 'rules' - type: Array - description: 'A list of rules associated with this NAT.' - is_set: true - send_empty_value: true - set_hash_func: computeRouterNatRulesHash - item_type: - type: NestedObject - properties: - - name: 'ruleNumber' - type: Integer - description: | - An integer uniquely identifying a rule in the list. - The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT. - required: true - send_empty_value: true - validation: - function: 'validation.IntBetween(0, 65000)' - - name: 'description' - type: String - description: 'An optional description of this rule.' - - name: 'match' - type: String - description: | - CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. - If it evaluates to true, the corresponding action is enforced. - - The following examples are valid match expressions for public NAT: - - "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" - - "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" - - The following example is a valid match expression for private NAT: - - "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'" - required: true - - name: 'action' - type: NestedObject - description: - 'The action to be enforced for traffic that matches this rule.' - default_from_api: true - properties: - - name: 'sourceNatActiveIps' - type: Array - description: | - A list of URLs of the IP resources used for this NAT rule. - These IP addresses must be valid static external IP addresses assigned to the project. - This field is used for public NAT. - is_set: true - set_hash_func: computeRouterNatIPsHash - custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_ip_set.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'address' - type: ResourceRef - description: - 'A reference to an address associated with this NAT' - resource: 'Address' - imports: 'selfLink' - - name: 'sourceNatDrainIps' - type: Array - description: | - A list of URLs of the IP resources to be drained. - These IPs must be valid static external IPs that have been assigned to the NAT. - These IPs should be used for updating/patching a NAT rule only. - This field is used for public NAT. - is_set: true - set_hash_func: computeRouterNatIPsHash - custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_ip_set.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'address' - type: ResourceRef - description: - 'A reference to an address associated with this NAT' - resource: 'Address' - imports: 'selfLink' - - name: 'sourceNatActiveRanges' - type: Array - description: | - A list of URLs of the subnetworks used as source ranges for this NAT Rule. - These subnetworks must have purpose set to PRIVATE_NAT. - This field is used for private NAT. - is_set: true - min_version: 'beta' - set_hash_func: computeRouterNatRulesSubnetHash - custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_subnets_set.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'subnet' - type: ResourceRef - description: - 'A reference to a subnetwork address associated with this NAT' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'sourceNatDrainRanges' - type: Array - description: | - A list of URLs of subnetworks representing source ranges to be drained. - This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. - This field is used for private NAT. - is_set: true - min_version: 'beta' - set_hash_func: computeRouterNatRulesSubnetHash - custom_flatten: 'templates/terraform/custom_flatten/go/nat_rules_subnets_set.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'subnet' - type: ResourceRef - description: - 'A reference to a subnetwork address associated with this NAT' - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'enableEndpointIndependentMapping' - type: Boolean - description: | - Enable endpoint independent mapping. - For more information see the [official documentation](https://cloud.google.com/nat/docs/overview#specs-rfcs). - default_from_api: true - send_empty_value: true - - name: 'type' - type: Enum - description: | - Indicates whether this NAT is used for public or private IP translation. - If unspecified, it defaults to PUBLIC. - If `PUBLIC` NAT used for public IP translation. - If `PRIVATE` NAT used for private IP translation. - min_version: 'beta' - immutable: true - default_value: "PUBLIC" - enum_values: - - 'PUBLIC' - - 'PRIVATE' - - name: 'autoNetworkTier' - type: Enum - description: | - The network tier to use when automatically reserving NAT IP addresses. - Must be one of: PREMIUM, STANDARD. If not specified, then the current - project-level default tier is used. - default_from_api: true - enum_values: - - 'PREMIUM' - - 'STANDARD' diff --git a/mmv1/products/compute/go_RouterRoutePolicy.yaml b/mmv1/products/compute/go_RouterRoutePolicy.yaml deleted file mode 100644 index 67d22276db4d..000000000000 --- a/mmv1/products/compute/go_RouterRoutePolicy.yaml +++ /dev/null @@ -1,191 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RouterRoutePolicy' -description: A route policy created in a router -min_version: 'beta' -references: - guides: - 'Google Cloud Router': 'https://cloud.google.com/router/docs/' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/routers' -docs: -id_format: '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' -base_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}' -self_link: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/getRoutePolicy?policy={{name}}' -create_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy' -update_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/updateRoutePolicy' -update_verb: 'POST' -update_mask: true -delete_url: 'projects/{{project}}/regions/{{region}}/routers/{{router}}/deleteRoutePolicy?policy={{name}}' -delete_verb: 'POST' -import_format: - - '{{project}}/{{region}}/{{router}}/routePolicies/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - decoder: 'templates/terraform/decoders/go/unwrap_route_policy_resource.go.tmpl' -examples: - - name: 'router_route_policy_export' - primary_resource_id: 'rp-export' - vars: - router_name: 'my-router' - network_name: 'my-network' - subnet_name: 'my-subnetwork' - route_policy_name: 'my-rp1' - - name: 'router_route_policy_import' - primary_resource_id: 'rp-import' - vars: - router_name: 'my-router' - network_name: 'my-network' - subnet_name: 'my-subnetwork' - route_policy_name: 'my-rp2' -parameters: - - name: 'router' - type: ResourceRef - description: | - The name of the Cloud Router in which this route policy will be configured. - min_version: 'beta' - url_param_only: true - required: true - immutable: true - resource: 'Router' - imports: 'name' - - name: 'region' - type: ResourceRef - description: Region where the router and NAT reside. - min_version: 'beta' - url_param_only: true - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - resource: 'Region' - imports: 'name' - - name: 'name' - type: String - description: | - Name of the route policy. This policy's name, which must be a resource ID segment and unique within all policies owned by the Router - min_version: 'beta' - required: true - immutable: true -properties: - - name: 'type' - type: Enum - description: | - This is policy's type, which is one of IMPORT or EXPORT - min_version: 'beta' - enum_values: - - 'ROUTE_POLICY_TYPE_IMPORT' - - 'ROUTE_POLICY_TYPE_EXPORT' - - name: 'terms' - type: Array - description: | - List of terms (the order in the list is not important, they are evaluated in order of priority). - min_version: 'beta' - required: true - immutable: true - item_type: - type: NestedObject - properties: - - name: 'priority' - type: Integer - description: | - The evaluation priority for this term, which must be between 0 (inclusive) and 231 (exclusive), and unique within the list. - min_version: 'beta' - required: true - - name: 'match' - type: NestedObject - description: | - CEL expression evaluated against a route to determine if this term applies (see Policy Language). When not set, the term applies to all routes. - min_version: 'beta' - properties: - - name: 'expression' - type: String - description: - Textual representation of an expression in Common Expression - Language syntax. - min_version: 'beta' - required: true - - name: 'title' - type: String - description: - Title for the expression, i.e. a short string describing its - purpose. - min_version: 'beta' - - name: 'description' - type: String - description: Description of the expression - min_version: 'beta' - - name: 'location' - type: String - description: - String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file - min_version: 'beta' - - name: 'actions' - type: Array - description: | - 'CEL expressions to evaluate to modify a route when this term matches.'\ - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'expression' - type: String - description: | - Textual representation of an expression in Common Expression - Language syntax. - min_version: 'beta' - required: true - - name: 'title' - type: String - description: | - Title for the expression, i.e. a short string describing its - purpose. - min_version: 'beta' - - name: 'description' - type: String - description: | - Description of the expression - min_version: 'beta' - - name: 'location' - type: String - description: | - String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file - min_version: 'beta' - - name: 'fingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - min_version: 'beta' - output: true diff --git a/mmv1/products/compute/go_SecurityPolicyRule.yaml b/mmv1/products/compute/go_SecurityPolicyRule.yaml deleted file mode 100644 index cb2fd3bce77a..000000000000 --- a/mmv1/products/compute/go_SecurityPolicyRule.yaml +++ /dev/null @@ -1,448 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'SecurityPolicyRule' -description: | - A rule for the SecurityPolicy. -references: - guides: - 'Creating global security policy rules': 'https://cloud.google.com/armor/docs/configure-security-policies' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies/addRule' -docs: -id_format: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' -base_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}' -self_link: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/getRule?priority={{priority}}' -create_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/addRule?priority={{priority}}' -update_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/patchRule?priority={{priority}}' -update_verb: 'POST' -update_mask: true -delete_url: 'projects/{{project}}/global/securityPolicies/{{security_policy}}/removeRule?priority={{priority}}' -delete_verb: 'POST' -import_format: - - 'projects/{{project}}/global/securityPolicies/{{security_policy}}/priority/{{priority}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: -examples: - - name: 'security_policy_rule_basic' - primary_resource_id: 'policy_rule' - vars: - sec_policy_name: 'policyruletest' - - name: 'security_policy_rule_default_rule' - primary_resource_id: 'policy_rule' - vars: - sec_policy_name: 'policyruletest' - project_id: 'PROJECT_NAME' - skip_test: true - - name: 'security_policy_rule_multiple_rules' - primary_resource_id: 'policy_rule_one' - vars: - sec_policy_name: 'policywithmultiplerules' -parameters: - - name: 'security_policy' - type: String - description: | - The name of the security policy this rule belongs to. - url_param_only: true - required: true - immutable: true -properties: - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create the resource. - - name: 'priority' - type: Integer - description: | - An integer indicating the priority of a rule in the list. - The priority must be a positive value between 0 and 2147483647. - Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. - required: true - immutable: true - - name: 'match' - type: NestedObject - description: | - A match condition that incoming traffic is evaluated against. - If it evaluates to true, the corresponding 'action' is enforced. - properties: - - name: 'versionedExpr' - type: Enum - description: | - Preconfigured versioned expression. If this field is specified, config must also be specified. - Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. - enum_values: - - 'SRC_IPS_V1' - - name: 'expr' - type: NestedObject - description: | - User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. - properties: - - name: 'expression' - type: String - description: | - Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported. - # >> These fields are not yet supported, following the global security policy resource. - required: true - - name: 'exprOptions' - type: NestedObject - description: | - The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr'). - properties: - - name: 'recaptchaOptions' - type: NestedObject - description: | - reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field has no effect. - required: true - properties: - - name: 'actionTokenSiteKeys' - type: Array - description: | - A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. - item_type: - type: String - - name: 'sessionTokenSiteKeys' - type: Array - description: | - A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created. - item_type: - type: String - - name: 'config' - type: NestedObject - description: | - The configuration options available when specifying versionedExpr. - This field must be specified if versionedExpr is specified and cannot be specified if versionedExpr is not specified. - properties: - - name: 'srcIpRanges' - type: Array - description: | - CIDR IP address range. Maximum number of srcIpRanges allowed is 10. - item_type: - type: String - - name: 'preconfiguredWafConfig' - type: NestedObject - description: | - Preconfigured WAF configuration to be applied for the rule. - If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect. - properties: - - name: 'exclusion' - type: Array - description: | - An exclusion to apply during preconfigured WAF evaluation. - api_name: exclusions - item_type: - type: NestedObject - properties: - - name: 'requestHeader' - type: Array - description: | - Request header whose value will be excluded from inspection during preconfigured WAF evaluation. - api_name: requestHeadersToExclude - item_type: - type: NestedObject - properties: - - name: 'operator' - type: String - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - required: true - validation: - function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - - name: 'requestCookie' - type: Array - description: | - Request cookie whose value will be excluded from inspection during preconfigured WAF evaluation. - api_name: requestCookiesToExclude - item_type: - type: NestedObject - properties: - - name: 'operator' - type: String - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - required: true - validation: - function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - - name: 'requestUri' - type: Array - description: | - Request URI from the request line to be excluded from inspection during preconfigured WAF evaluation. - When specifying this field, the query or fragment part should be excluded. - api_name: requestUrisToExclude - item_type: - type: NestedObject - properties: - - name: 'operator' - type: String - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - required: true - validation: - function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - - name: 'requestQueryParam' - type: Array - description: | - Request query parameter whose value will be excluded from inspection during preconfigured WAF evaluation. - Note that the parameter can be in the query string or in the POST body. - api_name: requestQueryParamsToExclude - item_type: - type: NestedObject - properties: - - name: 'operator' - type: String - description: | - You can specify an exact match or a partial match by using a field operator and a field value. - Available options: - EQUALS: The operator matches if the field value equals the specified value. - STARTS_WITH: The operator matches if the field value starts with the specified value. - ENDS_WITH: The operator matches if the field value ends with the specified value. - CONTAINS: The operator matches if the field value contains the specified value. - EQUALS_ANY: The operator matches if the field value is any value. - api_name: op - required: true - validation: - function: 'validation.StringInSlice([]string{"EQUALS", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "EQUALS_ANY"}, false)' - - name: 'value' - type: String - description: | - A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation. - The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY. - api_name: val - - name: 'targetRuleSet' - type: String - description: | - Target WAF rule set to apply the preconfigured WAF exclusion. - required: true - - name: 'targetRuleIds' - type: Array - description: | - A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. - If omitted, it refers to all the rule IDs under the WAF rule set. - item_type: - type: String - - name: 'action' - type: String - description: | - The Action to perform when the rule is matched. The following are the valid actions: - - * allow: allow access to target. - - * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. - - * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set. - - * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - - * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this. - required: true - - name: 'rateLimitOptions' - type: NestedObject - description: | - Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. - update_mask_fields: - - 'rateLimitOptions.rateLimitThreshold' - - 'rateLimitOptions.conformAction' - - 'rateLimitOptions.exceedRedirectOptions' - - 'rateLimitOptions.exceedAction' - - 'rateLimitOptions.enforceOnKey' - - 'rateLimitOptions.enforceOnKeyName' - - 'rateLimitOptions.enforceOnKeyConfigs' - - 'rateLimitOptions.banThreshold' - - 'rateLimitOptions.banDurationSec' - properties: - - name: 'rateLimitThreshold' - type: NestedObject - description: | - Threshold at which to begin ratelimiting. - properties: - - name: 'count' - type: Integer - description: | - Number of HTTP(S) requests for calculating the threshold. - - name: 'intervalSec' - type: Integer - description: | - Interval over which the threshold is computed. - - name: 'conformAction' - type: String - description: | - Action to take for requests that are under the configured rate limit threshold. - Valid option is "allow" only. - - name: 'exceedRedirectOptions' - type: NestedObject - description: | - Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. - properties: - - name: 'type' - type: String - description: | - Type of the redirect action. - - name: 'target' - type: String - description: | - Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. - - name: 'exceedAction' - type: String - description: | - Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. - Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. - - name: 'enforceOnKey' - type: Enum - description: | - Determines the key to enforce the rateLimitThreshold on. Possible values are: - * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. - * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - * REGION_CODE: The country/region from which the request originates. - * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - enum_values: - - 'ALL' - - 'IP' - - 'HTTP_HEADER' - - 'XFF_IP' - - 'HTTP_COOKIE' - - 'HTTP_PATH' - - 'SNI' - - 'REGION_CODE' - - 'TLS_JA3_FINGERPRINT' - - 'USER_IP' - - name: 'enforceOnKeyName' - type: String - description: | - Rate limit key name applicable only for the following key types: - HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. - HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - - name: 'enforceOnKeyConfigs' - type: Array - description: | - If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. - You can specify up to 3 enforceOnKeyConfigs. - If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. - item_type: - type: NestedObject - properties: - - name: 'enforceOnKeyType' - type: Enum - description: | - Determines the key to enforce the rateLimitThreshold on. Possible values are: - * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. - * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - * REGION_CODE: The country/region from which the request originates. - * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. - * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. - enum_values: - - 'ALL' - - 'IP' - - 'HTTP_HEADER' - - 'XFF_IP' - - 'HTTP_COOKIE' - - 'HTTP_PATH' - - 'SNI' - - 'REGION_CODE' - - 'TLS_JA3_FINGERPRINT' - - 'USER_IP' - - name: 'enforceOnKeyName' - type: String - description: | - Rate limit key name applicable only for the following key types: - HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. - HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. - - name: 'banThreshold' - type: NestedObject - description: | - Can only be specified if the action for the rule is "rate_based_ban". - If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. - properties: - - name: 'count' - type: Integer - description: | - Number of HTTP(S) requests for calculating the threshold. - - name: 'intervalSec' - type: Integer - description: | - Interval over which the threshold is computed. - - name: 'banDurationSec' - type: Integer - description: | - Can only be specified if the action for the rule is "rate_based_ban". - If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - - name: 'preview' - type: Boolean - description: | - If set to true, the specified action is not enforced. diff --git a/mmv1/products/compute/go_ServiceAttachment.yaml b/mmv1/products/compute/go_ServiceAttachment.yaml deleted file mode 100644 index b10914454e7f..000000000000 --- a/mmv1/products/compute/go_ServiceAttachment.yaml +++ /dev/null @@ -1,241 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ServiceAttachment' -kind: 'compute#ServiceAttachment' -description: | - Represents a ServiceAttachment resource. -references: - guides: - 'Configuring Private Service Connect to access services': 'https://cloud.google.com/vpc/docs/configure-private-service-connect-services' - api: 'https://cloud.google.com/compute/docs/reference/beta/serviceAttachments' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/serviceAttachments' -has_self_link: true -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/compute_service_attachment.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/compute_service_attachment.go.tmpl' -examples: - - name: 'service_attachment_basic' - primary_resource_id: 'psc_ilb_service_attachment' - vars: - service_attachment_name: 'my-psc-ilb' - network_name: 'psc-ilb-network' - nat_subnetwork_name: 'psc-ilb-nat' - producer_subnetwork_name: 'psc-ilb-producer-subnetwork' - producer_health_check_name: 'producer-service-health-check' - producer_service_name: 'producer-service' - producer_forwarding_rule_name: 'producer-forwarding-rule' - consumer_address_name: 'psc-ilb-consumer-address' - consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' - - name: 'service_attachment_explicit_projects' - primary_resource_id: 'psc_ilb_service_attachment' - vars: - service_attachment_name: 'my-psc-ilb' - network_name: 'psc-ilb-network' - nat_subnetwork_name: 'psc-ilb-nat' - producer_subnetwork_name: 'psc-ilb-producer-subnetwork' - producer_health_check_name: 'producer-service-health-check' - producer_service_name: 'producer-service' - producer_forwarding_rule_name: 'producer-forwarding-rule' - consumer_address_name: 'psc-ilb-consumer-address' - consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' - - name: 'service_attachment_explicit_networks' - primary_resource_id: 'psc_ilb_service_attachment' - vars: - service_attachment_name: 'my-psc-ilb' - network_name: 'psc-ilb-network' - nat_subnetwork_name: 'psc-ilb-nat' - producer_subnetwork_name: 'psc-ilb-producer-subnetwork' - producer_health_check_name: 'producer-service-health-check' - producer_service_name: 'producer-service' - producer_forwarding_rule_name: 'producer-forwarding-rule' - consumer_network_name: 'psc-ilb-consumer-network' - consumer_address_name: 'psc-ilb-consumer-address' - consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' - - name: 'service_attachment_reconcile_connections' - primary_resource_id: 'psc_ilb_service_attachment' - vars: - service_attachment_name: 'my-psc-ilb' - network_name: 'psc-ilb-network' - nat_subnetwork_name: 'psc-ilb-nat' - producer_subnetwork_name: 'psc-ilb-producer-subnetwork' - producer_health_check_name: 'producer-service-health-check' - producer_service_name: 'producer-service' - producer_forwarding_rule_name: 'producer-forwarding-rule' - consumer_address_name: 'psc-ilb-consumer-address' - consumer_forwarding_rule_name: 'psc-ilb-consumer-forwarding-rule' -parameters: - - name: 'region' - type: ResourceRef - description: | - URL of the region where the resource resides. - required: false - immutable: true - ignore_read: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` - which means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - immutable: true - - name: 'description' - type: String - description: | - An optional description of this resource. - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. This field is used internally during - updates of this resource. - output: true - - name: 'connectionPreference' - type: String - description: | - The connection preference to use for this service attachment. Valid - values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL". - required: true - - name: 'connectedEndpoints' - type: Array - description: | - An array of the consumer forwarding rules connected to this service - attachment. - output: true - item_type: - type: NestedObject - properties: - - name: 'endpoint' - type: String - description: | - The URL of the consumer forwarding rule. - output: true - - name: 'status' - type: String - description: | - The status of the connection from the consumer forwarding rule to - this service attachment. - output: true - - name: 'targetService' - type: String - description: | - The URL of a service serving the endpoint identified by this service attachment. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'natSubnets' - type: Array - description: | - An array of subnets that is provided for NAT in this service attachment. - required: true - send_empty_value: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'subnet' - type: ResourceRef - description: | - A subnet that is provided for NAT in this service attachment. - resource: 'Subnetwork' - imports: 'selfLink' - - name: 'enableProxyProtocol' - type: Boolean - description: | - If true, enable the proxy protocol which is for supplying client TCP/IP - address data in TCP connections that traverse proxies on their way to - destination servers. - required: true - - name: 'domainNames' - type: Array - description: | - If specified, the domain name will be used during the integration between - the PSC connected endpoints and the Cloud DNS. For example, this is a - valid domain name: "p.mycompany.com.". Current max number of domain names - supported is 1. - immutable: true - item_type: - type: String - - name: 'consumerRejectLists' - type: Array - description: | - An array of projects that are not allowed to connect to this service - attachment. - send_empty_value: true - item_type: - type: String - - name: 'consumerAcceptLists' - type: Array - description: | - An array of projects that are allowed to connect to this service - attachment. - is_set: true - send_empty_value: true - set_hash_func: computeServiceAttachmentConsumerAcceptListsHash - item_type: - type: NestedObject - properties: - - name: 'projectIdOrNum' - type: String - description: | - A project that is allowed to connect to this service attachment. - Only one of project_id_or_num and network_url may be set. - - name: 'networkUrl' - type: String - description: | - The network that is allowed to connect to this service attachment. - Only one of project_id_or_num and network_url may be set. - diff_suppress_func: 'tpgresource.CompareSelfLinkRelativePaths' - - name: 'connectionLimit' - type: Integer - description: | - The number of consumer forwarding rules the consumer project can - create. - required: true - - name: 'reconcileConnections' - type: Boolean - description: | - This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. - - If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . - If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list. - default_from_api: true - send_empty_value: true diff --git a/mmv1/products/compute/go_Snapshot.yaml b/mmv1/products/compute/go_Snapshot.yaml deleted file mode 100644 index c9fc7c2149f1..000000000000 --- a/mmv1/products/compute/go_Snapshot.yaml +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Snapshot' -kind: 'compute#snapshot' -description: | - Represents a Persistent Disk Snapshot resource. - - Use snapshots to back up data from your persistent disks. Snapshots are - different from public images and custom images, which are used primarily - to create instances or configure instance templates. Snapshots are useful - for periodic backup of the data on your persistent disks. You can create - snapshots from persistent disks even while they are attached to running - instances. - - Snapshots are incremental, so you can create regular snapshots on a - persistent disk faster and at a much lower cost than if you regularly - created a full image of the disk. -# 'createSnapshot' is a zonal operation while 'snapshot.delete' is a global -# operation. we'll leave the object as global operation and use the disk's -# zonal operation for the create action. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/disks/create-snapshots' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/snapshots' -docs: -base_url: 'projects/{{project}}/global/snapshots' -has_self_link: true -create_url: 'PRE_CREATE_REPLACE_ME/createSnapshot' -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - full_url: 'selfLink' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - parent_resource_attribute: 'name' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/global/snapshots/{{name}}' - - '{{name}}' -custom_code: - decoder: 'templates/terraform/decoders/go/snapshot.go.tmpl' - pre_create: 'templates/terraform/pre_create/go/compute_snapshot_precreate_url.go.tmpl' -examples: - - name: 'snapshot_basic' - primary_resource_id: 'snapshot' - primary_resource_name: 'fmt.Sprintf("tf-test-my-snapshot%s", context["random_suffix"])' - vars: - snapshot_name: 'my-snapshot' - disk_name: 'debian-disk' - - name: 'snapshot_chainname' - primary_resource_id: 'snapshot' - primary_resource_name: 'fmt.Sprintf("tf-test-snapshot-chainname%s", context["random_suffix"])' - vars: - snapshot_name: 'my-snapshot' - disk_name: 'debian-disk' - chain_name: 'snapshot-chain' -parameters: - - name: 'sourceDisk' - type: ResourceRef - description: 'A reference to the disk used to create this snapshot.' - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Disk' - imports: 'name' - - name: 'zone' - type: ResourceRef - description: 'A reference to the zone where the disk is hosted.' - required: false - immutable: true - ignore_read: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' - - name: 'snapshotEncryptionKey' - type: NestedObject - description: | - Encrypts the snapshot using a customer-supplied encryption key. - - After you encrypt a snapshot using a customer-supplied key, you must - provide the same key if you use the snapshot later. For example, you - must provide the encryption key when you create a disk from the - encrypted snapshot in a future request. - - Customer-supplied encryption keys do not protect access to metadata of - the snapshot. - - If you do not provide an encryption key when creating the snapshot, - then the snapshot will be encrypted using an automatically generated - key and you do not need to provide a key to use the snapshot later. - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - ignore_read: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/compute_snapshot_snapshot_encryption_raw_key.go.tmpl' - - name: 'sha256' - type: String - description: | - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied - encryption key that protects this resource. - output: true - - name: 'kmsKeySelfLink' - type: String - description: | - The name of the encryption key that is stored in Google Cloud KMS. - api_name: kmsKeyName - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account used for the encryption request for the given KMS key. - If absent, the Compute Engine Service Agent service account is used. - # ignore_read in providers - this is only used in Create - - name: 'sourceDiskEncryptionKey' - type: NestedObject - description: | - The customer-supplied encryption key of the source snapshot. Required - if the source snapshot is protected by a customer-supplied encryption - key. - ignore_read: true - properties: - - name: 'rawKey' - type: String - description: | - Specifies a 256-bit customer-supplied encryption key, encoded in - RFC 4648 base64 to either encrypt or decrypt this resource. - # The docs list this field but it is never returned. - sensitive: true - - name: 'kmsKeyServiceAccount' - type: String - description: | - The service account used for the encryption request for the given KMS key. - If absent, the Compute Engine Service Agent service account is used. -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'snapshot_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'diskSizeGb' - type: Integer - description: 'Size of the snapshot, specified in GB.' - output: true - - name: 'chainName' - type: String - description: | - Creates the new snapshot in the snapshot chain labeled with the - specified name. The chain name must be 1-63 characters long and - comply with RFC1035. This is an uncommon option only for advanced - service owners who needs to create separate snapshot chains, for - example, for chargeback tracking. When you describe your snapshot - resource, this field is visible only if it has a non-empty value. - - name: 'name' - type: String - description: | - Name of the resource; provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - # 'sourceDiskId' not useful for object convergence. - immutable: true - - name: 'storageBytes' - type: Integer - description: | - A size of the storage used by the snapshot. As snapshots share - storage, this number is expected to change with snapshot - creation/deletion. - output: true - - name: 'storageLocations' - type: Array - description: | - Cloud Storage bucket storage location of the snapshot (regional or multi-regional). - default_from_api: true - item_type: - type: String - - name: 'licenses' - type: Array - description: | - A list of public visible licenses that apply to this snapshot. This - can be because the original image had licenses attached (such as a - Windows image). snapshotEncryptionKey nested object Encrypts the - snapshot using a customer-supplied encryption key. - output: true - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'license' - type: ResourceRef - description: 'A reference to a license associated with this snapshot' - resource: 'License' - imports: 'selfLink' - - name: 'labels' - type: KeyValueLabels - description: Labels to apply to this Snapshot. - update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/global/snapshots/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' diff --git a/mmv1/products/compute/go_SslCertificate.yaml b/mmv1/products/compute/go_SslCertificate.yaml deleted file mode 100644 index 913043468170..000000000000 --- a/mmv1/products/compute/go_SslCertificate.yaml +++ /dev/null @@ -1,130 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'SslCertificate' -kind: 'compute#sslCertificate' -description: | - An SslCertificate resource, used for HTTPS load balancing. This resource - provides a mechanism to upload an SSL key and certificate to - the load balancer to serve secure connections from the user. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/load-balancing/docs/ssl-certificates' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates' -docs: - optional_properties: | - * `name_prefix` - (Optional) Creates a unique name beginning with the - specified prefix. Conflicts with `name`. Max length is 54 characters. - Prefixes with lengths longer than 37 characters will use a shortened - UUID that will be more prone to collisions. - Resulting name for a `name_prefix` <= 37 characters: - `name_prefix` + YYYYmmddHHSSssss + 8 digit incremental counter - Resulting name for a `name_prefix` 38 - 54 characters: - `name_prefix` + YYmmdd + 3 digit incremental counter -base_url: 'projects/{{project}}/global/sslCertificates' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/ssl_certificate.tmpl' -examples: - - name: 'ssl_certificate_basic' - primary_resource_id: 'default' - ignore_read_extra: - - 'name_prefix' - skip_vcr: true - - name: 'ssl_certificate_random_provider' - primary_resource_id: 'default' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'ssl_certificate_target_https_proxies' - primary_resource_id: 'default' - vars: - target_https_proxy_name: 'test-proxy' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - ignore_read_extra: - - 'name_prefix' - skip_vcr: true -parameters: -properties: - - name: 'certificate' - type: String - description: | - The certificate in PEM format. - The certificate chain must be no greater than 5 certs long. - The chain must include at least one intermediate cert. - required: true - sensitive: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'expireTime' - type: String - description: 'Expire time of the certificate in RFC3339 text format.' - output: true - - name: 'certificate_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - - These are in the same namespace as the managed SSL certificates. - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/name_or_name_prefix.go.tmpl' - validation: - function: 'verify.ValidateGCEName' - - name: 'privateKey' - type: String - description: 'The write-only private key in PEM format.' - required: true - immutable: true - ignore_read: true - sensitive: true - diff_suppress_func: 'sha256DiffSuppress' - custom_flatten: 'templates/terraform/custom_flatten/go/sha256.tmpl' diff --git a/mmv1/products/compute/go_SslPolicy.yaml b/mmv1/products/compute/go_SslPolicy.yaml deleted file mode 100644 index 7ee4898da65e..000000000000 --- a/mmv1/products/compute/go_SslPolicy.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'SslPolicy' -kind: 'compute#sslPolicy' -description: | - Represents a SSL policy. SSL policies give you the ability to control the - features of SSL that your SSL proxy or HTTPS load balancer negotiates. -references: - guides: - 'Using SSL Policies': 'https://cloud.google.com/compute/docs/load-balancing/ssl-policies' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies' -docs: -base_url: 'projects/{{project}}/global/sslPolicies' -has_self_link: true -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/ssl_policy.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/ssl_policy.tmpl' -custom_diff: - - 'sslPolicyCustomizeDiff' -examples: - - name: 'ssl_policy_basic' - primary_resource_id: 'prod-ssl-policy' - vars: - production_ssl_policy_name: 'production-ssl-policy' - nonprod_ssl_policy_name: 'nonprod-ssl-policy' - custom_ssl_policy_name: 'custom-ssl-policy' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'profile' - type: Enum - description: | - Profile specifies the set of SSL features that can be used by the - load balancer when negotiating SSL with clients. If using `CUSTOM`, - the set of SSL features to enable must be specified in the - `customFeatures` field. - - See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) - for information on what cipher suites each profile provides. If - `CUSTOM` is used, the `custom_features` attribute **must be set**. - default_value: "COMPATIBLE" - enum_values: - - 'COMPATIBLE' - - 'MODERN' - - 'RESTRICTED' - - 'CUSTOM' - - name: 'minTlsVersion' - type: Enum - description: | - The minimum version of SSL protocol that can be used by the clients - to establish a connection with the load balancer. - default_value: "TLS_1_0" - enum_values: - - 'TLS_1_0' - - 'TLS_1_1' - - 'TLS_1_2' - - name: 'enabledFeatures' - type: Array - description: 'The list of features enabled in the SSL policy.' - is_set: true - output: true - item_type: - type: String - - name: 'customFeatures' - type: Array - description: | - Profile specifies the set of SSL features that can be used by the - load balancer when negotiating SSL with clients. This can be one of - `COMPATIBLE`, `MODERN`, `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`, - the set of SSL features to enable must be specified in the - `customFeatures` field. - - See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport) - for which ciphers are available to use. **Note**: this argument - *must* be present when using the `CUSTOM` profile. This argument - *must not* be present when using any other profile. - is_set: true - item_type: - type: String - - name: 'fingerprint' - type: String - description: | - Fingerprint of this resource. A hash of the contents stored in this - object. This field is used in optimistic locking. - output: true diff --git a/mmv1/products/compute/go_Subnetwork.yaml b/mmv1/products/compute/go_Subnetwork.yaml deleted file mode 100644 index ed9e1d601931..000000000000 --- a/mmv1/products/compute/go_Subnetwork.yaml +++ /dev/null @@ -1,445 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Subnetwork' -kind: 'compute#subnetwork' -description: | - A VPC network is a virtual version of the traditional physical networks - that exist within and between physical data centers. A VPC network - provides connectivity for your Compute Engine virtual machine (VM) - instances, Container Engine containers, App Engine Flex services, and - other network-related resources. - - Each GCP project contains one or more VPC networks. Each VPC network is a - global entity spanning all GCP regions. This global VPC network allows VM - instances and other resources to communicate with each other via internal, - private IP addresses. - - Each VPC network is subdivided into subnets, and each subnet is contained - within a single region. You can have more than one subnet in a region for - a given VPC network. Each subnet has a contiguous private RFC1918 IP - space. You create instances, containers, and the like in these subnets. - When you create an instance, you must create it in a subnet, and the - instance draws its internal IP address from that subnet. - - Virtual machine (VM) instances in a VPC network can communicate with - instances in all other subnets of the same VPC network, regardless of - region, using their RFC1918 private IP addresses. You can isolate portions - of the network, even entire subnets, using firewall rules. -references: - guides: - 'Private Google Access': 'https://cloud.google.com/vpc/docs/configure-private-google-access' - 'Cloud Networking': 'https://cloud.google.com/vpc/docs/using-vpc' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/subnetworks' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -iam_policy: - allowed_iam_role: 'roles/compute.networkUser' - parent_resource_attribute: 'subnetwork' - iam_conditions_request_type: 'QUERY_PARAM' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' -custom_code: - extra_schema_entry: 'templates/terraform/extra_schema_entry/go/subnetwork.tmpl' - constants: 'templates/terraform/constants/go/subnetwork.tmpl' - post_update: 'templates/terraform/post_update/go/compute_subnetwork.go.tmpl' -custom_diff: - - 'customdiff.ForceNewIfChange("ip_cidr_range", IsShrinkageIpCidr)' - - 'sendSecondaryIpRangeIfEmptyDiff' -examples: - - name: 'subnetwork_basic' - primary_resource_id: 'network-with-private-secondary-ip-ranges' - primary_resource_name: 'fmt.Sprintf("tf-test-test-subnetwork%s", context["random_suffix"])' - vars: - subnetwork_name: 'test-subnetwork' - network_name: 'test-network' - - name: 'subnetwork_logging_config' - primary_resource_id: 'subnet-with-logging' - vars: - subnetwork_name: 'log-test-subnetwork' - network_name: 'log-test-network' - - name: 'subnetwork_internal_l7lb' - primary_resource_id: 'network-for-l7lb' - min_version: 'beta' - vars: - subnetwork_name: 'l7lb-test-subnetwork' - network_name: 'l7lb-test-network' - - name: 'subnetwork_ipv6' - primary_resource_id: 'subnetwork-ipv6' - vars: - subnetwork_name: 'ipv6-test-subnetwork' - network_name: 'ipv6-test-network' - - name: 'subnetwork_internal_ipv6' - primary_resource_id: 'subnetwork-internal-ipv6' - vars: - subnetwork_name: 'internal-ipv6-test-subnetwork' - network_name: 'internal-ipv6-test-network' - - name: 'subnetwork_purpose_private_nat' - primary_resource_id: 'subnetwork-purpose-private-nat' - min_version: 'beta' - vars: - subnetwork_name: 'subnet-purpose-test-subnetwork' - network_name: 'subnet-purpose-test-network' - - name: 'subnetwork_cidr_overlap' - primary_resource_id: 'subnetwork-cidr-overlap' - min_version: 'beta' - vars: - subnetwork_name: 'subnet-cidr-overlap' - network_name: 'net-cidr-overlap' - - name: 'subnetwork_reserved_internal_range' - primary_resource_id: 'subnetwork-reserved-internal-range' - min_version: 'beta' - vars: - subnetwork_name: 'subnetwork-reserved-internal-range' - network_name: 'network-reserved-internal-range' - - name: 'subnetwork_reserved_secondary_range' - primary_resource_id: 'subnetwork-reserved-secondary-range' - min_version: 'beta' - vars: - subnetwork_name: 'subnetwork-reserved-secondary-range' - network_name: 'network-reserved-secondary-range' -virtual_fields: - - name: 'send_secondary_ip_range_if_empty' - description: | - Controls the removal behavior of secondary_ip_range. - When false, removing secondary_ip_range from config will not produce a diff as - the provider will default to the API's value. - When true, the provider will treat removing secondary_ip_range as sending an - empty list of secondary IP ranges to the API. - Defaults to false. - type: Boolean -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when - you create the resource. This field can be set only at resource - creation time. - - name: 'gatewayAddress' - type: String - description: | - The gateway address for default routes to reach destination addresses - outside this subnetwork. - output: true - - name: 'ipCidrRange' - type: String - description: | - The range of internal addresses that are owned by this subnetwork. - Provide this property when you create the subnetwork. For example, - 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and - non-overlapping within a network. Only IPv4 is supported. - Field is optional when `reserved_internal_range` is defined, otherwise required. - required: false - default_from_api: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/expandIpCidrRange' - update_verb: 'POST' - validation: - function: 'verify.ValidateIpCidrRange' - - name: 'reservedInternalRange' - type: ResourceRef - description: | - The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` - E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` - resource: 'InternalRange' - imports: 'selfLink' - - name: 'name' - type: String - description: | - The name of the resource, provided by the client when initially - creating the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 characters - long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which - means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'network' - type: ResourceRef - description: | - The network this subnet belongs to. - Only networks that are in the distributed mode can have subnetworks. - required: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' - - name: 'purpose' - type: String - description: | - The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). - A subnet with purpose set to `REGIONAL_MANAGED_PROXY` is a user-created subnetwork that is reserved for regional Envoy-based load balancers. - A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. - A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service. - A subnetwork with purpose set to `PRIVATE_NAT` is used as source range for Private NAT gateways. - Note that `REGIONAL_MANAGED_PROXY` is the preferred setting for all regional Envoy load balancers. - If unspecified, the purpose defaults to `PRIVATE_RFC_1918`. - immutable: true - default_from_api: true - - name: 'role' - type: Enum - description: | - The role of subnetwork. - Currently, this field is only used when `purpose` is `REGIONAL_MANAGED_PROXY`. - The value can be set to `ACTIVE` or `BACKUP`. - An `ACTIVE` subnetwork is one that is currently being used for Envoy-based load balancers in a region. - A `BACKUP` subnetwork is one that is ready to be promoted to `ACTIVE` or is currently draining. - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - update_id: 'role' - fingerprint_name: 'fingerprint' - enum_values: - - 'ACTIVE' - - 'BACKUP' - - name: 'secondaryIpRange' - type: Array - description: | - An array of configurations for secondary IP ranges for VM instances - contained in this subnetwork. The primary IP of such VM must belong - to the primary ipCidrRange of the subnetwork. The alias IPs may belong - to either primary or secondary ranges. - - **Note**: This field uses [attr-as-block mode](https://www.terraform.io/docs/configuration/attr-as-blocks.html) to avoid - breaking users during the 0.12 upgrade. To explicitly send a list of zero objects, - set `send_secondary_ip_range_if_empty = true` - api_name: secondaryIpRanges - unordered_list: true - default_from_api: true - send_empty_value: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - update_id: 'secondaryIpRanges' - fingerprint_name: 'fingerprint' - item_type: - type: NestedObject - properties: - - name: 'rangeName' - type: String - description: | - The name associated with this subnetwork secondary range, used - when adding an alias IP range to a VM instance. The name must - be 1-63 characters long, and comply with RFC1035. The name - must be unique within the subnetwork. - required: true - validation: - function: 'verify.ValidateGCEName' - - name: 'ipCidrRange' - type: String - description: | - The range of IP addresses belonging to this subnetwork secondary - range. Provide this property when you create the subnetwork. - Ranges must be unique and non-overlapping with all primary and - secondary IP ranges within a network. Only IPv4 is supported. - Field is optional when `reserved_internal_range` is defined, otherwise required. - required: false - default_from_api: true - validation: - function: 'verify.ValidateIpCidrRange' - - name: 'reservedInternalRange' - type: ResourceRef - description: | - The ID of the reserved internal range. Must be prefixed with `networkconnectivity.googleapis.com` - E.g. `networkconnectivity.googleapis.com/projects/{project}/locations/global/internalRanges/{rangeId}` - resource: 'InternalRange' - imports: 'selfLink' - - name: 'privateIpGoogleAccess' - type: Boolean - description: | - When enabled, VMs in this subnetwork without external IP addresses can - access Google APIs and services by using Private Google Access. - default_from_api: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}/setPrivateIpGoogleAccess' - update_verb: 'POST' - - name: 'privateIpv6GoogleAccess' - type: String - description: The private IPv6 google access type for the VMs in this subnet. - default_from_api: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - fingerprint_name: 'fingerprint' - - name: 'region' - type: ResourceRef - description: | - The GCP region for this subnetwork. - required: false - immutable: true - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' - - name: 'logConfig' - type: NestedObject - description: | - This field denotes the VPC flow logging options for this subnetwork. If - logging is enabled, logs are exported to Cloud Logging. Flow logging - isn't supported if the subnet `purpose` field is set to subnetwork is - `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`. - send_empty_value: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - update_id: 'logConfig' - fingerprint_name: 'fingerprint' - custom_flatten: 'templates/terraform/custom_flatten/go/subnetwork_log_config.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/subnetwork_log_config.go.tmpl' - properties: - - name: 'aggregationInterval' - type: Enum - description: | - Can only be specified if VPC flow logging for this subnetwork is enabled. - Toggles the aggregation interval for collecting flow logs. Increasing the - interval time will reduce the amount of generated flow logs for long - lasting connections. Default is an interval of 5 seconds per connection. - at_least_one_of: - - 'log_config.0.aggregation_interval' - - 'log_config.0.flow_sampling' - - 'log_config.0.metadata' - - 'log_config.0.filterExpr' - default_value: "INTERVAL_5_SEC" - enum_values: - - 'INTERVAL_5_SEC' - - 'INTERVAL_30_SEC' - - 'INTERVAL_1_MIN' - - 'INTERVAL_5_MIN' - - 'INTERVAL_10_MIN' - - 'INTERVAL_15_MIN' - - name: 'flowSampling' - type: Double - description: | - Can only be specified if VPC flow logging for this subnetwork is enabled. - The value of the field must be in [0, 1]. Set the sampling rate of VPC - flow logs within the subnetwork where 1.0 means all collected logs are - reported and 0.0 means no logs are reported. Default is 0.5 which means - half of all collected logs are reported. - at_least_one_of: - - 'log_config.0.aggregation_interval' - - 'log_config.0.flow_sampling' - - 'log_config.0.metadata' - - 'log_config.0.filterExpr' - default_value: 0.5 - - name: 'metadata' - type: Enum - description: | - Can only be specified if VPC flow logging for this subnetwork is enabled. - Configures whether metadata fields should be added to the reported VPC - flow logs. - at_least_one_of: - - 'log_config.0.aggregation_interval' - - 'log_config.0.flow_sampling' - - 'log_config.0.metadata' - - 'log_config.0.filterExpr' - default_value: "INCLUDE_ALL_METADATA" - enum_values: - - 'EXCLUDE_ALL_METADATA' - - 'INCLUDE_ALL_METADATA' - - 'CUSTOM_METADATA' - - name: 'metadataFields' - type: Array - description: | - List of metadata fields that should be added to reported logs. - Can only be specified if VPC flow logs for this subnetwork is enabled and "metadata" is set to CUSTOM_METADATA. - is_set: true - item_type: - type: String - - name: 'filterExpr' - type: String - description: | - Export filter used to define which VPC flow logs should be logged, as as CEL expression. See - https://cloud.google.com/vpc/docs/flow-logs#filtering for details on how to format this field. - The default value is 'true', which evaluates to include everything. - at_least_one_of: - - 'log_config.0.aggregation_interval' - - 'log_config.0.flow_sampling' - - 'log_config.0.metadata' - - 'log_config.0.filterExpr' - default_value: "true" - - name: 'stackType' - type: Enum - description: | - The stack type for this subnet to identify whether the IPv6 feature is enabled or not. - If not specified IPV4_ONLY will be used. - default_from_api: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - fingerprint_name: 'fingerprint' - enum_values: - - 'IPV4_ONLY' - - 'IPV4_IPV6' - - name: 'ipv6AccessType' - type: Enum - description: | - The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation - or the first time the subnet is updated into IPV4_IPV6 dual stack. If the ipv6_type is EXTERNAL then this subnet - cannot enable direct path. - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - fingerprint_name: 'fingerprint' - enum_values: - - 'EXTERNAL' - - 'INTERNAL' - - name: 'ipv6CidrRange' - type: String - description: | - The range of internal IPv6 addresses that are owned by this subnetwork. - output: true - - name: 'internalIpv6Prefix' - type: String - description: | - The internal IPv6 address range that is assigned to this subnetwork. - output: true - - name: 'externalIpv6Prefix' - type: String - description: | - The range of external IPv6 addresses that are owned by this subnetwork. - default_from_api: true - - name: 'allowSubnetCidrRoutesOverlap' - type: Boolean - description: | - Typically packets destined to IPs within the subnetwork range that do not match - existing resources are dropped and prevented from leaving the VPC. - Setting this field to true will allow these packets to match dynamic routes injected - via BGP even if their destinations match existing subnet ranges. - min_version: 'beta' - default_from_api: true - send_empty_value: true - update_url: 'projects/{{project}}/regions/{{region}}/subnetworks/{{name}}' - update_verb: 'PATCH' - fingerprint_name: 'fingerprint' diff --git a/mmv1/products/compute/go_TargetGrpcProxy.yaml b/mmv1/products/compute/go_TargetGrpcProxy.yaml deleted file mode 100644 index d4f48f713af9..000000000000 --- a/mmv1/products/compute/go_TargetGrpcProxy.yaml +++ /dev/null @@ -1,118 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetGrpcProxy' -kind: 'compute#targetGrpcProxy' -description: | - Represents a Target gRPC Proxy resource. A target gRPC proxy is a component - of load balancers intended for load balancing gRPC traffic. Global forwarding - rules reference a target gRPC proxy. The Target gRPC Proxy references - a URL map which specifies how traffic routes to gRPC backend services. -references: - guides: - 'Using Target gRPC Proxies': 'https://cloud.google.com/traffic-director/docs/proxyless-overview' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetGrpcProxies' -docs: -base_url: 'projects/{{project}}/global/targetGrpcProxies' -has_self_link: true -update_verb: 'PATCH' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'target_grpc_proxy_basic' - primary_resource_id: 'default' - vars: - proxy_name: 'proxy' - urlmap_name: 'urlmap' - backend_name: 'backend' - healthcheck_name: 'healthcheck' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource - is created. The name must be 1-63 characters long, and comply - with RFC1035. Specifically, the name must be 1-63 characters long - and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which - means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - immutable: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'selfLinkWithId' - type: String - description: 'Server-defined URL with id for the resource.' - output: true - - name: 'urlMap' - type: String - description: | - URL to the UrlMap resource that defines the mapping from URL to - the BackendService. The protocol field in the BackendService - must be set to GRPC. - immutable: true - update_id: 'urlMap' - fingerprint_name: 'fingerprint' - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'validateForProxyless' - type: Boolean - description: | - If true, indicates that the BackendServices referenced by - the urlMap may be accessed by gRPC applications without using - a sidecar proxy. This will enable configuration checks on urlMap - and its referenced BackendServices to not allow unsupported features. - A gRPC application must use "xds:///" scheme in the target URI - of the service it is connecting to. If false, indicates that the - BackendServices referenced by the urlMap will be accessed by gRPC - applications via a sidecar proxy. In this case, a gRPC application - must not use "xds:///" scheme in the target URI of the service - it is connecting to - immutable: true - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in - this object. This field is used in optimistic locking. This field - will be ignored when inserting a TargetGrpcProxy. An up-to-date - fingerprint must be provided in order to patch/update the - TargetGrpcProxy; otherwise, the request will fail with error - 412 conditionNotMet. To see the latest fingerprint, make a get() - request to retrieve the TargetGrpcProxy. A base64-encoded string. - output: true diff --git a/mmv1/products/compute/go_TargetHttpProxy.yaml b/mmv1/products/compute/go_TargetHttpProxy.yaml deleted file mode 100644 index 6291862a1be6..000000000000 --- a/mmv1/products/compute/go_TargetHttpProxy.yaml +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetHttpProxy' -kind: 'compute#targetHttpProxy' -description: | - Represents a TargetHttpProxy resource, which is used by one or more global - forwarding rule to route incoming HTTP requests to a URL map. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' - api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpProxies' -docs: -base_url: 'projects/{{project}}/global/targetHttpProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'target_http_proxy_basic' - primary_resource_id: 'default' - vars: - target_http_proxy_name: 'test-proxy' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - - name: 'target_http_proxy_http_keep_alive_timeout' - primary_resource_id: 'default' - vars: - target_http_proxy_name: 'test-http-keep-alive-timeout-proxy' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - - name: 'target_http_proxy_https_redirect' - primary_resource_id: 'default' - vars: - target_http_proxy_name: 'test-https-redirect-proxy' - url_map_name: 'url-map' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - - name: 'urlMap' - type: ResourceRef - description: | - A reference to the UrlMap resource that defines the mapping from URL - to the BackendService. - required: true - update_url: 'projects/{{project}}/targetHttpProxies/{{name}}/setUrlMap' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'UrlMap' - imports: 'selfLink' - - name: 'proxyBind' - type: Boolean - description: | - This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. - default_from_api: true - - name: 'httpKeepAliveTimeoutSec' - type: Integer - description: | - Specifies how long to keep a connection open, after completing a response, - while there is no matching traffic (in seconds). If an HTTP keepalive is - not specified, a default value (610 seconds) will be used. For Global - external HTTP(S) load balancer, the minimum allowed value is 5 seconds and - the maximum allowed value is 1200 seconds. For Global external HTTP(S) - load balancer (classic), this option is not available publicly. diff --git a/mmv1/products/compute/go_TargetHttpsProxy.yaml b/mmv1/products/compute/go_TargetHttpsProxy.yaml deleted file mode 100644 index c22e7eed42a8..000000000000 --- a/mmv1/products/compute/go_TargetHttpsProxy.yaml +++ /dev/null @@ -1,241 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetHttpsProxy' -kind: 'compute#targetHttpsProxy' -description: | - Represents a TargetHttpsProxy resource, which is used by one or more - global forwarding rule to route incoming HTTPS requests to a URL map. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/compute/docs/load-balancing/http/target-proxies' - api: 'https://cloud.google.com/compute/docs/reference/v1/targetHttpsProxies' -docs: -base_url: 'projects/{{project}}/global/targetHttpsProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - encoder: 'templates/terraform/encoders/go/compute_target_https_proxy.go.tmpl' - update_encoder: 'templates/terraform/encoders/go/compute_target_https_proxy.go.tmpl' - decoder: 'templates/terraform/decoders/go/compute_target_https_proxy.go.tmpl' -examples: - - name: 'target_https_proxy_basic' - primary_resource_id: 'default' - vars: - target_https_proxy_name: 'test-proxy' - ssl_certificate_name: 'my-certificate' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - - name: 'target_https_proxy_http_keep_alive_timeout' - primary_resource_id: 'default' - vars: - target_https_proxy_name: 'test-http-keep-alive-timeout-proxy' - ssl_certificate_name: 'my-certificate' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - - name: 'target_https_proxy_mtls' - primary_resource_id: 'default' - min_version: 'beta' - vars: - target_https_proxy_name: 'test-mtls-proxy' - ssl_certificate_name: 'my-certificate' - url_map_name: 'url-map' - backend_service_name: 'backend-service' - http_health_check_name: 'http-health-check' - server_tls_policy_name: 'my-tls-policy' - trust_config_name: 'my-trust-config' - - name: 'target_https_proxy_certificate_manager_certificate' - primary_resource_id: 'default' - vars: - target_https_proxy_name: 'target-http-proxy' - certificate_manager_certificate_name: 'my-certificate' - url_map_name: 'url-map' - backend_service_name: 'backend-service' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'quicOverride' - type: Enum - description: | - Specifies the QUIC override policy for this resource. This determines - whether the load balancer will attempt to negotiate QUIC with clients - or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is - specified, Google manages whether QUIC is used. - update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setQuicOverride' - update_verb: 'POST' - custom_flatten: 'templates/terraform/custom_flatten/go/default_if_empty.tmpl' - default_value: "NONE" - enum_values: - - 'NONE' - - 'ENABLE' - - 'DISABLE' - - name: 'tlsEarlyData' - type: Enum - description: | - Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. - Early Data allows a TLS resumption handshake to include the initial application payload - (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. - This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). - default_from_api: true - enum_values: - - 'STRICT' - - 'PERMISSIVE' - - 'DISABLED' - - name: 'certificateManagerCertificates' - type: Array - description: | - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. - Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. - For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. - sslCertificates and certificateManagerCertificates fields can not be defined together. - Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}` - update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' - update_verb: 'POST' - conflicts: - - ssl_certificates - diff_suppress_func: 'tpgresource.CompareResourceNames' - custom_expand: 'templates/terraform/custom_expand/go/certificate_manager_certificate_construct_full_url.go.tmpl' - item_type: - type: String - - name: 'sslCertificates' - type: Array - description: | - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. - Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. - sslCertificates and certificateManagerCertificates can not be defined together. - update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setSslCertificates' - update_verb: 'POST' - conflicts: - - certificate_manager_certificates - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'sslCertificate' - type: ResourceRef - description: 'The SSL certificate URL used by this TargetHttpsProxy' - resource: 'SslCertificate' - imports: 'selfLink' - - name: 'certificateMap' - type: String - description: | - A reference to the CertificateMap resource uri that identifies a certificate map - associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. - For INTERNAL_MANAGED, use certificate_manager_certificates instead. - Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. - update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setCertificateMap' - update_verb: 'POST' - - name: 'sslPolicy' - type: ResourceRef - description: | - A reference to the SslPolicy resource that will be associated with - the TargetHttpsProxy resource. If not set, the TargetHttpsProxy - resource will not have any SSL policy configured. - update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setSslPolicy' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'SslPolicy' - imports: 'selfLink' - - name: 'urlMap' - type: ResourceRef - description: | - A reference to the UrlMap resource that defines the mapping from URL - to the BackendService. - required: true - update_url: 'projects/{{project}}/targetHttpsProxies/{{name}}/setUrlMap' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'UrlMap' - imports: 'selfLink' - - name: 'proxyBind' - type: Boolean - description: | - This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. - default_from_api: true - - name: 'httpKeepAliveTimeoutSec' - type: Integer - description: | - Specifies how long to keep a connection open, after completing a response, - while there is no matching traffic (in seconds). If an HTTP keepalive is - not specified, a default value (610 seconds) will be used. For Global - external HTTP(S) load balancer, the minimum allowed value is 5 seconds and - the maximum allowed value is 1200 seconds. For Global external HTTP(S) - load balancer (classic), this option is not available publicly. - - name: 'serverTlsPolicy' - type: ResourceRef - description: | - A URL referring to a networksecurity.ServerTlsPolicy - resource that describes how the proxy should authenticate inbound - traffic. serverTlsPolicy only applies to a global TargetHttpsProxy - attached to globalForwardingRules with the loadBalancingScheme - set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. - For details which ServerTlsPolicy resources are accepted with - INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED - loadBalancingScheme consult ServerTlsPolicy documentation. - If left blank, communications are not encrypted. - - If you remove this field from your configuration at the same time as - deleting or recreating a referenced ServerTlsPolicy resource, you will - receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy - within the ServerTlsPolicy resource to avoid this. - update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}' - update_verb: 'PATCH' - fingerprint_name: 'fingerprint' - resource: 'ServerTlsPolicy' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_TargetInstance.yaml b/mmv1/products/compute/go_TargetInstance.yaml deleted file mode 100644 index 085880499322..000000000000 --- a/mmv1/products/compute/go_TargetInstance.yaml +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetInstance' -kind: 'compute#targetInstance' -description: | - Represents a TargetInstance resource which defines an endpoint instance - that terminates traffic of certain protocols. In particular, they are used - in Protocol Forwarding, where forwarding rules can send packets to a - non-NAT'ed target instance. Each target instance contains a single - virtual machine instance that receives and handles traffic from the - corresponding forwarding rules. -references: - guides: - 'Using Protocol Forwarding': 'https://cloud.google.com/compute/docs/protocol-forwarding' - api: 'https://cloud.google.com/compute/docs/reference/v1/targetInstances' -docs: -base_url: 'projects/{{project}}/zones/{{zone}}/targetInstances' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - post_create: 'templates/terraform/post_create/go/compute_target_instance_security_policy.go.tmpl' -examples: - - name: 'target_instance_basic' - primary_resource_id: 'default' - vars: - target_name: 'target' - instance_name: 'target-vm' - - name: 'target_instance_custom_network' - primary_resource_id: 'custom_network' - min_version: 'beta' - vars: - target_name: 'custom-network' - instance_name: 'custom-network-target-vm' - - name: 'target_instance_with_security_policy' - primary_resource_id: 'default' - min_version: 'beta' - vars: - network_name: 'custom-default-network' - subnetname_name: 'custom-default-subnet' - instance_name: 'target-vm' - region_sec_policy: 'region-secpolicy' - target_name: 'target-instance' -parameters: - - name: 'zone' - type: ResourceRef - description: | - URL of the zone where the target instance resides. - required: false - immutable: true - default_from_api: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Zone' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'network' - type: String - description: - 'The URL of the network this target instance uses to forward traffic. If - not specified, the traffic will be forwarded to the network that the - default network interface belongs to.' - min_version: 'beta' - immutable: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - - name: 'instance' - type: ResourceRef - description: | - The Compute instance VM handling traffic for this target instance. - Accepts the instance self-link, relative path - (e.g. `projects/project/zones/zone/instances/instance`) or name. If - name is given, the zone will default to the given zone or - the provider-default zone and the project will default to the - provider-level project. - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - custom_expand: 'templates/terraform/custom_expand/go/self_link_from_name.tmpl' - resource: 'Instance' - imports: 'selfLink' - - name: 'natPolicy' - type: Enum - description: | - NAT option controlling how IPs are NAT'ed to the instance. - Currently only NO_NAT (default value) is supported. - immutable: true - default_value: "NO_NAT" - enum_values: - - 'NO_NAT' - - name: 'securityPolicy' - type: String - description: | - The resource URL for the security policy associated with this target instance. - min_version: 'beta' - update_url: 'projects/{{project}}/zones/{{zone}}/targetInstances/{{name}}/setSecurityPolicy' - update_verb: 'POST' diff --git a/mmv1/products/compute/go_TargetSslProxy.yaml b/mmv1/products/compute/go_TargetSslProxy.yaml deleted file mode 100644 index c18954fcb63e..000000000000 --- a/mmv1/products/compute/go_TargetSslProxy.yaml +++ /dev/null @@ -1,146 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetSslProxy' -kind: 'compute#targetSslProxy' -description: | - Represents a TargetSslProxy resource, which is used by one or more - global forwarding rule to route incoming SSL requests to a backend - service. -references: - guides: - 'Setting Up SSL proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/' - api: 'https://cloud.google.com/compute/docs/reference/v1/targetSslProxies' -docs: -base_url: 'projects/{{project}}/global/targetSslProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'target_ssl_proxy_basic' - primary_resource_id: 'default' - vars: - target_ssl_proxy_name: 'test-proxy' - ssl_certificate_name: 'default-cert' - backend_service_name: 'backend-service' - health_check_name: 'health-check' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to - the backend. - update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setProxyHeader' - update_verb: 'POST' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'backendService' - type: ResourceRef - description: | - A reference to the BackendService resource. - api_name: service - required: true - update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setBackendService' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'sslCertificates' - type: Array - description: | - A list of SslCertificate resources that are used to authenticate - connections between users and the load balancer. At least one - SSL certificate must be specified. - update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslCertificates' - update_verb: 'POST' - exactly_one_of: - - 'sslCertificates' - - 'certificateMap' - custom_expand: 'templates/terraform/custom_expand/go/array_resourceref_with_validation.go.tmpl' - item_type: - name: 'sslCertificate' - type: ResourceRef - description: 'The SSL certificates used by this TargetSslProxy' - resource: 'SslCertificate' - imports: 'selfLink' - - name: 'certificateMap' - type: String - description: | - A reference to the CertificateMap resource uri that identifies a certificate map - associated with the given target proxy. This field can only be set for global target proxies. - Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`. - update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setCertificateMap' - update_verb: 'POST' - exactly_one_of: - - 'sslCertificates' - - 'certificateMap' - - name: 'sslPolicy' - type: ResourceRef - description: | - A reference to the SslPolicy resource that will be associated with - the TargetSslProxy resource. If not set, the TargetSslProxy - resource will not have any SSL policy configured. - update_url: 'projects/{{project}}/global/targetSslProxies/{{name}}/setSslPolicy' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'SslPolicy' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_TargetTcpProxy.yaml b/mmv1/products/compute/go_TargetTcpProxy.yaml deleted file mode 100644 index 88ca21a43799..000000000000 --- a/mmv1/products/compute/go_TargetTcpProxy.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TargetTcpProxy' -kind: 'compute#targetTcpProxy' -description: | - Represents a TargetTcpProxy resource, which is used by one or more - global forwarding rule to route incoming TCP requests to a Backend - service. -references: - guides: - 'Setting Up TCP proxy for Google Cloud Load Balancing': 'https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy' - api: 'https://cloud.google.com/compute/docs/reference/v1/targetTcpProxies' -docs: -base_url: 'projects/{{project}}/global/targetTcpProxies' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'target_tcp_proxy_basic' - primary_resource_id: 'default' - vars: - target_tcp_proxy_name: 'test-proxy' - backend_service_name: 'backend-service' - health_check_name: 'health-check' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'proxyId' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and match - the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the - first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'proxyHeader' - type: Enum - description: | - Specifies the type of proxy header to append before sending data to - the backend. - update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setProxyHeader' - update_verb: 'POST' - default_value: "NONE" - enum_values: - - 'NONE' - - 'PROXY_V1' - - name: 'backendService' - type: ResourceRef - description: | - A reference to the BackendService resource. - api_name: service - required: true - update_url: 'projects/{{project}}/global/targetTcpProxies/{{name}}/setBackendService' - update_verb: 'POST' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'proxyBind' - type: Boolean - description: | - This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. - default_from_api: true diff --git a/mmv1/products/compute/go_UrlMap.yaml b/mmv1/products/compute/go_UrlMap.yaml deleted file mode 100644 index 49ab1fa5a2c1..000000000000 --- a/mmv1/products/compute/go_UrlMap.yaml +++ /dev/null @@ -1,2762 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'UrlMap' -kind: 'compute#urlMap' -description: | - UrlMaps are used to route requests to a backend service based on rules - that you define for the host and path of an incoming URL. -references: - guides: - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/urlMaps' -docs: -base_url: 'projects/{{project}}/global/urlMaps' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'url_map_bucket_and_service' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - login_backend_service_name: 'login' - http_health_check_name: 'health-check' - backend_bucket_name: 'static-asset-backend-bucket' - storage_bucket_name: 'static-asset-bucket' - - name: 'url_map_traffic_director_route' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - home_backend_service_name: 'home' - health_check_name: 'health-check' - - name: 'url_map_traffic_director_route_partial' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - home_backend_service_name: 'home' - health_check_name: 'health-check' - - name: 'url_map_traffic_director_path' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - home_backend_service_name: 'home' - health_check_name: 'health-check' - - name: 'url_map_traffic_director_path_partial' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - home_backend_service_name: 'home' - health_check_name: 'health-check' - - name: 'url_map_header_based_routing' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - default_backend_service_name: 'default' - service_a_backend_service_name: 'service-a' - service_b_backend_service_name: 'service-b' - health_check_name: 'health-check' - - name: 'url_map_parameter_based_routing' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - default_backend_service_name: 'default' - service_a_backend_service_name: 'service-a' - service_b_backend_service_name: 'service-b' - health_check_name: 'health-check' - - name: 'external_http_lb_mig_backend' - primary_resource_id: 'default' - vars: - lb_backend_template: 'lb-backend-template' - lb_backend_example: 'lb-backend-example' - fw_allow_health_check: 'fw-allow-health-check' - lb_ipv4_1: 'lb-ipv4-1' - http_basic_check: 'http-basic-check' - web_backend_service: 'web-backend-service' - web_map_http: 'web-map-http' - http_lb_proxy: 'http-lb-proxy' - http_content_rule: 'http-content-rule' - ignore_read_extra: - - 'metadata' - - 'metadata_startup_script' - skip_test: true - skip_docs: true - - name: 'url_map_path_template_match' - primary_resource_id: 'urlmap' - vars: - url_map_name: 'urlmap' - cart_backend_service_name: 'cart-service' - user_backend_service_name: 'user-service' - http_health_check_name: 'health-check' - backend_bucket_name: 'static-asset-backend-bucket' - storage_bucket_name: 'static-asset-bucket' - - name: 'url_map_custom_error_response_policy' - primary_resource_id: 'urlmap' - min_version: 'beta' - vars: - url_map_name: 'urlmap' - backend_service_name: 'login' - http_health_check_name: 'health-check' - storage_bucket_name: 'static-asset-bucket' - error_backend_bucket_name: 'error-backend-bucket' -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'defaultService' - type: ResourceRef - description: |- - The backend service or backend bucket to use when none of the given rules match. - exactly_one_of: - - 'default_service' - - 'default_url_redirect' - - 'default_route_action.0.weighted_backend_services' - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create - the resource. - - name: 'map_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'fingerprint' - type: Fingerprint - description: | - Fingerprint of this resource. A hash of the contents stored in this object. This - field is used in optimistic locking. - output: true - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. The headerAction specified here take effect after - headerAction specified under pathMatcher. - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - at_least_one_of: - - 'header_action.0.request_headers_to_add' - - 'header_action.0.request_headers_to_remove' - - 'header_action.0.response_headers_to_add' - - 'header_action.0.response_headers_to_remove' - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - at_least_one_of: - - 'header_action.0.request_headers_to_add' - - 'header_action.0.request_headers_to_remove' - - 'header_action.0.response_headers_to_add' - - 'header_action.0.response_headers_to_remove' - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - at_least_one_of: - - 'header_action.0.request_headers_to_add' - - 'header_action.0.request_headers_to_remove' - - 'header_action.0.response_headers_to_add' - - 'header_action.0.response_headers_to_remove' - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - at_least_one_of: - - 'header_action.0.request_headers_to_add' - - 'header_action.0.request_headers_to_remove' - - 'header_action.0.response_headers_to_add' - - 'header_action.0.response_headers_to_remove' - item_type: - type: String - - name: 'host_rule' - type: Array - description: | - The list of HostRules to use against the URL. - api_name: hostRules - is_set: true - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create - the resource. - - name: 'hosts' - type: Array - description: | - The list of host patterns to match. They must be valid hostnames, except * will - match any string of ([a-z0-9-.]*). In that case, * must be the first character - and must be followed in the pattern by either - or .. - is_set: true - required: true - item_type: - type: String - - name: 'pathMatcher' - type: String - description: | - The name of the PathMatcher to use to match the path portion of the URL if the - hostRule matches the URL's host portion. - required: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is created. The - name must be 1-63 characters long, and comply with RFC1035. Specifically, the - name must be 1-63 characters long and match the regular expression - `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase - letter, and all following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - immutable: true - - name: 'path_matcher' - type: Array - description: | - The list of named PathMatchers to use against the URL. - api_name: pathMatchers - item_type: - type: NestedObject - properties: - - name: 'defaultService' - type: ResourceRef - description: The backend service or backend bucket to use when none of the given paths match. - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'description' - type: String - description: | - An optional description of this resource. Provide this property when you create - the resource. - - name: 'defaultCustomErrorResponsePolicy' - type: NestedObject - description: | - defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. - - This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. - - For example, consider a UrlMap with the following configuration: - - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. - If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. - - When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. - - defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. - min_version: 'beta' - properties: - - name: 'errorResponseRule' - type: Array - description: | - Specifies rules for returning error responses. - In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. - For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). - If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. - api_name: errorResponseRules - item_type: - type: NestedObject - properties: - - name: 'matchResponseCodes' - type: Array - description: | - Valid values include: - - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. - Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. - item_type: - type: String - - name: 'path' - type: String - description: | - The full path to a file within backendBucket . For example: /errors/defaultError.html - path must start with a leading slash. path cannot have trailing slashes. - If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. - The value must be from 1 to 1024 characters - - name: 'overrideResponseCode' - type: Integer - description: | - The HTTP status code returned with the response containing the custom error content. - If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - - name: 'errorService' - type: ResourceRef - description: | - The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket - If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. - If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). - resource: 'BackendBucket' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. HeaderAction specified here are applied after the - matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'name' - type: String - description: | - The name to which this PathMatcher is referred by the HostRule. - required: true - - name: 'path_rule' - type: Array - description: | - The list of path rules. Use this list instead of routeRules when routing based - on simple path matching is all that's required. The order by which path rules - are specified does not matter. Matches are always done on the longest-path-first - basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* - irrespective of the order in which those paths appear in this list. Within a - given pathMatcher, only one of pathRules or routeRules must be set. - api_name: pathRules - item_type: - type: NestedObject - properties: - - name: 'service' - type: ResourceRef - description: The backend service or backend bucket to use if any of the given paths match. - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'paths' - type: Array - description: | - The list of path patterns to match. Each must start with / and the only place a - \* is allowed is at the end following a /. The string fed to the path matcher - does not include any text after the first ? or #, and those chars are not - allowed here. - is_set: true - required: true - item_type: - type: String - - name: 'customErrorResponsePolicy' - type: NestedObject - description: | - customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. - If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. - For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A PathRule for /coming_soon/ is configured for the error code 404. - If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. - customErrorResponsePolicy is supported only for global external Application Load Balancers. - min_version: 'beta' - properties: - - name: 'errorResponseRule' - type: Array - description: | - Specifies rules for returning error responses. - In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. - For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). - If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. - api_name: errorResponseRules - item_type: - type: NestedObject - properties: - - name: 'matchResponseCodes' - type: Array - description: | - Valid values include: - - - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. - - Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. - item_type: - type: String - - name: 'path' - type: String - description: | - The full path to a file within backendBucket . For example: /errors/defaultError.html - path must start with a leading slash. path cannot have trailing slashes. - If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. - The value must be from 1 to 1024 characters - - name: 'overrideResponseCode' - type: Integer - description: | - The HTTP status code returned with the response containing the custom error content. - If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - - name: 'errorService' - type: ResourceRef - description: | - The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket - - If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. - If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). - resource: 'BackendBucket' - imports: 'selfLink' - - name: 'routeAction' - type: NestedObject - description: | - In response to a matching path, the load balancer performs advanced routing - actions like URL rewrites, header transformations, etc. prior to forwarding the - request to the selected backend. If routeAction specifies any - weightedBackendServices, service must not be set. Conversely if service is set, - routeAction cannot contain any weightedBackendServices. Only one of routeAction - or urlRedirect must be set. - properties: - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see W3C - Recommendation for Cross Origin Resource Sharing - properties: - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the - actual request can include user credentials. This translates to the Access- - Control-Allow-Credentials header. Defaults to false. - default_value: false - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regular expression patterns that match allowed origins. For - regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. An - origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'disabled' - type: Boolean - description: | - If true, specifies the CORS policy is disabled. - required: true - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long the results of a preflight request can be cached. This - translates to the content for the Access-Control-Max-Age header. - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the - resiliency of clients to backend service failure. As part of fault injection, - when clients send requests to a backend service, delays can be introduced by - Loadbalancer on a percentage of requests before sending those request to the - backend service. Similarly requests from clients can be aborted by the - Loadbalancer for a percentage of requests. timeout and retry_policy will be - ignored by clients that are configured with a fault_injection_policy. - properties: - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault - injection. - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. The value must be between 200 - and 599 inclusive. - required: true - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be - aborted as part of fault injection. The value must be between 0.0 and 100.0 - inclusive. - required: true - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault - injection, before being sent to a backend service. - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - required: true - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will - be introduced as part of fault injection. The value must be between 0.0 and - 100.0 inclusive. - required: true - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are - shadowed to a separate mirrored backend service. Loadbalancer does not wait for - responses from the shadow service. Prior to sending traffic to the shadow - service, the host / authority header is suffixed with -shadow. - properties: - - name: 'backendService' - type: ResourceRef - description: | - The BackendService resource being mirrored to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - properties: - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'retryConditions' - type: Array - description: | - Specifies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with - any 5xx response code, or if the backend service does not respond at all, - for example: disconnects, reset, read timeout, connection failure, and refused - streams. - * gateway-error: Similar to 5xx, but only applies to response codes - 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures - connecting to backend services, for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream: Loadbalancer will retry if the backend service resets the stream with a - REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response - header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the - gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response - header is set to resource-exhausted - * unavailable: Loadbalancer will retry if - the gRPC status code in the response header is set to unavailable - item_type: - type: String - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time - the request is has been fully processed (i.e. end-of-stream) up until the - response has been completely processed. Timeout includes all retries. If not - specified, the default value is 15 seconds. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, prior to forwarding the request to - the matched service - properties: - - name: 'hostRewrite' - type: String - description: | - Prior to forwarding the request to the selected service, the request's host - header is replaced with contents of hostRewrite. The value must be between 1 and - 255 characters. - - name: 'pathPrefixRewrite' - type: String - description: | - Prior to forwarding the request to the selected backend service, the matching - portion of the request's path is replaced by pathPrefixRewrite. The value must - be between 1 and 1024 characters. - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match - occurs. The weights determine the fraction of traffic that flows to their - corresponding backend service. If all traffic needs to go to a single backend - service, there must be one weightedBackendService with weight set to a non 0 - number. Once a backendService is identified and before forwarding the request to - the backend service, advanced routing actions like Url rewrites and header - transformations are applied depending on additional settings specified in this - HttpRouteAction. - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The default BackendService resource. Before - forwarding the request to backendService, the loadbalancer applies any relevant - headerActions specified as part of this backendServiceWeight. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. headerAction specified here take effect before - headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to backendService, computed as weight / - (sum of all weightedBackendService weights in routeAction) . The selection of a - backend service is determined only for new traffic. Once a user's request has - been directed to a backendService, subsequent requests will be sent to the same - backendService as determined by the BackendService's session affinity policy. - The value must be between 0 and 1000 - required: true - - name: 'urlRedirect' - type: NestedObject - description: | - When a path pattern is matched, the request is redirected to a URL specified - by urlRedirect. If urlRedirect is specified, service or routeAction must not - be set. - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one - that was supplied in the request. The value must be between 1 and 255 - characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. - If set to false, the URL scheme of the redirected request will remain the - same as that of the request. This must only be set for UrlMaps used in - TargetHttpProxys. Setting this true for TargetHttpsProxy is not - permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one - that was supplied in the request. pathRedirect cannot be supplied - together with prefixRedirect. Supply one alone or neither. If neither is - supplied, the path of the original request will be used for the redirect. - The value must be between 1 and 1024 characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the - HttpRouteRuleMatch, retaining the remaining portion of the URL before - redirecting the request. prefixRedirect cannot be supplied together with - pathRedirect. Supply one alone or neither. If neither is supplied, the - path of the original request will be used for the redirect. The value - must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is - removed prior to redirecting the request. If set to false, the query - portion of the original URL is retained. - This field is required to ensure an empty block is not set. The normal default value is false. - required: true - - name: 'routeRules' - type: Array - description: | - The list of ordered HTTP route rules. Use this list instead of pathRules when - advanced route matching and routing actions are desired. The order of specifying - routeRules matters: the first rule that matches will cause its specified routing - action to take effect. Within a given pathMatcher, only one of pathRules or - routeRules must be set. routeRules are not supported in UrlMaps intended for - External load balancers. - item_type: - type: NestedObject - properties: - - name: 'priority' - type: Integer - description: | - For routeRules within a given pathMatcher, priority determines the order - in which load balancer will interpret routeRules. RouteRules are evaluated - in order of priority, from the lowest to highest number. The priority of - a rule decreases as its number increases (1, 2, 3, N+1). The first rule - that matches the request is applied. - - You cannot configure two or more routeRules with the same priority. - Priority for each rule must be set to a number between 0 and - 2147483647 inclusive. - - Priority numbers can have gaps, which enable you to add or remove rules - in the future without affecting the rest of the rules. For example, - 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which - you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the - future without any impact on existing rules. - required: true - - name: 'service' - type: ResourceRef - description: | - The backend service resource to which traffic is - directed if this rule is matched. If routeAction is additionally specified, - advanced routing actions like URL Rewrites, etc. take effect prior to sending - the request to the backend. However, if service is specified, routeAction cannot - contain any weightedBackendService s. Conversely, if routeAction specifies any - weightedBackendServices, service must not be specified. Only one of urlRedirect, - service or routeAction.weightedBackendService must be set. - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. The headerAction specified here are applied before - the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r - outeAction.weightedBackendService.backendServiceWeightAction[].headerAction - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'matchRules' - type: Array - description: | - The rules for determining a match. - item_type: - type: NestedObject - properties: - - name: 'fullPathMatch' - type: String - description: | - For satisfying the matchRule condition, the path of the request must exactly - match the value specified in fullPathMatch after removing any query parameters - and anchor that may be part of the original URL. FullPathMatch must be between 1 - and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must - be specified. - - name: 'headerMatches' - type: Array - description: | - Specifies a list of header match criteria, all of which must match corresponding - headers in the request. - item_type: - type: NestedObject - properties: - - name: 'exactMatch' - type: String - description: | - The value should exactly match contents of exactMatch. Only one of exactMatch, - prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - name: 'headerName' - type: String - description: | - The name of the HTTP header to match. For matching against the HTTP request's - authority, use a headerMatch with the header name ":authority". For matching a - request's method, use the headerName ":method". - required: true - - name: 'invertMatch' - type: Boolean - description: | - If set to false, the headerMatch is considered a match if the match criteria - above are met. If set to true, the headerMatch is considered a match if the - match criteria above are NOT met. Defaults to false. - default_value: false - - name: 'prefixMatch' - type: String - description: | - The value of the header must start with the contents of prefixMatch. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. - - name: 'presentMatch' - type: Boolean - description: | - A header with the contents of headerName must exist. The match takes place - whether or not the request's header has a value or not. Only one of exactMatch, - prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. - - name: 'rangeMatch' - type: NestedObject - description: | - The header value must be an integer and its value must be in the range specified - in rangeMatch. If the header does not contain an integer, number or is empty, - the match fails. For example for a range [-5, 0] - -3 will match. - 0 will - not match. - 0.25 will not match. - -3someString will not match. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. - properties: - - name: 'rangeEnd' - type: Integer - description: | - The end of the range (exclusive). - required: true - - name: 'rangeStart' - type: Integer - description: | - The start of the range (inclusive). - required: true - - name: 'regexMatch' - type: String - description: | - The value of the header must match the regular expression specified in - regexMatch. For regular expression grammar, please see: - en.cppreference.com/w/cpp/regex/ecmascript For matching against a port - specified in the HTTP request, use a headerMatch with headerName set to PORT and - a regular expression that satisfies the RFC2616 Host header's port specifier. - Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or - rangeMatch must be set. - - name: 'suffixMatch' - type: String - description: | - The value of the header must end with the contents of suffixMatch. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. - - name: 'ignoreCase' - type: Boolean - description: | - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. - default_value: false - - name: 'metadataFilters' - type: Array - description: | - Opaque filter criteria used by Loadbalancer to restrict routing configuration to - a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS - clients present node metadata. If a match takes place, the relevant routing - configuration is made available to those proxies. For each metadataFilter in - this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the - filterLabels must match the corresponding label provided in the metadata. If its - filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match - with corresponding labels in the provided metadata. metadataFilters specified - here can be overrides those specified in ForwardingRule that refers to this - UrlMap. metadataFilters only applies to Loadbalancers that have their - loadBalancingScheme set to INTERNAL_SELF_MANAGED. - item_type: - type: NestedObject - properties: - - name: 'filterLabels' - type: Array - description: | - The list of label value pairs that must match labels in the provided metadata - based on filterMatchCriteria This list must not be empty and can have at the - most 64 entries. - required: true - item_type: - type: NestedObject - properties: - - name: 'name' - type: String - description: | - Name of metadata label. The name can have a maximum length of 1024 characters - and must be at least 1 character long. - required: true - - name: 'value' - type: String - description: | - The value of the label must match the specified value. value can have a maximum - length of 1024 characters. - required: true - min_size: 1 - max_size: 64 - - name: 'filterMatchCriteria' - type: Enum - description: | - Specifies how individual filterLabel matches within the list of filterLabels - contribute towards the overall metadataFilter match. Supported values are: - - MATCH_ANY: At least one of the filterLabels must have a matching label in the - provided metadata. - - MATCH_ALL: All filterLabels must have matching labels in - the provided metadata. - required: true - enum_values: - - 'MATCH_ALL' - - 'MATCH_ANY' - - name: 'prefixMatch' - type: String - description: | - For satisfying the matchRule condition, the request's path must begin with the - specified prefixMatch. prefixMatch must begin with a /. The value must be - between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or - regexMatch must be specified. - - name: 'queryParameterMatches' - type: Array - description: | - Specifies a list of query parameter match criteria, all of which must match - corresponding query parameters in the request. - item_type: - type: NestedObject - properties: - - name: 'exactMatch' - type: String - description: | - The queryParameterMatch matches if the value of the parameter exactly matches - the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch - must be set. - - name: 'name' - type: String - description: | - The name of the query parameter to match. The query parameter must exist in the - request, in the absence of which the request match fails. - required: true - - name: 'presentMatch' - type: Boolean - description: | - Specifies that the queryParameterMatch matches if the request contains the query - parameter, irrespective of whether the parameter has a value or not. Only one of - presentMatch, exactMatch and regexMatch must be set. - - name: 'regexMatch' - type: String - description: | - The queryParameterMatch matches if the value of the parameter matches the - regular expression specified by regexMatch. For the regular expression grammar, - please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, - exactMatch and regexMatch must be set. - - name: 'regexMatch' - type: String - description: | - For satisfying the matchRule condition, the path of the request must satisfy the - regular expression specified in regexMatch after removing any query parameters - and anchor supplied with the original URL. For regular expression grammar please - see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, - fullPathMatch or regexMatch must be specified. - - name: 'pathTemplateMatch' - type: String - description: | - For satisfying the matchRule condition, the path of the request - must match the wildcard pattern specified in pathTemplateMatch - after removing any query parameters and anchor that may be part - of the original URL. - - pathTemplateMatch must be between 1 and 255 characters - (inclusive). The pattern specified by pathTemplateMatch may - have at most 5 wildcard operators and at most 5 variable - captures in total. - - name: 'routeAction' - type: NestedObject - description: | - In response to a matching matchRule, the load balancer performs advanced routing - actions like URL rewrites, header transformations, etc. prior to forwarding the - request to the selected backend. If routeAction specifies any - weightedBackendServices, service must not be set. Conversely if service is set, - routeAction cannot contain any weightedBackendServices. Only one of routeAction - or urlRedirect must be set. - properties: - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see W3C - Recommendation for Cross Origin Resource Sharing - properties: - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the - actual request can include user credentials. This translates to the Access- - Control-Allow-Credentials header. Defaults to false. - default_value: false - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regular expression patterns that match allowed origins. For - regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. An - origin is allowed if it matches either allow_origins or allow_origin_regex. - item_type: - type: String - - name: 'disabled' - type: Boolean - description: | - If true, specifies the CORS policy is disabled. - which indicates that the CORS policy is in effect. Defaults to false. - default_value: false - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long the results of a preflight request can be cached. This - translates to the content for the Access-Control-Max-Age header. - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the - resiliency of clients to backend service failure. As part of fault injection, - when clients send requests to a backend service, delays can be introduced by - Loadbalancer on a percentage of requests before sending those request to the - backend service. Similarly requests from clients can be aborted by the - Loadbalancer for a percentage of requests. timeout and retry_policy will be - ignored by clients that are configured with a fault_injection_policy. - properties: - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault - injection. - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. The value must be between 200 - and 599 inclusive. - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be - aborted as part of fault injection. The value must be between 0.0 and 100.0 - inclusive. - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault - injection, before being sent to a backend service. - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will - be introduced as part of fault injection. The value must be between 0.0 and - 100.0 inclusive. - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are - shadowed to a separate mirrored backend service. Loadbalancer does not wait for - responses from the shadow service. Prior to sending traffic to the shadow - service, the host / authority header is suffixed with -shadow. - properties: - - name: 'backendService' - type: ResourceRef - description: | - The BackendService resource being mirrored to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - properties: - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. - required: true - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction - is not set, will use the largest timeout among all backend services associated with the route. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'retryConditions' - type: Array - description: | - Specfies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with - any 5xx response code, or if the backend service does not respond at all, - for example: disconnects, reset, read timeout, connection failure, and refused - streams. - * gateway-error: Similar to 5xx, but only applies to response codes - 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures - connecting to backend services, for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream: Loadbalancer will retry if the backend service resets the stream with a - REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response - header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the - gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response - header is set to resource-exhausted - * unavailable: Loadbalancer will retry if the gRPC status code in - the response header is set to unavailable - item_type: - type: String - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time - the request is has been fully processed (i.e. end-of-stream) up until the - response has been completely processed. Timeout includes all retries. If not - specified, the default value is 15 seconds. - properties: - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 `seconds` field and a positive - `nanos` field. Must be from 0 to 999,999,999 inclusive. - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - required: true - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, prior to forwarding the request to - the matched service - properties: - - name: 'hostRewrite' - type: String - description: | - Prior to forwarding the request to the selected service, the request's host - header is replaced with contents of hostRewrite. The value must be between 1 and - 255 characters. - - name: 'pathPrefixRewrite' - type: String - description: | - Prior to forwarding the request to the selected backend service, the matching - portion of the request's path is replaced by pathPrefixRewrite. The value must - be between 1 and 1024 characters. - - name: 'pathTemplateRewrite' - type: String - description: | - Prior to forwarding the request to the selected origin, if the - request matched a pathTemplateMatch, the matching portion of the - request's path is replaced re-written using the pattern specified - by pathTemplateRewrite. - - pathTemplateRewrite must be between 1 and 255 characters - (inclusive), must start with a '/', and must only use variables - captured by the route's pathTemplate matchers. - - pathTemplateRewrite may only be used when all of a route's - MatchRules specify pathTemplate. - - Only one of pathPrefixRewrite and pathTemplateRewrite may be - specified. - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match - occurs. The weights determine the fraction of traffic that flows to their - corresponding backend service. If all traffic needs to go to a single backend - service, there must be one weightedBackendService with weight set to a non 0 - number. Once a backendService is identified and before forwarding the request to - the backend service, advanced routing actions like Url rewrites and header - transformations are applied depending on additional settings specified in this - HttpRouteAction. - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The default BackendService resource. Before - forwarding the request to backendService, the loadbalancer applies any relevant - headerActions specified as part of this backendServiceWeight. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. headerAction specified here take effect before - headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. - properties: - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the - backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header. - required: true - - name: 'headerValue' - type: String - description: | - The value of the header to add. - required: true - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. - required: true - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. - item_type: - type: String - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to backendService, computed as weight / - (sum of all weightedBackendService weights in routeAction) . The selection of a - backend service is determined only for new traffic. Once a user's request has - been directed to a backendService, subsequent requests will be sent to the same - backendService as determined by the BackendService's session affinity policy. - The value must be between 0 and 1000 - required: true - - name: 'urlRedirect' - type: NestedObject - description: | - When this rule is matched, the request is redirected to a URL specified by - urlRedirect. If urlRedirect is specified, service or routeAction must not be - set. - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. If set - to false, the URL scheme of the redirected request will remain the same as that - of the request. This must only be set for UrlMaps used in TargetHttpProxys. - Setting this true for TargetHttpsProxy is not permitted. Defaults to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one that was - supplied in the request. Only one of pathRedirect or prefixRedirect must be - specified. The value must be between 1 and 1024 characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is removed - prior to redirecting the request. If set to false, the query portion of the - original URL is retained. Defaults to false. - default_value: false - - name: 'defaultUrlRedirect' - type: NestedObject - description: | - When none of the specified hostRules match, the request is redirected to a URL specified - by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or - defaultRouteAction must not be set. - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. If set to - false, the URL scheme of the redirected request will remain the same as that of the - request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this - true for TargetHttpsProxy is not permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one that was - supplied in the request. pathRedirect cannot be supplied together with - prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the - original request will be used for the redirect. The value must be between 1 and 1024 - characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or - neither. If neither is supplied, the path of the original request will be used for - the redirect. The value must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is removed prior - to redirecting the request. If set to false, the query portion of the original URL is - retained. - This field is required to ensure an empty block is not set. The normal default value is false. - required: true - - name: 'defaultRouteAction' - type: NestedObject - description: | - defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs - advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request - to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. - Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. - - Only one of defaultRouteAction or defaultUrlRedirect must be set. - properties: - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match occurs. - The weights determine the fraction of traffic that flows to their corresponding backend service. - If all traffic needs to go to a single backend service, there must be one weightedBackendService - with weight set to a non 0 number. - - Once a backendService is identified and before forwarding the request to the backend service, - advanced routing actions like Url rewrites and header transformations are applied depending on - additional settings specified in this HttpRouteAction. - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The full or partial URL to the default BackendService resource. Before forwarding the - request to backendService, the loadbalancer applies any relevant headerActions - specified as part of this backendServiceWeight. - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to backendService, computed as - weight / (sum of all weightedBackendService weights in routeAction) . - - The selection of a backend service is determined only for new traffic. Once a user's request - has been directed to a backendService, subsequent requests will be sent to the same backendService - as determined by the BackendService's session affinity policy. - - The value must be between 0 and 1000 - validation: - function: 'validation.IntBetween(0, 1000)' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. - - headerAction specified here take effect before headerAction in the enclosing - HttpRouteRule, PathMatcher and UrlMap. - properties: - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request prior to - forwarding the request to the backendService. - item_type: - type: String - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header to add. - - name: 'headerValue' - type: String - description: | - The value of the header to add. - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. - default_value: false - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response prior to sending the - response back to the client. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header to add. - - name: 'headerValue' - type: String - description: | - The value of the header to add. - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. - default_value: false - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, prior to forwarding the request to the matched service. - properties: - - name: 'pathPrefixRewrite' - type: String - description: | - Prior to forwarding the request to the selected backend service, the matching portion of the - request's path is replaced by pathPrefixRewrite. - - The value must be between 1 and 1024 characters. - - name: 'hostRewrite' - type: String - description: | - Prior to forwarding the request to the selected service, the request's host header is replaced - with contents of hostRewrite. - - The value must be between 1 and 255 characters. - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time the request has been - fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. - - If not specified, will use the largest timeout among all backend services associated with the route. - default_from_api: true - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - properties: - - name: 'retryConditions' - type: Array - description: | - Specfies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, - or if the backend service does not respond at all, example: disconnects, reset, read timeout, - * connection failure, and refused streams. - * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures connecting to backend services, - for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. - This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - item_type: - type: String - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - validation: - function: 'validation.IntAtLeast(1)' - default_value: 1 - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - - If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - will use the largest timeout among all backend services associated with the route. - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. - Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, - the host / authority header is suffixed with -shadow. - properties: - - name: 'backendService' - type: ResourceRef - description: | - The full or partial URL to the BackendService resource being mirrored to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see - [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) - properties: - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regular expression patterns that match allowed origins. For regular expression grammar - please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - item_type: - type: String - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - item_type: - type: String - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long results of a preflight request can be cached in seconds. - This translates to the Access-Control-Max-Age header. - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. - default_value: false - - name: 'disabled' - type: Boolean - description: | - If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. - default_value: false - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. - As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a - percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted - by the Loadbalancer for a percentage of requests. - - timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. - properties: - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. - validation: - function: 'validation.FloatBetween(0, 100)' - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault injection. - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. - The value must be between 200 and 599 inclusive. - validation: - function: 'validation.IntBetween(200, 599)' - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. - validation: - function: 'validation.FloatBetween(0, 100)' - - name: 'defaultCustomErrorResponsePolicy' - type: NestedObject - description: | - defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. - - This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. - - For example, consider a UrlMap with the following configuration: - - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. - If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. - - When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. - - defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. - min_version: 'beta' - properties: - - name: 'errorResponseRule' - type: Array - description: | - Specifies rules for returning error responses. - In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. - For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). - If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. - api_name: errorResponseRules - item_type: - type: NestedObject - properties: - - name: 'matchResponseCodes' - type: Array - description: | - Valid values include: - - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. - Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. - item_type: - type: String - - name: 'path' - type: String - description: | - The full path to a file within backendBucket. For example: /errors/defaultError.html - path must start with a leading slash. path cannot have trailing slashes. - If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. - The value must be from 1 to 1024 characters. - - name: 'overrideResponseCode' - type: Integer - description: | - The HTTP status code returned with the response containing the custom error content. - If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. - - name: 'errorService' - type: ResourceRef - description: | - The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket - - If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. - If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). - resource: 'BackendBucket' - imports: 'selfLink' - - name: 'test' - type: Array - description: | - The list of expected URL mapping tests. Request to update this UrlMap will - succeed only if all of the test cases pass. You can specify a maximum of 100 - tests per UrlMap. - api_name: tests - item_type: - type: NestedObject - properties: - - name: 'description' - type: String - description: | - Description of this test case. - - name: 'host' - type: String - description: | - Host portion of the URL. - required: true - - name: 'path' - type: String - description: | - Path portion of the URL. - required: true - - name: 'service' - type: ResourceRef - description: The backend service or backend bucket link that should be matched by this test. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'defaultUrlRedirect' - type: NestedObject - description: | - When none of the specified hostRules match, the request is redirected to a URL specified - by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or - defaultRouteAction must not be set. - conflicts: - - default_route_action - exactly_one_of: - - 'default_service' - - 'default_url_redirect' - - 'default_route_action.0.weighted_backend_services' - properties: - - name: 'hostRedirect' - type: String - description: | - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. - - name: 'httpsRedirect' - type: Boolean - description: | - If set to true, the URL scheme in the redirected request is set to https. If set to - false, the URL scheme of the redirected request will remain the same as that of the - request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this - true for TargetHttpsProxy is not permitted. The default is set to false. - default_value: false - - name: 'pathRedirect' - type: String - description: | - The path that will be used in the redirect response instead of the one that was - supplied in the request. pathRedirect cannot be supplied together with - prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the - original request will be used for the redirect. The value must be between 1 and 1024 - characters. - - name: 'prefixRedirect' - type: String - description: | - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or - neither. If neither is supplied, the path of the original request will be used for - the redirect. The value must be between 1 and 1024 characters. - - name: 'redirectResponseCode' - type: Enum - description: | - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. - enum_values: - - 'FOUND' - - 'MOVED_PERMANENTLY_DEFAULT' - - 'PERMANENT_REDIRECT' - - 'SEE_OTHER' - - 'TEMPORARY_REDIRECT' - skip_docs_values: true - - name: 'stripQuery' - type: Boolean - description: | - If set to true, any accompanying query portion of the original URL is removed prior - to redirecting the request. If set to false, the query portion of the original URL is - retained. The default is set to false. - This field is required to ensure an empty block is not set. The normal default value is false. - required: true - - name: 'defaultRouteAction' - type: NestedObject - description: | - defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions - like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. - If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService - is set, defaultRouteAction cannot contain any weightedBackendServices. - - Only one of defaultRouteAction or defaultUrlRedirect must be set. - conflicts: - - default_url_redirect - properties: - - name: 'weightedBackendServices' - type: Array - description: | - A list of weighted backend services to send traffic to when a route match occurs. - The weights determine the fraction of traffic that flows to their corresponding backend service. - If all traffic needs to go to a single backend service, there must be one weightedBackendService - with weight set to a non 0 number. - - Once a backendService is identified and before forwarding the request to the backend service, - advanced routing actions like Url rewrites and header transformations are applied depending on - additional settings specified in this HttpRouteAction. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - exactly_one_of: - - 'default_service' - - 'default_url_redirect' - - 'default_route_action.0.weighted_backend_services' - item_type: - type: NestedObject - properties: - - name: 'backendService' - type: ResourceRef - description: | - The full or partial URL to the default BackendService resource. Before forwarding the - request to backendService, the loadbalancer applies any relevant headerActions - specified as part of this backendServiceWeight. - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'weight' - type: Integer - description: | - Specifies the fraction of traffic sent to backendService, computed as - weight / (sum of all weightedBackendService weights in routeAction) . - - The selection of a backend service is determined only for new traffic. Once a user's request - has been directed to a backendService, subsequent requests will be sent to the same backendService - as determined by the BackendService's session affinity policy. - - The value must be between 0 and 1000 - validation: - function: 'validation.IntBetween(0, 1000)' - - name: 'headerAction' - type: NestedObject - description: | - Specifies changes to request and response headers that need to take effect for - the selected backendService. - - headerAction specified here take effect before headerAction in the enclosing - HttpRouteRule, PathMatcher and UrlMap. - properties: - - name: 'requestHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the request prior to - forwarding the request to the backendService. - item_type: - type: String - - name: 'requestHeadersToAdd' - type: Array - description: | - Headers to add to a matching request prior to forwarding the request to the backendService. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header to add. - - name: 'headerValue' - type: String - description: | - The value of the header to add. - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. - default_value: false - - name: 'responseHeadersToRemove' - type: Array - description: | - A list of header names for headers that need to be removed from the response prior to sending the - response back to the client. - item_type: - type: String - - name: 'responseHeadersToAdd' - type: Array - description: | - Headers to add the response prior to sending the response back to the client. - item_type: - type: NestedObject - properties: - - name: 'headerName' - type: String - description: | - The name of the header to add. - - name: 'headerValue' - type: String - description: | - The value of the header to add. - - name: 'replace' - type: Boolean - description: | - If false, headerValue is appended to any values that already exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. - default_value: false - - name: 'urlRewrite' - type: NestedObject - description: | - The spec to modify the URL of the request, prior to forwarding the request to the matched service. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'pathPrefixRewrite' - type: String - description: | - Prior to forwarding the request to the selected backend service, the matching portion of the - request's path is replaced by pathPrefixRewrite. - - The value must be between 1 and 1024 characters. - at_least_one_of: - - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - - 'default_route_action.0.url_rewrite.0.host_rewrite' - - name: 'hostRewrite' - type: String - description: | - Prior to forwarding the request to the selected service, the request's host header is replaced - with contents of hostRewrite. - - The value must be between 1 and 255 characters. - at_least_one_of: - - 'default_route_action.0.url_rewrite.0.path_prefix_rewrite' - - 'default_route_action.0.url_rewrite.0.host_rewrite' - - name: 'timeout' - type: NestedObject - description: | - Specifies the timeout for the selected route. Timeout is computed from the time the request has been - fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. - - If not specified, will use the largest timeout among all backend services associated with the route. - default_from_api: true - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - at_least_one_of: - - 'default_route_action.0.timeout.0.seconds' - - 'default_route_action.0.timeout.0.nanos' - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - at_least_one_of: - - 'default_route_action.0.timeout.0.seconds' - - 'default_route_action.0.timeout.0.nanos' - - name: 'retryPolicy' - type: NestedObject - description: | - Specifies the retry policy associated with this route. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'retryConditions' - type: Array - description: | - Specfies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, - or if the backend service does not respond at all, example: disconnects, reset, read timeout, - * connection failure, and refused streams. - * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures connecting to backend services, - for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. - This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - at_least_one_of: - - 'default_route_action.0.retry_policy.0.retry_conditions' - - 'default_route_action.0.retry_policy.0.num_retries' - - 'default_route_action.0.retry_policy.0.per_try_timeout' - item_type: - type: String - - name: 'numRetries' - type: Integer - description: | - Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.retry_conditions' - - 'default_route_action.0.retry_policy.0.num_retries' - - 'default_route_action.0.retry_policy.0.per_try_timeout' - validation: - function: 'validation.IntAtLeast(1)' - default_value: 1 - - name: 'perTryTimeout' - type: NestedObject - description: | - Specifies a non-zero timeout per retry attempt. - - If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - will use the largest timeout among all backend services associated with the route. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.retry_conditions' - - 'default_route_action.0.retry_policy.0.num_retries' - - 'default_route_action.0.retry_policy.0.per_try_timeout' - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - at_least_one_of: - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - at_least_one_of: - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.seconds' - - 'default_route_action.0.retry_policy.0.per_try_timeout.0.nanos' - - name: 'requestMirrorPolicy' - type: NestedObject - description: | - Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. - Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, - the host / authority header is suffixed with -shadow. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'backendService' - type: ResourceRef - description: | - The full or partial URL to the BackendService resource being mirrored to. - required: true - custom_expand: 'templates/terraform/custom_expand/go/reference_to_backend.tmpl' - resource: 'BackendService' - imports: 'selfLink' - - name: 'corsPolicy' - type: NestedObject - description: | - The specification for allowing client side cross-origin requests. Please see - [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/) - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'allowOrigins' - type: Array - description: | - Specifies the list of origins that will be allowed to do CORS requests. - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'allowOriginRegexes' - type: Array - description: | - Specifies the regular expression patterns that match allowed origins. For regular expression grammar - please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'allowMethods' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Methods header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'allowHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Allow-Headers header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'exposeHeaders' - type: Array - description: | - Specifies the content for the Access-Control-Expose-Headers header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - item_type: - type: String - - name: 'maxAge' - type: Integer - description: | - Specifies how long results of a preflight request can be cached in seconds. - This translates to the Access-Control-Max-Age header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - - name: 'allowCredentials' - type: Boolean - description: | - In response to a preflight request, setting this to true indicates that the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - default_value: false - - name: 'disabled' - type: Boolean - description: | - If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. - at_least_one_of: - - 'default_route_action.0.cors_policy.0.allow_origins' - - 'default_route_action.0.cors_policy.0.allow_origin_regexes' - - 'default_route_action.0.cors_policy.0.allow_methods' - - 'default_route_action.0.cors_policy.0.allow_headers' - - 'default_route_action.0.cors_policy.0.expose_headers' - - 'default_route_action.0.cors_policy.0.max_age' - - 'default_route_action.0.cors_policy.0.allow_credentials' - - 'default_route_action.0.cors_policy.0.disabled' - default_value: false - - name: 'faultInjectionPolicy' - type: NestedObject - description: | - The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. - As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a - percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted - by the Loadbalancer for a percentage of requests. - - timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. - at_least_one_of: - - 'default_route_action.0.weighted_backend_services' - - 'default_route_action.0.url_rewrite' - - 'default_route_action.0.timeout' - - 'default_route_action.0.retry_policy' - - 'default_route_action.0.request_mirror_policy' - - 'default_route_action.0.cors_policy' - - 'default_route_action.0.fault_injection_policy' - properties: - - name: 'delay' - type: NestedObject - description: | - The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay' - - 'default_route_action.0.fault_injection_policy.0.abort' - properties: - - name: 'fixedDelay' - type: NestedObject - description: | - Specifies the value of the fixed delay interval. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' - - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' - properties: - - name: 'seconds' - type: String - description: | - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - - name: 'nanos' - type: Integer - description: | - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.seconds' - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay.0.nanos' - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay.0.fixed_delay' - - 'default_route_action.0.fault_injection_policy.0.delay.0.percentage' - validation: - function: 'validation.FloatBetween(0, 100)' - - name: 'abort' - type: NestedObject - description: | - The specification for how client requests are aborted as part of fault injection. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.delay' - - 'default_route_action.0.fault_injection_policy.0.abort' - properties: - - name: 'httpStatus' - type: Integer - description: | - The HTTP status code used to abort the request. - The value must be between 200 and 599 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' - validation: - function: 'validation.IntBetween(200, 599)' - - name: 'percentage' - type: Double - description: | - The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. - at_least_one_of: - - 'default_route_action.0.fault_injection_policy.0.abort.0.http_status' - - 'default_route_action.0.fault_injection_policy.0.abort.0.percentage' - validation: - function: 'validation.FloatBetween(0, 100)' diff --git a/mmv1/products/compute/go_VpnGateway.yaml b/mmv1/products/compute/go_VpnGateway.yaml deleted file mode 100644 index 24be342df8cc..000000000000 --- a/mmv1/products/compute/go_VpnGateway.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'VpnGateway' -kind: 'compute#targetVpnGateway' -description: | - Represents a VPN gateway running in GCP. This virtual device is managed - by Google, but used only by you. -references: - guides: - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways' -docs: - warning: | - Classic VPN is deprecating certain functionality on October 31, 2021. For more information, - see the [Classic VPN partial deprecation page](https://cloud.google.com/network-connectivity/docs/vpn/deprecations/classic-vpn-deprecation). -base_url: 'projects/{{project}}/regions/{{region}}/targetVpnGateways' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: -examples: - - name: 'target_vpn_gateway_basic' - primary_resource_id: 'target_gateway' - vars: - target_vpn_gateway_name: 'vpn-1' - network_name: 'network-1' - address_name: 'vpn-static-ip' - esp_forwarding_rule_name: 'fr-esp' - udp500_forwarding_rule_name: 'fr-udp500' - udp4500_forwarding_rule_name: 'fr-udp4500' - vpn_tunnel_name: 'tunnel1' - route_name: 'route1' -parameters: - - name: 'region' - type: ResourceRef - description: | - The region this gateway should sit in. - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'description' - type: String - description: 'An optional description of this resource.' - immutable: true - - name: 'name' - type: String - description: | - Name of the resource. Provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means - the first character must be a lowercase letter, and all following - characters must be a dash, lowercase letter, or digit, except the last - character, which cannot be a dash. - required: true - immutable: true - - name: 'gateway_id' - type: Integer - description: 'The unique identifier for the resource.' - api_name: id - output: true - - name: 'network' - type: ResourceRef - description: | - The network this VPN gateway is accepting traffic for. - required: true - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Network' - imports: 'selfLink' diff --git a/mmv1/products/compute/go_VpnTunnel.yaml b/mmv1/products/compute/go_VpnTunnel.yaml deleted file mode 100644 index 116133853a5f..000000000000 --- a/mmv1/products/compute/go_VpnTunnel.yaml +++ /dev/null @@ -1,229 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'VpnTunnel' -kind: 'compute#vpnTunnel' -description: 'VPN tunnel resource.' -references: - guides: - 'Cloud VPN Overview': 'https://cloud.google.com/vpn/docs/concepts/overview' - 'Networks and Tunnel Routing': 'https://cloud.google.com/vpn/docs/concepts/choosing-networks-routing' - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels' -docs: -base_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels' -has_self_link: true -immutable: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - kind: 'compute#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -collection_url_key: 'items' -custom_code: - constants: 'templates/terraform/constants/go/vpn_tunnel.tmpl' - encoder: 'templates/terraform/encoders/go/vpn_tunnel.go.tmpl' - post_create: 'templates/terraform/post_create/go/labels.tmpl' -examples: - - name: 'vpn_tunnel_basic' - primary_resource_id: 'tunnel1' - vars: - vpn_tunnel_name: 'tunnel-1' - target_vpn_gateway_name: 'vpn-1' - network_name: 'network-1' - address_name: 'vpn-static-ip' - esp_forwarding_rule_name: 'fr-esp' - udp500_forwarding_rule_name: 'fr-udp500' - udp4500_forwarding_rule_name: 'fr-udp4500' - route_name: 'route1' -parameters: - - name: 'region' - type: ResourceRef - description: - 'The region where the tunnel is located. If unset, is set to the region of - `target_vpn_gateway`.' - required: false - default_from_api: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'name' -properties: - - name: 'tunnel_id' - type: String - description: - 'The unique identifier for the resource. This identifier is defined by the - server.' - api_name: id - output: true - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'name' - type: String - description: | - Name of the resource. The name must be 1-63 characters long, and - comply with RFC1035. Specifically, the name must be 1-63 - characters long and match the regular expression - `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character - must be a lowercase letter, and all following characters must - be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. - required: true - - name: 'description' - type: String - description: | - An optional description of this resource. - immutable: true - - name: 'targetVpnGateway' - type: ResourceRef - description: | - URL of the Target VPN gateway with which this VPN tunnel is - associated. - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'VpnGateway' - imports: 'selfLink' - - name: 'vpnGateway' - type: ResourceRef - description: | - URL of the VPN gateway with which this VPN tunnel is associated. - This must be used if a High Availability VPN gateway resource is created. - This field must reference a `google_compute_ha_vpn_gateway` resource. - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'HaVpnGateway' - imports: 'selfLink' - - name: 'vpnGatewayInterface' - type: Integer - description: | - The interface ID of the VPN gateway with which this VPN tunnel is associated. - immutable: true - send_empty_value: true - - name: 'peerExternalGateway' - type: ResourceRef - description: | - URL of the peer side external VPN gateway to which this VPN tunnel is connected. - immutable: true - conflicts: - - peer_gcp_gateway - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'ExternalVpnGateway' - imports: 'selfLink' - - name: 'peerExternalGatewayInterface' - type: Integer - description: | - The interface ID of the external VPN gateway to which this VPN tunnel is connected. - send_empty_value: true - - name: 'peerGcpGateway' - type: ResourceRef - description: | - URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. - If provided, the VPN tunnel will automatically use the same vpn_gateway_interface - ID in the peer GCP VPN gateway. - This field must reference a `google_compute_ha_vpn_gateway` resource. - conflicts: - - peer_external_gateway - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'HaVpnGateway' - imports: 'selfLink' - - name: 'router' - type: ResourceRef - description: | - URL of router resource to be used for dynamic routing. - immutable: true - custom_expand: 'templates/terraform/custom_expand/go/compute_full_url.tmpl' - resource: 'Router' - imports: 'selfLink' - - name: 'peerIp' - type: String - description: | - IP address of the peer VPN gateway. Only IPv4 is supported. - default_from_api: true - validation: - function: 'validatePeerAddr' - - name: 'sharedSecret' - type: String - description: | - Shared secret used to set the secure session between the Cloud VPN - gateway and the peer VPN gateway. - required: true - ignore_read: true - sensitive: true - - name: 'sharedSecretHash' - type: String - description: | - Hash of the shared secret. - output: true - - name: 'ikeVersion' - type: Integer - description: | - IKE protocol version to use when establishing the VPN tunnel with - peer VPN gateway. - Acceptable IKE versions are 1 or 2. Default version is 2. - default_value: 2 - - name: 'localTrafficSelector' - type: Array - description: | - Local traffic selector to use when establishing the VPN tunnel with - peer VPN gateway. The value should be a CIDR formatted string, - for example `192.168.0.0/16`. The ranges should be disjoint. - Only IPv4 is supported. - is_set: true - default_from_api: true - item_type: - type: String - - name: 'remoteTrafficSelector' - type: Array - description: | - Remote traffic selector to use when establishing the VPN tunnel with - peer VPN gateway. The value should be a CIDR formatted string, - for example `192.168.0.0/16`. The ranges should be disjoint. - Only IPv4 is supported. - is_set: true - default_from_api: true - item_type: - type: String - - name: 'labels' - type: KeyValueLabels - description: Labels to apply to this VpnTunnel. - update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' - update_verb: 'POST' - - name: 'labelFingerprint' - type: Fingerprint - description: | - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - output: true - update_url: 'projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}/setLabels' - update_verb: 'POST' - key_expander: '' - - name: 'detailedStatus' - type: String - description: 'Detailed status message for the VPN tunnel.' - output: true diff --git a/mmv1/products/compute/go_Zone.yaml b/mmv1/products/compute/go_Zone.yaml deleted file mode 100644 index a88b4719203a..000000000000 --- a/mmv1/products/compute/go_Zone.yaml +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Zone' -kind: 'compute#zone' -description: 'Represents a Zone resource.' -# Used as a resource reference -exclude: true -readonly: true -docs: -base_url: 'projects/{{project}}/zones' -has_self_link: true -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'items' -custom_code: -parameters: -properties: - - name: 'creationTimestamp' - type: Time - description: 'Creation timestamp in RFC3339 text format.' - output: true - - name: 'deprecated' - type: NestedObject - description: 'The deprecation status associated with this machine type.' - output: true - properties: - - name: 'deleted' - type: Time - description: | - An optional RFC3339 timestamp on or after which the state of this - resource is intended to change to DELETED. This is only - informational and the status will not change unless the client - explicitly changes it. - output: true - - name: 'deprecated' - type: Time - description: | - An optional RFC3339 timestamp on or after which the state of this - resource is intended to change to DEPRECATED. This is only - informational and the status will not change unless the client - explicitly changes it. - output: true - - name: 'obsolete' - type: Time - description: | - An optional RFC3339 timestamp on or after which the state of this - resource is intended to change to OBSOLETE. This is only - informational and the status will not change unless the client - explicitly changes it. - output: true - - name: 'replacement' - type: String - description: | - The URL of the suggested replacement for a deprecated resource. - The suggested replacement resource must be the same kind of - resource as the deprecated resource. - output: true - - name: 'state' - type: Enum - description: | - The deprecation state of this resource. This can be DEPRECATED, - OBSOLETE, or DELETED. Operations which create a new resource - using a DEPRECATED resource will return successfully, but with a - warning indicating the deprecated resource and recommending its - replacement. Operations which use OBSOLETE or DELETED resources - will be rejected and result in an error. - output: true - enum_values: - - 'DEPRECATED' - - 'OBSOLETE' - - 'DELETED' - - name: 'description' - type: String - description: 'An optional textual description of the resource.' - output: true - - name: 'id' - type: Integer - description: 'The unique identifier for the resource.' - output: true - - name: 'name' - type: String - description: 'Name of the resource.' - - name: 'region' - type: ResourceRef - description: 'The region where the zone is located.' - output: true - custom_expand: 'templates/terraform/custom_expand/go/resourceref_with_validation.go.tmpl' - resource: 'Region' - imports: 'selfLink' - - name: 'status' - type: Enum - description: 'The status of the zone.' - output: true - enum_values: - - 'UP' - - 'DOWN' - - name: 'availableCpuPlatforms' - type: Array - description: 'The available CPU platforms in this zone' - output: true - item_type: - type: String diff --git a/mmv1/products/compute/go_product.yaml b/mmv1/products/compute/go_product.yaml deleted file mode 100644 index b239add11991..000000000000 --- a/mmv1/products/compute/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Compute' -display_name: 'Compute Engine' -versions: - - name: 'ga' - base_url: 'https://compute.googleapis.com/compute/v1/' - - name: 'beta' - base_url: 'https://compute.googleapis.com/compute/beta/' -scopes: - - 'https://www.googleapis.com/auth/compute' diff --git a/mmv1/products/compute/product.yaml b/mmv1/products/compute/product.yaml index 1cd722004bf4..a77b1c0718a7 100644 --- a/mmv1/products/compute/product.yaml +++ b/mmv1/products/compute/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2017 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,17 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. -# TODO(nelsonjr): Make all Zone and Region resource ref - ---- !ruby/object:Api::Product -name: Compute -display_name: Compute Engine +--- +name: 'Compute' +display_name: 'Compute Engine' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://compute.googleapis.com/compute/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://compute.googleapis.com/compute/beta/ + - name: 'ga' + base_url: 'https://compute.googleapis.com/compute/v1/' + - name: 'beta' + base_url: 'https://compute.googleapis.com/compute/beta/' scopes: - - https://www.googleapis.com/auth/compute + - 'https://www.googleapis.com/auth/compute' diff --git a/mmv1/products/containeranalysis/Note.yaml b/mmv1/products/containeranalysis/Note.yaml index c5898314a18e..25d97c4b389d 100644 --- a/mmv1/products/containeranalysis/Note.yaml +++ b/mmv1/products/containeranalysis/Note.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,113 +11,121 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Note' -base_url: projects/{{project}}/notes?noteId={{name}} -self_link: projects/{{project}}/notes/{{name}} -update_verb: :PATCH -update_mask: true description: | A Container Analysis note is a high-level piece of metadata that describes a type of analysis that can be done for a resource. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/container-analysis/' 'Creating Attestations (Occurrences)': 'https://cloud.google.com/binary-authorization/docs/making-attestations' api: 'https://cloud.google.com/container-analysis/api/reference/rest/' -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/notes/{{name}}' +base_url: 'projects/{{project}}/notes?noteId={{name}}' +self_link: 'projects/{{project}}/notes/{{name}}' +update_verb: 'PATCH' +update_mask: true +mutex: 'projects/{{project}}/notes/{{name}}' +import_format: + - 'projects/{{project}}/notes/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST - parent_resource_attribute: 'note' - import_format: ['projects/{{project}}/notes/{{name}}', '{{name}}'] + fetch_iam_policy_verb: 'POST' allowed_iam_role: 'roles/containeranalysis.notes.occurrences.viewer' -mutex: 'projects/{{project}}/notes/{{name}}' -id_format: 'projects/{{project}}/notes/{{name}}' -import_format: ['projects/{{project}}/notes/{{name}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/containeranalysis_attestation_field_name.go.erb - decoder: templates/terraform/decoders/containeranalysis_attestation_field_name.go.erb + parent_resource_attribute: 'note' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/notes/{{name}}' + - '{{name}}' +custom_code: + encoder: 'templates/terraform/encoders/containeranalysis_attestation_field_name.go.tmpl' + decoder: 'templates/terraform/decoders/containeranalysis_attestation_field_name.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'container_analysis_note_basic' + - name: 'container_analysis_note_basic' primary_resource_id: 'note' - primary_resource_name: "fmt.Sprintf(\"tf-test-attestor-note%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-attestor-note%s", context["random_suffix"])' vars: note_name: 'attestor-note' - - !ruby/object:Provider::Terraform::Examples - name: 'container_analysis_note_attestation_full' + - name: 'container_analysis_note_attestation_full' primary_resource_id: 'note' vars: note_name: 'attestor-note' +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The name of the note. required: true immutable: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: shortDescription + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'shortDescription' + type: String description: | A one sentence description of the note. - - !ruby/object:Api::Type::String - name: longDescription + - name: 'longDescription' + type: String description: | A detailed description of the note - - !ruby/object:Api::Type::Enum - name: 'kind' + - name: 'kind' + type: Enum description: | The type of analysis this note describes - values: - - NOTE_KIND_UNSPECIFIED - - VULNERABILITY - - BUILD - - IMAGE - - PACKAGE - - DEPLOYMENT - - DISCOVERY - - ATTESTATION - - UPGRADE output: true - - !ruby/object:Api::Type::Array - name: relatedUrl + enum_values: + - 'NOTE_KIND_UNSPECIFIED' + - 'VULNERABILITY' + - 'BUILD' + - 'IMAGE' + - 'PACKAGE' + - 'DEPLOYMENT' + - 'DISCOVERY' + - 'ATTESTATION' + - 'UPGRADE' + - name: 'relatedUrl' + type: Array description: | URLs associated with this note and related metadata. is_set: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: url + - name: 'url' + type: String description: | Specific URL associated with the resource. required: true - - !ruby/object:Api::Type::String - name: label + - name: 'label' + type: String description: | Label to describe usage of the URL - - !ruby/object:Api::Type::Time - name: expirationTime + - name: 'expirationTime' + type: Time description: | Time of expiration for this note. Leave empty if note does not expire. - - !ruby/object:Api::Type::Time - name: createTime + - name: 'createTime' + type: Time description: The time this note was created. output: true - - !ruby/object:Api::Type::Time - name: updateTime + - name: 'updateTime' + type: Time description: The time this note was last updated. output: true - - !ruby/object:Api::Type::Array - name: relatedNoteNames + - name: 'relatedNoteNames' + type: Array description: | Names of other notes related to this note. is_set: true - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: attestationAuthority + item_type: + type: String + - name: 'attestationAuthority' + type: NestedObject description: | Note kind that represents a logical attestation "role" or "authority". For example, an organization might have one AttestationAuthority for @@ -130,8 +138,8 @@ properties: project. required: true properties: - - !ruby/object:Api::Type::NestedObject - name: hint + - name: 'hint' + type: NestedObject description: | This submessage provides human-readable hints about the purpose of the AttestationAuthority. Because the name of a Note acts as its @@ -143,8 +151,8 @@ properties: Attestations to verify. required: true properties: - - !ruby/object:Api::Type::String - name: humanReadableName + - name: 'humanReadableName' + type: String description: | The human readable name of this Attestation Authority, for example "qa". diff --git a/mmv1/products/containeranalysis/Occurrence.yaml b/mmv1/products/containeranalysis/Occurrence.yaml index 9105eb821390..7ea07bd819e9 100644 --- a/mmv1/products/containeranalysis/Occurrence.yaml +++ b/mmv1/products/containeranalysis/Occurrence.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,80 +11,85 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Occurrence' -base_url: projects/{{project}}/occurrences -self_link: projects/{{project}}/occurrences/{{name}} -update_verb: :PATCH -update_mask: true description: | An occurrence is an instance of a Note, or type of analysis that can be done for a resource. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/container-analysis/' api: 'https://cloud.google.com/container-analysis/api/reference/rest/' -mutex: '{{note_name}}' +docs: id_format: 'projects/{{project}}/occurrences/{{name}}' -import_format: ['projects/{{project}}/occurrences/{{name}}'] +base_url: 'projects/{{project}}/occurrences' +self_link: 'projects/{{project}}/occurrences/{{name}}' +update_verb: 'PATCH' +update_mask: true +mutex: '{{note_name}}' +import_format: + - 'projects/{{project}}/occurrences/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + encoder: 'templates/terraform/encoders/containeranalysis_occurrence.go.tmpl' + update_encoder: 'templates/terraform/update_encoder/containeranalysis_occurrence.go.tmpl' + decoder: 'templates/terraform/decoders/containeranalysis_occurrence.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: - 'container_analysis_occurrence_kms' - # Occurrence requires custom logic for signing payloads. - skip_test: true + - name: 'container_analysis_occurrence_kms' primary_resource_id: 'occurrence' vars: note_name: 'attestation-note' attestor: 'attestor' -custom_code: !ruby/object:Provider::Terraform::CustomCode - encoder: templates/terraform/encoders/containeranalysis_occurrence.go.erb - update_encoder: templates/terraform/update_encoder/containeranalysis_occurrence.go.erb - decoder: templates/terraform/decoders/containeranalysis_occurrence.go.erb + # Occurrence requires custom logic for signing payloads. + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The name of the occurrence. output: true - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: resourceUri + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'resourceUri' + type: String description: | Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image. required: true immutable: true - - !ruby/object:Api::Type::String - name: noteName + - name: 'noteName' + type: String description: | The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests. required: true immutable: true - - !ruby/object:Api::Type::String - name: kind + - name: 'kind' + type: String description: | The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests. output: true - - !ruby/object:Api::Type::String - name: remediation + - name: 'remediation' + type: String description: | A description of actions that can be taken to remedy the note. - - !ruby/object:Api::Type::Time - name: createTime + - name: 'createTime' + type: Time description: The time when the repository was created. output: true - - !ruby/object:Api::Type::Time - name: updateTime + - name: 'updateTime' + type: Time description: The time when the repository was last updated. output: true - - !ruby/object:Api::Type::NestedObject - name: attestation + - name: 'attestation' + type: NestedObject description: | Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. @@ -96,26 +101,27 @@ properties: which authority this attestation was intended to sign. required: true properties: - - !ruby/object:Api::Type::String - name: serializedPayload + - name: 'serializedPayload' + type: String description: | The serialized payload that is verified by one or more signatures. A base64-encoded string. required: true - - !ruby/object:Api::Type::Array - name: signatures + - name: 'signatures' + type: Array description: | One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. - required: true is_set: true - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: signature + - name: 'signature' + type: String description: | The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be @@ -124,9 +130,8 @@ properties: payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload. - - !ruby/object:Api::Type::String - name: publicKeyId - required: true + - name: 'publicKeyId' + type: String description: | The identifier for the public key that verifies this signature. MUST be an RFC3986 conformant @@ -139,3 +144,4 @@ properties: * `openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA` * RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" + required: true diff --git a/mmv1/products/containeranalysis/go_Note.yaml b/mmv1/products/containeranalysis/go_Note.yaml deleted file mode 100644 index 77758fa8c219..000000000000 --- a/mmv1/products/containeranalysis/go_Note.yaml +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Note' -description: | - A Container Analysis note is a high-level piece of metadata that - describes a type of analysis that can be done for a resource. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/container-analysis/' - 'Creating Attestations (Occurrences)': 'https://cloud.google.com/binary-authorization/docs/making-attestations' - api: 'https://cloud.google.com/container-analysis/api/reference/rest/' -docs: -id_format: 'projects/{{project}}/notes/{{name}}' -base_url: 'projects/{{project}}/notes?noteId={{name}}' -self_link: 'projects/{{project}}/notes/{{name}}' -update_verb: 'PATCH' -update_mask: true -mutex: 'projects/{{project}}/notes/{{name}}' -import_format: - - 'projects/{{project}}/notes/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - allowed_iam_role: 'roles/containeranalysis.notes.occurrences.viewer' - parent_resource_attribute: 'note' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/notes/{{name}}' - - '{{name}}' -custom_code: - encoder: 'templates/terraform/encoders/go/containeranalysis_attestation_field_name.go.tmpl' - decoder: 'templates/terraform/decoders/go/containeranalysis_attestation_field_name.go.tmpl' -examples: - - name: 'container_analysis_note_basic' - primary_resource_id: 'note' - primary_resource_name: 'fmt.Sprintf("tf-test-attestor-note%s", context["random_suffix"])' - vars: - note_name: 'attestor-note' - - name: 'container_analysis_note_attestation_full' - primary_resource_id: 'note' - vars: - note_name: 'attestor-note' -parameters: -properties: - - name: 'name' - type: String - description: | - The name of the note. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'shortDescription' - type: String - description: | - A one sentence description of the note. - - name: 'longDescription' - type: String - description: | - A detailed description of the note - - name: 'kind' - type: Enum - description: | - The type of analysis this note describes - output: true - enum_values: - - 'NOTE_KIND_UNSPECIFIED' - - 'VULNERABILITY' - - 'BUILD' - - 'IMAGE' - - 'PACKAGE' - - 'DEPLOYMENT' - - 'DISCOVERY' - - 'ATTESTATION' - - 'UPGRADE' - - name: 'relatedUrl' - type: Array - description: | - URLs associated with this note and related metadata. - is_set: true - item_type: - type: NestedObject - properties: - - name: 'url' - type: String - description: | - Specific URL associated with the resource. - required: true - - name: 'label' - type: String - description: | - Label to describe usage of the URL - - name: 'expirationTime' - type: Time - description: | - Time of expiration for this note. Leave empty if note does not expire. - - name: 'createTime' - type: Time - description: The time this note was created. - output: true - - name: 'updateTime' - type: Time - description: The time this note was last updated. - output: true - - name: 'relatedNoteNames' - type: Array - description: | - Names of other notes related to this note. - is_set: true - item_type: - type: String - - name: 'attestationAuthority' - type: NestedObject - description: | - Note kind that represents a logical attestation "role" or "authority". - For example, an organization might have one AttestationAuthority for - "QA" and one for "build". This Note is intended to act strictly as a - grouping mechanism for the attached Occurrences (Attestations). This - grouping mechanism also provides a security boundary, since IAM ACLs - gate the ability for a principle to attach an Occurrence to a given - Note. It also provides a single point of lookup to find all attached - Attestation Occurrences, even if they don't all live in the same - project. - required: true - properties: - - name: 'hint' - type: NestedObject - description: | - This submessage provides human-readable hints about the purpose of - the AttestationAuthority. Because the name of a Note acts as its - resource reference, it is important to disambiguate the canonical - name of the Note (which might be a UUID for security purposes) - from "readable" names more suitable for debug output. Note that - these hints should NOT be used to look up AttestationAuthorities - in security sensitive contexts, such as when looking up - Attestations to verify. - required: true - properties: - - name: 'humanReadableName' - type: String - description: | - The human readable name of this Attestation Authority, for - example "qa". - required: true diff --git a/mmv1/products/containeranalysis/go_Occurrence.yaml b/mmv1/products/containeranalysis/go_Occurrence.yaml deleted file mode 100644 index 68e851d77f4e..000000000000 --- a/mmv1/products/containeranalysis/go_Occurrence.yaml +++ /dev/null @@ -1,147 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Occurrence' -description: | - An occurrence is an instance of a Note, or type of analysis that - can be done for a resource. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/container-analysis/' - api: 'https://cloud.google.com/container-analysis/api/reference/rest/' -docs: -id_format: 'projects/{{project}}/occurrences/{{name}}' -base_url: 'projects/{{project}}/occurrences' -self_link: 'projects/{{project}}/occurrences/{{name}}' -update_verb: 'PATCH' -update_mask: true -mutex: '{{note_name}}' -import_format: - - 'projects/{{project}}/occurrences/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - encoder: 'templates/terraform/encoders/go/containeranalysis_occurrence.go.tmpl' - update_encoder: 'templates/terraform/update_encoder/go/containeranalysis_occurrence.go.tmpl' - decoder: 'templates/terraform/decoders/go/containeranalysis_occurrence.go.tmpl' -examples: - - name: 'container_analysis_occurrence_kms' - primary_resource_id: 'occurrence' - vars: - note_name: 'attestation-note' - attestor: 'attestor' - skip_test: true -parameters: -properties: - - name: 'name' - type: String - description: | - The name of the occurrence. - output: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'resourceUri' - type: String - description: | - Required. Immutable. A URI that represents the resource for which - the occurrence applies. For example, - https://gcr.io/project/image@sha256:123abc for a Docker image. - required: true - immutable: true - - name: 'noteName' - type: String - description: | - The analysis note associated with this occurrence, in the form of - projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a - filter in list requests. - required: true - immutable: true - - name: 'kind' - type: String - description: | - The note kind which explicitly denotes which of the occurrence - details are specified. This field can be used as a filter in list - requests. - output: true - - name: 'remediation' - type: String - description: | - A description of actions that can be taken to remedy the note. - - name: 'createTime' - type: Time - description: The time when the repository was created. - output: true - - name: 'updateTime' - type: Time - description: The time when the repository was last updated. - output: true - - name: 'attestation' - type: NestedObject - description: | - Occurrence that represents a single "attestation". The authenticity - of an attestation can be verified using the attached signature. - If the verifier trusts the public key of the signer, then verifying - the signature is sufficient to establish trust. In this circumstance, - the authority to which this attestation is attached is primarily - useful for lookup (how to find this attestation if you already - know the authority and artifact to be verified) and intent (for - which authority this attestation was intended to sign. - required: true - properties: - - name: 'serializedPayload' - type: String - description: | - The serialized payload that is verified by one or - more signatures. A base64-encoded string. - required: true - - name: 'signatures' - type: Array - description: | - One or more signatures over serializedPayload. - Verifier implementations should consider this attestation - message verified if at least one signature verifies - serializedPayload. See Signature in common.proto for more - details on signature structure and verification. - is_set: true - required: true - item_type: - type: NestedObject - properties: - - name: 'signature' - type: String - description: | - The content of the signature, an opaque bytestring. - The payload that this signature verifies MUST be - unambiguously provided with the Signature during - verification. A wrapper message might provide the - payload explicitly. Alternatively, a message might - have a canonical serialization that can always be - unambiguously computed to derive the payload. - - name: 'publicKeyId' - type: String - description: | - The identifier for the public key that verifies this - signature. MUST be an RFC3986 conformant - URI. * When possible, the key id should be an - immutable reference, such as a cryptographic digest. - Examples of valid values: - - * OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr - for more details on this scheme. - * `openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA` - * RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): - * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" - required: true diff --git a/mmv1/products/containeranalysis/go_product.yaml b/mmv1/products/containeranalysis/go_product.yaml deleted file mode 100644 index 3a11f455fccd..000000000000 --- a/mmv1/products/containeranalysis/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ContainerAnalysis' -display_name: 'Container Registry' -versions: - - name: 'ga' - base_url: 'https://containeranalysis.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://containeranalysis.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/containeranalysis/product.yaml b/mmv1/products/containeranalysis/product.yaml index 77ff9e749e7d..e2ac4f990167 100644 --- a/mmv1/products/containeranalysis/product.yaml +++ b/mmv1/products/containeranalysis/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2018 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,15 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: ContainerAnalysis -display_name: Container Registry +--- +name: 'ContainerAnalysis' +display_name: 'Container Registry' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://containeranalysis.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://containeranalysis.googleapis.com/v1beta1/ + - name: 'ga' + base_url: 'https://containeranalysis.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://containeranalysis.googleapis.com/v1beta1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/containerattached/Cluster.yaml b/mmv1/products/containerattached/Cluster.yaml index 69499b15d3b0..d5d9f173e7fb 100644 --- a/mmv1/products/containerattached/Cluster.yaml +++ b/mmv1/products/containerattached/Cluster.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,96 +11,93 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Cluster' -base_url: projects/{{project}}/locations/{{location}}/attachedClusters -create_url: projects/{{project}}/locations/{{location}}/attachedClusters?attached_cluster_id={{name}} -delete_url: projects/{{project}}/locations/{{location}}/attachedClusters/{{name}} -update_url: projects/{{project}}/locations/{{location}}/attachedClusters/{{name}} -self_link: projects/{{project}}/locations/{{location}}/attachedClusters/{{name}} -update_verb: :PATCH -update_mask: true -delete_verb: :DELETE description: | An Anthos cluster running on customer owned infrastructure. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'API reference': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest/v1/projects.locations.attachedClusters' 'Multicloud overview': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud' api: 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/attachedClusters' +self_link: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +create_url: 'projects/{{project}}/locations/{{location}}/attachedClusters?attached_cluster_id={{name}}' +update_url: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: full_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: 'true' - allowed: - - 'true' - - 'false' - error: !ruby/object:Api::OpAsync::Error + error: path: 'error/errors' message: 'message' -autogen_async: false -id_format: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' -import_format: - ['projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}'] +custom_code: + constants: 'templates/terraform/constants/containerattached_cluster_diff.go.tmpl' + pre_update: 'templates/terraform/pre_update/containerattached_update.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/container_attached_deletion_policy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'container_attached_cluster_basic' - primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + - name: 'container_attached_cluster_basic' primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' vars: name: 'basic' - - !ruby/object:Provider::Terraform::Examples - name: 'container_attached_cluster_full' - primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + - name: 'container_attached_cluster_full' primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' vars: name: 'basic' - - !ruby/object:Provider::Terraform::Examples - name: 'container_attached_cluster_ignore_errors' - primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' + - name: 'container_attached_cluster_ignore_errors' primary_resource_id: 'primary' + primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' vars: name: 'basic' ignore_read_extra: - 'deletion_policy' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/containerattached_cluster_diff.go.erb - pre_update: templates/terraform/pre_update/containerattached_update.go.erb - pre_delete: templates/terraform/pre_delete/container_attached_deletion_policy.go.erb virtual_fields: - - !ruby/object:Api::Type::String - name: 'deletion_policy' + - name: 'deletion_policy' description: 'Policy to determine what flags to send on delete. Possible values: DELETE, DELETE_IGNORE_ERRORS' - default_value: DELETE + type: String + default_value: "DELETE" +parameters: properties: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: | The location for the resource - immutable: true - required: true url_param_only: true - - !ruby/object:Api::Type::String - name: name + required: true + immutable: true + - name: 'name' + type: String description: | The name of this resource. required: true immutable: true - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: description + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'description' + type: String description: | A human readable description of this attached cluster. Cannot be longer than 255 UTF-8 encoded bytes. - - !ruby/object:Api::Type::NestedObject - name: oidcConfig + - name: 'oidcConfig' + type: NestedObject description: | OIDC discovery information of the target cluster. @@ -115,93 +112,93 @@ properties: `issuer_url` and `jwks`. required: true properties: - - !ruby/object:Api::Type::String - name: issuerUrl + - name: 'issuerUrl' + type: String description: | A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` required: true immutable: true - - !ruby/object:Api::Type::String - name: jwks + - name: 'jwks' + type: String description: | OIDC verification keys in JWKS format (RFC 7517). immutable: true - - !ruby/object:Api::Type::String - name: platformVersion + - name: 'platformVersion' + type: String description: | The platform version for the cluster (e.g. `1.23.0-gke.1`). required: true - - !ruby/object:Api::Type::String - name: distribution + - name: 'distribution' + type: String description: | The Kubernetes distribution of the underlying attached cluster. Supported values: "eks", "aks", "generic". The generic distribution provides the ability to register or migrate any CNCF conformant cluster. required: true immutable: true - - !ruby/object:Api::Type::String - name: clusterRegion + - name: 'clusterRegion' + type: String description: | Output only. The region where this cluster runs. For EKS clusters, this is an AWS region. For AKS clusters, this is an Azure region. output: true - - !ruby/object:Api::Type::NestedObject - name: fleet + - name: 'fleet' + type: NestedObject description: | Fleet configuration. required: true properties: - - !ruby/object:Api::Type::String - name: membership + - name: 'membership' + type: String description: | The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/. output: true - - !ruby/object:Api::Type::String - name: project + - name: 'project' + type: String description: | The number of the Fleet host project where this cluster will be registered. required: true immutable: true - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^projects/[0-9]+$' - - !ruby/object:Api::Type::String - name: state + - name: 'state' + type: String description: | The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED output: true - - !ruby/object:Api::Type::String - name: uid + - name: 'uid' + type: String description: | A globally unique identifier for the cluster. output: true - - !ruby/object:Api::Type::Boolean - name: reconciling + - name: 'reconciling' + type: Boolean description: | If set, there are currently changes in flight to the cluster. output: true - - !ruby/object:Api::Type::String - name: createTime + - name: 'createTime' + type: String description: | Output only. The time at which this cluster was created. output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: | The time at which this cluster was last updated. output: true - - !ruby/object:Api::Type::String - name: kubernetesVersion + - name: 'kubernetesVersion' + type: String description: | The Kubernetes version of the cluster. output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: 'annotations' + - name: 'annotations' + type: KeyValueAnnotations description: | Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and @@ -209,27 +206,27 @@ properties: and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. - - !ruby/object:Api::Type::NestedObject - name: workloadIdentityConfig + - name: 'workloadIdentityConfig' + type: NestedObject description: | Workload Identity settings. output: true properties: - - !ruby/object:Api::Type::String - name: identityProvider + - name: 'identityProvider' + type: String description: | The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool. - - !ruby/object:Api::Type::String - name: issuerUri + - name: 'issuerUri' + type: String description: | The OIDC issuer URL for this cluster. - - !ruby/object:Api::Type::String - name: workloadPool + - name: 'workloadPool' + type: String description: | The Workload Identity Pool associated to the cluster. - - !ruby/object:Api::Type::NestedObject - name: loggingConfig + - name: 'loggingConfig' + type: NestedObject description: | Logging configuration. # If the user doesn't specify a loggingConfig, the server will supply a default value. Instead of @@ -240,52 +237,52 @@ properties: # case needs to be ignored. send_empty_value: true allow_empty_object: true - custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_empty_logging.go.erb' diff_suppress_func: 'suppressAttachedClustersLoggingConfigDiff' + custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_empty_logging.go.tmpl' properties: - - !ruby/object:Api::Type::NestedObject - name: componentConfig + - name: 'componentConfig' + type: NestedObject description: | The configuration of the logging components send_empty_value: true allow_empty_object: true properties: - - !ruby/object:Api::Type::Array - name: enableComponents + - name: 'enableComponents' + type: Array description: | The components to be enabled. send_empty_value: true allow_empty_object: true - item_type: !ruby/object:Api::Type::Enum - name: 'component' + item_type: + type: Enum description: | The components of the logging configuration. - values: - - :SYSTEM_COMPONENTS - - :WORKLOADS - - !ruby/object:Api::Type::Array - name: errors + enum_values: + - 'SYSTEM_COMPONENTS' + - 'WORKLOADS' + - name: 'errors' + type: Array description: | A set of errors found in the cluster. output: true - item_type: !ruby/object:Api::Type::NestedObject - name: attachedClusterError + item_type: description: | Describes errors found on attached clusters. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: message + - name: 'message' + type: String description: | Human-friendly description of the error. - - !ruby/object:Api::Type::NestedObject - name: authorization + - name: 'authorization' + type: NestedObject description: | Configuration related to the cluster RBAC settings. - custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_authorization_user.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/containerattached_cluster_authorization_user.go.erb' + custom_flatten: 'templates/terraform/custom_flatten/containerattached_cluster_authorization_user.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/containerattached_cluster_authorization_user.go.tmpl' properties: - - !ruby/object:Api::Type::Array - name: adminUsers + - name: 'adminUsers' + type: Array description: | Users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole @@ -293,9 +290,10 @@ properties: For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: adminGroups + item_type: + type: String + - name: 'adminGroups' + type: Array description: | Groups that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole @@ -303,69 +301,70 @@ properties: For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: monitoringConfig + item_type: + type: String + - name: 'monitoringConfig' + type: NestedObject description: | Monitoring configuration. - allow_empty_object: true default_from_api: true + allow_empty_object: true properties: - - !ruby/object:Api::Type::NestedObject - name: managedPrometheusConfig + - name: 'managedPrometheusConfig' + type: NestedObject description: | Enable Google Cloud Managed Service for Prometheus in the cluster. allow_empty_object: true properties: - - !ruby/object:Api::Type::Boolean - name: enabled + - name: 'enabled' + type: Boolean description: | Enable Managed Collection. - - !ruby/object:Api::Type::NestedObject - name: binaryAuthorization + - name: 'binaryAuthorization' + type: NestedObject description: | Binary Authorization configuration. - allow_empty_object: true default_from_api: true + allow_empty_object: true properties: - - !ruby/object:Api::Type::Enum - name: evaluationMode + - name: 'evaluationMode' + type: Enum description: | Configure Binary Authorization evaluation mode. - values: - - :DISABLED - - :PROJECT_SINGLETON_POLICY_ENFORCE - - !ruby/object:Api::Type::NestedObject - name: proxyConfig + enum_values: + - 'DISABLED' + - 'PROJECT_SINGLETON_POLICY_ENFORCE' + - name: 'proxyConfig' + type: NestedObject description: | Support for proxy configuration. properties: - - !ruby/object:Api::Type::NestedObject - name: kubernetesSecret + - name: 'kubernetesSecret' + type: NestedObject description: | The Kubernetes Secret resource that contains the HTTP(S) proxy configuration. properties: - - !ruby/object:Api::Type::String - name: name - required: true + - name: 'name' + type: String description: | Name of the kubernetes secret containing the proxy config. - - !ruby/object:Api::Type::String - name: namespace required: true + - name: 'namespace' + type: String description: | Namespace of the kubernetes secret containing the proxy config. - - !ruby/object:Api::Type::NestedObject - name: securityPostureConfig + required: true + - name: 'securityPostureConfig' + type: NestedObject description: | Enable/Disable Security Posture API features for the cluster. default_from_api: true properties: - - !ruby/object:Api::Type::Enum - name: vulnerabilityMode - required: true + - name: 'vulnerabilityMode' + type: Enum description: | Sets the mode of the Kubernetes security posture API's workload vulnerability scanning. - values: - - :VULNERABILITY_DISABLED - - :VULNERABILITY_ENTERPRISE + required: true + enum_values: + - 'VULNERABILITY_DISABLED' + - 'VULNERABILITY_ENTERPRISE' diff --git a/mmv1/products/containerattached/go_Cluster.yaml b/mmv1/products/containerattached/go_Cluster.yaml deleted file mode 100644 index aeb083d656a9..000000000000 --- a/mmv1/products/containerattached/go_Cluster.yaml +++ /dev/null @@ -1,371 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Cluster' -description: | - An Anthos cluster running on customer owned infrastructure. -references: - guides: - 'API reference': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest/v1/projects.locations.attachedClusters' - 'Multicloud overview': 'https://cloud.google.com/anthos/clusters/docs/multi-cloud' - api: 'https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' -base_url: 'projects/{{project}}/locations/{{location}}/attachedClusters' -self_link: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' -create_url: 'projects/{{project}}/locations/{{location}}/attachedClusters?attached_cluster_id={{name}}' -update_url: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' -update_verb: 'PATCH' -update_mask: true -delete_url: 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/attachedClusters/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - full_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error/errors' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/containerattached_cluster_diff.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/containerattached_update.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/container_attached_deletion_policy.go.tmpl' -examples: - - name: 'container_attached_cluster_basic' - primary_resource_id: 'primary' - primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' - vars: - name: 'basic' - - name: 'container_attached_cluster_full' - primary_resource_id: 'primary' - primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' - vars: - name: 'basic' - - name: 'container_attached_cluster_ignore_errors' - primary_resource_id: 'primary' - primary_resource_name: 'fmt.Sprintf("basic%s", context["random_suffix"])' - vars: - name: 'basic' - ignore_read_extra: - - 'deletion_policy' -virtual_fields: - - name: 'deletion_policy' - description: 'Policy to determine what flags to send on delete. Possible values: DELETE, DELETE_IGNORE_ERRORS' - type: String - default_value: "DELETE" -parameters: -properties: - - name: 'location' - type: String - description: | - The location for the resource - url_param_only: true - required: true - immutable: true - - name: 'name' - type: String - description: | - The name of this resource. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'description' - type: String - description: | - A human readable description of this attached cluster. Cannot be longer - than 255 UTF-8 encoded bytes. - - name: 'oidcConfig' - type: NestedObject - description: | - OIDC discovery information of the target cluster. - - Kubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster - API server. This fields indicates how GCP services - validate KSA tokens in order to allow system workloads (such as GKE Connect - and telemetry agents) to authenticate back to GCP. - - Both clusters with public and private issuer URLs are supported. - Clusters with public issuers only need to specify the `issuer_url` field - while clusters with private issuers need to provide both - `issuer_url` and `jwks`. - required: true - properties: - - name: 'issuerUrl' - type: String - description: | - A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` - required: true - immutable: true - - name: 'jwks' - type: String - description: | - OIDC verification keys in JWKS format (RFC 7517). - immutable: true - - name: 'platformVersion' - type: String - description: | - The platform version for the cluster (e.g. `1.23.0-gke.1`). - required: true - - name: 'distribution' - type: String - description: | - The Kubernetes distribution of the underlying attached cluster. Supported values: - "eks", "aks", "generic". The generic distribution provides the ability to register - or migrate any CNCF conformant cluster. - required: true - immutable: true - - name: 'clusterRegion' - type: String - description: | - Output only. The region where this cluster runs. - - For EKS clusters, this is an AWS region. For AKS clusters, - this is an Azure region. - output: true - - name: 'fleet' - type: NestedObject - description: | - Fleet configuration. - required: true - properties: - - name: 'membership' - type: String - description: | - The name of the managed Hub Membership resource associated to this - cluster. Membership names are formatted as - projects//locations/global/membership/. - output: true - - name: 'project' - type: String - description: | - The number of the Fleet host project where this cluster will be registered. - required: true - immutable: true - validation: - regex: '^projects/[0-9]+$' - - name: 'state' - type: String - description: | - The current state of the cluster. Possible values: - STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, - DEGRADED - output: true - - name: 'uid' - type: String - description: | - A globally unique identifier for the cluster. - output: true - - name: 'reconciling' - type: Boolean - description: | - If set, there are currently changes in flight to the cluster. - output: true - - name: 'createTime' - type: String - description: | - Output only. The time at which this cluster was created. - output: true - - name: 'updateTime' - type: String - description: | - The time at which this cluster was last updated. - output: true - - name: 'kubernetesVersion' - type: String - description: | - The Kubernetes version of the cluster. - output: true - - name: 'annotations' - type: KeyValueAnnotations - description: | - Optional. Annotations on the cluster. This field has the same - restrictions as Kubernetes annotations. The total size of all keys and - values combined is limited to 256k. Key can have 2 segments: prefix (optional) - and name (required), separated by a slash (/). Prefix must be a DNS subdomain. - Name must be 63 characters or less, begin and end with alphanumerics, - with dashes (-), underscores (_), dots (.), and alphanumerics between. - - name: 'workloadIdentityConfig' - type: NestedObject - description: | - Workload Identity settings. - output: true - properties: - - name: 'identityProvider' - type: String - description: | - The ID of the OIDC Identity Provider (IdP) associated to - the Workload Identity Pool. - - name: 'issuerUri' - type: String - description: | - The OIDC issuer URL for this cluster. - - name: 'workloadPool' - type: String - description: | - The Workload Identity Pool associated to the cluster. - - name: 'loggingConfig' - type: NestedObject - description: | - Logging configuration. - # If the user doesn't specify a loggingConfig, the server will supply a default value. Instead of - # letting that happen and allowing the config and state to get mismatched, just manually send an - # empty object if the user doesn't set anything and require the user to explicitly set the field if a - # value is desired. - # If the loggingConfig passed to the server is empty, an empty object is returned, so the diff in that - # case needs to be ignored. - send_empty_value: true - allow_empty_object: true - diff_suppress_func: 'suppressAttachedClustersLoggingConfigDiff' - custom_expand: 'templates/terraform/custom_expand/go/containerattached_cluster_empty_logging.go.tmpl' - properties: - - name: 'componentConfig' - type: NestedObject - description: | - The configuration of the logging components - send_empty_value: true - allow_empty_object: true - properties: - - name: 'enableComponents' - type: Array - description: | - The components to be enabled. - send_empty_value: true - allow_empty_object: true - item_type: - type: Enum - description: | - The components of the logging configuration. - enum_values: - - 'SYSTEM_COMPONENTS' - - 'WORKLOADS' - - name: 'errors' - type: Array - description: | - A set of errors found in the cluster. - output: true - item_type: - description: | - Describes errors found on attached clusters. - type: NestedObject - properties: - - name: 'message' - type: String - description: | - Human-friendly description of the error. - - name: 'authorization' - type: NestedObject - description: | - Configuration related to the cluster RBAC settings. - custom_flatten: 'templates/terraform/custom_flatten/go/containerattached_cluster_authorization_user.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/containerattached_cluster_authorization_user.go.tmpl' - properties: - - name: 'adminUsers' - type: Array - description: | - Users that can perform operations as a cluster admin. A managed - ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole - to the users. Up to ten admin users can be provided. - - For more info on RBAC, see - https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - item_type: - type: String - - name: 'adminGroups' - type: Array - description: | - Groups that can perform operations as a cluster admin. A managed - ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole - to the groups. Up to ten admin groups can be provided. - - For more info on RBAC, see - https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - item_type: - type: String - - name: 'monitoringConfig' - type: NestedObject - description: | - Monitoring configuration. - default_from_api: true - allow_empty_object: true - properties: - - name: 'managedPrometheusConfig' - type: NestedObject - description: | - Enable Google Cloud Managed Service for Prometheus in the cluster. - allow_empty_object: true - properties: - - name: 'enabled' - type: Boolean - description: | - Enable Managed Collection. - - name: 'binaryAuthorization' - type: NestedObject - description: | - Binary Authorization configuration. - default_from_api: true - allow_empty_object: true - properties: - - name: 'evaluationMode' - type: Enum - description: | - Configure Binary Authorization evaluation mode. - enum_values: - - 'DISABLED' - - 'PROJECT_SINGLETON_POLICY_ENFORCE' - - name: 'proxyConfig' - type: NestedObject - description: | - Support for proxy configuration. - properties: - - name: 'kubernetesSecret' - type: NestedObject - description: | - The Kubernetes Secret resource that contains the HTTP(S) proxy configuration. - properties: - - name: 'name' - type: String - description: | - Name of the kubernetes secret containing the proxy config. - required: true - - name: 'namespace' - type: String - description: | - Namespace of the kubernetes secret containing the proxy config. - required: true - - name: 'securityPostureConfig' - type: NestedObject - description: | - Enable/Disable Security Posture API features for the cluster. - default_from_api: true - properties: - - name: 'vulnerabilityMode' - type: Enum - description: | - Sets the mode of the Kubernetes security posture API's workload vulnerability scanning. - required: true - enum_values: - - 'VULNERABILITY_DISABLED' - - 'VULNERABILITY_ENTERPRISE' diff --git a/mmv1/products/containerattached/go_product.yaml b/mmv1/products/containerattached/go_product.yaml deleted file mode 100644 index 17c5a7046f57..000000000000 --- a/mmv1/products/containerattached/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ContainerAttached' -display_name: 'ContainerAttached' -versions: - - name: 'ga' - base_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/containerattached/product.yaml b/mmv1/products/containerattached/product.yaml index 0e71355cc381..ba2795bcd1e4 100644 --- a/mmv1/products/containerattached/product.yaml +++ b/mmv1/products/containerattached/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: ContainerAttached -display_name: ContainerAttached +--- +name: 'ContainerAttached' +display_name: 'ContainerAttached' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://{{location}}-gkemulticloud.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://{{location}}-gkemulticloud.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/databasemigrationservice/ConnectionProfile.yaml b/mmv1/products/databasemigrationservice/ConnectionProfile.yaml index 0dc4bb59cbcd..86dfe9d63612 100644 --- a/mmv1/products/databasemigrationservice/ConnectionProfile.yaml +++ b/mmv1/products/databasemigrationservice/ConnectionProfile.yaml @@ -1,795 +1,792 @@ -# Copyright 2022 Google Inc. -# Licensed under the Apache License, Version 2.0 (the 'License'); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an 'AS IS' BASIS, +# distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ConnectionProfile' -self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -import_format: - [ - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}', - ] -base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' -create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}' -update_verb: :PATCH -update_mask: true description: 'A connection profile definition.' -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Database Migration': 'https://cloud.google.com/database-migration/docs/' api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles/create' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' +self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 60 update_minutes: 60 delete_minutes: 60 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -autogen_async: true +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_cloudsql' + - name: 'database_migration_service_connection_profile_cloudsql' primary_resource_id: 'cloudsqlprofile' + vars: + sqldb: 'my-database' + sqldb_cert: 'my-cert' + sqldb_user: 'my-username' + sqldb_pass: 'my-password' + from_profile: 'my-fromprofileid' + to_profile: 'my-toprofileid' ignore_read_extra: - 'mysql.0.password' - 'mysql.0.ssl.0.ca_certificate' - 'mysql.0.ssl.0.client_certificate' - 'mysql.0.ssl.0.client_key' + - name: 'database_migration_service_connection_profile_postgres' + primary_resource_id: 'postgresprofile' vars: sqldb: 'my-database' sqldb_cert: 'my-cert' sqldb_user: 'my-username' sqldb_pass: 'my-password' - from_profile: 'my-fromprofileid' - to_profile: 'my-toprofileid' - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_postgres' - primary_resource_id: 'postgresprofile' + profile: 'my-profileid' ignore_read_extra: - 'postgresql.0.password' - 'postgresql.0.ssl.0.ca_certificate' - 'postgresql.0.ssl.0.client_certificate' - 'postgresql.0.ssl.0.client_key' + - name: 'database_migration_service_connection_profile_oracle' + primary_resource_id: 'oracleprofile' vars: - sqldb: 'my-database' - sqldb_cert: 'my-cert' - sqldb_user: 'my-username' - sqldb_pass: 'my-password' profile: 'my-profileid' - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_oracle' - primary_resource_id: 'oracleprofile' ignore_read_extra: - 'oracle.0.password' - vars: - profile: 'my-profileid' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_alloydb' + exclude_test: true + - name: 'database_migration_service_connection_profile_alloydb' primary_resource_id: 'alloydbprofile' - ignore_read_extra: - - 'alloydb.0.settings.0.initial_user.0.password' vars: profile: 'my-profileid' global_address_name: 'private-ip-alloc' network_name: 'vpc-network' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_existing_mysql' + ignore_read_extra: + - 'alloydb.0.settings.0.initial_user.0.password' + exclude_test: true + - name: 'database_migration_service_connection_profile_existing_mysql' primary_resource_id: 'existing-mysql' vars: destination_csql: 'destination-csql' destination_cp: 'destination-cp' - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_existing_postgres' + - name: 'database_migration_service_connection_profile_existing_postgres' primary_resource_id: 'existing-psql' vars: destination_csql: 'destination-csql' destination_cp: 'destination-cp' - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_connection_profile_existing_alloydb' + - name: 'database_migration_service_connection_profile_existing_alloydb' primary_resource_id: 'existing-alloydb' vars: destination_alloydb: 'destination-alloydb' destination_cp: 'destination-cp' parameters: - - !ruby/object:Api::Type::String - name: 'connectionProfileId' - required: true - immutable: true - url_param_only: true + - name: 'connectionProfileId' + type: String description: | The ID of the connection profile. - - !ruby/object:Api::Type::String - name: 'location' - immutable: true url_param_only: true + required: true + immutable: true + - name: 'location' + type: String description: | The location where the connection profile should reside. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The name of this connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{connectionProfile}. - - !ruby/object:Api::Type::String - name: 'displayName' + output: true + - name: 'displayName' + type: String description: | The connection profile display name. - - !ruby/object:Api::Type::Time - name: 'createTime' - output: true + - name: 'createTime' + type: Time description: | Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: | The resource labels for connection profile to use to annotate any related underlying resources such as Compute Engine VMs. - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + - name: 'state' + type: Enum description: | The current connection profile state. - values: - - :DRAFT - - :READY - - :FAILED - - !ruby/object:Api::Type::NestedObject - name: 'error' + output: true + enum_values: + - 'DRAFT' + - 'READY' + - 'FAILED' + - name: 'error' + type: NestedObject description: | Output only. The error details in case of state FAILED. output: true properties: - - !ruby/object:Api::Type::Integer - name: 'code' - output: true + - name: 'code' + type: Integer description: | The status code, which should be an enum value of google.rpc.Code. - - !ruby/object:Api::Type::String - name: 'message' output: true + - name: 'message' + type: String description: | Human readable message indicating details about the current status. - - !ruby/object:Api::Type::Array - name: 'details' + output: true + - name: 'details' + type: Array description: | A list of messages that carry the error details. - item_type: Api::Type::KeyValuePairs output: true - - !ruby/object:Api::Type::Enum - name: 'dbprovider' - output: true + item_type: + type: KeyValuePairs + - name: 'dbprovider' + type: Enum description: | The database provider. api_name: provider - values: - - :CLOUDSQL - - :RDS - - :AURORA - - :ALLOYDB - - !ruby/object:Api::Type::NestedObject - name: 'mysql' + output: true + enum_values: + - 'CLOUDSQL' + - 'RDS' + - 'AURORA' + - 'ALLOYDB' + - name: 'mysql' + type: NestedObject description: | Specifies connection parameters required specifically for MySQL databases. exactly_one_of: - - mysql - - postgresql - - oracle - - cloudsql - - alloydb + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' properties: - - !ruby/object:Api::Type::String - name: 'host' + - name: 'host' + type: String + description: | + The IP or hostname of the source MySQL database. required_with: - 'mysql.0.port' - 'mysql.0.username' + - name: 'port' + type: Integer description: | - The IP or hostname of the source MySQL database. - - !ruby/object:Api::Type::Integer - name: 'port' + The network port of the source MySQL database. required_with: - 'mysql.0.host' - 'mysql.0.username' + - name: 'username' + type: String description: | - The network port of the source MySQL database. - - !ruby/object:Api::Type::String - name: 'username' + The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. required_with: - 'mysql.0.host' - 'mysql.0.port' - description: | - The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. - - !ruby/object:Api::Type::String - name: 'password' - immutable: true + - name: 'password' + type: String description: | Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + immutable: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_password.go.erb - - !ruby/object:Api::Type::Boolean - name: 'passwordSet' - output: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_password.go.tmpl' + - name: 'passwordSet' + type: Boolean description: | Output only. Indicates If this connection profile password is stored. - - !ruby/object:Api::Type::NestedObject - name: 'ssl' + output: true + - name: 'ssl' + type: NestedObject description: | SSL configuration for the destination to connect to the source database. properties: - - !ruby/object:Api::Type::Enum - name: 'type' - output: true + - name: 'type' + type: Enum description: | The current connection profile state. - values: - - :SERVER_ONLY - - :SERVER_CLIENT - - !ruby/object:Api::Type::String - name: 'clientKey' - immutable: true + output: true + enum_values: + - 'SERVER_ONLY' + - 'SERVER_CLIENT' + - name: 'clientKey' + type: String description: | Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'clientCertificate' field is mandatory. - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_client_key.go.erb - - !ruby/object:Api::Type::String - name: 'clientCertificate' immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_client_key.go.tmpl' + - name: 'clientCertificate' + type: String description: | Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'clientKey' field is mandatory - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_client_certificate.go.erb - - !ruby/object:Api::Type::String - name: 'caCertificate' immutable: true - required: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_ca_certificate.go.erb + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_client_certificate.go.tmpl' + - name: 'caCertificate' + type: String description: | Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host. - - !ruby/object:Api::Type::String - name: 'cloudSqlId' + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_ca_certificate.go.tmpl' + - name: 'cloudSqlId' + type: String description: | If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. - - !ruby/object:Api::Type::NestedObject - name: 'postgresql' + - name: 'postgresql' + type: NestedObject description: | Specifies connection parameters required specifically for PostgreSQL databases. exactly_one_of: - - mysql - - postgresql - - oracle - - cloudsql - - alloydb + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' properties: - - !ruby/object:Api::Type::String - name: 'host' - required_with: - - 'postgresql.0.port' - - 'postgresql.0.username' - - 'postgresql.0.password' + - name: 'host' + type: String description: | The IP or hostname of the source MySQL database. - - !ruby/object:Api::Type::Integer - name: 'port' required_with: - - 'postgresql.0.host' + - 'postgresql.0.port' - 'postgresql.0.username' - 'postgresql.0.password' + - name: 'port' + type: Integer description: | The network port of the source MySQL database. - - !ruby/object:Api::Type::String - name: 'username' required_with: - 'postgresql.0.host' - - 'postgresql.0.port' + - 'postgresql.0.username' - 'postgresql.0.password' + - name: 'username' + type: String description: | The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. - - !ruby/object:Api::Type::String - name: 'password' required_with: - 'postgresql.0.host' - 'postgresql.0.port' - - 'postgresql.0.username' - immutable: true + - 'postgresql.0.password' + - name: 'password' + type: String description: | Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + immutable: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_password.go.erb - - !ruby/object:Api::Type::Boolean - name: 'passwordSet' - output: true + required_with: + - 'postgresql.0.host' + - 'postgresql.0.port' + - 'postgresql.0.username' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_password.go.tmpl' + - name: 'passwordSet' + type: Boolean description: | Output only. Indicates If this connection profile password is stored. - - !ruby/object:Api::Type::NestedObject - name: 'ssl' + output: true + - name: 'ssl' + type: NestedObject description: | SSL configuration for the destination to connect to the source database. properties: - - !ruby/object:Api::Type::Enum - name: 'type' - output: true + - name: 'type' + type: Enum description: | The current connection profile state. - values: - - :SERVER_ONLY - - :SERVER_CLIENT - - !ruby/object:Api::Type::String - name: 'clientKey' - immutable: true - required_with: - - client_certificate + output: true + enum_values: + - 'SERVER_ONLY' + - 'SERVER_CLIENT' + - name: 'clientKey' + type: String description: | Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'clientCertificate' field is mandatory. - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_client_key.go.erb - - !ruby/object:Api::Type::String - name: 'clientCertificate' immutable: true + sensitive: true required_with: - - client_key + - 'client_certificate' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_client_key.go.tmpl' + - name: 'clientCertificate' + type: String description: | Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'clientKey' field is mandatory - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_client_certificate.go.erb - - !ruby/object:Api::Type::String - name: 'caCertificate' immutable: true - required: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_ca_certificate.go.erb + required_with: + - 'client_key' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_client_certificate.go.tmpl' + - name: 'caCertificate' + type: String description: | Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host. - - !ruby/object:Api::Type::String - name: 'cloudSqlId' + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_ca_certificate.go.tmpl' + - name: 'cloudSqlId' + type: String description: | If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. - - !ruby/object:Api::Type::String - name: 'alloydbClusterId' + - name: 'alloydbClusterId' + type: String description: | If the connected database is an AlloyDB instance, use this field to provide the AlloyDB cluster ID. - - !ruby/object:Api::Type::Enum - name: 'networkArchitecture' - output: true + - name: 'networkArchitecture' + type: Enum description: | Output only. If the source is a Cloud SQL database, this field indicates the network architecture it's associated with. - values: - - :NETWORK_ARCHITECTURE_OLD_CSQL_PRODUCER - - :NETWORK_ARCHITECTURE_NEW_CSQL_PRODUCER - - !ruby/object:Api::Type::NestedObject - name: 'oracle' + output: true + enum_values: + - 'NETWORK_ARCHITECTURE_OLD_CSQL_PRODUCER' + - 'NETWORK_ARCHITECTURE_NEW_CSQL_PRODUCER' + - name: 'oracle' + type: NestedObject description: | Specifies connection parameters required specifically for Oracle databases. exactly_one_of: - - mysql - - postgresql - - oracle - - cloudsql - - alloydb + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' properties: - - !ruby/object:Api::Type::String - name: 'host' - required: true + - name: 'host' + type: String description: | Required. The IP or hostname of the source Oracle database. - - !ruby/object:Api::Type::Integer - name: 'port' required: true + - name: 'port' + type: Integer description: | Required. The network port of the source Oracle database. - - !ruby/object:Api::Type::String - name: 'username' required: true + - name: 'username' + type: String description: | Required. The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. - - !ruby/object:Api::Type::String - name: 'password' required: true - immutable: true + - name: 'password' + type: String description: | Required. Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service. + required: true + immutable: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_password.go.erb - - !ruby/object:Api::Type::Boolean - name: 'passwordSet' - output: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_password.go.tmpl' + - name: 'passwordSet' + type: Boolean description: | Output only. Indicates If this connection profile password is stored. - - !ruby/object:Api::Type::String - name: 'databaseService' - required: true + output: true + - name: 'databaseService' + type: String description: | Required. Database service for the Oracle connection. - - !ruby/object:Api::Type::NestedObject - name: 'ssl' + required: true + - name: 'ssl' + type: NestedObject description: | SSL configuration for the destination to connect to the source database. properties: - - !ruby/object:Api::Type::Enum - name: 'type' - output: true + - name: 'type' + type: Enum description: | The current connection profile state. - values: - - :SERVER_ONLY - - :SERVER_CLIENT - - !ruby/object:Api::Type::String - name: 'clientKey' - immutable: true - required_with: - - client_certificate + output: true + enum_values: + - 'SERVER_ONLY' + - 'SERVER_CLIENT' + - name: 'clientKey' + type: String description: | Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'clientCertificate' field is mandatory. - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_client_key.go.erb - - !ruby/object:Api::Type::String - name: 'clientCertificate' immutable: true + sensitive: true required_with: - - client_key + - 'client_certificate' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_client_key.go.tmpl' + - name: 'clientCertificate' + type: String description: | Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'clientKey' field is mandatory - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_client_certificate.go.erb - - !ruby/object:Api::Type::String - name: 'caCertificate' immutable: true - required: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.erb + required_with: + - 'client_key' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_client_certificate.go.tmpl' + - name: 'caCertificate' + type: String description: | Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host. - - !ruby/object:Api::Type::NestedObject - name: 'staticServiceIpConnectivity' - send_empty_value: true - allow_empty_object: true + required: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.tmpl' + - name: 'staticServiceIpConnectivity' + type: NestedObject description: | This object has no nested fields. Static IP address connectivity configured on service project. - properties: [] + send_empty_value: true + allow_empty_object: true exactly_one_of: - - static_service_ip_connectivity - - forward_ssh_connectivity - - private_connectivity - - !ruby/object:Api::Type::NestedObject - name: 'forwardSshConnectivity' + - 'static_service_ip_connectivity' + - 'forward_ssh_connectivity' + - 'private_connectivity' + properties: + [] + - name: 'forwardSshConnectivity' + type: NestedObject description: | SSL configuration for the destination to connect to the source database. exactly_one_of: - - static_service_ip_connectivity - - forward_ssh_connectivity - - private_connectivity + - 'static_service_ip_connectivity' + - 'forward_ssh_connectivity' + - 'private_connectivity' properties: - - !ruby/object:Api::Type::String - name: 'hostname' - required: true + - name: 'hostname' + type: String description: | Required. Hostname for the SSH tunnel. - - !ruby/object:Api::Type::String - name: 'username' required: true + - name: 'username' + type: String description: | Required. Username for the SSH tunnel. - - !ruby/object:Api::Type::Integer - name: 'port' required: true + - name: 'port' + type: Integer description: | Port for the SSH tunnel, default value is 22. - - !ruby/object:Api::Type::String - name: 'password' - immutable: true - sensitive: true + required: true + - name: 'password' + type: String description: | Input only. SSH password. Only one of `password` and `private_key` can be configured. - exactly_one_of: - - forward_ssh_connectivity.0.password - - forward_ssh_connectivity.0.private_key - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_forward_ssh_password.go.erb - - !ruby/object:Api::Type::String - name: 'privateKey' immutable: true sensitive: true + exactly_one_of: + - 'forward_ssh_connectivity.0.password' + - 'forward_ssh_connectivity.0.private_key' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_forward_ssh_password.go.tmpl' + - name: 'privateKey' + type: String description: | Input only. SSH private key. Only one of `password` and `private_key` can be configured. + immutable: true + sensitive: true exactly_one_of: - - oracle.0.forward_ssh_connectivity.0.password - - oracle.0.forward_ssh_connectivity.0.private_key - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_forward_ssh_private_key.go.erb - - !ruby/object:Api::Type::NestedObject - name: 'privateConnectivity' + - 'oracle.0.forward_ssh_connectivity.0.password' + - 'oracle.0.forward_ssh_connectivity.0.private_key' + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_forward_ssh_private_key.go.tmpl' + - name: 'privateConnectivity' + type: NestedObject description: | Configuration for using a private network to communicate with the source database exactly_one_of: - - oracle.0.static_service_ip_connectivity - - oracle.0.forward_ssh_connectivity - - oracle.0.private_connectivity + - 'oracle.0.static_service_ip_connectivity' + - 'oracle.0.forward_ssh_connectivity' + - 'oracle.0.private_connectivity' properties: - - !ruby/object:Api::Type::String - name: 'privateConnection' - required: true + - name: 'privateConnection' + type: String description: | Required. The resource name (URI) of the private connection. - - !ruby/object:Api::Type::NestedObject - name: 'cloudsql' + required: true + - name: 'cloudsql' + type: NestedObject description: | Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance. exactly_one_of: - - mysql - - postgresql - - oracle - - cloudsql - - alloydb + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' properties: - - !ruby/object:Api::Type::String - name: 'cloudSqlId' - output: true + - name: 'cloudSqlId' + type: String description: | Output only. The Cloud SQL instance ID that this connection profile is associated with. - - !ruby/object:Api::Type::NestedObject - name: 'settings' - immutable: true + output: true + - name: 'settings' + type: NestedObject description: | Immutable. Metadata used to create the destination Cloud SQL database. + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'databaseVersion' + - name: 'databaseVersion' + type: String description: | The database engine type and version. Currently supported values located at https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles#sqldatabaseversion - - !ruby/object:Api::Type::KeyValuePairs - name: 'userLabels' + - name: 'userLabels' + type: KeyValuePairs description: | The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. - - !ruby/object:Api::Type::String - name: 'tier' + - name: 'tier' + type: String description: | The tier (or machine type) for this instance, for example: db-n1-standard-1 (MySQL instances) or db-custom-1-3840 (PostgreSQL instances). For more information, see https://cloud.google.com/sql/docs/mysql/instance-settings - - !ruby/object:Api::Type::String - name: 'storageAutoResizeLimit' + - name: 'storageAutoResizeLimit' + type: String description: | The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit. - - !ruby/object:Api::Type::Enum - name: 'activationPolicy' + - name: 'activationPolicy' + type: Enum description: | The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. - values: - - :ALWAYS - - :NEVER - - !ruby/object:Api::Type::NestedObject - name: 'ipConfig' + enum_values: + - 'ALWAYS' + - 'NEVER' + - name: 'ipConfig' + type: NestedObject description: | The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableIpv4' + - name: 'enableIpv4' + type: Boolean description: | Whether the instance should be assigned an IPv4 address or not. - - !ruby/object:Api::Type::String - name: 'privateNetwork' + - name: 'privateNetwork' + type: String description: | The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. This setting can be updated, but it cannot be removed after it is set. - - !ruby/object:Api::Type::Boolean - name: 'requireSsl' + - name: 'requireSsl' + type: Boolean description: | Whether SSL connections over IP should be enforced or not. - - !ruby/object:Api::Type::Array - name: 'authorizedNetworks' + - name: 'authorizedNetworks' + type: Array description: | The list of external networks that are allowed to connect to the instance using the IP. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The allowlisted value for the access control list. required: true - - !ruby/object:Api::Type::String - name: 'label' + - name: 'label' + type: String description: | A label to identify this entry. - - !ruby/object:Api::Type::Time - name: 'expireTime' - exactly_one_of: - - expire_time - - ttl + - name: 'expireTime' + type: Time description: | The time when this access control entry expires in RFC 3339 format. - - !ruby/object:Api::Type::Time - name: 'ttl' - immutable: true + exactly_one_of: + - 'expire_time' + - 'ttl' + - name: 'ttl' + type: Time description: | Input only. The time-to-leave of this access control entry. - - !ruby/object:Api::Type::Boolean - name: 'autoStorageIncrease' + immutable: true + - name: 'autoStorageIncrease' + type: Boolean description: | If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB. - - !ruby/object:Api::Type::KeyValuePairs - name: 'databaseFlags' + - name: 'databaseFlags' + type: KeyValuePairs description: | The database flags passed to the Cloud SQL instance at startup. - - !ruby/object:Api::Type::Enum - name: 'dataDiskType' + - name: 'dataDiskType' + type: Enum description: | The type of storage. - values: - - :PD_SSD - - :PD_HDD - - !ruby/object:Api::Type::String - name: 'dataDiskSizeGb' + enum_values: + - 'PD_SSD' + - 'PD_HDD' + - name: 'dataDiskSizeGb' + type: String description: | The storage capacity available to the database, in GB. The minimum (and default) size is 10GB. - - !ruby/object:Api::Type::String - name: 'zone' + - name: 'zone' + type: String description: | The Google Cloud Platform zone where your Cloud SQL datdabse instance is located. - - !ruby/object:Api::Type::String - name: 'sourceId' - required: true + - name: 'sourceId' + type: String description: | The Database Migration Service source connection profile ID, in the format: projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID - - !ruby/object:Api::Type::String - name: 'rootPassword' - immutable: true - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_cloudsql_settings_root_password.go.erb + required: true + - name: 'rootPassword' + type: String description: | Input only. Initial root password. - - !ruby/object:Api::Type::Boolean - name: 'rootPasswordSet' - output: true + immutable: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_cloudsql_settings_root_password.go.tmpl' + - name: 'rootPasswordSet' + type: Boolean description: | Output only. Indicates If this connection profile root password is stored. - - !ruby/object:Api::Type::String - name: 'collation' + output: true + - name: 'collation' + type: String description: | The Cloud SQL default instance level collation. - - !ruby/object:Api::Type::String - name: 'cmekKeyName' + - name: 'cmekKeyName' + type: String description: | The KMS key name used for the csql instance. - - !ruby/object:Api::Type::Enum - name: 'edition' + - name: 'edition' + type: Enum description: | The edition of the given Cloud SQL instance. - values: - - :ENTERPRISE - - :ENTERPRISE_PLUS - - !ruby/object:Api::Type::String - name: 'privateIp' - output: true + enum_values: + - 'ENTERPRISE' + - 'ENTERPRISE_PLUS' + - name: 'privateIp' + type: String description: | Output only. The Cloud SQL database instance's private IP. - - !ruby/object:Api::Type::String - name: 'publicIp' output: true + - name: 'publicIp' + type: String description: | Output only. The Cloud SQL database instance's public IP. - - !ruby/object:Api::Type::NestedObject - name: 'alloydb' + output: true + - name: 'alloydb' + type: NestedObject description: | Specifies required connection parameters, and the parameters required to create an AlloyDB destination cluster. exactly_one_of: - - mysql - - postgresql - - oracle - - cloudsql - - alloydb + - 'mysql' + - 'postgresql' + - 'oracle' + - 'cloudsql' + - 'alloydb' properties: - - !ruby/object:Api::Type::String - name: 'clusterId' - required: true + - name: 'clusterId' + type: String description: | Required. The AlloyDB cluster ID that this connection profile is associated with. - - !ruby/object:Api::Type::NestedObject - name: 'settings' - immutable: true + required: true + - name: 'settings' + type: NestedObject description: | Immutable. Metadata used to create the destination AlloyDB cluster. + immutable: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'initialUser' - required: true - immutable: true + - name: 'initialUser' + type: NestedObject description: | Required. Input only. Initial user to setup during cluster creation. + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'user' - required: true + - name: 'user' + type: String description: | The database username. - - !ruby/object:Api::Type::String - name: 'password' required: true - sensitive: true - custom_flatten: templates/terraform/custom_flatten/database_migration_service_connection_profile_alloydb_settings_initial_user_password.go.erb + - name: 'password' + type: String description: | The initial password for the user. - - !ruby/object:Api::Type::Boolean - name: 'passwordSet' - output: true + required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_alloydb_settings_initial_user_password.go.tmpl' + - name: 'passwordSet' + type: Boolean description: | Output only. Indicates if the initialUser.password field has been set. - - !ruby/object:Api::Type::String - name: 'vpcNetwork' - required: true + output: true + - name: 'vpcNetwork' + type: String description: | Required. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: 'projects/{project_number}/global/networks/{network_id}'. This is required to create a cluster. - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + required: true + - name: 'labels' + type: KeyValuePairs description: | Labels for the AlloyDB cluster created by DMS. - - !ruby/object:Api::Type::NestedObject - name: 'primaryInstanceSettings' + - name: 'primaryInstanceSettings' + type: NestedObject description: | Settings for the cluster's primary instance properties: - - !ruby/object:Api::Type::String - name: 'id' - required: true + - name: 'id' + type: String description: | The database username. - - !ruby/object:Api::Type::NestedObject - name: 'machineConfig' required: true - immutable: true + - name: 'machineConfig' + type: NestedObject description: | Configuration for the machines that host the underlying database engine. + required: true + immutable: true properties: - - !ruby/object:Api::Type::Integer - name: 'cpuCount' - required: true + - name: 'cpuCount' + type: Integer description: | The number of CPU's in the VM instance. - - !ruby/object:Api::Type::KeyValuePairs - name: 'databaseFlags' + required: true + - name: 'databaseFlags' + type: KeyValuePairs description: | Database flags to pass to AlloyDB when DMS is creating the AlloyDB cluster and instances. See the AlloyDB documentation for how these can be used. - - !ruby/object:Api::Type::KeyValuePairs - name: 'labels' + - name: 'labels' + type: KeyValuePairs description: | Labels for the AlloyDB primary instance created by DMS. - - !ruby/object:Api::Type::String - name: 'privateIp' - output: true + - name: 'privateIp' + type: String description: | Output only. The private IP address for the Instance. This is the connection endpoint for an end-user application. + output: true diff --git a/mmv1/products/databasemigrationservice/MigrationJob.yaml b/mmv1/products/databasemigrationservice/MigrationJob.yaml new file mode 100644 index 000000000000..2dfadf6bd093 --- /dev/null +++ b/mmv1/products/databasemigrationservice/MigrationJob.yaml @@ -0,0 +1,286 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'MigrationJob' +description: 'A migration job definition.' +references: + guides: + 'Database Migration': 'https://cloud.google.com/database-migration/docs/' + api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.migrationJobs/create' +docs: +base_url: 'projects/{{project}}/locations/{{location}}/migrationJobs' +self_link: 'projects/{{project}}/locations/{{location}}/migrationJobs/{{migration_job_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/migrationJobs?migrationJobId={{migration_job_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/migrationJobs/{{migration_job_id}}' +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 + result: + path: 'response' + resource_inside_response: false + error: + path: 'error' + message: 'message' +custom_code: +examples: + - name: 'database_migration_service_migration_job_mysql_to_mysql' + primary_resource_id: 'mysqltomysql' + vars: + migration_id: 'my-migrationid' + source_csql: 'source-csql' + source_sqldb_cert: 'cert' + source_sqldb_user: 'username' + source_sqldb_pass: 'password' + source_cp: 'source-cp' + destination_csql: 'destination-csql' + destination_cp: 'destination-cp' + - name: 'database_migration_service_migration_job_postgres_to_postgres' + primary_resource_id: 'psqltopsql' + vars: + migration_id: 'my-migrationid' + source_csql: 'source-csql' + source_sqldb_cert: 'cert' + source_sqldb_user: 'username' + source_sqldb_pass: 'password' + source_cp: 'source-cp' + destination_csql: 'destination-csql' + destination_cp: 'destination-cp' + - name: 'database_migration_service_migration_job_postgres_to_alloydb' + primary_resource_id: 'psqltoalloydb' + vars: + migration_id: 'my-migrationid' + source_csql: 'source-csql' + source_sqldb_cert: 'cert' + source_sqldb_user: 'username' + source_sqldb_pass: 'password' + source_cp: 'source-cp' + destination_alloydb: 'destination-alloydb' + destination_cp: 'destination-cp' +parameters: + - name: 'migrationJobId' + type: String + description: | + The ID of the migration job. + url_param_only: true + required: true + immutable: true + - name: 'location' + type: String + description: | + The location where the migration job should reside. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The name of this migration job resource in the form of projects/{project}/locations/{location}/migrationJobs/{migrationJob}. + output: true + - name: 'displayName' + type: String + description: | + The migration job display name. + - name: 'createTime' + type: Time + description: | + Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + The resource labels for migration job to use to annotate any related underlying resources such as Compute Engine VMs. + - name: 'state' + type: Enum + description: | + The current migration job state. + output: true + enum_values: + - 'DRAFT' + - 'NOT_STARTED' + - 'RUNNING' + - 'COMPLETED' + - 'STOPPED' + - 'FAILED' + - name: 'phase' + type: Enum + description: | + The current migration job phase. + output: true + enum_values: + - 'FULL_DUMP' + - 'CDC' + - 'PROMOTE_IN_PROGRESS' + - 'WAITING_FOR_SOURCE_WRITES_TO_STOP' + - 'PREPARING_THE_DUMP' + - 'READY_FOR_PROMOTE' + - name: 'error' + type: NestedObject + description: | + Output only. The error details in case of state FAILED. + output: true + properties: + - name: 'code' + type: Integer + description: | + The status code, which should be an enum value of google.rpc.Code. + output: true + - name: 'message' + type: String + description: | + Human readable message indicating details about the current status. + output: true + - name: 'details' + type: Array + description: | + A list of messages that carry the error details. + output: true + item_type: + type: KeyValuePairs + - name: 'type' + type: Enum + description: | + The type of the migration job. + required: true + immutable: true + enum_values: + - 'ONE_TIME' + - 'CONTINUOUS' + - name: 'source' + type: String + description: | + The name of the source connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{sourceConnectionProfile}. + required: true + immutable: true + - name: 'destination' + type: String + description: | + The name of the destination connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{destinationConnectionProfile}. + required: true + immutable: true + - name: 'dumpFlags' + type: NestedObject + description: | + The initial dump flags. + properties: + - name: 'dumpFlags' + type: Array + description: | + A list of dump flags + item_type: + type: NestedObject + properties: + - name: 'name' + type: String + description: | + The name of the flag + - name: 'value' + type: String + description: | + The vale of the flag + - name: 'performanceConfig' + type: NestedObject + description: | + Data dump parallelism settings used by the migration. + properties: + - name: 'dumpParallelLevel' + type: Enum + description: | + Initial dump parallelism level. + enum_values: + - 'MIN' + - 'OPTIMAL' + - 'MAX' + - name: 'dumpPath' + type: String + description: | + The path to the dump file in Google Cloud Storage, + in the format: (gs://[BUCKET_NAME]/[OBJECT_NAME]). + This field and the "dump_flags" field are mutually exclusive. + - name: 'dumpType' + type: Enum + description: | + The type of the data dump. Supported for MySQL to CloudSQL for MySQL + migrations only. + enum_values: + - 'LOGICAL' + - 'PHYSICAL' + - name: 'staticIpConnectivity' + type: NestedObject + description: | + If set to an empty object (`{}`), the source database will allow incoming + connections from the public IP of the destination database. + You can retrieve the public IP of the Cloud SQL instance from the + Cloud SQL console or using Cloud SQL APIs. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'reverseSshConnectivity' + - 'vpcPeeringConnectivity' + properties: + [] + - name: 'reverseSshConnectivity' + type: NestedObject + description: | + The details of the VPC network that the source database is located in. + exactly_one_of: + - 'staticIpConnectivity' + - 'vpcPeeringConnectivity' + properties: + - name: 'vmIp' + type: String + description: | + The IP of the virtual machine (Compute Engine) used as the bastion server + for the SSH tunnel. + - name: 'vmPort' + type: Integer + description: | + The forwarding port of the virtual machine (Compute Engine) used as the + bastion server for the SSH tunnel. + - name: 'vm' + type: String + description: | + The name of the virtual machine (Compute Engine) used as the bastion server + for the SSH tunnel. + - name: 'vpc' + type: String + description: | + The name of the VPC to peer with the Cloud SQL private network. + - name: 'vpcPeeringConnectivity' + type: NestedObject + description: | + The details of the VPC network that the source database is located in. + exactly_one_of: + - 'staticIpConnectivity' + - 'reverseSshConnectivity' + properties: + - name: 'vpc' + type: String + description: | + The name of the VPC network to peer with the Cloud SQL private network. diff --git a/mmv1/products/databasemigrationservice/PrivateConnection.yaml b/mmv1/products/databasemigrationservice/PrivateConnection.yaml index b5ec79581603..d8238cfe51fe 100644 --- a/mmv1/products/databasemigrationservice/PrivateConnection.yaml +++ b/mmv1/products/databasemigrationservice/PrivateConnection.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,100 +11,104 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'PrivateConnection' -base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' -create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}' -self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + The PrivateConnection resource is used to establish private connectivity between Database Migration Service and a customer's network. +references: guides: 'Official Documentation': 'https://cloud.google.com/database-migration/docs/oracle-to-postgresql/create-private-connectivity-configuration' api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.privateConnections' -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' - base_url: '{{op_id}}' - wait_ms: 1000 -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' +self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +timeouts: insert_minutes: 60 + update_minutes: 20 delete_minutes: 60 autogen_async: true -description: | - The PrivateConnection resource is used to establish private connectivity between Database Migration Service and a customer's network. -immutable: true -id_format: projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}} -import_format: - [ - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}', - ] +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + resource_inside_response: false +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'database_migration_service_private_connection' + - name: 'database_migration_service_private_connection' primary_resource_id: 'default' vars: private_connection_id: 'my-connection' network_name: 'my-network' parameters: - - !ruby/object:Api::Type::String - name: privateConnectionId + - name: 'privateConnectionId' + type: String description: | The private connectivity identifier. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The name of the location this private connection is located in. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: The resource's name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: Labels. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: Display name. default_from_api: true - - !ruby/object:Api::Type::String - name: 'state' + - name: 'state' + type: String description: | State of the PrivateConnection. output: true - - !ruby/object:Api::Type::NestedObject - name: 'error' - output: true + - name: 'error' + type: NestedObject description: | The PrivateConnection error in case of failure. + output: true properties: - - !ruby/object:Api::Type::String - name: 'message' + - name: 'message' + type: String description: | A message containing more information about the error that occurred. - - !ruby/object:Api::Type::KeyValuePairs - name: 'details' + - name: 'details' + type: KeyValuePairs description: | A list of messages that carry the error details. - - !ruby/object:Api::Type::NestedObject - name: 'vpcPeeringConfig' - required: true + - name: 'vpcPeeringConfig' + type: NestedObject description: | The VPC Peering configuration is used to create VPC peering between databasemigrationservice and the consumer's VPC. + required: true properties: - - !ruby/object:Api::Type::String - name: 'vpcName' - required: true + - name: 'vpcName' + type: String description: | Fully qualified name of the VPC that Database Migration Service will peer to. Format: projects/{project}/global/{networks}/{name} - - !ruby/object:Api::Type::String - name: 'subnet' required: true + - name: 'subnet' + type: String description: | A free subnet for peering. (CIDR of /29) + required: true diff --git a/mmv1/products/databasemigrationservice/go_ConnectionProfile.yaml b/mmv1/products/databasemigrationservice/go_ConnectionProfile.yaml deleted file mode 100644 index 8e8d67cc9efc..000000000000 --- a/mmv1/products/databasemigrationservice/go_ConnectionProfile.yaml +++ /dev/null @@ -1,793 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ConnectionProfile' -description: 'A connection profile definition.' -references: - guides: - 'Database Migration': 'https://cloud.google.com/database-migration/docs/' - api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles/create' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' -self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'database_migration_service_connection_profile_cloudsql' - primary_resource_id: 'cloudsqlprofile' - vars: - sqldb: 'my-database' - sqldb_cert: 'my-cert' - sqldb_user: 'my-username' - sqldb_pass: 'my-password' - from_profile: 'my-fromprofileid' - to_profile: 'my-toprofileid' - ignore_read_extra: - - 'mysql.0.password' - - 'mysql.0.ssl.0.ca_certificate' - - 'mysql.0.ssl.0.client_certificate' - - 'mysql.0.ssl.0.client_key' - - name: 'database_migration_service_connection_profile_postgres' - primary_resource_id: 'postgresprofile' - vars: - sqldb: 'my-database' - sqldb_cert: 'my-cert' - sqldb_user: 'my-username' - sqldb_pass: 'my-password' - profile: 'my-profileid' - ignore_read_extra: - - 'postgresql.0.password' - - 'postgresql.0.ssl.0.ca_certificate' - - 'postgresql.0.ssl.0.client_certificate' - - 'postgresql.0.ssl.0.client_key' - - name: 'database_migration_service_connection_profile_oracle' - primary_resource_id: 'oracleprofile' - vars: - profile: 'my-profileid' - ignore_read_extra: - - 'oracle.0.password' - skip_test: true - - name: 'database_migration_service_connection_profile_alloydb' - primary_resource_id: 'alloydbprofile' - vars: - profile: 'my-profileid' - global_address_name: 'private-ip-alloc' - network_name: 'vpc-network' - ignore_read_extra: - - 'alloydb.0.settings.0.initial_user.0.password' - skip_test: true - - name: 'database_migration_service_connection_profile_existing_mysql' - primary_resource_id: 'existing-mysql' - vars: - destination_csql: 'destination-csql' - destination_cp: 'destination-cp' - - name: 'database_migration_service_connection_profile_existing_postgres' - primary_resource_id: 'existing-psql' - vars: - destination_csql: 'destination-csql' - destination_cp: 'destination-cp' - - name: 'database_migration_service_connection_profile_existing_alloydb' - primary_resource_id: 'existing-alloydb' - vars: - destination_alloydb: 'destination-alloydb' - destination_cp: 'destination-cp' -parameters: - - name: 'connectionProfileId' - type: String - description: | - The ID of the connection profile. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The location where the connection profile should reside. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The name of this connection profile resource in the form of projects/{project}/locations/{location}/connectionProfiles/{connectionProfile}. - output: true - - name: 'displayName' - type: String - description: | - The connection profile display name. - - name: 'createTime' - type: Time - description: | - Output only. The timestamp when the resource was created. A timestamp in RFC3339 UTC 'Zulu' format, accurate to nanoseconds. Example: '2014-10-02T15:01:23.045123456Z'. - output: true - - name: 'labels' - type: KeyValueLabels - description: | - The resource labels for connection profile to use to annotate any related underlying resources such as Compute Engine VMs. - - name: 'state' - type: Enum - description: | - The current connection profile state. - output: true - enum_values: - - 'DRAFT' - - 'READY' - - 'FAILED' - - name: 'error' - type: NestedObject - description: | - Output only. The error details in case of state FAILED. - output: true - properties: - - name: 'code' - type: Integer - description: | - The status code, which should be an enum value of google.rpc.Code. - output: true - - name: 'message' - type: String - description: | - Human readable message indicating details about the current status. - output: true - - name: 'details' - type: Array - description: | - A list of messages that carry the error details. - output: true - item_type: - type: KeyValuePairs - - name: 'dbprovider' - type: Enum - description: | - The database provider. - api_name: provider - output: true - enum_values: - - 'CLOUDSQL' - - 'RDS' - - 'AURORA' - - 'ALLOYDB' - - name: 'mysql' - type: NestedObject - description: | - Specifies connection parameters required specifically for MySQL databases. - exactly_one_of: - - 'mysql' - - 'postgresql' - - 'oracle' - - 'cloudsql' - - 'alloydb' - properties: - - name: 'host' - type: String - description: | - The IP or hostname of the source MySQL database. - required_with: - - 'mysql.0.port' - - 'mysql.0.username' - - name: 'port' - type: Integer - description: | - The network port of the source MySQL database. - required_with: - - 'mysql.0.host' - - 'mysql.0.username' - - name: 'username' - type: String - description: | - The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. - required_with: - - 'mysql.0.host' - - 'mysql.0.port' - - name: 'password' - type: String - description: | - Input only. The password for the user that Database Migration Service will be using to connect to the database. - This field is not returned on request, and the value is encrypted when stored in Database Migration Service. - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_password.go.tmpl' - - name: 'passwordSet' - type: Boolean - description: | - Output only. Indicates If this connection profile password is stored. - output: true - - name: 'ssl' - type: NestedObject - description: | - SSL configuration for the destination to connect to the source database. - properties: - - name: 'type' - type: Enum - description: | - The current connection profile state. - output: true - enum_values: - - 'SERVER_ONLY' - - 'SERVER_CLIENT' - - name: 'clientKey' - type: String - description: | - Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. - If this field is used then the 'clientCertificate' field is mandatory. - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_ssl_client_key.go.tmpl' - - name: 'clientCertificate' - type: String - description: | - Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. - If this field is used then the 'clientKey' field is mandatory - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_ssl_client_certificate.go.tmpl' - - name: 'caCertificate' - type: String - description: | - Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. - The replica will use this certificate to verify it's connecting to the right host. - required: true - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_mysql_ssl_ca_certificate.go.tmpl' - - name: 'cloudSqlId' - type: String - description: | - If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. - - name: 'postgresql' - type: NestedObject - description: | - Specifies connection parameters required specifically for PostgreSQL databases. - exactly_one_of: - - 'mysql' - - 'postgresql' - - 'oracle' - - 'cloudsql' - - 'alloydb' - properties: - - name: 'host' - type: String - description: | - The IP or hostname of the source MySQL database. - required_with: - - 'postgresql.0.port' - - 'postgresql.0.username' - - 'postgresql.0.password' - - name: 'port' - type: Integer - description: | - The network port of the source MySQL database. - required_with: - - 'postgresql.0.host' - - 'postgresql.0.username' - - 'postgresql.0.password' - - name: 'username' - type: String - description: | - The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. - required_with: - - 'postgresql.0.host' - - 'postgresql.0.port' - - 'postgresql.0.password' - - name: 'password' - type: String - description: | - Input only. The password for the user that Database Migration Service will be using to connect to the database. - This field is not returned on request, and the value is encrypted when stored in Database Migration Service. - immutable: true - sensitive: true - required_with: - - 'postgresql.0.host' - - 'postgresql.0.port' - - 'postgresql.0.username' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_password.go.tmpl' - - name: 'passwordSet' - type: Boolean - description: | - Output only. Indicates If this connection profile password is stored. - output: true - - name: 'ssl' - type: NestedObject - description: | - SSL configuration for the destination to connect to the source database. - properties: - - name: 'type' - type: Enum - description: | - The current connection profile state. - output: true - enum_values: - - 'SERVER_ONLY' - - 'SERVER_CLIENT' - - name: 'clientKey' - type: String - description: | - Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. - If this field is used then the 'clientCertificate' field is mandatory. - immutable: true - sensitive: true - required_with: - - 'client_certificate' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_ssl_client_key.go.tmpl' - - name: 'clientCertificate' - type: String - description: | - Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. - If this field is used then the 'clientKey' field is mandatory - immutable: true - sensitive: true - required_with: - - 'client_key' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_ssl_client_certificate.go.tmpl' - - name: 'caCertificate' - type: String - description: | - Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. - The replica will use this certificate to verify it's connecting to the right host. - required: true - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_postgresql_ssl_ca_certificate.go.tmpl' - - name: 'cloudSqlId' - type: String - description: | - If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source. - - name: 'alloydbClusterId' - type: String - description: | - If the connected database is an AlloyDB instance, use this field to provide the AlloyDB cluster ID. - - name: 'networkArchitecture' - type: Enum - description: | - Output only. If the source is a Cloud SQL database, this field indicates the network architecture it's associated with. - output: true - enum_values: - - 'NETWORK_ARCHITECTURE_OLD_CSQL_PRODUCER' - - 'NETWORK_ARCHITECTURE_NEW_CSQL_PRODUCER' - - name: 'oracle' - type: NestedObject - description: | - Specifies connection parameters required specifically for Oracle databases. - exactly_one_of: - - 'mysql' - - 'postgresql' - - 'oracle' - - 'cloudsql' - - 'alloydb' - properties: - - name: 'host' - type: String - description: | - Required. The IP or hostname of the source Oracle database. - required: true - - name: 'port' - type: Integer - description: | - Required. The network port of the source Oracle database. - required: true - - name: 'username' - type: String - description: | - Required. The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service. - required: true - - name: 'password' - type: String - description: | - Required. Input only. The password for the user that Database Migration Service will be using to connect to the database. - This field is not returned on request, and the value is encrypted when stored in Database Migration Service. - required: true - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_password.go.tmpl' - - name: 'passwordSet' - type: Boolean - description: | - Output only. Indicates If this connection profile password is stored. - output: true - - name: 'databaseService' - type: String - description: | - Required. Database service for the Oracle connection. - required: true - - name: 'ssl' - type: NestedObject - description: | - SSL configuration for the destination to connect to the source database. - properties: - - name: 'type' - type: Enum - description: | - The current connection profile state. - output: true - enum_values: - - 'SERVER_ONLY' - - 'SERVER_CLIENT' - - name: 'clientKey' - type: String - description: | - Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. - If this field is used then the 'clientCertificate' field is mandatory. - immutable: true - sensitive: true - required_with: - - 'client_certificate' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_ssl_client_key.go.tmpl' - - name: 'clientCertificate' - type: String - description: | - Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server. - If this field is used then the 'clientKey' field is mandatory - immutable: true - sensitive: true - required_with: - - 'client_key' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_ssl_client_certificate.go.tmpl' - - name: 'caCertificate' - type: String - description: | - Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. - The replica will use this certificate to verify it's connecting to the right host. - required: true - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.tmpl' - - name: 'staticServiceIpConnectivity' - type: NestedObject - description: | - This object has no nested fields. - - Static IP address connectivity configured on service project. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'static_service_ip_connectivity' - - 'forward_ssh_connectivity' - - 'private_connectivity' - properties: - [] - - name: 'forwardSshConnectivity' - type: NestedObject - description: | - SSL configuration for the destination to connect to the source database. - exactly_one_of: - - 'static_service_ip_connectivity' - - 'forward_ssh_connectivity' - - 'private_connectivity' - properties: - - name: 'hostname' - type: String - description: | - Required. Hostname for the SSH tunnel. - required: true - - name: 'username' - type: String - description: | - Required. Username for the SSH tunnel. - required: true - - name: 'port' - type: Integer - description: | - Port for the SSH tunnel, default value is 22. - required: true - - name: 'password' - type: String - description: | - Input only. SSH password. Only one of `password` and `private_key` can be configured. - immutable: true - sensitive: true - exactly_one_of: - - 'forward_ssh_connectivity.0.password' - - 'forward_ssh_connectivity.0.private_key' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_forward_ssh_password.go.tmpl' - - name: 'privateKey' - type: String - description: | - Input only. SSH private key. Only one of `password` and `private_key` can be configured. - immutable: true - sensitive: true - exactly_one_of: - - 'oracle.0.forward_ssh_connectivity.0.password' - - 'oracle.0.forward_ssh_connectivity.0.private_key' - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_oracle_forward_ssh_private_key.go.tmpl' - - name: 'privateConnectivity' - type: NestedObject - description: | - Configuration for using a private network to communicate with the source database - exactly_one_of: - - 'oracle.0.static_service_ip_connectivity' - - 'oracle.0.forward_ssh_connectivity' - - 'oracle.0.private_connectivity' - properties: - - name: 'privateConnection' - type: String - description: | - Required. The resource name (URI) of the private connection. - required: true - - name: 'cloudsql' - type: NestedObject - description: | - Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance. - exactly_one_of: - - 'mysql' - - 'postgresql' - - 'oracle' - - 'cloudsql' - - 'alloydb' - properties: - - name: 'cloudSqlId' - type: String - description: | - Output only. The Cloud SQL instance ID that this connection profile is associated with. - output: true - - name: 'settings' - type: NestedObject - description: | - Immutable. Metadata used to create the destination Cloud SQL database. - immutable: true - properties: - - name: 'databaseVersion' - type: String - description: | - The database engine type and version. - Currently supported values located at https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.connectionProfiles#sqldatabaseversion - - name: 'userLabels' - type: KeyValuePairs - description: | - The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. - - name: 'tier' - type: String - description: | - The tier (or machine type) for this instance, for example: db-n1-standard-1 (MySQL instances) or db-custom-1-3840 (PostgreSQL instances). - For more information, see https://cloud.google.com/sql/docs/mysql/instance-settings - - name: 'storageAutoResizeLimit' - type: String - description: | - The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit. - - name: 'activationPolicy' - type: Enum - description: | - The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. - enum_values: - - 'ALWAYS' - - 'NEVER' - - name: 'ipConfig' - type: NestedObject - description: | - The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled. - properties: - - name: 'enableIpv4' - type: Boolean - description: | - Whether the instance should be assigned an IPv4 address or not. - - name: 'privateNetwork' - type: String - description: | - The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. - This setting can be updated, but it cannot be removed after it is set. - - name: 'requireSsl' - type: Boolean - description: | - Whether SSL connections over IP should be enforced or not. - - name: 'authorizedNetworks' - type: Array - description: | - The list of external networks that are allowed to connect to the instance using the IP. - item_type: - type: NestedObject - properties: - - name: 'value' - type: String - description: | - The allowlisted value for the access control list. - required: true - - name: 'label' - type: String - description: | - A label to identify this entry. - - name: 'expireTime' - type: Time - description: | - The time when this access control entry expires in RFC 3339 format. - exactly_one_of: - - 'expire_time' - - 'ttl' - - name: 'ttl' - type: Time - description: | - Input only. The time-to-leave of this access control entry. - immutable: true - - name: 'autoStorageIncrease' - type: Boolean - description: | - If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. - If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB. - - name: 'databaseFlags' - type: KeyValuePairs - description: | - The database flags passed to the Cloud SQL instance at startup. - - name: 'dataDiskType' - type: Enum - description: | - The type of storage. - enum_values: - - 'PD_SSD' - - 'PD_HDD' - - name: 'dataDiskSizeGb' - type: String - description: | - The storage capacity available to the database, in GB. The minimum (and default) size is 10GB. - - name: 'zone' - type: String - description: | - The Google Cloud Platform zone where your Cloud SQL datdabse instance is located. - - name: 'sourceId' - type: String - description: | - The Database Migration Service source connection profile ID, in the format: projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID - required: true - - name: 'rootPassword' - type: String - description: | - Input only. Initial root password. - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_cloudsql_settings_root_password.go.tmpl' - - name: 'rootPasswordSet' - type: Boolean - description: | - Output only. Indicates If this connection profile root password is stored. - output: true - - name: 'collation' - type: String - description: | - The Cloud SQL default instance level collation. - - name: 'cmekKeyName' - type: String - description: | - The KMS key name used for the csql instance. - - name: 'edition' - type: Enum - description: | - The edition of the given Cloud SQL instance. - enum_values: - - 'ENTERPRISE' - - 'ENTERPRISE_PLUS' - - name: 'privateIp' - type: String - description: | - Output only. The Cloud SQL database instance's private IP. - output: true - - name: 'publicIp' - type: String - description: | - Output only. The Cloud SQL database instance's public IP. - output: true - - name: 'alloydb' - type: NestedObject - description: | - Specifies required connection parameters, and the parameters required to create an AlloyDB destination cluster. - exactly_one_of: - - 'mysql' - - 'postgresql' - - 'oracle' - - 'cloudsql' - - 'alloydb' - properties: - - name: 'clusterId' - type: String - description: | - Required. The AlloyDB cluster ID that this connection profile is associated with. - required: true - - name: 'settings' - type: NestedObject - description: | - Immutable. Metadata used to create the destination AlloyDB cluster. - immutable: true - properties: - - name: 'initialUser' - type: NestedObject - description: | - Required. Input only. Initial user to setup during cluster creation. - required: true - immutable: true - properties: - - name: 'user' - type: String - description: | - The database username. - required: true - - name: 'password' - type: String - description: | - The initial password for the user. - required: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/database_migration_service_connection_profile_alloydb_settings_initial_user_password.go.tmpl' - - name: 'passwordSet' - type: Boolean - description: | - Output only. Indicates if the initialUser.password field has been set. - output: true - - name: 'vpcNetwork' - type: String - description: | - Required. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. - It is specified in the form: 'projects/{project_number}/global/networks/{network_id}'. This is required to create a cluster. - required: true - - name: 'labels' - type: KeyValuePairs - description: | - Labels for the AlloyDB cluster created by DMS. - - name: 'primaryInstanceSettings' - type: NestedObject - description: | - Settings for the cluster's primary instance - properties: - - name: 'id' - type: String - description: | - The database username. - required: true - - name: 'machineConfig' - type: NestedObject - description: | - Configuration for the machines that host the underlying database engine. - required: true - immutable: true - properties: - - name: 'cpuCount' - type: Integer - description: | - The number of CPU's in the VM instance. - required: true - - name: 'databaseFlags' - type: KeyValuePairs - description: | - Database flags to pass to AlloyDB when DMS is creating the AlloyDB cluster and instances. See the AlloyDB documentation for how these can be used. - - name: 'labels' - type: KeyValuePairs - description: | - Labels for the AlloyDB primary instance created by DMS. - - name: 'privateIp' - type: String - description: | - Output only. The private IP address for the Instance. This is the connection endpoint for an end-user application. - output: true diff --git a/mmv1/products/databasemigrationservice/go_PrivateConnection.yaml b/mmv1/products/databasemigrationservice/go_PrivateConnection.yaml deleted file mode 100644 index b14a6ca551b6..000000000000 --- a/mmv1/products/databasemigrationservice/go_PrivateConnection.yaml +++ /dev/null @@ -1,115 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PrivateConnection' -description: | - The PrivateConnection resource is used to establish private connectivity between Database Migration Service and a customer's network. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/database-migration/docs/oracle-to-postgresql/create-private-connectivity-configuration' - api: 'https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.privateConnections' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' -self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}' -immutable: true -import_format: - - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -timeouts: - insert_minutes: 60 - update_minutes: 20 - delete_minutes: 60 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - resource_inside_response: false -custom_code: -examples: - - name: 'database_migration_service_private_connection' - primary_resource_id: 'default' - vars: - private_connection_id: 'my-connection' - network_name: 'my-network' -parameters: - - name: 'privateConnectionId' - type: String - description: | - The private connectivity identifier. - url_param_only: true - required: true - immutable: true - - name: 'location' - type: String - description: | - The name of the location this private connection is located in. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: The resource's name. - output: true - - name: 'labels' - type: KeyValueLabels - description: Labels. - - name: 'displayName' - type: String - description: Display name. - default_from_api: true - - name: 'state' - type: String - description: | - State of the PrivateConnection. - output: true - - name: 'error' - type: NestedObject - description: | - The PrivateConnection error in case of failure. - output: true - properties: - - name: 'message' - type: String - description: | - A message containing more information about the error that occurred. - - name: 'details' - type: KeyValuePairs - description: | - A list of messages that carry the error details. - - name: 'vpcPeeringConfig' - type: NestedObject - description: | - The VPC Peering configuration is used to create VPC peering - between databasemigrationservice and the consumer's VPC. - required: true - properties: - - name: 'vpcName' - type: String - description: | - Fully qualified name of the VPC that Database Migration Service will peer to. - Format: projects/{project}/global/{networks}/{name} - required: true - - name: 'subnet' - type: String - description: | - A free subnet for peering. (CIDR of /29) - required: true diff --git a/mmv1/products/databasemigrationservice/go_product.yaml b/mmv1/products/databasemigrationservice/go_product.yaml deleted file mode 100644 index b76fd0b91286..000000000000 --- a/mmv1/products/databasemigrationservice/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DatabaseMigrationService' -display_name: 'DatabaseMigrationService' -versions: - - name: 'ga' - base_url: 'https://datamigration.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/databasemigrationservice/product.yaml b/mmv1/products/databasemigrationservice/product.yaml index 0024866ca6e8..236e72cdc604 100644 --- a/mmv1/products/databasemigrationservice/product.yaml +++ b/mmv1/products/databasemigrationservice/product.yaml @@ -1,22 +1,21 @@ -# Copyright 2022 Google Inc. -# Licensed under the Apache License, Version 2.0 (the 'License'); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an 'AS IS' BASIS, +# distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: DatabaseMigrationService -display_name: DatabaseMigrationService +--- +name: 'DatabaseMigrationService' +display_name: 'DatabaseMigrationService' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://datamigration.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://datamigration.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/datacatalog/Entry.yaml b/mmv1/products/datacatalog/Entry.yaml index 0cc23ef521c3..54cbd3c4563b 100644 --- a/mmv1/products/datacatalog/Entry.yaml +++ b/mmv1/products/datacatalog/Entry.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,13 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: "Entry" -base_url: '{{entry_group}}/entries' -create_url: '{{entry_group}}/entries?entryId={{entry_id}}' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true +--- +name: 'Entry' description: | Entry Metadata. A Data Catalog Entry resource represents another resource in Google Cloud Platform (such as a BigQuery dataset or a Pub/Sub topic) or outside of Google Cloud Platform. Clients can use @@ -25,58 +20,66 @@ description: | An Entry resource contains resource details, such as its schema. An Entry can also be used to attach flexible metadata, such as a Tag. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - 'Official Documentation': https://cloud.google.com/data-catalog/docs - api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries -import_format: ['{{name}}'] + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries' +docs: +base_url: '{{entry_group}}/entries' +self_link: '{{name}}' +create_url: '{{entry_group}}/entries?entryId={{entry_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + custom_import: 'templates/terraform/custom_import/data_catalog_entry.go.tmpl' supports_indirect_user_project_override: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_basic' + - name: 'data_catalog_entry_basic' primary_resource_id: 'basic_entry' vars: entry_id: 'my_entry' entry_group_id: 'my_group' - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_fileset' + - name: 'data_catalog_entry_fileset' primary_resource_id: 'basic_entry' vars: entry_id: 'my_entry' entry_group_id: 'my_group' - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_full' + - name: 'data_catalog_entry_full' primary_resource_id: 'basic_entry' vars: entry_id: 'my_entry' entry_group_id: 'my_group' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/data_catalog_entry.go.erb parameters: - - !ruby/object:Api::Type::String - name: entryGroup - required: true - url_param_only: true - immutable: true + - name: 'entryGroup' + type: String description: | The name of the entry group this entry is in. - - !ruby/object:Api::Type::String - name: entryId - required: true url_param_only: true + required: true immutable: true + - name: 'entryId' + type: String description: | The id of the entry to create. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The Data Catalog resource name of the entry in URL format. Example: projects/{project_id}/locations/{location}/entryGroups/{entryGroupId}/entries/{entryId}. Note that this Entry and its child resources may not actually be stored in the location in this name. output: true - - !ruby/object:Api::Type::String - name: linkedResource + - name: 'linkedResource' + type: String description: | The resource this metadata entry refers to. For Google Cloud Platform resources, linkedResource is the full name of the resource. @@ -85,44 +88,42 @@ properties: Output only when Entry is of type in the EntryType enum. For entries with userSpecifiedType, this field is optional and defaults to an empty string. default_from_api: true - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: | Display information such as title and description. A short name to identify the entry, for example, "Analytics Data - Jan 2011". - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | Entry description, which can consist of several sentences or paragraphs that describe entry contents. # This is a string instead of a NestedObject because schemas contain ColumnSchemas, which can contain nested ColumnSchemas. # We'll have people provide the json blob for the schema instead. - - !ruby/object:Api::Type::String - name: schema + - name: 'schema' + type: String description: | Schema of the entry (e.g. BigQuery, GoogleSQL, Avro schema), as a json string. An entry might not have any schema attached to it. See https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries#schema for what fields this schema can contain. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Enum - name: type + - name: 'type' + type: Enum description: | The type of the entry. Only used for Entries with types in the EntryType enum. Currently, only FILESET enum value is allowed. All other entries created through Data Catalog must use userSpecifiedType. - values: - - :FILESET immutable: true exactly_one_of: - - type - - user_specified_type - - !ruby/object:Api::Type::String - name: userSpecifiedType + - 'type' + - 'user_specified_type' + enum_values: + - 'FILESET' + - name: 'userSpecifiedType' + type: String description: | Entry type if it does not fit any of the input-allowed values listed in EntryType enum above. When creating an entry, users should check the enum values first, if nothing matches the entry @@ -130,30 +131,30 @@ properties: userSpecifiedType strings must begin with a letter or underscore and can only contain letters, numbers, and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. exactly_one_of: - - type - - user_specified_type - validation: !ruby/object:Provider::Terraform::Validation + - 'type' + - 'user_specified_type' + validation: regex: '^[A-z_][A-z0-9_]{0,63}$' - - !ruby/object:Api::Type::String - name: integratedSystem + - name: 'integratedSystem' + type: String description: | This field indicates the entry's source system that Data Catalog integrates with, such as BigQuery or Pub/Sub. output: true - - !ruby/object:Api::Type::String - name: userSpecifiedSystem + - name: 'userSpecifiedSystem' + type: String description: | This field indicates the entry's source system that Data Catalog does not integrate with. userSpecifiedSystem strings must begin with a letter or underscore and can only contain letters, numbers, and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. - validation: !ruby/object:Provider::Terraform::Validation + validation: regex: '^[A-z_][A-z0-9_]{0,63}$' - - !ruby/object:Api::Type::NestedObject - name: gcsFilesetSpec + - name: 'gcsFilesetSpec' + type: NestedObject description: | Specification that applies to a Cloud Storage fileset. This is only valid on entries of type FILESET. properties: - - !ruby/object:Api::Type::Array - name: filePatterns + - name: 'filePatterns' + type: Array description: | Patterns to identify a set of files in Google Cloud Storage. See [Cloud Storage documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames) @@ -168,81 +169,83 @@ properties: * gs://bucket_name/a/*/b: matches all files in bucket_name that match a/*/b pattern, such as a/c/b, a/d/b * gs://another_bucket/a.txt: matches gs://another_bucket/a.txt required: true - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: sampleGcsFileSpecs + item_type: + type: String + - name: 'sampleGcsFileSpecs' + type: Array description: | Sample files contained in this fileset, not all files contained in this fileset are represented here. output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: filePath + - name: 'filePath' + type: String description: | The full file path output: true - - !ruby/object:Api::Type::Integer - name: sizeBytes + - name: 'sizeBytes' + type: Integer description: | The size of the file, in bytes. output: true - - !ruby/object:Api::Type::NestedObject - name: bigqueryTableSpec + - name: 'bigqueryTableSpec' + type: NestedObject description: | Specification that applies to a BigQuery table. This is only valid on entries of type TABLE. output: true properties: - - !ruby/object:Api::Type::String - name: tableSourceType + - name: 'tableSourceType' + type: String description: | The table source type. output: true - - !ruby/object:Api::Type::NestedObject - name: viewSpec + - name: 'viewSpec' + type: NestedObject description: | Table view specification. This field should only be populated if tableSourceType is BIGQUERY_VIEW. output: true properties: - - !ruby/object:Api::Type::String - name: viewQuery + - name: 'viewQuery' + type: String description: | The query that defines the table view. output: true - - !ruby/object:Api::Type::NestedObject - name: tableSpec + - name: 'tableSpec' + type: NestedObject description: | Spec of a BigQuery table. This field should only be populated if tableSourceType is BIGQUERY_TABLE. output: true properties: - - !ruby/object:Api::Type::String - name: groupedEntry + - name: 'groupedEntry' + type: String description: | If the table is a dated shard, i.e., with name pattern [prefix]YYYYMMDD, groupedEntry is the Data Catalog resource name of the date sharded grouped entry, for example, projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}. Otherwise, groupedEntry is empty. output: true - - !ruby/object:Api::Type::NestedObject - name: bigqueryDateShardedSpec + - name: 'bigqueryDateShardedSpec' + type: NestedObject description: | Specification for a group of BigQuery tables with name pattern [prefix]YYYYMMDD. Context: https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding. output: true properties: - - !ruby/object:Api::Type::String - name: dataset + - name: 'dataset' + type: String description: | The Data Catalog resource name of the dataset entry the current table belongs to, for example, projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId} output: true - - !ruby/object:Api::Type::String - name: tablePrefix + - name: 'tablePrefix' + type: String description: | The table name prefix of the shards. The name of any given shard is [tablePrefix]YYYYMMDD, for example, for shard MyTable20180101, the tablePrefix is MyTable. output: true - - !ruby/object:Api::Type::Integer - name: shardCount + - name: 'shardCount' + type: Integer description: | Total number of shards. output: true diff --git a/mmv1/products/datacatalog/EntryGroup.yaml b/mmv1/products/datacatalog/EntryGroup.yaml index c2c96a5def09..8bb73169a681 100644 --- a/mmv1/products/datacatalog/EntryGroup.yaml +++ b/mmv1/products/datacatalog/EntryGroup.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,80 +11,79 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: EntryGroup -base_url: projects/{{project}}/locations/{{region}}/entryGroups -create_url: projects/{{project}}/locations/{{region}}/entryGroups?entryGroupId={{entry_group_id}} -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true +--- +name: 'EntryGroup' description: | An EntryGroup resource represents a logical grouping of zero or more Data Catalog Entry resources. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - 'Official Documentation': https://cloud.google.com/data-catalog/docs - api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups -iam_policy: !ruby/object:Api::Resource::IamPolicy + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/entryGroups' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/entryGroups?entryGroupId={{entry_group_id}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'entry_group' + base_url: 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}', - '{{entry_group}}', - ] - base_url: projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}} -import_format: ['{{name}}'] + - 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}' + - '{{entry_group}}' +custom_code: + custom_import: 'templates/terraform/custom_import/data_catalog_entry_group.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_group_basic' + - name: 'data_catalog_entry_group_basic' primary_resource_id: 'basic_entry_group' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_group%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_group%s", context["random_suffix"])' vars: entry_group_id: 'my_group' - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_group_full' + - name: 'data_catalog_entry_group_full' primary_resource_id: 'basic_entry_group' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_group%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_group%s", context["random_suffix"])' vars: entry_group_id: 'my_group' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/data_catalog_entry_group.go.erb parameters: - - !ruby/object:Api::Type::String - name: region - url_param_only: true - immutable: true + - name: 'region' + type: String description: | EntryGroup location region. - ignore_read: true - required: false - default_from_api: true - - !ruby/object:Api::Type::String - name: entryGroupId - required: true url_param_only: true + required: false immutable: true + ignore_read: true + default_from_api: true + - name: 'entryGroupId' + type: String description: | The id of the entry group to create. The id must begin with a letter or underscore, contain only English letters, numbers and underscores, and be at most 64 characters. - validation: !ruby/object:Provider::Terraform::Validation + url_param_only: true + required: true + immutable: true + validation: regex: '^[A-z_][A-z0-9_]{0,63}$' properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the entry group in URL format. Example: projects/{project}/locations/{location}/entryGroups/{entryGroupId} output: true - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: | A short name to identify the entry group, for example, "analytics data - jan 2011". - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | Entry group description, which can consist of several sentences or paragraphs that describe entry group contents. diff --git a/mmv1/products/datacatalog/PolicyTag.yaml b/mmv1/products/datacatalog/PolicyTag.yaml index 1b29fc64bbe4..14115a01eeda 100644 --- a/mmv1/products/datacatalog/PolicyTag.yaml +++ b/mmv1/products/datacatalog/PolicyTag.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,83 +11,86 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: PolicyTag -base_url: '{{taxonomy}}/policyTags' -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true +--- +name: 'PolicyTag' description: | Denotes one policy tag in a taxonomy. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - 'Official Documentation': https://cloud.google.com/data-catalog/docs - api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies.policyTags -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies.policyTags' +docs: +base_url: '{{taxonomy}}/policyTags' +self_link: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + exclude_import_test: true method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'policy_tag' - import_format: ['{{%policy_tag}}'] base_url: '{{%policy_tag}}' -import_format: ['{{name}}'] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - '{{%policy_tag}}' +custom_code: + custom_import: 'templates/terraform/custom_import/extract_taxonomy.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_taxonomies_policy_tag_basic' + - name: 'data_catalog_taxonomies_policy_tag_basic' primary_resource_id: 'basic_policy_tag' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_policy_tag%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_policy_tag%s", context["random_suffix"])' vars: taxonomy_display_name: 'taxonomy_display_name' - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_taxonomies_policy_tag_child_policies' + - name: 'data_catalog_taxonomies_policy_tag_child_policies' primary_resource_id: 'child_policy' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_child_tag%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_child_tag%s", context["random_suffix"])' vars: taxonomy_display_name: 'taxonomy_display_name' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/extract_taxonomy.go.erb parameters: - - !ruby/object:Api::Type::String - name: taxonomy + - name: 'taxonomy' + type: String + description: | + Taxonomy the policy tag is associated with url_param_only: true required: true immutable: true - description: | - Taxonomy the policy tag is associated with properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Resource name of this policy tag, whose format is: "projects/{project}/locations/{region}/taxonomies/{taxonomy}/policyTags/{policytag}" output: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User defined name of this policy tag. It must: be unique within the parent taxonomy; contain only unicode letters, numbers, underscores, dashes and spaces; not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8. required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of this policy tag. It must: contain only unicode characters, tabs, newlines, carriage returns and page breaks; and be at most 2000 bytes long when encoded in UTF-8. If not set, defaults to an empty description. If not set, defaults to an empty description. - - !ruby/object:Api::Type::String - name: 'parentPolicyTag' + - name: 'parentPolicyTag' + type: String description: | Resource name of this policy tag's parent policy tag. If empty, it means this policy tag is a top level policy tag. If not set, defaults to an empty string. - - !ruby/object:Api::Type::Array - name: 'childPolicyTags' + - name: 'childPolicyTags' + type: Array description: | Resource names of child policy tags of this policy tag. - item_type: Api::Type::String output: true + item_type: + type: String diff --git a/mmv1/products/datacatalog/Tag.yaml b/mmv1/products/datacatalog/Tag.yaml index be768f3dead4..b6f58bebc5e3 100644 --- a/mmv1/products/datacatalog/Tag.yaml +++ b/mmv1/products/datacatalog/Tag.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,31 +11,42 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Tag +--- +name: 'Tag' +description: | + Tags are used to attach custom metadata to Data Catalog resources. Tags conform to the specifications within their tag template. + + See [Data Catalog IAM](https://cloud.google.com/data-catalog/docs/concepts/iam) for information on the permissions needed to create or view tags. +references: + guides: + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.tags' +docs: +id_format: '{{name}}' base_url: '{{parent}}/tags' self_link: '{{parent}}/tags' update_url: '{{name}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -delete_url: '{{name}}' + read_query_params: '?pageSize=1000' -nested_query: !ruby/object:Api::Resource::NestedQuery +delete_url: '{{name}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +nested_query: keys: - tags -description: | - Tags are used to attach custom metadata to Data Catalog resources. Tags conform to the specifications within their tag template. - - See [Data Catalog IAM](https://cloud.google.com/data-catalog/docs/concepts/iam) for information on the permissions needed to create or view tags. -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': https://cloud.google.com/data-catalog/docs - api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.tags -import_format: ['{{name}}'] -id_format: '{{name}}' + is_list_of_ids: false + modify_by_patch: false +custom_code: + encoder: 'templates/terraform/encoders/data_catalog_tag.go.tmpl' + custom_import: 'templates/terraform/custom_import/data_catalog_tag.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_tag_basic' + - name: 'data_catalog_entry_tag_basic' primary_resource_id: 'basic_tag' vars: entry_group_id: 'my_entry_group' @@ -43,11 +54,10 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: - force_delete: 'true' + 'force_delete': 'true' oics_vars_overrides: - force_delete: 'true' - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_group_tag' + 'force_delete': 'true' + - name: 'data_catalog_entry_group_tag' primary_resource_id: 'entry_group_tag' vars: entry_group_id: 'my_entry_group' @@ -56,14 +66,10 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: - force_delete: 'true' + 'force_delete': 'true' oics_vars_overrides: - force_delete: 'true' - - !ruby/object:Provider::Terraform::Examples - name: - 'data_catalog_entry_tag_full' - # Multiple fine-grained resources - skip_vcr: true + 'force_delete': 'true' + - name: 'data_catalog_entry_tag_full' primary_resource_id: 'basic_tag' vars: entry_group_id: 'my_entry_group' @@ -71,11 +77,12 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: - force_delete: 'true' + 'force_delete': 'true' oics_vars_overrides: - force_delete: 'true' - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_entry_tag_false' + 'force_delete': 'true' + # Multiple fine-grained resources + skip_vcr: true + - name: 'data_catalog_entry_tag_false' primary_resource_id: 'basic_tag' vars: entry_group_id: 'my_entry_group' @@ -83,98 +90,97 @@ examples: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: - force_delete: 'true' + 'force_delete': 'true' oics_vars_overrides: - force_delete: 'true' - skip_docs: true # omitting doc as it is almost identical to the case of data_catalog_entry_tag_basic -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/data_catalog_tag.go.erb - encoder: templates/terraform/encoders/data_catalog_tag.go.erb + 'force_delete': 'true' + # omitting doc as it is almost identical to the case of data_catalog_entry_tag_basic + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: parent - url_param_only: true - immutable: true + - name: 'parent' + type: String description: | The name of the parent this tag is attached to. This can be the name of an entry or an entry group. If an entry group, the tag will be attached to all entries in that group. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the tag in URL format. Example: projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}/tags/{tag_id} or projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/tags/{tag_id} where tag_id is a system-generated identifier. Note that this Tag may not actually be stored in the location in this name. output: true - - !ruby/object:Api::Type::String - name: template + - name: 'template' + type: String description: | The resource name of the tag template that this tag uses. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} This field cannot be modified after creation. required: true immutable: true - - !ruby/object:Api::Type::String - name: template_displayname - api_name: templateDisplayName + - name: 'template_displayname' + type: String description: | The display name of the tag template. + api_name: templateDisplayName output: true - - !ruby/object:Api::Type::Map - name: fields + - name: 'fields' + type: Map description: | This maps the ID of a tag field to the value of and additional information about that field. Valid field IDs are defined by the tag's template. A tag must have at least 1 field and at most 500 fields. required: true - key_name: field_name - value_type: !ruby/object:Api::Type::NestedObject + key_name: 'field_name' + value_type: name: field_value + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: display_name + - name: 'display_name' + type: String description: | The display name of this field output: true - - !ruby/object:Api::Type::Integer - name: order + - name: 'order' + type: Integer description: | The order of this field with respect to other fields in this tag. For example, a higher value can indicate a more important field. The value can be negative. Multiple fields can have the same order, and field orders within a tag do not have to be sequential. output: true - - !ruby/object:Api::Type::Double - name: doubleValue + - name: 'doubleValue' + type: Double description: | Holds the value for a tag field with double type. - - !ruby/object:Api::Type::String - name: stringValue + - name: 'stringValue' + type: String description: | Holds the value for a tag field with string type. - - !ruby/object:Api::Type::Boolean - name: boolValue - send_empty_value: true + - name: 'boolValue' + type: Boolean description: | Holds the value for a tag field with boolean type. - - !ruby/object:Api::Type::String - name: timestampValue + send_empty_value: true + - name: 'timestampValue' + type: String description: | Holds the value for a tag field with timestamp type. - - !ruby/object:Api::Type::NestedObject - name: enumValue + - name: 'enumValue' + type: NestedObject description: | Holds the value for a tag field with enum type. This value must be one of the allowed values in the definition of this enum. + custom_flatten: 'templates/terraform/custom_flatten/data_catalog_tag.go.tmpl' + custom_expand: 'templates/terraform/custom_expand/data_catalog_tag.go.tmpl' flatten_object: true - custom_expand: templates/terraform/custom_expand/data_catalog_tag.go.erb - custom_flatten: templates/terraform/custom_flatten/data_catalog_tag.go.erb properties: - - !ruby/object:Api::Type::String - name: enum_value - api_name: 'displayName' + - name: 'enum_value' + type: String description: | The display name of the enum value. - - !ruby/object:Api::Type::String - name: column + api_name: displayName + - name: 'column' + type: String description: | Resources like Entry can have schemas associated with them. This scope allows users to attach tags to an individual column based on that schema. diff --git a/mmv1/products/datacatalog/TagTemplate.yaml b/mmv1/products/datacatalog/TagTemplate.yaml index eeda42a6b220..822062beb9b8 100644 --- a/mmv1/products/datacatalog/TagTemplate.yaml +++ b/mmv1/products/datacatalog/TagTemplate.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,157 +11,161 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: TagTemplate -base_url: projects/{{project}}/locations/{{region}}/tagTemplates -self_link: '{{name}}' -create_url: projects/{{project}}/locations/{{region}}/tagTemplates?tagTemplateId={{tag_template_id}} -delete_url: '{{name}}?force={{force_delete}}' -update_verb: :PATCH +--- +name: 'TagTemplate' description: | A tag template defines a tag, which can have one or more typed fields. The template is used to create and attach the tag to GCP resources. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - 'Official Documentation': https://cloud.google.com/data-catalog/docs - api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.tagTemplates -iam_policy: !ruby/object:Api::Resource::IamPolicy + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.tagTemplates' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/tagTemplates' +self_link: '{{name}}' +create_url: 'projects/{{project}}/locations/{{region}}/tagTemplates?tagTemplateId={{tag_template_id}}' +update_verb: 'PATCH' +delete_url: '{{name}}?force={{force_delete}}' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'tag_template' + base_url: 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}', - '{{tag_template}}', - ] - base_url: projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}} -import_format: ['{{name}}'] -skip_sweeper: true + - 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}' + - '{{tag_template}}' +custom_code: + constants: 'templates/terraform/constants/tagtemplate_fields.go.tmpl' + pre_update: 'templates/terraform/pre_update/tagtemplate_fields.go.tmpl' + post_update: 'templates/terraform/post_update/tagtemplate_fields.go.tmpl' + custom_import: 'templates/terraform/custom_import/data_catalog_tag_template.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_tag_template_basic' + - name: 'data_catalog_tag_template_basic' primary_resource_id: 'basic_tag_template' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_template%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_template%s", context["random_suffix"])' vars: tag_template_id: 'my_template' force_delete: 'false' test_vars_overrides: - force_delete: 'true' + 'force_delete': 'true' oics_vars_overrides: - force_delete: 'true' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: 'templates/terraform/custom_import/data_catalog_tag_template.go.erb' - pre_update: 'templates/terraform/pre_update/tagtemplate_fields.go.erb' - post_update: 'templates/terraform/post_update/tagtemplate_fields.go.erb' - constants: 'templates/terraform/constants/tagtemplate_fields.go.erb' + 'force_delete': 'true' parameters: - - !ruby/object:Api::Type::String - name: region - url_param_only: true - immutable: true + - name: 'region' + type: String description: | Template location region. - ignore_read: true - required: false - default_from_api: true - - !ruby/object:Api::Type::String - name: tagTemplateId - required: true url_param_only: true + required: false immutable: true + ignore_read: true + default_from_api: true + - name: 'tagTemplateId' + type: String description: | The id of the tag template to create. - validation: !ruby/object:Provider::Terraform::Validation - regex: '^[a-z_][a-z0-9_]{0,63}$' - - !ruby/object:Api::Type::Boolean - name: forceDelete - default_value: false url_param_only: true + required: true + immutable: true + validation: + regex: '^[a-z_][a-z0-9_]{0,63}$' + - name: 'forceDelete' + type: Boolean description: | This confirms the deletion of any possible tags using this template. Must be set to true in order to delete the tag template. + url_param_only: true + default_value: false properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the tag template in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} output: true - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: | The display name for this template. - - !ruby/object:Api::Type::Map - name: fields + - name: 'fields' + type: Map description: | Set of tag template field IDs and the settings for the field. This set is an exhaustive list of the allowed fields. This set must contain at least one field and at most 500 fields. The change of field_id will be resulting in re-creating of field. The change of primitive_type will be resulting in re-creating of field, however if the field is a required, you cannot update it. required: true - key_name: field_id - value_type: !ruby/object:Api::Type::NestedObject + key_name: 'field_id' + value_type: name: field + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the tag template field in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId}/fields/{field} output: true - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: | The display name for this field. default_from_api: true - - !ruby/object:Api::Type::String - name: description + - name: 'description' + type: String description: | A description for this field. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: type + - name: 'type' + type: NestedObject description: | The type of value this tag field can contain. required: true properties: - - !ruby/object:Api::Type::Enum - name: primitiveType + - name: 'primitiveType' + type: Enum description: | Represents primitive types - string, bool etc. Exactly one of `primitive_type` or `enum_type` must be set - values: - - :DOUBLE - - :STRING - - :BOOL - - :TIMESTAMP default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: enumType + enum_values: + - 'DOUBLE' + - 'STRING' + - 'BOOL' + - 'TIMESTAMP' + - name: 'enumType' + type: NestedObject description: | Represents an enum type. Exactly one of `primitive_type` or `enum_type` must be set properties: - - !ruby/object:Api::Type::Array - name: allowedValues + - name: 'allowedValues' + type: Array description: | The set of allowed values for this enum. The display names of the values must be case-insensitively unique within this set. Currently, enum values can only be added to the list of allowed values. Deletion and renaming of enum values are not supported. Can have up to 500 allowed values. - required: true is_set: true - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: displayName + - name: 'displayName' + type: String description: | The display name of the enum value. required: true - - !ruby/object:Api::Type::Boolean - name: isRequired + - name: 'isRequired' + type: Boolean description: | Whether this is a required field. Defaults to false. default_from_api: true - - !ruby/object:Api::Type::Integer - name: order + - name: 'order' + type: Integer description: | The order of this field with respect to other fields in this tag template. A higher value indicates a more important field. The value can be negative. diff --git a/mmv1/products/datacatalog/Taxonomy.yaml b/mmv1/products/datacatalog/Taxonomy.yaml index c6039aacd3da..7c4d2ecff7e3 100644 --- a/mmv1/products/datacatalog/Taxonomy.yaml +++ b/mmv1/products/datacatalog/Taxonomy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,61 +11,63 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Taxonomy -base_url: projects/{{project}}/locations/{{region}}/taxonomies -self_link: '{{name}}' -update_verb: :PATCH -update_mask: true +--- +name: 'Taxonomy' description: | A collection of policy tags that classify data along a common axis. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: - 'Official Documentation': https://cloud.google.com/data-catalog/docs - api: https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies -sweeper: !ruby/object:Provider::Terraform::Sweeper - sweepable_identifier_field: 'displayName' -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true + 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' + api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies' +docs: +base_url: 'projects/{{project}}/locations/{{region}}/taxonomies' +self_link: '{{name}}' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: + exclude_import_test: true method_name_separator: ':' - fetch_iam_policy_verb: :POST + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'taxonomy' - import_format: - [ - 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}', - '{{taxonomy}}', - ] base_url: 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' -import_format: ['{{name}}'] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' + - '{{taxonomy}}' +custom_code: + custom_import: 'templates/terraform/custom_import/data_catalog_taxonomy.go.tmpl' +sweeper: + sweepable_identifier_field: displayName examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_catalog_taxonomy_basic' + - name: 'data_catalog_taxonomy_basic' primary_resource_id: 'basic_taxonomy' - primary_resource_name: "fmt.Sprintf(\"tf_test_my_taxonomy%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf_test_my_taxonomy%s", context["random_suffix"])' vars: display_name: 'my_taxonomy' -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/data_catalog_taxonomy.go.erb parameters: - - !ruby/object:Api::Type::String - name: region - url_param_only: true - immutable: true + - name: 'region' + type: String description: | Taxonomy location region. + url_param_only: true required: false + immutable: true default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Resource name of this taxonomy, whose format is: "projects/{project}/locations/{region}/taxonomies/{taxonomy}". output: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User defined name of this taxonomy. The taxonomy display name must be unique within an organization. @@ -73,21 +75,21 @@ properties: and spaces; not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8. required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of this taxonomy. It must: contain only unicode characters, tabs, newlines, carriage returns and page breaks; and be at most 2000 bytes long when encoded in UTF-8. If not set, defaults to an empty description. - - !ruby/object:Api::Type::Array - name: 'activatedPolicyTypes' + - name: 'activatedPolicyTypes' + type: Array description: | A list of policy types that are activated for this taxonomy. If not set, defaults to an empty list. + # TOOD: should this be enum or string item_type: - !ruby/object:Api::Type::Enum # TOOD: should this be enum or string - name: 'policyType' + type: Enum description: 'Defines policy types where policy tag can be used for' - values: - - :POLICY_TYPE_UNSPECIFIED - - :FINE_GRAINED_ACCESS_CONTROL + enum_values: + - 'POLICY_TYPE_UNSPECIFIED' + - 'FINE_GRAINED_ACCESS_CONTROL' diff --git a/mmv1/products/datacatalog/go_Entry.yaml b/mmv1/products/datacatalog/go_Entry.yaml deleted file mode 100644 index f9bd9a07d813..000000000000 --- a/mmv1/products/datacatalog/go_Entry.yaml +++ /dev/null @@ -1,252 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Entry' -description: | - Entry Metadata. A Data Catalog Entry resource represents another resource in Google Cloud Platform - (such as a BigQuery dataset or a Pub/Sub topic) or outside of Google Cloud Platform. Clients can use - the linkedResource field in the Entry resource to refer to the original resource ID of the source system. - - An Entry resource contains resource details, such as its schema. An Entry can also be used to attach - flexible metadata, such as a Tag. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' - api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries' -docs: -base_url: '{{entry_group}}/entries' -self_link: '{{name}}' -create_url: '{{entry_group}}/entries?entryId={{entry_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - custom_import: 'templates/terraform/custom_import/go/data_catalog_entry.go.tmpl' -supports_indirect_user_project_override: true -examples: - - name: 'data_catalog_entry_basic' - primary_resource_id: 'basic_entry' - vars: - entry_id: 'my_entry' - entry_group_id: 'my_group' - - name: 'data_catalog_entry_fileset' - primary_resource_id: 'basic_entry' - vars: - entry_id: 'my_entry' - entry_group_id: 'my_group' - - name: 'data_catalog_entry_full' - primary_resource_id: 'basic_entry' - vars: - entry_id: 'my_entry' - entry_group_id: 'my_group' -parameters: - - name: 'entryGroup' - type: String - description: | - The name of the entry group this entry is in. - url_param_only: true - required: true - immutable: true - - name: 'entryId' - type: String - description: | - The id of the entry to create. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The Data Catalog resource name of the entry in URL format. - Example: projects/{project_id}/locations/{location}/entryGroups/{entryGroupId}/entries/{entryId}. - Note that this Entry and its child resources may not actually be stored in the location in this name. - output: true - - name: 'linkedResource' - type: String - description: | - The resource this metadata entry refers to. - For Google Cloud Platform resources, linkedResource is the full name of the resource. - For example, the linkedResource for a table resource from BigQuery is: - //bigquery.googleapis.com/projects/projectId/datasets/datasetId/tables/tableId - Output only when Entry is of type in the EntryType enum. For entries with userSpecifiedType, - this field is optional and defaults to an empty string. - default_from_api: true - - name: 'displayName' - type: String - description: | - Display information such as title and description. A short name to identify the entry, - for example, "Analytics Data - Jan 2011". - - name: 'description' - type: String - description: | - Entry description, which can consist of several sentences or paragraphs that describe entry contents. - # This is a string instead of a NestedObject because schemas contain ColumnSchemas, which can contain nested ColumnSchemas. - # We'll have people provide the json blob for the schema instead. - - name: 'schema' - type: String - description: | - Schema of the entry (e.g. BigQuery, GoogleSQL, Avro schema), as a json string. An entry might not have any schema - attached to it. See - https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.entries#schema - for what fields this schema can contain. - state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' - custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' - validation: - function: 'validation.StringIsJSON' - - name: 'type' - type: Enum - description: | - The type of the entry. Only used for Entries with types in the EntryType enum. - Currently, only FILESET enum value is allowed. All other entries created through Data Catalog must use userSpecifiedType. - immutable: true - exactly_one_of: - - 'type' - - 'user_specified_type' - enum_values: - - 'FILESET' - - name: 'userSpecifiedType' - type: String - description: | - Entry type if it does not fit any of the input-allowed values listed in EntryType enum above. - When creating an entry, users should check the enum values first, if nothing matches the entry - to be created, then provide a custom value, for example "my_special_type". - userSpecifiedType strings must begin with a letter or underscore and can only contain letters, - numbers, and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. - exactly_one_of: - - 'type' - - 'user_specified_type' - validation: - regex: '^[A-z_][A-z0-9_]{0,63}$' - - name: 'integratedSystem' - type: String - description: | - This field indicates the entry's source system that Data Catalog integrates with, such as BigQuery or Pub/Sub. - output: true - - name: 'userSpecifiedSystem' - type: String - description: | - This field indicates the entry's source system that Data Catalog does not integrate with. - userSpecifiedSystem strings must begin with a letter or underscore and can only contain letters, numbers, - and underscores; are case insensitive; must be at least 1 character and at most 64 characters long. - validation: - regex: '^[A-z_][A-z0-9_]{0,63}$' - - name: 'gcsFilesetSpec' - type: NestedObject - description: | - Specification that applies to a Cloud Storage fileset. This is only valid on entries of type FILESET. - properties: - - name: 'filePatterns' - type: Array - description: | - Patterns to identify a set of files in Google Cloud Storage. - See [Cloud Storage documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames) - for more information. Note that bucket wildcards are currently not supported. Examples of valid filePatterns: - - * gs://bucket_name/dir/*: matches all files within bucket_name/dir directory. - * gs://bucket_name/dir/**: matches all files in bucket_name/dir spanning all subdirectories. - * gs://bucket_name/file*: matches files prefixed by file in bucket_name - * gs://bucket_name/??.txt: matches files with two characters followed by .txt in bucket_name - * gs://bucket_name/[aeiou].txt: matches files that contain a single vowel character followed by .txt in bucket_name - * gs://bucket_name/[a-m].txt: matches files that contain a, b, ... or m followed by .txt in bucket_name - * gs://bucket_name/a/*/b: matches all files in bucket_name that match a/*/b pattern, such as a/c/b, a/d/b - * gs://another_bucket/a.txt: matches gs://another_bucket/a.txt - required: true - item_type: - type: String - - name: 'sampleGcsFileSpecs' - type: Array - description: | - Sample files contained in this fileset, not all files contained in this fileset are represented here. - output: true - item_type: - type: NestedObject - properties: - - name: 'filePath' - type: String - description: | - The full file path - output: true - - name: 'sizeBytes' - type: Integer - description: | - The size of the file, in bytes. - output: true - - name: 'bigqueryTableSpec' - type: NestedObject - description: | - Specification that applies to a BigQuery table. This is only valid on entries of type TABLE. - output: true - properties: - - name: 'tableSourceType' - type: String - description: | - The table source type. - output: true - - name: 'viewSpec' - type: NestedObject - description: | - Table view specification. This field should only be populated if tableSourceType is BIGQUERY_VIEW. - output: true - properties: - - name: 'viewQuery' - type: String - description: | - The query that defines the table view. - output: true - - name: 'tableSpec' - type: NestedObject - description: | - Spec of a BigQuery table. This field should only be populated if tableSourceType is BIGQUERY_TABLE. - output: true - properties: - - name: 'groupedEntry' - type: String - description: | - If the table is a dated shard, i.e., with name pattern [prefix]YYYYMMDD, groupedEntry is the - Data Catalog resource name of the date sharded grouped entry, for example, - projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}. - Otherwise, groupedEntry is empty. - output: true - - name: 'bigqueryDateShardedSpec' - type: NestedObject - description: | - Specification for a group of BigQuery tables with name pattern [prefix]YYYYMMDD. - Context: https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding. - output: true - properties: - - name: 'dataset' - type: String - description: | - The Data Catalog resource name of the dataset entry the current table belongs to, for example, - projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId} - output: true - - name: 'tablePrefix' - type: String - description: | - The table name prefix of the shards. The name of any given shard is [tablePrefix]YYYYMMDD, - for example, for shard MyTable20180101, the tablePrefix is MyTable. - output: true - - name: 'shardCount' - type: Integer - description: | - Total number of shards. - output: true diff --git a/mmv1/products/datacatalog/go_EntryGroup.yaml b/mmv1/products/datacatalog/go_EntryGroup.yaml deleted file mode 100644 index d276ff2cb1e4..000000000000 --- a/mmv1/products/datacatalog/go_EntryGroup.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EntryGroup' -description: | - An EntryGroup resource represents a logical grouping of zero or more Data Catalog Entry resources. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' - api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/entryGroups' -self_link: '{{name}}' -create_url: 'projects/{{project}}/locations/{{region}}/entryGroups?entryGroupId={{entry_group_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'entry_group' - base_url: 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{region}}/entryGroups/{{entry_group}}' - - '{{entry_group}}' -custom_code: - custom_import: 'templates/terraform/custom_import/go/data_catalog_entry_group.go.tmpl' -examples: - - name: 'data_catalog_entry_group_basic' - primary_resource_id: 'basic_entry_group' - primary_resource_name: 'fmt.Sprintf("tf_test_my_group%s", context["random_suffix"])' - vars: - entry_group_id: 'my_group' - - name: 'data_catalog_entry_group_full' - primary_resource_id: 'basic_entry_group' - primary_resource_name: 'fmt.Sprintf("tf_test_my_group%s", context["random_suffix"])' - vars: - entry_group_id: 'my_group' -parameters: - - name: 'region' - type: String - description: | - EntryGroup location region. - url_param_only: true - required: false - immutable: true - ignore_read: true - default_from_api: true - - name: 'entryGroupId' - type: String - description: | - The id of the entry group to create. The id must begin with a letter or underscore, - contain only English letters, numbers and underscores, and be at most 64 characters. - url_param_only: true - required: true - immutable: true - validation: - regex: '^[A-z_][A-z0-9_]{0,63}$' -properties: - - name: 'name' - type: String - description: | - The resource name of the entry group in URL format. Example: projects/{project}/locations/{location}/entryGroups/{entryGroupId} - output: true - - name: 'displayName' - type: String - description: | - A short name to identify the entry group, for example, "analytics data - jan 2011". - - name: 'description' - type: String - description: | - Entry group description, which can consist of several sentences or paragraphs that describe entry group contents. diff --git a/mmv1/products/datacatalog/go_PolicyTag.yaml b/mmv1/products/datacatalog/go_PolicyTag.yaml deleted file mode 100644 index 92deaa1204cf..000000000000 --- a/mmv1/products/datacatalog/go_PolicyTag.yaml +++ /dev/null @@ -1,97 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PolicyTag' -description: | - Denotes one policy tag in a taxonomy. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' - api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies.policyTags' -docs: -base_url: '{{taxonomy}}/policyTags' -self_link: '{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - skip_import_test: true - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'policy_tag' - base_url: '{{%policy_tag}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - '{{%policy_tag}}' -custom_code: - custom_import: 'templates/terraform/custom_import/go/extract_taxonomy.go.tmpl' -examples: - - name: 'data_catalog_taxonomies_policy_tag_basic' - primary_resource_id: 'basic_policy_tag' - primary_resource_name: 'fmt.Sprintf("tf_test_my_policy_tag%s", context["random_suffix"])' - vars: - taxonomy_display_name: 'taxonomy_display_name' - - name: 'data_catalog_taxonomies_policy_tag_child_policies' - primary_resource_id: 'child_policy' - primary_resource_name: 'fmt.Sprintf("tf_test_my_child_tag%s", context["random_suffix"])' - vars: - taxonomy_display_name: 'taxonomy_display_name' -parameters: - - name: 'taxonomy' - type: String - description: | - Taxonomy the policy tag is associated with - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - Resource name of this policy tag, whose format is: - "projects/{project}/locations/{region}/taxonomies/{taxonomy}/policyTags/{policytag}" - output: true - - name: 'displayName' - type: String - description: | - User defined name of this policy tag. It must: be unique within the parent - taxonomy; contain only unicode letters, numbers, underscores, dashes and spaces; - not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8. - required: true - - name: 'description' - type: String - description: | - Description of this policy tag. It must: contain only unicode characters, tabs, - newlines, carriage returns and page breaks; and be at most 2000 bytes long when - encoded in UTF-8. If not set, defaults to an empty description. - If not set, defaults to an empty description. - - name: 'parentPolicyTag' - type: String - description: | - Resource name of this policy tag's parent policy tag. - If empty, it means this policy tag is a top level policy tag. - If not set, defaults to an empty string. - - name: 'childPolicyTags' - type: Array - description: | - Resource names of child policy tags of this policy tag. - output: true - item_type: - type: String diff --git a/mmv1/products/datacatalog/go_Tag.yaml b/mmv1/products/datacatalog/go_Tag.yaml deleted file mode 100644 index c8b65f6a3cef..000000000000 --- a/mmv1/products/datacatalog/go_Tag.yaml +++ /dev/null @@ -1,180 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Tag' -description: | - Tags are used to attach custom metadata to Data Catalog resources. Tags conform to the specifications within their tag template. - - See [Data Catalog IAM](https://cloud.google.com/data-catalog/docs/concepts/iam) for information on the permissions needed to create or view tags. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' - api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.entryGroups.tags' -docs: -id_format: '{{name}}' -base_url: '{{parent}}/tags' -self_link: '{{parent}}/tags' -update_url: '{{name}}' -update_verb: 'PATCH' -update_mask: true - -read_query_params: '?pageSize=1000' -delete_url: '{{name}}' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -nested_query: - keys: - - tags - is_list_of_ids: false - modify_by_patch: false -custom_code: - encoder: 'templates/terraform/encoders/go/data_catalog_tag.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/data_catalog_tag.go.tmpl' -examples: - - name: 'data_catalog_entry_tag_basic' - primary_resource_id: 'basic_tag' - vars: - entry_group_id: 'my_entry_group' - entry_id: 'my_entry' - tag_template_id: 'my_template' - force_delete: 'false' - test_vars_overrides: - 'force_delete': 'true' - - name: 'data_catalog_entry_group_tag' - primary_resource_id: 'entry_group_tag' - vars: - entry_group_id: 'my_entry_group' - first_entry: 'first_entry' - second_entry: 'second_entry' - tag_template_id: 'my_template' - force_delete: 'false' - test_vars_overrides: - 'force_delete': 'true' - - name: 'data_catalog_entry_tag_full' - primary_resource_id: 'basic_tag' - vars: - entry_group_id: 'my_entry_group' - entry_id: 'my_entry' - tag_template_id: 'my_template' - force_delete: 'false' - test_vars_overrides: - 'force_delete': 'true' - skip_vcr: true - - name: 'data_catalog_entry_tag_false' - primary_resource_id: 'basic_tag' - vars: - entry_group_id: 'my_entry_group' - entry_id: 'my_entry' - tag_template_id: 'my_template' - force_delete: 'false' - test_vars_overrides: - 'force_delete': 'true' - skip_docs: true -parameters: - - name: 'parent' - type: String - description: | - The name of the parent this tag is attached to. This can be the name of an entry or an entry group. If an entry group, the tag will be attached to - all entries in that group. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the tag in URL format. Example: - projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/entries/{entryId}/tags/{tag_id} or - projects/{project_id}/locations/{location}/entrygroups/{entryGroupId}/tags/{tag_id} - where tag_id is a system-generated identifier. Note that this Tag may not actually be stored in the location in this name. - output: true - - name: 'template' - type: String - description: | - The resource name of the tag template that this tag uses. Example: - projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} - This field cannot be modified after creation. - required: true - immutable: true - - name: 'template_displayname' - type: String - description: | - The display name of the tag template. - api_name: templateDisplayName - output: true - - name: 'fields' - type: Map - description: | - This maps the ID of a tag field to the value of and additional information about that field. - Valid field IDs are defined by the tag's template. A tag must have at least 1 field and at most 500 fields. - required: true - key_name: 'field_name' - value_type: - name: field_value - type: NestedObject - properties: - - name: 'display_name' - type: String - description: | - The display name of this field - output: true - - name: 'order' - type: Integer - description: | - The order of this field with respect to other fields in this tag. For example, a higher value can indicate - a more important field. The value can be negative. Multiple fields can have the same order, and field orders - within a tag do not have to be sequential. - output: true - - name: 'doubleValue' - type: Double - description: | - Holds the value for a tag field with double type. - - name: 'stringValue' - type: String - description: | - Holds the value for a tag field with string type. - - name: 'boolValue' - type: Boolean - description: | - Holds the value for a tag field with boolean type. - send_empty_value: true - - name: 'timestampValue' - type: String - description: | - Holds the value for a tag field with timestamp type. - - name: 'enumValue' - type: NestedObject - description: | - Holds the value for a tag field with enum type. This value must be one of the allowed values in the definition of this enum. - custom_flatten: 'templates/terraform/custom_flatten/go/data_catalog_tag.go.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/data_catalog_tag.go.tmpl' - flatten_object: true - properties: - - name: 'enum_value' - type: String - description: | - The display name of the enum value. - api_name: displayName - - name: 'column' - type: String - description: | - Resources like Entry can have schemas associated with them. This scope allows users to attach tags to an - individual column based on that schema. - - For attaching a tag to a nested column, use `.` to separate the column names. Example: - `outer_column.inner_column` diff --git a/mmv1/products/datacatalog/go_TagTemplate.yaml b/mmv1/products/datacatalog/go_TagTemplate.yaml deleted file mode 100644 index bbddf573e7a5..000000000000 --- a/mmv1/products/datacatalog/go_TagTemplate.yaml +++ /dev/null @@ -1,172 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'TagTemplate' -description: | - A tag template defines a tag, which can have one or more typed fields. - The template is used to create and attach the tag to GCP resources. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' - api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.tagTemplates' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/tagTemplates' -self_link: '{{name}}' -create_url: 'projects/{{project}}/locations/{{region}}/tagTemplates?tagTemplateId={{tag_template_id}}' -update_verb: 'PATCH' -delete_url: '{{name}}?force={{force_delete}}' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'tag_template' - base_url: 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{region}}/tagTemplates/{{tag_template}}' - - '{{tag_template}}' -custom_code: - constants: 'templates/terraform/constants/go/tagtemplate_fields.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/tagtemplate_fields.go.tmpl' - post_update: 'templates/terraform/post_update/go/tagtemplate_fields.go.tmpl' - custom_import: 'templates/terraform/custom_import/go/data_catalog_tag_template.go.tmpl' -exclude_sweeper: true -examples: - - name: 'data_catalog_tag_template_basic' - primary_resource_id: 'basic_tag_template' - primary_resource_name: 'fmt.Sprintf("tf_test_my_template%s", context["random_suffix"])' - vars: - tag_template_id: 'my_template' - force_delete: 'false' - test_vars_overrides: - 'force_delete': 'true' -parameters: - - name: 'region' - type: String - description: | - Template location region. - url_param_only: true - required: false - immutable: true - ignore_read: true - default_from_api: true - - name: 'tagTemplateId' - type: String - description: | - The id of the tag template to create. - url_param_only: true - required: true - immutable: true - validation: - regex: '^[a-z_][a-z0-9_]{0,63}$' - - name: 'forceDelete' - type: Boolean - description: | - This confirms the deletion of any possible tags using this template. Must be set to true in order to delete the tag template. - url_param_only: true - default_value: false -properties: - - name: 'name' - type: String - description: | - The resource name of the tag template in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId} - output: true - - name: 'displayName' - type: String - description: | - The display name for this template. - - name: 'fields' - type: Map - description: | - Set of tag template field IDs and the settings for the field. This set is an exhaustive list of the allowed fields. This set must contain at least one field and at most 500 fields. The change of field_id will be resulting in re-creating of field. The change of primitive_type will be resulting in re-creating of field, however if the field is a required, you cannot update it. - required: true - key_name: 'field_id' - value_type: - name: field - type: NestedObject - properties: - - name: 'name' - type: String - description: | - The resource name of the tag template field in URL format. Example: projects/{project_id}/locations/{location}/tagTemplates/{tagTemplateId}/fields/{field} - output: true - - name: 'displayName' - type: String - description: | - The display name for this field. - default_from_api: true - - name: 'description' - type: String - description: | - A description for this field. - default_from_api: true - - name: 'type' - type: NestedObject - description: | - The type of value this tag field can contain. - required: true - properties: - - name: 'primitiveType' - type: Enum - description: | - Represents primitive types - string, bool etc. - Exactly one of `primitive_type` or `enum_type` must be set - default_from_api: true - enum_values: - - 'DOUBLE' - - 'STRING' - - 'BOOL' - - 'TIMESTAMP' - - name: 'enumType' - type: NestedObject - description: | - Represents an enum type. - Exactly one of `primitive_type` or `enum_type` must be set - properties: - - name: 'allowedValues' - type: Array - description: | - The set of allowed values for this enum. The display names of the - values must be case-insensitively unique within this set. Currently, - enum values can only be added to the list of allowed values. Deletion - and renaming of enum values are not supported. - Can have up to 500 allowed values. - is_set: true - required: true - item_type: - type: NestedObject - properties: - - name: 'displayName' - type: String - description: | - The display name of the enum value. - required: true - - name: 'isRequired' - type: Boolean - description: | - Whether this is a required field. Defaults to false. - default_from_api: true - - name: 'order' - type: Integer - description: | - The order of this field with respect to other fields in this tag template. - A higher value indicates a more important field. The value can be negative. - Multiple fields can have the same order, and field orders within a tag do not have to be sequential. - default_from_api: true diff --git a/mmv1/products/datacatalog/go_Taxonomy.yaml b/mmv1/products/datacatalog/go_Taxonomy.yaml deleted file mode 100644 index 22beae77f4e8..000000000000 --- a/mmv1/products/datacatalog/go_Taxonomy.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Taxonomy' -description: | - A collection of policy tags that classify data along a common axis. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-catalog/docs' - api: 'https://cloud.google.com/data-catalog/docs/reference/rest/v1/projects.locations.taxonomies' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/taxonomies' -self_link: '{{name}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - skip_import_test: true - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'taxonomy' - base_url: 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{region}}/taxonomies/{{taxonomy}}' - - '{{taxonomy}}' -custom_code: - custom_import: 'templates/terraform/custom_import/go/data_catalog_taxonomy.go.tmpl' -sweeper: - sweepable_identifier_field: displayName -examples: - - name: 'data_catalog_taxonomy_basic' - primary_resource_id: 'basic_taxonomy' - primary_resource_name: 'fmt.Sprintf("tf_test_my_taxonomy%s", context["random_suffix"])' - vars: - display_name: 'my_taxonomy' -parameters: - - name: 'region' - type: String - description: | - Taxonomy location region. - url_param_only: true - required: false - immutable: true - default_from_api: true -properties: - - name: 'name' - type: String - description: | - Resource name of this taxonomy, whose format is: - "projects/{project}/locations/{region}/taxonomies/{taxonomy}". - output: true - - name: 'displayName' - type: String - description: | - User defined name of this taxonomy. - The taxonomy display name must be unique within an organization. - It must: contain only unicode letters, numbers, underscores, dashes - and spaces; not start or end with spaces; and be at most 200 bytes - long when encoded in UTF-8. - required: true - - name: 'description' - type: String - description: | - Description of this taxonomy. It must: contain only unicode characters, - tabs, newlines, carriage returns and page breaks; and be at most 2000 bytes - long when encoded in UTF-8. If not set, defaults to an empty description. - - name: 'activatedPolicyTypes' - type: Array - description: | - A list of policy types that are activated for this taxonomy. If not set, - defaults to an empty list. - item_type: - type: Enum - description: 'Defines policy types where policy tag can be used for' - enum_values: - - 'POLICY_TYPE_UNSPECIFIED' - - 'FINE_GRAINED_ACCESS_CONTROL' diff --git a/mmv1/products/datacatalog/go_product.yaml b/mmv1/products/datacatalog/go_product.yaml deleted file mode 100644 index c719c19116c1..000000000000 --- a/mmv1/products/datacatalog/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DataCatalog' -display_name: 'Data catalog' -versions: - - name: 'ga' - base_url: 'https://datacatalog.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://datacatalog.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/datacatalog/product.yaml b/mmv1/products/datacatalog/product.yaml index 44b331563d2c..e6e305dad648 100644 --- a/mmv1/products/datacatalog/product.yaml +++ b/mmv1/products/datacatalog/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: DataCatalog +--- +name: 'DataCatalog' +display_name: 'Data catalog' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://datacatalog.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://datacatalog.googleapis.com/v1beta1/ + - name: 'ga' + base_url: 'https://datacatalog.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://datacatalog.googleapis.com/v1beta1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataform/Repository.yaml b/mmv1/products/dataform/Repository.yaml index 93bf0f0be1ec..1c7dccfb54fe 100644 --- a/mmv1/products/dataform/Repository.yaml +++ b/mmv1/products/dataform/Repository.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,156 +11,176 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Repository -base_url: projects/{{project}}/locations/{{region}}/repositories -create_url: projects/{{project}}/locations/{{region}}/repositories?repositoryId={{name}} -create_verb: :POST -update_verb: :PATCH -min_version: beta +--- +name: 'Repository' description: |- A resource represents a Dataform Git repository -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/dataform/docs/' api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories' -id_format: projects/{{project}}/locations/{{region}}/repositories/{{name}} -iam_policy: !ruby/object:Api::Resource::IamPolicy +docs: +id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/repositories' +create_url: 'projects/{{project}}/locations/{{region}}/repositories?repositoryId={{name}}' +update_verb: 'PATCH' +import_format: + - 'projects/{{project}}/locations/{{region}}/repositories/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' parent_resource_attribute: 'repository' - min_version: beta -import_format: - ['projects/{{project}}/locations/{{region}}/repositories/{{name}}'] + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + min_version: 'beta' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataform_repository' + - name: 'dataform_repository' + primary_resource_id: 'dataform_repository' + primary_resource_name: 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' + min_version: 'beta' + vars: + dataform_repository_name: 'dataform_repository' + data: 'secret-data' + secret_name: 'my-secret' + key_ring_name: 'example-key-ring' + crypto_key_name: 'example-crypto-key-name' # This example is used in the docs to address this issue # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 - skip_test: true - primary_resource_id: dataform_repository - primary_resource_name: - 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' - min_version: beta + exclude_test: true + - name: 'dataform_repository_with_cloudsource_repo' + primary_resource_id: 'dataform_repository' + primary_resource_name: 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' + min_version: 'beta' vars: + git_repository_name: 'my/repository' dataform_repository_name: 'dataform_repository' - data: secret-data - secret_name: my-secret - key_ring_name: example-key-ring - crypto_key_name: example-crypto-key-name - - !ruby/object:Provider::Terraform::Examples - name: 'dataform_repository_with_cloudsource_repo' + data: 'secret-data' + secret_name: 'my-secret' + key_ring_name: 'example-key-ring' + crypto_key_name: 'example-crypto-key-name' # Although the Terraform config can be applied without error, the connection between Dataform and the SourceRepo aren't yet functional # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 # See : https://issuetracker.google.com/issues/287850319 - skip_docs: true - primary_resource_id: dataform_repository - primary_resource_name: - 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' - min_version: beta + exclude_docs: true + - name: 'dataform_repository_with_cloudsource_repo_and_ssh' + primary_resource_id: 'dataform_repository' + min_version: 'beta' vars: git_repository_name: 'my/repository' dataform_repository_name: 'dataform_repository' - data: secret-data - secret_name: my-secret - key_ring_name: example-key-ring - crypto_key_name: example-crypto-key-name - - !ruby/object:Provider::Terraform::Examples - name: 'dataform_repository_with_cloudsource_repo_and_ssh' + data: 'secret-data' + secret_name: 'my-secret' # Although the Terraform config can be applied without error, the connection between Dataform and the SourceRepo aren't yet functional # See : https://github.com/hashicorp/terraform-provider-google/issues/17335 # See : https://issuetracker.google.com/issues/287850319 - skip_docs: true - primary_resource_id: dataform_repository - min_version: beta - vars: - git_repository_name: 'my/repository' - dataform_repository_name: 'dataform_repository' - data: secret-data - secret_name: my-secret + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: 'A reference to the region' - immutable: true + min_version: 'beta' url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: The repository's name. - immutable: true + min_version: 'beta' required: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::NestedObject - name: 'gitRemoteSettings' + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'gitRemoteSettings' + type: NestedObject description: Optional. If set, configures this repository to be linked to a Git remote. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'url' - required: true + - name: 'url' + type: String description: The Git remote's URL. - - !ruby/object:Api::Type::String - name: 'defaultBranch' + min_version: 'beta' required: true + - name: 'defaultBranch' + type: String description: The Git remote's default branch name. - - !ruby/object:Api::Type::String - name: 'authenticationTokenSecretVersion' - exactly_one_of: - - gitRemoteSettings.0.authenticationTokenSecretVersion - - gitRemoteSettings.0.sshAuthenticationConfig + min_version: 'beta' + required: true + - name: 'authenticationTokenSecretVersion' + type: String description: The name of the Secret Manager secret version to use as an authentication token for Git operations. This secret is for assigning with HTTPS only(for SSH use `ssh_authentication_config`). Must be in the format projects/*/secrets/*/versions/*. - - !ruby/object:Api::Type::NestedObject - name: 'sshAuthenticationConfig' + min_version: 'beta' exactly_one_of: - - gitRemoteSettings.0.authenticationTokenSecretVersion - - gitRemoteSettings.0.sshAuthenticationConfig + - 'gitRemoteSettings.0.authenticationTokenSecretVersion' + - 'gitRemoteSettings.0.sshAuthenticationConfig' + - name: 'sshAuthenticationConfig' + type: NestedObject description: Authentication fields for remote uris using SSH protocol. + min_version: 'beta' + exactly_one_of: + - 'gitRemoteSettings.0.authenticationTokenSecretVersion' + - 'gitRemoteSettings.0.sshAuthenticationConfig' properties: - - !ruby/object:Api::Type::String - name: userPrivateKeySecretVersion - required: true + - name: 'userPrivateKeySecretVersion' + type: String description: The name of the Secret Manager secret version to use as a ssh private key for Git operations. Must be in the format projects/*/secrets/*/versions/*. - - !ruby/object:Api::Type::String - name: hostPublicKey + min_version: 'beta' required: true + - name: 'hostPublicKey' + type: String description: Content of a public SSH key to verify an identity of a remote Git host. - - !ruby/object:Api::Type::String - name: 'tokenStatus' - output: true + min_version: 'beta' + required: true + - name: 'tokenStatus' + type: String description: | Indicates the status of the Git access token. https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories#TokenStatus - - !ruby/object:Api::Type::NestedObject - name: 'workspaceCompilationOverrides' + min_version: 'beta' + output: true + - name: 'workspaceCompilationOverrides' + type: NestedObject description: If set, fields of workspaceCompilationOverrides override the default compilation settings that are specified in dataform.json when creating workspace-scoped compilation results. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: defaultDatabase + - name: 'defaultDatabase' + type: String description: The default database (Google Cloud project ID). - - !ruby/object:Api::Type::String - name: 'schemaSuffix' + min_version: 'beta' + - name: 'schemaSuffix' + type: String description: The suffix that should be appended to all schema (BigQuery dataset ID) names. - - !ruby/object:Api::Type::String - name: 'tablePrefix' + min_version: 'beta' + - name: 'tablePrefix' + type: String description: The prefix that should be prepended to all table names. - - !ruby/object:Api::Type::String - name: 'serviceAccount' + min_version: 'beta' + - name: 'serviceAccount' + type: String description: The service account to run workflow invocations under. - - !ruby/object:Api::Type::String - name: npmrcEnvironmentVariablesSecretVersion + min_version: 'beta' + - name: 'npmrcEnvironmentVariablesSecretVersion' + type: String description: Optional. The name of the Secret Manager secret version to be used to interpolate variables into the .npmrc file for package installation operations. Must be in the format projects/*/secrets/*/versions/*. The file itself must be in a JSON format. - - !ruby/object:Api::Type::String - name: displayName + min_version: 'beta' + - name: 'displayName' + type: String description: Optional. The repository's user-friendly name. - - !ruby/object:Api::Type::String - name: kmsKeyName + min_version: 'beta' + - name: 'kmsKeyName' + type: String description: | Optional. The reference to a KMS encryption key. If provided, it will be used to encrypt user data in the repository and all child resources. It is not possible to add or update the encryption key after the repository is created. Example projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] - - !ruby/object:Api::Type::KeyValueLabels - name: labels + min_version: 'beta' + - name: 'labels' + type: KeyValueLabels description: | Optional. Repository user labels. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + min_version: 'beta' diff --git a/mmv1/products/dataform/RepositoryReleaseConfig.yaml b/mmv1/products/dataform/RepositoryReleaseConfig.yaml index cdc077aaf442..05804fb325ac 100644 --- a/mmv1/products/dataform/RepositoryReleaseConfig.yaml +++ b/mmv1/products/dataform/RepositoryReleaseConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,136 +11,162 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: RepositoryReleaseConfig -base_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs -create_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs?releaseConfigId={{name}} -create_verb: :POST -update_verb: :PATCH -min_version: beta +--- +name: 'RepositoryReleaseConfig' description: |- A resource represents a Dataform release configuration -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/dataform/docs/release-configurations' api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.releaseConfigs' -id_format: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}} +docs: +id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs' +create_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs?releaseConfigId={{name}}' +update_verb: 'PATCH' import_format: - ['projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}'] + - 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataform_repository_release_config' - primary_resource_id: release - min_version: beta + - name: 'dataform_repository_release_config' + primary_resource_id: 'release' + min_version: 'beta' vars: release_name: 'my_release' git_repository_name: 'my/repository' dataform_repository_name: 'dataform_repository' - data: secret-data - secret_name: my_secret + data: 'secret-data' + secret_name: 'my_secret' parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: 'A reference to the region' - immutable: true + min_version: 'beta' url_param_only: true - - !ruby/object:Api::Type::String - name: 'repository' - description: 'A reference to the Dataform repository' immutable: true + - name: 'repository' + type: String + description: 'A reference to the Dataform repository' + min_version: 'beta' url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: The release's name. - immutable: true - required: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: 'gitCommitish' + min_version: 'beta' required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'gitCommitish' + type: String description: Git commit/tag/branch name at which the repository should be compiled. Must exist in the remote repository. - - !ruby/object:Api::Type::String - name: 'cronSchedule' + min_version: 'beta' + required: true + - name: 'cronSchedule' + type: String description: Optional. Optional schedule (in cron format) for automatic creation of compilation results. - - !ruby/object:Api::Type::String - name: 'timeZone' + min_version: 'beta' + - name: 'timeZone' + type: String description: Optional. Specifies the time zone to be used when interpreting cronSchedule. Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If left unspecified, the default is UTC. - - !ruby/object:Api::Type::NestedObject - name: 'codeCompilationConfig' + min_version: 'beta' + - name: 'codeCompilationConfig' + type: NestedObject description: Optional. If set, fields of codeCompilationConfig override the default compilation settings that are specified in dataform.json. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: 'defaultDatabase' + - name: 'defaultDatabase' + type: String description: Optional. The default database (Google Cloud project ID). - - !ruby/object:Api::Type::String - name: 'defaultSchema' + min_version: 'beta' + - name: 'defaultSchema' + type: String description: Optional. The default schema (BigQuery dataset ID). - - !ruby/object:Api::Type::String - name: 'defaultLocation' + min_version: 'beta' + - name: 'defaultLocation' + type: String description: |- Optional. The default BigQuery location to use. Defaults to "US". See the BigQuery docs for a full list of locations: https://cloud.google.com/bigquery/docs/locations. - - !ruby/object:Api::Type::String - name: 'assertionSchema' + min_version: 'beta' + - name: 'assertionSchema' + type: String description: Optional. The default schema (BigQuery dataset ID) for assertions. - - !ruby/object:Api::Type::KeyValuePairs - name: 'vars' + min_version: 'beta' + - name: 'vars' + type: KeyValuePairs description: |- Optional. User-defined variables that are made available to project code during compilation. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::String - name: 'databaseSuffix' + min_version: 'beta' + - name: 'databaseSuffix' + type: String description: Optional. The suffix that should be appended to all database (Google Cloud project ID) names. - - !ruby/object:Api::Type::String - name: 'schemaSuffix' + min_version: 'beta' + - name: 'schemaSuffix' + type: String description: Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names. - - !ruby/object:Api::Type::String - name: 'tablePrefix' + min_version: 'beta' + - name: 'tablePrefix' + type: String description: Optional. The prefix that should be prepended to all table names. - - !ruby/object:Api::Type::Array - name: 'recentScheduledReleaseRecords' + min_version: 'beta' + - name: 'recentScheduledReleaseRecords' + type: Array description: Records of the 10 most recent scheduled release attempts, ordered in in descending order of releaseTime. Updated whenever automatic creation of a compilation result is triggered by cronSchedule. + min_version: 'beta' output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'releaseTime' - output: true + - name: 'releaseTime' + type: String description: The timestamp of this release attempt. - - !ruby/object:Api::Type::String - name: 'compilationResult' + min_version: 'beta' output: true + - name: 'compilationResult' + type: String description: The name of the created compilation result, if one was successfully created. Must be in the format projects/*/locations/*/repositories/*/compilationResults/*. - - !ruby/object:Api::Type::NestedObject - name: 'errorStatus' + min_version: 'beta' output: true + - name: 'errorStatus' + type: NestedObject description: The error status encountered upon this attempt to create the compilation result, if the attempt was unsuccessful. + min_version: 'beta' + output: true properties: - - !ruby/object:Api::Type::Integer - name: 'code' - output: true + - name: 'code' + type: Integer description: The status code, which should be an enum value of google.rpc.Code. - - !ruby/object:Api::Type::String - name: 'message' + min_version: 'beta' output: true + - name: 'message' + type: String description: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. + min_version: 'beta' + output: true diff --git a/mmv1/products/dataform/RepositoryWorkflowConfig.yaml b/mmv1/products/dataform/RepositoryWorkflowConfig.yaml index c45d563d7744..cab9d34108db 100644 --- a/mmv1/products/dataform/RepositoryWorkflowConfig.yaml +++ b/mmv1/products/dataform/RepositoryWorkflowConfig.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,140 +11,169 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: RepositoryWorkflowConfig -base_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs -create_url: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs?workflowConfigId={{name}} -create_verb: :POST -update_verb: :PATCH -min_version: beta +--- +name: 'RepositoryWorkflowConfig' description: |- A resource represents a Dataform workflow configuration -references: !ruby/object:Api::Resource::ReferenceLinks +min_version: 'beta' +references: guides: 'Official Documentation': 'https://cloud.google.com/dataform/docs/workflow-configurations' api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.workflowConfigs' -id_format: projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}} +docs: +id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs' +create_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs?workflowConfigId={{name}}' +update_verb: 'PATCH' import_format: - ['projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}'] + - 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataform_repository_workflow_config' - primary_resource_id: workflow - min_version: beta + - name: 'dataform_repository_workflow_config' + primary_resource_id: 'workflow' + min_version: 'beta' vars: workflow_name: 'my_workflow' release_name: 'my_release' service_account_name: 'dataform-sa' git_repository_name: 'my/repository' dataform_repository_name: 'dataform_repository' - data: secret-data - secret_name: my_secret + data: 'secret-data' + secret_name: 'my_secret' parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: 'A reference to the region' - immutable: true + min_version: 'beta' url_param_only: true - - !ruby/object:Api::Type::String - name: 'repository' - description: 'A reference to the Dataform repository' immutable: true + - name: 'repository' + type: String + description: 'A reference to the Dataform repository' + min_version: 'beta' url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: The workflow's name. - immutable: true - required: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: 'releaseConfig' + min_version: 'beta' required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'releaseConfig' + type: String description: The name of the release config whose releaseCompilationResult should be executed. Must be in the format projects/*/locations/*/repositories/*/releaseConfigs/*. - - !ruby/object:Api::Type::NestedObject - name: 'invocationConfig' + min_version: 'beta' + required: true + - name: 'invocationConfig' + type: NestedObject description: Optional. If left unset, a default InvocationConfig will be used. + min_version: 'beta' properties: - - !ruby/object:Api::Type::Array - name: 'includedTargets' + - name: 'includedTargets' + type: Array description: Optional. The set of action identifiers to include. - item_type: !ruby/object:Api::Type::NestedObject + min_version: 'beta' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'database' + - name: 'database' + type: String description: The action's database (Google Cloud project ID). - - !ruby/object:Api::Type::String - name: 'schema' + min_version: 'beta' + - name: 'schema' + type: String description: The action's schema (BigQuery dataset ID), within database. - - !ruby/object:Api::Type::String - name: 'name' + min_version: 'beta' + - name: 'name' + type: String description: The action's name, within database and schema. - - !ruby/object:Api::Type::Array - name: 'includedTags' + min_version: 'beta' + - name: 'includedTags' + type: Array description: Optional. The set of tags to include. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'transitiveDependenciesIncluded' + min_version: 'beta' + item_type: + type: String + - name: 'transitiveDependenciesIncluded' + type: Boolean description: Optional. When set to true, transitive dependencies of included actions will be executed. - - !ruby/object:Api::Type::Boolean - name: 'transitiveDependentsIncluded' + min_version: 'beta' + - name: 'transitiveDependentsIncluded' + type: Boolean description: Optional. When set to true, transitive dependents of included actions will be executed. - - !ruby/object:Api::Type::Boolean - name: 'fullyRefreshIncrementalTablesEnabled' + min_version: 'beta' + - name: 'fullyRefreshIncrementalTablesEnabled' + type: Boolean description: Optional. When set to true, any incremental tables will be fully refreshed. - - !ruby/object:Api::Type::String - name: 'serviceAccount' + min_version: 'beta' + - name: 'serviceAccount' + type: String description: Optional. The service account to run workflow invocations under. - - !ruby/object:Api::Type::String - name: 'cronSchedule' + min_version: 'beta' + - name: 'cronSchedule' + type: String description: Optional. Optional schedule (in cron format) for automatic creation of compilation results. - - !ruby/object:Api::Type::String - name: 'timeZone' + min_version: 'beta' + - name: 'timeZone' + type: String description: Optional. Specifies the time zone to be used when interpreting cronSchedule. Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If left unspecified, the default is UTC. - - !ruby/object:Api::Type::Array - name: 'recentScheduledExecutionRecords' + min_version: 'beta' + - name: 'recentScheduledExecutionRecords' + type: Array description: Records of the 10 most recent scheduled execution attempts, ordered in in descending order of executionTime. Updated whenever automatic creation of a workflow invocation is triggered by cronSchedule. + min_version: 'beta' output: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'executionTime' - output: true + - name: 'executionTime' + type: String description: The timestamp of this workflow attempt. - - !ruby/object:Api::Type::String - name: 'workflowInvocation' + min_version: 'beta' output: true + - name: 'workflowInvocation' + type: String description: The name of the created workflow invocation, if one was successfully created. In the format projects/*/locations/*/repositories/*/workflowInvocations/*. - - !ruby/object:Api::Type::NestedObject - name: 'errorStatus' + min_version: 'beta' output: true + - name: 'errorStatus' + type: NestedObject description: The error status encountered upon this attempt to create the workflow invocation, if the attempt was unsuccessful. + min_version: 'beta' + output: true properties: - - !ruby/object:Api::Type::Integer - name: 'code' - output: true + - name: 'code' + type: Integer description: The status code, which should be an enum value of google.rpc.Code. - - !ruby/object:Api::Type::String - name: 'message' + min_version: 'beta' output: true + - name: 'message' + type: String description: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. + min_version: 'beta' + output: true diff --git a/mmv1/products/dataform/go_Repository.yaml b/mmv1/products/dataform/go_Repository.yaml deleted file mode 100644 index fa9cb9abfa1e..000000000000 --- a/mmv1/products/dataform/go_Repository.yaml +++ /dev/null @@ -1,179 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Repository' -description: |- - A resource represents a Dataform Git repository -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dataform/docs/' - api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories' -docs: -id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{name}}' -base_url: 'projects/{{project}}/locations/{{region}}/repositories' -create_url: 'projects/{{project}}/locations/{{region}}/repositories?repositoryId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{region}}/repositories/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'repository' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - min_version: 'beta' -custom_code: -examples: - - name: 'dataform_repository' - primary_resource_id: 'dataform_repository' - primary_resource_name: 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' - min_version: 'beta' - vars: - dataform_repository_name: 'dataform_repository' - data: 'secret-data' - secret_name: 'my-secret' - key_ring_name: 'example-key-ring' - crypto_key_name: 'example-crypto-key-name' - skip_test: true - - name: 'dataform_repository_with_cloudsource_repo' - primary_resource_id: 'dataform_repository' - primary_resource_name: 'fmt.Sprintf("tf_test_dataform_repository%s", context["random_suffix"])' - min_version: 'beta' - vars: - git_repository_name: 'my/repository' - dataform_repository_name: 'dataform_repository' - data: 'secret-data' - secret_name: 'my-secret' - key_ring_name: 'example-key-ring' - crypto_key_name: 'example-crypto-key-name' - skip_docs: true - - name: 'dataform_repository_with_cloudsource_repo_and_ssh' - primary_resource_id: 'dataform_repository' - min_version: 'beta' - vars: - git_repository_name: 'my/repository' - dataform_repository_name: 'dataform_repository' - data: 'secret-data' - secret_name: 'my-secret' - skip_docs: true -parameters: - - name: 'region' - type: String - description: 'A reference to the region' - min_version: 'beta' - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: The repository's name. - min_version: 'beta' - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'gitRemoteSettings' - type: NestedObject - description: - Optional. If set, configures this repository to be linked to a Git remote. - min_version: 'beta' - properties: - - name: 'url' - type: String - description: The Git remote's URL. - min_version: 'beta' - required: true - - name: 'defaultBranch' - type: String - description: The Git remote's default branch name. - min_version: 'beta' - required: true - - name: 'authenticationTokenSecretVersion' - type: String - description: - The name of the Secret Manager secret version to use as an - authentication token for Git operations. This secret is for assigning with HTTPS only(for SSH use `ssh_authentication_config`). Must be in the format - projects/*/secrets/*/versions/*. - min_version: 'beta' - exactly_one_of: - - 'gitRemoteSettings.0.authenticationTokenSecretVersion' - - 'gitRemoteSettings.0.sshAuthenticationConfig' - - name: 'sshAuthenticationConfig' - type: NestedObject - description: Authentication fields for remote uris using SSH protocol. - min_version: 'beta' - exactly_one_of: - - 'gitRemoteSettings.0.authenticationTokenSecretVersion' - - 'gitRemoteSettings.0.sshAuthenticationConfig' - properties: - - name: 'userPrivateKeySecretVersion' - type: String - description: The name of the Secret Manager secret version to use as a ssh private key for Git operations. Must be in the format projects/*/secrets/*/versions/*. - min_version: 'beta' - required: true - - name: 'hostPublicKey' - type: String - description: Content of a public SSH key to verify an identity of a remote Git host. - min_version: 'beta' - required: true - - name: 'tokenStatus' - type: String - description: | - Indicates the status of the Git access token. https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories#TokenStatus - min_version: 'beta' - output: true - - name: 'workspaceCompilationOverrides' - type: NestedObject - description: If set, fields of workspaceCompilationOverrides override the default compilation settings that are specified in dataform.json when creating workspace-scoped compilation results. - min_version: 'beta' - properties: - - name: 'defaultDatabase' - type: String - description: The default database (Google Cloud project ID). - min_version: 'beta' - - name: 'schemaSuffix' - type: String - description: The suffix that should be appended to all schema (BigQuery dataset ID) names. - min_version: 'beta' - - name: 'tablePrefix' - type: String - description: The prefix that should be prepended to all table names. - min_version: 'beta' - - name: 'serviceAccount' - type: String - description: The service account to run workflow invocations under. - min_version: 'beta' - - name: 'npmrcEnvironmentVariablesSecretVersion' - type: String - description: Optional. The name of the Secret Manager secret version to be used to interpolate variables into the .npmrc file for package installation operations. Must be in the format projects/*/secrets/*/versions/*. The file itself must be in a JSON format. - min_version: 'beta' - - name: 'displayName' - type: String - description: Optional. The repository's user-friendly name. - min_version: 'beta' - - name: 'kmsKeyName' - type: String - description: | - Optional. The reference to a KMS encryption key. If provided, it will be used to encrypt user data in the repository and all child resources. - It is not possible to add or update the encryption key after the repository is created. Example projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key] - min_version: 'beta' - - name: 'labels' - type: KeyValueLabels - description: | - Optional. Repository user labels. - An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - min_version: 'beta' diff --git a/mmv1/products/dataform/go_RepositoryReleaseConfig.yaml b/mmv1/products/dataform/go_RepositoryReleaseConfig.yaml deleted file mode 100644 index f26abafab494..000000000000 --- a/mmv1/products/dataform/go_RepositoryReleaseConfig.yaml +++ /dev/null @@ -1,173 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RepositoryReleaseConfig' -description: |- - A resource represents a Dataform release configuration -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dataform/docs/release-configurations' - api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.releaseConfigs' -docs: -id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}' -base_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs' -create_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs?releaseConfigId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/releaseConfigs/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'dataform_repository_release_config' - primary_resource_id: 'release' - min_version: 'beta' - vars: - release_name: 'my_release' - git_repository_name: 'my/repository' - dataform_repository_name: 'dataform_repository' - data: 'secret-data' - secret_name: 'my_secret' -parameters: - - name: 'region' - type: String - description: 'A reference to the region' - min_version: 'beta' - url_param_only: true - immutable: true - - name: 'repository' - type: String - description: 'A reference to the Dataform repository' - min_version: 'beta' - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: The release's name. - min_version: 'beta' - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'gitCommitish' - type: String - description: - Git commit/tag/branch name at which the repository should be compiled. - Must exist in the remote repository. - min_version: 'beta' - required: true - - name: 'cronSchedule' - type: String - description: - Optional. Optional schedule (in cron format) for automatic creation of compilation results. - min_version: 'beta' - - name: 'timeZone' - type: String - description: - Optional. Specifies the time zone to be used when interpreting cronSchedule. - Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). - If left unspecified, the default is UTC. - min_version: 'beta' - - name: 'codeCompilationConfig' - type: NestedObject - description: - Optional. If set, fields of codeCompilationConfig override the default compilation - settings that are specified in dataform.json. - min_version: 'beta' - properties: - - name: 'defaultDatabase' - type: String - description: Optional. The default database (Google Cloud project ID). - min_version: 'beta' - - name: 'defaultSchema' - type: String - description: Optional. The default schema (BigQuery dataset ID). - min_version: 'beta' - - name: 'defaultLocation' - type: String - description: |- - Optional. The default BigQuery location to use. Defaults to "US". - See the BigQuery docs for a full list of locations: https://cloud.google.com/bigquery/docs/locations. - min_version: 'beta' - - name: 'assertionSchema' - type: String - description: Optional. The default schema (BigQuery dataset ID) for assertions. - min_version: 'beta' - - name: 'vars' - type: KeyValuePairs - description: |- - Optional. User-defined variables that are made available to project code during compilation. - An object containing a list of "key": value pairs. - Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - min_version: 'beta' - - name: 'databaseSuffix' - type: String - description: Optional. The suffix that should be appended to all database (Google Cloud project ID) names. - min_version: 'beta' - - name: 'schemaSuffix' - type: String - description: Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names. - min_version: 'beta' - - name: 'tablePrefix' - type: String - description: Optional. The prefix that should be prepended to all table names. - min_version: 'beta' - - name: 'recentScheduledReleaseRecords' - type: Array - description: - Records of the 10 most recent scheduled release attempts, - ordered in in descending order of releaseTime. - Updated whenever automatic creation of a compilation result is triggered by cronSchedule. - min_version: 'beta' - output: true - item_type: - type: NestedObject - properties: - - name: 'releaseTime' - type: String - description: The timestamp of this release attempt. - min_version: 'beta' - output: true - - name: 'compilationResult' - type: String - description: - The name of the created compilation result, if one was successfully created. - Must be in the format projects/*/locations/*/repositories/*/compilationResults/*. - min_version: 'beta' - output: true - - name: 'errorStatus' - type: NestedObject - description: - The error status encountered upon this attempt to create the compilation - result, if the attempt was unsuccessful. - min_version: 'beta' - output: true - properties: - - name: 'code' - type: Integer - description: The status code, which should be an enum value of google.rpc.Code. - min_version: 'beta' - output: true - - name: 'message' - type: String - description: - A developer-facing error message, which should be in English. - Any user-facing error message should be localized and sent in - the google.rpc.Status.details field, or localized by the client. - min_version: 'beta' - output: true diff --git a/mmv1/products/dataform/go_RepositoryWorkflowConfig.yaml b/mmv1/products/dataform/go_RepositoryWorkflowConfig.yaml deleted file mode 100644 index 25ab291d16cd..000000000000 --- a/mmv1/products/dataform/go_RepositoryWorkflowConfig.yaml +++ /dev/null @@ -1,180 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'RepositoryWorkflowConfig' -description: |- - A resource represents a Dataform workflow configuration -min_version: 'beta' -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dataform/docs/workflow-configurations' - api: 'https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.workflowConfigs' -docs: -id_format: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}' -base_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs' -create_url: 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs?workflowConfigId={{name}}' -update_verb: 'PATCH' -import_format: - - 'projects/{{project}}/locations/{{region}}/repositories/{{repository}}/workflowConfigs/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'dataform_repository_workflow_config' - primary_resource_id: 'workflow' - min_version: 'beta' - vars: - workflow_name: 'my_workflow' - release_name: 'my_release' - service_account_name: 'dataform-sa' - git_repository_name: 'my/repository' - dataform_repository_name: 'dataform_repository' - data: 'secret-data' - secret_name: 'my_secret' -parameters: - - name: 'region' - type: String - description: 'A reference to the region' - min_version: 'beta' - url_param_only: true - immutable: true - - name: 'repository' - type: String - description: 'A reference to the Dataform repository' - min_version: 'beta' - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: The workflow's name. - min_version: 'beta' - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - - name: 'releaseConfig' - type: String - description: - The name of the release config whose releaseCompilationResult should be executed. - Must be in the format projects/*/locations/*/repositories/*/releaseConfigs/*. - min_version: 'beta' - required: true - - name: 'invocationConfig' - type: NestedObject - description: - Optional. If left unset, a default InvocationConfig will be used. - min_version: 'beta' - properties: - - name: 'includedTargets' - type: Array - description: Optional. The set of action identifiers to include. - min_version: 'beta' - item_type: - type: NestedObject - properties: - - name: 'database' - type: String - description: The action's database (Google Cloud project ID). - min_version: 'beta' - - name: 'schema' - type: String - description: - The action's schema (BigQuery dataset ID), within database. - min_version: 'beta' - - name: 'name' - type: String - description: - The action's name, within database and schema. - min_version: 'beta' - - name: 'includedTags' - type: Array - description: Optional. The set of tags to include. - min_version: 'beta' - item_type: - type: String - - name: 'transitiveDependenciesIncluded' - type: Boolean - description: Optional. When set to true, transitive dependencies of included actions will be executed. - min_version: 'beta' - - name: 'transitiveDependentsIncluded' - type: Boolean - description: Optional. When set to true, transitive dependents of included actions will be executed. - min_version: 'beta' - - name: 'fullyRefreshIncrementalTablesEnabled' - type: Boolean - description: Optional. When set to true, any incremental tables will be fully refreshed. - min_version: 'beta' - - name: 'serviceAccount' - type: String - description: Optional. The service account to run workflow invocations under. - min_version: 'beta' - - name: 'cronSchedule' - type: String - description: - Optional. Optional schedule (in cron format) for automatic creation of compilation results. - min_version: 'beta' - - name: 'timeZone' - type: String - description: - Optional. Specifies the time zone to be used when interpreting cronSchedule. - Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). - If left unspecified, the default is UTC. - min_version: 'beta' - - name: 'recentScheduledExecutionRecords' - type: Array - description: - Records of the 10 most recent scheduled execution attempts, - ordered in in descending order of executionTime. - Updated whenever automatic creation of a workflow invocation is triggered by cronSchedule. - min_version: 'beta' - output: true - item_type: - type: NestedObject - properties: - - name: 'executionTime' - type: String - description: The timestamp of this workflow attempt. - min_version: 'beta' - output: true - - name: 'workflowInvocation' - type: String - description: - The name of the created workflow invocation, if one was successfully created. - In the format projects/*/locations/*/repositories/*/workflowInvocations/*. - min_version: 'beta' - output: true - - name: 'errorStatus' - type: NestedObject - description: - The error status encountered upon this attempt to create the workflow invocation, - if the attempt was unsuccessful. - min_version: 'beta' - output: true - properties: - - name: 'code' - type: Integer - description: The status code, which should be an enum value of google.rpc.Code. - min_version: 'beta' - output: true - - name: 'message' - type: String - description: - A developer-facing error message, which should be in English. - Any user-facing error message should be localized and sent in - the google.rpc.Status.details field, or localized by the client. - min_version: 'beta' - output: true diff --git a/mmv1/products/dataform/go_product.yaml b/mmv1/products/dataform/go_product.yaml deleted file mode 100644 index a7baa9abcdf3..000000000000 --- a/mmv1/products/dataform/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Dataform' -display_name: 'Dataform' -versions: - - name: 'beta' - base_url: 'https://dataform.googleapis.com/v1beta1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataform/product.yaml b/mmv1/products/dataform/product.yaml index d24de00277d0..bada172215d7 100644 --- a/mmv1/products/dataform/product.yaml +++ b/mmv1/products/dataform/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Dataform -display_name: Dataform +--- +name: 'Dataform' +display_name: 'Dataform' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://dataform.googleapis.com/v1beta1/ + - name: 'beta' + base_url: 'https://dataform.googleapis.com/v1beta1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/datafusion/Instance.yaml b/mmv1/products/datafusion/Instance.yaml index e8e0d553ab73..61518ffd4ad7 100644 --- a/mmv1/products/datafusion/Instance.yaml +++ b/mmv1/products/datafusion/Instance.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,45 +11,57 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Instance' -base_url: 'projects/{{project}}/locations/{{region}}/instances' -create_url: projects/{{project}}/locations/{{region}}/instances?instanceId={{name}} -update_verb: :PATCH description: | Represents a Data Fusion instance. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/data-fusion/docs/' api: 'https://cloud.google.com/data-fusion/docs/reference/rest/v1beta1/projects.locations.instances' -iam_policy: !ruby/object:Api::Resource::IamPolicy - parent_resource_attribute: 'name' - method_name_separator: ':' - import_format: - [ - 'projects/{{project}}/locations/{{location}}/instances/{{name}}', - '{{name}}', - ] -timeouts: !ruby/object:Api::Timeouts +docs: +base_url: 'projects/{{project}}/locations/{{region}}/instances' +create_url: 'projects/{{project}}/locations/{{region}}/instances?instanceId={{name}}' +update_verb: 'PATCH' +timeouts: insert_minutes: 90 update_minutes: 25 delete_minutes: 50 autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +iam_policy: + method_name_separator: ':' + parent_resource_attribute: 'name' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' + import_format: + - 'projects/{{project}}/locations/{{location}}/instances/{{name}}' + - '{{name}}' +custom_code: + constants: 'templates/terraform/constants/data_fusion_instance_option.go.tmpl' + pre_update: 'templates/terraform/pre_update/datafusion_instance_update.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_basic' + - name: 'data_fusion_instance_basic' primary_resource_id: 'basic_instance' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-instance%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' vars: instance_name: 'my-instance' prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up - prober_test_run: '`options = { prober_test_run = "true" }`' - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_full' + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_full' primary_resource_id: 'extended_instance' vars: instance_name: 'my-instance' @@ -58,9 +70,8 @@ examples: prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up - prober_test_run: '`options = { prober_test_run = "true" }`' - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_psc' + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_psc' primary_resource_id: 'psc_instance' vars: instance_name: 'psc-instance' @@ -70,61 +81,53 @@ examples: prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up - prober_test_run: '`options = { prober_test_run = "true" }`' - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_cmek' + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_cmek' primary_resource_id: 'cmek' vars: instance_name: 'my-instance' - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_enterprise' + - name: 'data_fusion_instance_enterprise' primary_resource_id: 'enterprise_instance' vars: instance_name: 'my-instance' prober_test_run: '' test_vars_overrides: # Mark for testing to avoid service networking connection usage that is not cleaned up - prober_test_run: '`options = { prober_test_run = "true" }`' - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_event' + 'prober_test_run': '`options = { prober_test_run = "true" }`' + - name: 'data_fusion_instance_event' primary_resource_id: 'event' vars: instance_name: 'my-instance' - - !ruby/object:Provider::Terraform::Examples - name: 'data_fusion_instance_zone' + - name: 'data_fusion_instance_zone' primary_resource_id: 'zone' vars: instance_name: 'my-instance' -custom_code: !ruby/object:Provider::Terraform::CustomCode - pre_update: templates/terraform/pre_update/datafusion_instance_update.go.erb - constants: templates/terraform/constants/data_fusion_instance_option.go.erb parameters: - - !ruby/object:Api::Type::String - name: 'region' - url_param_only: true - immutable: true + - name: 'region' + type: String description: | The region of the Data Fusion instance. - ignore_read: true + url_param_only: true required: false + immutable: true + ignore_read: true default_from_api: true properties: - - !ruby/object:Api::Type::String - name: 'name' - required: true - immutable: true + - name: 'name' + type: String description: | The ID of the instance or a fully qualified identifier for the instance. - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - - !ruby/object:Api::Type::String - name: 'description' + required: true + immutable: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'description' + type: String description: | An optional description of the instance. immutable: true - - !ruby/object:Api::Type::Enum - name: 'type' - required: true + - name: 'type' + type: Enum description: | Represents the type of Data Fusion instance. Each type is configured with the default settings for processing and memory. @@ -136,48 +139,48 @@ properties: - DEVELOPER: Developer Data Fusion instance. In Developer type, the user will have all features available but with restrictive capabilities. This is to help enterprises design and develop their data ingestion and integration pipelines at low cost. - values: - - :BASIC - - :ENTERPRISE - - :DEVELOPER + required: true immutable: true - - !ruby/object:Api::Type::Boolean - name: 'enableStackdriverLogging' + enum_values: + - 'BASIC' + - 'ENTERPRISE' + - 'DEVELOPER' + - name: 'enableStackdriverLogging' + type: Boolean description: | Option to enable Stackdriver Logging. - - !ruby/object:Api::Type::Boolean - name: 'enableStackdriverMonitoring' + - name: 'enableStackdriverMonitoring' + type: Boolean description: | Option to enable Stackdriver Monitoring. - - !ruby/object:Api::Type::Boolean - name: 'enableRbac' + - name: 'enableRbac' + type: Boolean description: | Option to enable granular role-based access control. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | The resource labels for instance to use to annotate any related underlying resources, such as Compute Engine VMs. - - !ruby/object:Api::Type::KeyValuePairs - name: 'options' + - name: 'options' + type: KeyValuePairs description: | Map of additional options used to configure the behavior of Data Fusion instance. immutable: true default_from_api: true diff_suppress_func: 'instanceOptionsDiffSuppress' - - !ruby/object:Api::Type::String - name: 'createTime' - output: true + - name: 'createTime' + type: String description: | The time the instance was created in RFC3339 UTC "Zulu" format, accurate to nanoseconds. - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'updateTime' + type: String description: | The time the instance was last updated in RFC3339 UTC "Zulu" format, accurate to nanoseconds. - - !ruby/object:Api::Type::Enum - name: 'state' output: true + - name: 'state' + type: Enum description: | The current state of this Data Fusion instance. - CREATING: Instance is being created @@ -186,188 +189,190 @@ properties: - DELETING: Instance is being deleted - UPGRADING: Instance is being upgraded - RESTARTING: Instance is being restarted - values: - - :CREATING - - :RUNNING - - :FAILED - - :DELETING - - :UPGRADING - - :RESTARTING - - !ruby/object:Api::Type::String - name: 'stateMessage' output: true + enum_values: + - 'CREATING' + - 'RUNNING' + - 'FAILED' + - 'DELETING' + - 'UPGRADING' + - 'RESTARTING' + - name: 'stateMessage' + type: String description: | Additional information about the current state of this Data Fusion instance if available. - - !ruby/object:Api::Type::String - name: 'serviceEndpoint' output: true + - name: 'serviceEndpoint' + type: String description: | Endpoint on which the Data Fusion UI and REST APIs are accessible. - - !ruby/object:Api::Type::String - name: 'version' + output: true + - name: 'version' + type: String description: | Current version of the Data Fusion. default_from_api: true - - !ruby/object:Api::Type::String - name: 'serviceAccount' - min_version: beta # This field is deprecated and needs to be absent in GA provider. - deprecation_message: >- - `service_account` is deprecated and will be removed in a future major release. Instead, use `tenant_project_id` to extract the tenant project ID. - output: true + - name: 'serviceAccount' + type: String description: | Service account which will be used to access resources in the customer project. - - !ruby/object:Api::Type::Boolean - name: 'privateInstance' + # This field is deprecated and needs to be absent in GA provider. + min_version: 'beta' + output: true + deprecation_message: '`service_account` is deprecated and will be removed in a future major release. Instead, use `tenant_project_id` to extract the tenant project ID.' + - name: 'privateInstance' + type: Boolean description: | Specifies whether the Data Fusion instance should be private. If set to true, all Data Fusion nodes will have private IP addresses and will not be able to access the public internet. immutable: true - - !ruby/object:Api::Type::String - name: 'dataprocServiceAccount' + - name: 'dataprocServiceAccount' + type: String description: | User-managed service account to set on Dataproc when Cloud Data Fusion creates Dataproc to run data processing pipelines. immutable: true - - !ruby/object:Api::Type::String - name: 'tenantProjectId' + - name: 'tenantProjectId' + type: String description: | The name of the tenant project. output: true - - !ruby/object:Api::Type::String - name: 'gcsBucket' + - name: 'gcsBucket' + type: String description: | Cloud Storage bucket generated by Data Fusion in the customer project. output: true - - !ruby/object:Api::Type::NestedObject - name: 'networkConfig' + - name: 'networkConfig' + type: NestedObject description: | Network configuration options. These are required when a private Data Fusion instance is to be created. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'ipAllocation' + - name: 'ipAllocation' + type: String description: | The IP range in CIDR notation to use for the managed Data Fusion instance nodes. This range must not overlap with any other ranges used in the Data Fusion instance network. immutable: true - - !ruby/object:Api::Type::String - name: 'network' + - name: 'network' + type: String description: | Name of the network in the project with which the tenant project will be peered for executing pipelines. In case of shared VPC where the network resides in another host project the network should specified in the form of projects/{host-project-id}/global/networks/{network} immutable: true - - !ruby/object:Api::Type::Enum - name: 'connectionType' + - name: 'connectionType' + type: Enum description: | Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and the corresponding tenant project from a predefined list of available connection modes. If this field is unspecified for a private instance, VPC peering is used. - values: - - :VPC_PEERING - - :PRIVATE_SERVICE_CONNECT_INTERFACES immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'privateServiceConnectConfig' + enum_values: + - 'VPC_PEERING' + - 'PRIVATE_SERVICE_CONNECT_INTERFACES' + - name: 'privateServiceConnectConfig' + type: NestedObject description: | Optional. Configuration for Private Service Connect. This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'networkAttachment' + - name: 'networkAttachment' + type: String description: | Optional. The reference to the network attachment used to establish private connectivity. It will be of the form projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}. This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. immutable: true - - !ruby/object:Api::Type::String - name: 'unreachableCidrBlock' + - name: 'unreachableCidrBlock' + type: String description: | Optional. Input only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block should be at least /25. This range should not overlap with the primary address range of any subnetwork used by the network attachment. This range can be used for other purposes in the consumer VPC as long as there is no requirement for CDF to reach destinations using these addresses. If this value is not provided, the server chooses a non RFC 1918 address range. The format of this field is governed by RFC 4632. - ignore_read: true immutable: true - - !ruby/object:Api::Type::String - name: 'effectiveUnreachableCidrBlock' + ignore_read: true + - name: 'effectiveUnreachableCidrBlock' + type: String description: | Output only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block is /25. The format of this field is governed by RFC 4632. output: true - - !ruby/object:Api::Type::String - name: 'zone' + - name: 'zone' + type: String description: | Name of the zone in which the Data Fusion instance will be created. Only DEVELOPER instances use this field. immutable: true default_from_api: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | Display name for an instance. immutable: true - - !ruby/object:Api::Type::String - name: 'apiEndpoint' + - name: 'apiEndpoint' + type: String description: | Endpoint on which the REST APIs is accessible. output: true - - !ruby/object:Api::Type::String - name: 'p4ServiceAccount' + - name: 'p4ServiceAccount' + type: String description: | P4 service account for the customer project. output: true - - !ruby/object:Api::Type::NestedObject - name: 'cryptoKeyConfig' + - name: 'cryptoKeyConfig' + type: NestedObject description: | The crypto key configuration. This field is used by the Customer-Managed Encryption Keys (CMEK) feature. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'keyReference' + - name: 'keyReference' + type: String description: | The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: 'eventPublishConfig' + - name: 'eventPublishConfig' + type: NestedObject description: | Option to enable and pass metadata for event publishing. properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: | Option to enable Event Publishing. required: true - - !ruby/object:Api::Type::String - name: 'topic' + - name: 'topic' + type: String description: | The resource name of the Pub/Sub topic. Format: projects/{projectId}/topics/{topic_id} required: true immutable: true - - !ruby/object:Api::Type::Array - name: 'accelerators' + - name: 'accelerators' + type: Array description: | List of accelerators enabled for this CDF instance. If accelerators are enabled it is possible a permadiff will be created with the Options field. Users will need to either manually update their state file to include these diffed options, or include the field in a [lifecycle ignore changes block](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle#ignore_changes). - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'acceleratorType' + - name: 'acceleratorType' + type: Enum description: | The type of an accelator for a CDF instance. - values: - - :CDC - - :HEALTHCARE - - :CCAI_INSIGHTS required: true - - !ruby/object:Api::Type::Enum - name: 'state' + enum_values: + - 'CDC' + - 'HEALTHCARE' + - 'CCAI_INSIGHTS' + - name: 'state' + type: Enum description: | The type of an accelator for a CDF instance. - values: - - :ENABLED - - :DISABLED required: true + enum_values: + - 'ENABLED' + - 'DISABLED' diff --git a/mmv1/products/datafusion/go_Instance.yaml b/mmv1/products/datafusion/go_Instance.yaml deleted file mode 100644 index 8b442a23bb01..000000000000 --- a/mmv1/products/datafusion/go_Instance.yaml +++ /dev/null @@ -1,374 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Instance' -description: | - Represents a Data Fusion instance. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/data-fusion/docs/' - api: 'https://cloud.google.com/data-fusion/docs/reference/rest/v1beta1/projects.locations.instances' -docs: -base_url: 'projects/{{project}}/locations/{{region}}/instances' -create_url: 'projects/{{project}}/locations/{{region}}/instances?instanceId={{name}}' -update_verb: 'PATCH' -timeouts: - insert_minutes: 90 - update_minutes: 25 - delete_minutes: 50 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'name' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/instances/{{name}}' - - '{{name}}' -custom_code: - constants: 'templates/terraform/constants/go/data_fusion_instance_option.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/datafusion_instance_update.go.tmpl' -examples: - - name: 'data_fusion_instance_basic' - primary_resource_id: 'basic_instance' - primary_resource_name: 'fmt.Sprintf("tf-test-my-instance%s", context["random_suffix"])' - vars: - instance_name: 'my-instance' - prober_test_run: '' - test_vars_overrides: - 'prober_test_run': '`options = { prober_test_run = "true" }`' - - name: 'data_fusion_instance_full' - primary_resource_id: 'extended_instance' - vars: - instance_name: 'my-instance' - ip_alloc: 'datafusion-ip-alloc' - network_name: 'datafusion-full-network' - prober_test_run: '' - test_vars_overrides: - 'prober_test_run': '`options = { prober_test_run = "true" }`' - - name: 'data_fusion_instance_psc' - primary_resource_id: 'psc_instance' - vars: - instance_name: 'psc-instance' - network_name: 'datafusion-psc-network' - subnet_name: 'datafusion-psc-subnet' - attachment_name: 'datafusion-psc-attachment' - prober_test_run: '' - test_vars_overrides: - 'prober_test_run': '`options = { prober_test_run = "true" }`' - - name: 'data_fusion_instance_cmek' - primary_resource_id: 'cmek' - vars: - instance_name: 'my-instance' - - name: 'data_fusion_instance_enterprise' - primary_resource_id: 'enterprise_instance' - vars: - instance_name: 'my-instance' - prober_test_run: '' - test_vars_overrides: - 'prober_test_run': '`options = { prober_test_run = "true" }`' - - name: 'data_fusion_instance_event' - primary_resource_id: 'event' - vars: - instance_name: 'my-instance' - - name: 'data_fusion_instance_zone' - primary_resource_id: 'zone' - vars: - instance_name: 'my-instance' -parameters: - - name: 'region' - type: String - description: | - The region of the Data Fusion instance. - url_param_only: true - required: false - immutable: true - ignore_read: true - default_from_api: true -properties: - - name: 'name' - type: String - description: | - The ID of the instance or a fully qualified identifier for the instance. - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'description' - type: String - description: | - An optional description of the instance. - immutable: true - - name: 'type' - type: Enum - description: | - Represents the type of Data Fusion instance. Each type is configured with - the default settings for processing and memory. - - BASIC: Basic Data Fusion instance. In Basic type, the user will be able to create data pipelines - using point and click UI. However, there are certain limitations, such as fewer number - of concurrent pipelines, no support for streaming pipelines, etc. - - ENTERPRISE: Enterprise Data Fusion instance. In Enterprise type, the user will have more features - available, such as support for streaming pipelines, higher number of concurrent pipelines, etc. - - DEVELOPER: Developer Data Fusion instance. In Developer type, the user will have all features available but - with restrictive capabilities. This is to help enterprises design and develop their data ingestion and integration - pipelines at low cost. - required: true - immutable: true - enum_values: - - 'BASIC' - - 'ENTERPRISE' - - 'DEVELOPER' - - name: 'enableStackdriverLogging' - type: Boolean - description: | - Option to enable Stackdriver Logging. - - name: 'enableStackdriverMonitoring' - type: Boolean - description: | - Option to enable Stackdriver Monitoring. - - name: 'enableRbac' - type: Boolean - description: | - Option to enable granular role-based access control. - - name: 'labels' - type: KeyValueLabels - description: | - The resource labels for instance to use to annotate any related underlying resources, - such as Compute Engine VMs. - - name: 'options' - type: KeyValuePairs - description: | - Map of additional options used to configure the behavior of Data Fusion instance. - immutable: true - default_from_api: true - diff_suppress_func: 'instanceOptionsDiffSuppress' - - name: 'createTime' - type: String - description: | - The time the instance was created in RFC3339 UTC "Zulu" format, accurate to nanoseconds. - output: true - - name: 'updateTime' - type: String - description: | - The time the instance was last updated in RFC3339 UTC "Zulu" format, accurate to nanoseconds. - output: true - - name: 'state' - type: Enum - description: | - The current state of this Data Fusion instance. - - CREATING: Instance is being created - - RUNNING: Instance is running and ready for requests - - FAILED: Instance creation failed - - DELETING: Instance is being deleted - - UPGRADING: Instance is being upgraded - - RESTARTING: Instance is being restarted - output: true - enum_values: - - 'CREATING' - - 'RUNNING' - - 'FAILED' - - 'DELETING' - - 'UPGRADING' - - 'RESTARTING' - - name: 'stateMessage' - type: String - description: | - Additional information about the current state of this Data Fusion instance if available. - output: true - - name: 'serviceEndpoint' - type: String - description: | - Endpoint on which the Data Fusion UI and REST APIs are accessible. - output: true - - name: 'version' - type: String - description: | - Current version of the Data Fusion. - default_from_api: true - - name: 'serviceAccount' - type: String - description: | - Service account which will be used to access resources in the customer project. - min_version: 'beta' - output: true - deprecation_message: '`service_account` is deprecated and will be removed in a future major release. Instead, use `tenant_project_id` to extract the tenant project ID.' - - name: 'privateInstance' - type: Boolean - description: | - Specifies whether the Data Fusion instance should be private. If set to - true, all Data Fusion nodes will have private IP addresses and will not be - able to access the public internet. - immutable: true - - name: 'dataprocServiceAccount' - type: String - description: | - User-managed service account to set on Dataproc when Cloud Data Fusion creates Dataproc to run data processing pipelines. - immutable: true - - name: 'tenantProjectId' - type: String - description: | - The name of the tenant project. - output: true - - name: 'gcsBucket' - type: String - description: | - Cloud Storage bucket generated by Data Fusion in the customer project. - output: true - - name: 'networkConfig' - type: NestedObject - description: | - Network configuration options. These are required when a private Data Fusion instance is to be created. - immutable: true - properties: - - name: 'ipAllocation' - type: String - description: | - The IP range in CIDR notation to use for the managed Data Fusion instance - nodes. This range must not overlap with any other ranges used in the Data Fusion instance network. - immutable: true - - name: 'network' - type: String - description: | - Name of the network in the project with which the tenant project - will be peered for executing pipelines. In case of shared VPC where the network resides in another host - project the network should specified in the form of projects/{host-project-id}/global/networks/{network} - immutable: true - - name: 'connectionType' - type: Enum - description: | - Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and - the corresponding tenant project from a predefined list of available connection modes. - If this field is unspecified for a private instance, VPC peering is used. - immutable: true - enum_values: - - 'VPC_PEERING' - - 'PRIVATE_SERVICE_CONNECT_INTERFACES' - - name: 'privateServiceConnectConfig' - type: NestedObject - description: | - Optional. Configuration for Private Service Connect. - This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. - immutable: true - properties: - - name: 'networkAttachment' - type: String - description: | - Optional. The reference to the network attachment used to establish private connectivity. - It will be of the form projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}. - This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES. - immutable: true - - name: 'unreachableCidrBlock' - type: String - description: | - Optional. Input only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. - The size of this block should be at least /25. This range should not overlap with the primary address range of any subnetwork used by the network attachment. - This range can be used for other purposes in the consumer VPC as long as there is no requirement for CDF to reach destinations using these addresses. - If this value is not provided, the server chooses a non RFC 1918 address range. The format of this field is governed by RFC 4632. - immutable: true - ignore_read: true - - name: 'effectiveUnreachableCidrBlock' - type: String - description: | - Output only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. - The size of this block is /25. The format of this field is governed by RFC 4632. - output: true - - name: 'zone' - type: String - description: | - Name of the zone in which the Data Fusion instance will be created. Only DEVELOPER instances use this field. - immutable: true - default_from_api: true - - name: 'displayName' - type: String - description: | - Display name for an instance. - immutable: true - - name: 'apiEndpoint' - type: String - description: | - Endpoint on which the REST APIs is accessible. - output: true - - name: 'p4ServiceAccount' - type: String - description: | - P4 service account for the customer project. - output: true - - name: 'cryptoKeyConfig' - type: NestedObject - description: | - The crypto key configuration. This field is used by the Customer-Managed Encryption Keys (CMEK) feature. - immutable: true - properties: - - name: 'keyReference' - type: String - description: | - The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of projects/*/locations/*/keyRings/*/cryptoKeys/*. - required: true - immutable: true - - name: 'eventPublishConfig' - type: NestedObject - description: | - Option to enable and pass metadata for event publishing. - properties: - - name: 'enabled' - type: Boolean - description: | - Option to enable Event Publishing. - required: true - - name: 'topic' - type: String - description: | - The resource name of the Pub/Sub topic. Format: projects/{projectId}/topics/{topic_id} - required: true - immutable: true - - name: 'accelerators' - type: Array - description: | - List of accelerators enabled for this CDF instance. - - If accelerators are enabled it is possible a permadiff will be created with the Options field. - Users will need to either manually update their state file to include these diffed options, or include the field in a [lifecycle ignore changes block](https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle#ignore_changes). - item_type: - type: NestedObject - properties: - - name: 'acceleratorType' - type: Enum - description: | - The type of an accelator for a CDF instance. - required: true - enum_values: - - 'CDC' - - 'HEALTHCARE' - - 'CCAI_INSIGHTS' - - name: 'state' - type: Enum - description: | - The type of an accelator for a CDF instance. - required: true - enum_values: - - 'ENABLED' - - 'DISABLED' diff --git a/mmv1/products/datafusion/go_product.yaml b/mmv1/products/datafusion/go_product.yaml deleted file mode 100644 index 25150a0626c8..000000000000 --- a/mmv1/products/datafusion/go_product.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DataFusion' -display_name: 'Cloud Data Fusion' -versions: - - name: 'beta' - base_url: 'https://datafusion.googleapis.com/v1beta1/' - - name: 'ga' - base_url: 'https://datafusion.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/datafusion/product.yaml b/mmv1/products/datafusion/product.yaml index b358c9be12ae..a09292369f4c 100644 --- a/mmv1/products/datafusion/product.yaml +++ b/mmv1/products/datafusion/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,32 +11,25 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: DataFusion -display_name: Cloud Data Fusion +--- +name: 'DataFusion' +display_name: 'Cloud Data Fusion' versions: - - !ruby/object:Api::Product::Version - name: beta - base_url: https://datafusion.googleapis.com/v1beta1/ - - !ruby/object:Api::Product::Version - name: ga - base_url: https://datafusion.googleapis.com/v1/ + - name: 'beta' + base_url: 'https://datafusion.googleapis.com/v1beta1/' + - name: 'ga' + base_url: 'https://datafusion.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/datapipeline/Pipeline.yaml b/mmv1/products/datapipeline/Pipeline.yaml index c50ddd5c6382..88bd96aaa616 100644 --- a/mmv1/products/datapipeline/Pipeline.yaml +++ b/mmv1/products/datapipeline/Pipeline.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,39 +11,43 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: Pipeline -base_url: projects/{{project}}/locations/{{region}}/pipelines -update_verb: :PATCH -update_mask: true +--- +name: 'Pipeline' description: | The main pipeline entity and all the necessary metadata for launching and managing linked jobs. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dataflow' api: 'https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines' -id_format: projects/{{project}}/locations/{{region}}/pipelines/{{name}} +docs: +id_format: 'projects/{{project}}/locations/{{region}}/pipelines/{{name}}' +base_url: 'projects/{{project}}/locations/{{region}}/pipelines' +update_verb: 'PATCH' +update_mask: true import_format: - ['projects/{{project}}/locations/{{region}}/pipelines/{{name}}'] + - 'projects/{{project}}/locations/{{region}}/pipelines/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'data_pipeline_pipeline' - primary_resource_name: - 'fmt.Sprintf("tf-test-my-pipeline%s", context["random_suffix"])' + - name: 'data_pipeline_pipeline' primary_resource_id: 'primary' - ignore_read_extra: - - 'schedule_info.0.next_job_time' + primary_resource_name: 'fmt.Sprintf("tf-test-my-pipeline%s", context["random_suffix"])' vars: pipeline_name: 'my-pipeline' account_id: 'my-account' + ignore_read_extra: + - 'schedule_info.0.next_job_time' parameters: - - !ruby/object:Api::Type::String - name: 'region' + - name: 'region' + type: String description: 'A reference to the region' url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | "The pipeline name. For example': 'projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID." "- PROJECT_ID can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see Identifying projects." @@ -51,352 +55,354 @@ properties: "PIPELINE_ID is the ID of the pipeline. Must be unique for the selected project and location." required: true immutable: true - custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb' - custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb' - - !ruby/object:Api::Type::String - name: 'displayName' + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.tmpl' + - name: 'displayName' + type: String description: | The display name of the pipeline. It can contain only letters ([A-Za-z]), numbers ([0-9]), hyphens (-), and underscores (_). - - !ruby/object:Api::Type::Enum - name: 'type' + - name: 'type' + type: Enum description: | The type of the pipeline. This field affects the scheduling of the pipeline and the type of metrics to show for the pipeline. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#pipelinetype required: true - values: - - :PIPELINE_TYPE_UNSPECIFIED - - :PIPELINE_TYPE_BATCH - - :PIPELINE_TYPE_STREAMING - - !ruby/object:Api::Type::Enum - name: 'state' + enum_values: + - 'PIPELINE_TYPE_UNSPECIFIED' + - 'PIPELINE_TYPE_BATCH' + - 'PIPELINE_TYPE_STREAMING' + - name: 'state' + type: Enum description: | The state of the pipeline. When the pipeline is created, the state is set to 'PIPELINE_STATE_ACTIVE' by default. State changes can be requested by setting the state to stopping, paused, or resuming. State cannot be changed through pipelines.patch requests. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#state required: true immutable: true - values: - - :STATE_UNSPECIFIED - - :STATE_RESUMING - - :STATE_ACTIVE - - :STATE_STOPPING - - :STATE_ARCHIVED - - :STATE_PAUSED - - !ruby/object:Api::Type::String - name: 'createTime' + enum_values: + - 'STATE_UNSPECIFIED' + - 'STATE_RESUMING' + - 'STATE_ACTIVE' + - 'STATE_STOPPING' + - 'STATE_ARCHIVED' + - 'STATE_PAUSED' + - name: 'createTime' + type: String description: | The timestamp when the pipeline was initially created. Set by the Data Pipelines service. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::String - name: 'lastUpdateTime' + - name: 'lastUpdateTime' + type: String description: | The timestamp when the pipeline was last modified. Set by the Data Pipelines service. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::NestedObject - name: 'workload' + - name: 'workload' + type: NestedObject description: | Workload information for creating new jobs. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#workload properties: - - !ruby/object:Api::Type::NestedObject - name: 'dataflowLaunchTemplateRequest' + - name: 'dataflowLaunchTemplateRequest' + type: NestedObject description: | Template information and additional parameters needed to launch a Dataflow job using the standard launch API. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplaterequest properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | The ID of the Cloud Platform project that the job belongs to. required: true - - !ruby/object:Api::Type::Boolean - name: 'validateOnly' + - name: 'validateOnly' + type: Boolean description: | - - !ruby/object:Api::Type::NestedObject - name: 'launchParameters' + - name: 'launchParameters' + type: NestedObject description: | The parameters of the template to launch. This should be part of the body of the POST request. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplateparameters properties: - - !ruby/object:Api::Type::String - name: 'jobName' + - name: 'jobName' + type: String description: | The job name to use for the created job. required: true - - !ruby/object:Api::Type::KeyValuePairs - name: 'parameters' + - name: 'parameters' + type: KeyValuePairs description: | The runtime parameters to pass to the job. 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::NestedObject - name: 'environment' + - name: 'environment' + type: NestedObject description: | The runtime environment for the job. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#RuntimeEnvironment properties: - - !ruby/object:Api::Type::Integer - name: 'numWorkers' + - name: 'numWorkers' + type: Integer description: | The initial number of Compute Engine instances for the job. - - !ruby/object:Api::Type::Integer - name: 'maxWorkers' + - name: 'maxWorkers' + type: Integer description: | The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. - - !ruby/object:Api::Type::String - name: 'zone' + - name: 'zone' + type: String description: | The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' + - name: 'serviceAccountEmail' + type: String description: | The email address of the service account to run the job as. - - !ruby/object:Api::Type::String - name: 'tempLocation' + - name: 'tempLocation' + type: String description: | The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. - - !ruby/object:Api::Type::Boolean - name: 'bypassTempDirValidation' + - name: 'bypassTempDirValidation' + type: Boolean description: | Whether to bypass the safety checks for the job's temporary directory. Use with caution. - - !ruby/object:Api::Type::String - name: 'machineType' + - name: 'machineType' + type: String description: | The machine type to use for the job. Defaults to the value from the template if not specified. - - !ruby/object:Api::Type::Array - name: 'additionalExperiments' - item_type: Api::Type::String + - name: 'additionalExperiments' + type: Array description: | Additional experiment flags for the job. - - !ruby/object:Api::Type::String - name: 'network' + item_type: + type: String + - name: 'network' + type: String description: | Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". default_from_api: true - - !ruby/object:Api::Type::String - name: 'subnetwork' + - name: 'subnetwork' + type: String description: | Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. - - !ruby/object:Api::Type::KeyValuePairs - name: 'additionalUserLabels' + - name: 'additionalUserLabels' + type: KeyValuePairs description: | Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' - - !ruby/object:Api::Type::Enum - name: 'ipConfiguration' + - name: 'ipConfiguration' + type: Enum description: | Configuration for VM IPs. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration - values: - - :WORKER_IP_UNSPECIFIED - - :WORKER_IP_PUBLIC - - :WORKER_IP_PRIVATE - - !ruby/object:Api::Type::String - name: 'workerRegion' + enum_values: + - 'WORKER_IP_UNSPECIFIED' + - 'WORKER_IP_PUBLIC' + - 'WORKER_IP_PRIVATE' + - name: 'workerRegion' + type: String description: | The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. - - !ruby/object:Api::Type::String - name: 'workerZone' + - name: 'workerZone' + type: String description: | The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. - - !ruby/object:Api::Type::Boolean - name: 'enableStreamingEngine' + - name: 'enableStreamingEngine' + type: Boolean description: | Whether to enable Streaming Engine for the job. - - !ruby/object:Api::Type::Boolean - name: 'update' + - name: 'update' + type: Boolean description: | If set, replace the existing pipeline with the name specified by jobName with this pipeline, preserving state. - - !ruby/object:Api::Type::KeyValuePairs - name: 'transformNameMapping' + - name: 'transformNameMapping' + type: KeyValuePairs description: | Map of transform name prefixes of the job to be replaced to the corresponding name prefixes of the new job. Only applicable when updating a pipeline. 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The regional endpoint to which to direct the request. - - !ruby/object:Api::Type::String - name: 'gcsPath' + - name: 'gcsPath' + type: String description: | A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'. - - !ruby/object:Api::Type::NestedObject - name: 'dataflowFlexTemplateRequest' + - name: 'dataflowFlexTemplateRequest' + type: NestedObject description: | Template information and additional parameters needed to launch a Dataflow job using the flex launch API. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplaterequest properties: - - !ruby/object:Api::Type::String - name: 'projectId' + - name: 'projectId' + type: String description: | The ID of the Cloud Platform project that the job belongs to. required: true - - !ruby/object:Api::Type::NestedObject - name: 'launchParameter' + - name: 'launchParameter' + type: NestedObject description: | Parameter to launch a job from a Flex Template. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplateparameter required: true properties: - - !ruby/object:Api::Type::String - name: 'jobName' + - name: 'jobName' + type: String description: | The job name to use for the created job. For an update job request, the job name should be the same as the existing running job. required: true - - !ruby/object:Api::Type::KeyValuePairs - name: 'parameters' + - name: 'parameters' + type: KeyValuePairs description: | 'The parameters for the Flex Template. Example: {"numWorkers":"5"}' 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::KeyValuePairs - name: 'launchOptions' + - name: 'launchOptions' + type: KeyValuePairs description: | Launch options for this Flex Template job. This is a common set of options across languages and templates. This should not be used to pass job parameters. 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::NestedObject - name: 'environment' + - name: 'environment' + type: NestedObject description: | The runtime environment for the Flex Template job. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexTemplateRuntimeEnvironment properties: - - !ruby/object:Api::Type::Integer - name: 'numWorkers' + - name: 'numWorkers' + type: Integer description: | The initial number of Compute Engine instances for the job. - - !ruby/object:Api::Type::Integer - name: 'maxWorkers' + - name: 'maxWorkers' + type: Integer description: | The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. - - !ruby/object:Api::Type::String - name: 'zone' + - name: 'zone' + type: String description: | The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. - - !ruby/object:Api::Type::String - name: 'serviceAccountEmail' + - name: 'serviceAccountEmail' + type: String description: | The email address of the service account to run the job as. - - !ruby/object:Api::Type::String - name: 'tempLocation' + - name: 'tempLocation' + type: String description: | The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. - - !ruby/object:Api::Type::String - name: 'machineType' + - name: 'machineType' + type: String description: | The machine type to use for the job. Defaults to the value from the template if not specified. - - !ruby/object:Api::Type::Array - name: 'additionalExperiments' - item_type: Api::Type::String + - name: 'additionalExperiments' + type: Array description: | Additional experiment flags for the job. - - !ruby/object:Api::Type::String - name: 'network' + item_type: + type: String + - name: 'network' + type: String description: | Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". - - !ruby/object:Api::Type::String - name: 'subnetwork' + - name: 'subnetwork' + type: String description: | Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. - - !ruby/object:Api::Type::KeyValuePairs - name: 'additionalUserLabels' + - name: 'additionalUserLabels' + type: KeyValuePairs description: | Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::String - name: 'kmsKeyName' + - name: 'kmsKeyName' + type: String description: | 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' - - !ruby/object:Api::Type::Enum - name: 'ipConfiguration' + - name: 'ipConfiguration' + type: Enum description: | Configuration for VM IPs. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration - values: - - :WORKER_IP_UNSPECIFIED - - :WORKER_IP_PUBLIC - - :WORKER_IP_PRIVATE - - !ruby/object:Api::Type::String - name: 'workerRegion' + enum_values: + - 'WORKER_IP_UNSPECIFIED' + - 'WORKER_IP_PUBLIC' + - 'WORKER_IP_PRIVATE' + - name: 'workerRegion' + type: String description: | The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. - - !ruby/object:Api::Type::String - name: 'workerZone' + - name: 'workerZone' + type: String description: | The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. - - !ruby/object:Api::Type::Boolean - name: 'enableStreamingEngine' + - name: 'enableStreamingEngine' + type: Boolean description: | Whether to enable Streaming Engine for the job. - - !ruby/object:Api::Type::Enum - name: 'flexrsGoal' + - name: 'flexrsGoal' + type: Enum description: | Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexResourceSchedulingGoal - values: - - :FLEXRS_UNSPECIFIED - - :FLEXRS_SPEED_OPTIMIZED - - :FLEXRS_COST_OPTIMIZED - - !ruby/object:Api::Type::Boolean - name: 'update' + enum_values: + - 'FLEXRS_UNSPECIFIED' + - 'FLEXRS_SPEED_OPTIMIZED' + - 'FLEXRS_COST_OPTIMIZED' + - name: 'update' + type: Boolean description: | Set this to true if you are sending a request to update a running streaming job. When set, the job name should be the same as the running job. - - !ruby/object:Api::Type::KeyValuePairs - name: 'transformNameMappings' + - name: 'transformNameMappings' + type: KeyValuePairs description: | 'Use this to pass transform name mappings for streaming update jobs. Example: {"oldTransformName":"newTransformName",...}' 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - !ruby/object:Api::Type::String - name: 'containerSpecGcsPath' + - name: 'containerSpecGcsPath' + type: String description: | Cloud Storage path to a file with a JSON-serialized ContainerSpec as content. - - !ruby/object:Api::Type::String - name: 'location' + - name: 'location' + type: String description: | The regional endpoint to which to direct the request. For example, us-central1, us-west1. required: true - - !ruby/object:Api::Type::Boolean - name: 'validateOnly' + - name: 'validateOnly' + type: Boolean description: | If true, the request is validated but not actually executed. Defaults to false. - - !ruby/object:Api::Type::NestedObject - name: 'scheduleInfo' + - name: 'scheduleInfo' + type: NestedObject description: | Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally. https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#schedulespec properties: - - !ruby/object:Api::Type::String - name: 'schedule' + - name: 'schedule' + type: String description: | Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler. - - !ruby/object:Api::Type::String - name: 'timeZone' + - name: 'timeZone' + type: String description: | Timezone ID. This matches the timezone IDs used by the Cloud Scheduler API. If empty, UTC time is assumed. - default_value: UTC - - !ruby/object:Api::Type::String - name: 'nextJobTime' + default_value: "UTC" + - name: 'nextJobTime' + type: String description: | When the next Scheduler job is going to run. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". output: true - - !ruby/object:Api::Type::Integer - name: 'jobCount' + - name: 'jobCount' + type: Integer description: | Number of jobs. output: true - - !ruby/object:Api::Type::String - name: 'schedulerServiceAccountEmail' + - name: 'schedulerServiceAccountEmail' + type: String description: | Optional. A service account email to be used with the Cloud Scheduler job. If not specified, the default compute engine service account will be used. immutable: true default_from_api: true - - !ruby/object:Api::Type::KeyValuePairs - name: 'pipelineSources' + - name: 'pipelineSources' + type: KeyValuePairs description: | The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. diff --git a/mmv1/products/datapipeline/go_Pipeline.yaml b/mmv1/products/datapipeline/go_Pipeline.yaml deleted file mode 100644 index 73850acb358f..000000000000 --- a/mmv1/products/datapipeline/go_Pipeline.yaml +++ /dev/null @@ -1,410 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Pipeline' -description: | - The main pipeline entity and all the necessary metadata for launching and managing linked jobs. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dataflow' - api: 'https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines' -docs: -id_format: 'projects/{{project}}/locations/{{region}}/pipelines/{{name}}' -base_url: 'projects/{{project}}/locations/{{region}}/pipelines' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{region}}/pipelines/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: -examples: - - name: 'data_pipeline_pipeline' - primary_resource_id: 'primary' - primary_resource_name: 'fmt.Sprintf("tf-test-my-pipeline%s", context["random_suffix"])' - vars: - pipeline_name: 'my-pipeline' - account_id: 'my-account' - ignore_read_extra: - - 'schedule_info.0.next_job_time' -parameters: - - name: 'region' - type: String - description: 'A reference to the region' - url_param_only: true -properties: - - name: 'name' - type: String - description: | - "The pipeline name. For example': 'projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID." - "- PROJECT_ID can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see Identifying projects." - "LOCATION_ID is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling google.cloud.location.Locations.ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in App Engine regions." - "PIPELINE_ID is the ID of the pipeline. Must be unique for the selected project and location." - required: true - immutable: true - custom_flatten: 'templates/terraform/custom_flatten/go/name_from_self_link.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/shortname_to_url.go.tmpl' - - name: 'displayName' - type: String - description: | - The display name of the pipeline. It can contain only letters ([A-Za-z]), numbers ([0-9]), hyphens (-), and underscores (_). - - name: 'type' - type: Enum - description: | - The type of the pipeline. This field affects the scheduling of the pipeline and the type of metrics to show for the pipeline. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#pipelinetype - required: true - enum_values: - - 'PIPELINE_TYPE_UNSPECIFIED' - - 'PIPELINE_TYPE_BATCH' - - 'PIPELINE_TYPE_STREAMING' - - name: 'state' - type: Enum - description: | - The state of the pipeline. When the pipeline is created, the state is set to 'PIPELINE_STATE_ACTIVE' by default. State changes can be requested by setting the state to stopping, paused, or resuming. State cannot be changed through pipelines.patch requests. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#state - required: true - immutable: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'STATE_RESUMING' - - 'STATE_ACTIVE' - - 'STATE_STOPPING' - - 'STATE_ARCHIVED' - - 'STATE_PAUSED' - - name: 'createTime' - type: String - description: | - The timestamp when the pipeline was initially created. Set by the Data Pipelines service. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'lastUpdateTime' - type: String - description: | - The timestamp when the pipeline was last modified. Set by the Data Pipelines service. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'workload' - type: NestedObject - description: | - Workload information for creating new jobs. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#workload - properties: - - name: 'dataflowLaunchTemplateRequest' - type: NestedObject - description: | - Template information and additional parameters needed to launch a Dataflow job using the standard launch API. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplaterequest - properties: - - name: 'projectId' - type: String - description: | - The ID of the Cloud Platform project that the job belongs to. - required: true - - name: 'validateOnly' - type: Boolean - description: | - - name: 'launchParameters' - type: NestedObject - description: | - The parameters of the template to launch. This should be part of the body of the POST request. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchtemplateparameters - properties: - - name: 'jobName' - type: String - description: | - The job name to use for the created job. - required: true - - name: 'parameters' - type: KeyValuePairs - description: | - The runtime parameters to pass to the job. - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'environment' - type: NestedObject - description: | - The runtime environment for the job. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#RuntimeEnvironment - properties: - - name: 'numWorkers' - type: Integer - description: | - The initial number of Compute Engine instances for the job. - - name: 'maxWorkers' - type: Integer - description: | - The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. - - name: 'zone' - type: String - description: | - The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. - - name: 'serviceAccountEmail' - type: String - description: | - The email address of the service account to run the job as. - - name: 'tempLocation' - type: String - description: | - The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. - - name: 'bypassTempDirValidation' - type: Boolean - description: | - Whether to bypass the safety checks for the job's temporary directory. Use with caution. - - name: 'machineType' - type: String - description: | - The machine type to use for the job. Defaults to the value from the template if not specified. - - name: 'additionalExperiments' - type: Array - description: | - Additional experiment flags for the job. - item_type: - type: String - - name: 'network' - type: String - description: | - Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". - default_from_api: true - - name: 'subnetwork' - type: String - description: | - Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. - - name: 'additionalUserLabels' - type: KeyValuePairs - description: | - Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. - 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'kmsKeyName' - type: String - description: | - 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' - - name: 'ipConfiguration' - type: Enum - description: | - Configuration for VM IPs. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration - enum_values: - - 'WORKER_IP_UNSPECIFIED' - - 'WORKER_IP_PUBLIC' - - 'WORKER_IP_PRIVATE' - - name: 'workerRegion' - type: String - description: | - The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. - - name: 'workerZone' - type: String - description: | - The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. - - name: 'enableStreamingEngine' - type: Boolean - description: | - Whether to enable Streaming Engine for the job. - - name: 'update' - type: Boolean - description: | - If set, replace the existing pipeline with the name specified by jobName with this pipeline, preserving state. - - name: 'transformNameMapping' - type: KeyValuePairs - description: | - Map of transform name prefixes of the job to be replaced to the corresponding name prefixes of the new job. Only applicable when updating a pipeline. - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'location' - type: String - description: | - The regional endpoint to which to direct the request. - - name: 'gcsPath' - type: String - description: | - A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'. - - name: 'dataflowFlexTemplateRequest' - type: NestedObject - description: | - Template information and additional parameters needed to launch a Dataflow job using the flex launch API. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplaterequest - properties: - - name: 'projectId' - type: String - description: | - The ID of the Cloud Platform project that the job belongs to. - required: true - - name: 'launchParameter' - type: NestedObject - description: | - Parameter to launch a job from a Flex Template. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#launchflextemplateparameter - required: true - properties: - - name: 'jobName' - type: String - description: | - The job name to use for the created job. For an update job request, the job name should be the same as the existing running job. - required: true - - name: 'parameters' - type: KeyValuePairs - description: | - 'The parameters for the Flex Template. Example: {"numWorkers":"5"}' - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'launchOptions' - type: KeyValuePairs - description: | - Launch options for this Flex Template job. This is a common set of options across languages and templates. This should not be used to pass job parameters. - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'environment' - type: NestedObject - description: | - The runtime environment for the Flex Template job. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexTemplateRuntimeEnvironment - properties: - - name: 'numWorkers' - type: Integer - description: | - The initial number of Compute Engine instances for the job. - - name: 'maxWorkers' - type: Integer - description: | - The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. - - name: 'zone' - type: String - description: | - The Compute Engine availability zone for launching worker instances to run your pipeline. In the future, workerZone will take precedence. - - name: 'serviceAccountEmail' - type: String - description: | - The email address of the service account to run the job as. - - name: 'tempLocation' - type: String - description: | - The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with gs://. - - name: 'machineType' - type: String - description: | - The machine type to use for the job. Defaults to the value from the template if not specified. - - name: 'additionalExperiments' - type: Array - description: | - Additional experiment flags for the job. - item_type: - type: String - - name: 'network' - type: String - description: | - Network to which VMs will be assigned. If empty or unspecified, the service will use the network "default". - - name: 'subnetwork' - type: String - description: | - Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form "https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK" or "regions/REGION/subnetworks/SUBNETWORK". If the subnetwork is located in a Shared VPC network, you must use the complete URL. - - name: 'additionalUserLabels' - type: KeyValuePairs - description: | - Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the labeling restrictions page. An object containing a list of key/value pairs. - 'Example: { "name": "wrench", "mass": "1kg", "count": "3" }.' - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'kmsKeyName' - type: String - description: | - 'Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/' - - name: 'ipConfiguration' - type: Enum - description: | - Configuration for VM IPs. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#WorkerIPAddressConfiguration - enum_values: - - 'WORKER_IP_UNSPECIFIED' - - 'WORKER_IP_PUBLIC' - - 'WORKER_IP_PRIVATE' - - name: 'workerRegion' - type: String - description: | - The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1". Mutually exclusive with workerZone. If neither workerRegion nor workerZone is specified, default to the control plane's region. - - name: 'workerZone' - type: String - description: | - The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. "us-west1-a". Mutually exclusive with workerRegion. If neither workerRegion nor workerZone is specified, a zone in the control plane's region is chosen based on available capacity. If both workerZone and zone are set, workerZone takes precedence. - - name: 'enableStreamingEngine' - type: Boolean - description: | - Whether to enable Streaming Engine for the job. - - name: 'flexrsGoal' - type: Enum - description: | - Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#FlexResourceSchedulingGoal - enum_values: - - 'FLEXRS_UNSPECIFIED' - - 'FLEXRS_SPEED_OPTIMIZED' - - 'FLEXRS_COST_OPTIMIZED' - - name: 'update' - type: Boolean - description: | - Set this to true if you are sending a request to update a running streaming job. When set, the job name should be the same as the running job. - - name: 'transformNameMappings' - type: KeyValuePairs - description: | - 'Use this to pass transform name mappings for streaming update jobs. Example: {"oldTransformName":"newTransformName",...}' - 'An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - - name: 'containerSpecGcsPath' - type: String - description: | - Cloud Storage path to a file with a JSON-serialized ContainerSpec as content. - - name: 'location' - type: String - description: | - The regional endpoint to which to direct the request. For example, us-central1, us-west1. - required: true - - name: 'validateOnly' - type: Boolean - description: | - If true, the request is validated but not actually executed. Defaults to false. - - name: 'scheduleInfo' - type: NestedObject - description: | - Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally. - https://cloud.google.com/dataflow/docs/reference/data-pipelines/rest/v1/projects.locations.pipelines#schedulespec - properties: - - name: 'schedule' - type: String - description: | - Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler. - - name: 'timeZone' - type: String - description: | - Timezone ID. This matches the timezone IDs used by the Cloud Scheduler API. If empty, UTC time is assumed. - default_value: "UTC" - - name: 'nextJobTime' - type: String - description: | - When the next Scheduler job is going to run. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". - output: true - - name: 'jobCount' - type: Integer - description: | - Number of jobs. - output: true - - name: 'schedulerServiceAccountEmail' - type: String - description: | - Optional. A service account email to be used with the Cloud Scheduler job. If not specified, the default compute engine service account will be used. - immutable: true - default_from_api: true - - name: 'pipelineSources' - type: KeyValuePairs - description: | - The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation. - An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - immutable: true diff --git a/mmv1/products/datapipeline/go_product.yaml b/mmv1/products/datapipeline/go_product.yaml deleted file mode 100644 index ef537231d988..000000000000 --- a/mmv1/products/datapipeline/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DataPipeline' -display_name: 'DataPipeline' -versions: - - name: 'ga' - base_url: 'https://datapipelines.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/datapipeline/product.yaml b/mmv1/products/datapipeline/product.yaml index d597ef0095ba..098974888a0c 100644 --- a/mmv1/products/datapipeline/product.yaml +++ b/mmv1/products/datapipeline/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: DataPipeline -display_name: DataPipeline +--- +name: 'DataPipeline' +display_name: 'DataPipeline' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://datapipelines.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://datapipelines.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataplex/AspectType.yaml b/mmv1/products/dataplex/AspectType.yaml index 854723caea71..c7480e61d786 100644 --- a/mmv1/products/dataplex/AspectType.yaml +++ b/mmv1/products/dataplex/AspectType.yaml @@ -11,132 +11,126 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AspectType' +description: | + An Aspect Type is a template for creating Aspects. +docs: base_url: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' self_link: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' create_url: 'projects/{{project}}/locations/{{location}}/aspectTypes?aspectTypeId={{aspect_type_id}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -description: | - An Aspect Type is a template for creating Aspects. -import_format: ['projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 5 update_minutes: 5 delete_minutes: 5 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -autogen_async: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true +iam_policy: + exclude_import_test: true method_name_separator: ':' - fetch_iam_policy_verb: :GET parent_resource_attribute: 'aspect_type_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}', - '{{aspect_type_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' + - '{{aspect_type_id}}' +custom_code: +examples: + - name: 'dataplex_aspect_type_basic' + primary_resource_id: 'test_aspect_type_basic' + primary_resource_name: 'fmt.Sprintf("tf-test-aspect-type%s", context["random_suffix"])' + vars: + aspect_type_name: 'aspect-type-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_aspect_type_full' + primary_resource_id: 'test_aspect_type_full' + primary_resource_name: 'fmt.Sprintf("tf-test-aspect-type%s", context["random_suffix"])' + vars: + aspect_type_name: 'aspect-type-full' + test_env_vars: + project_name: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true + - name: 'location' + type: String description: | The location where aspect type will be created in. - - !ruby/object:Api::Type::String - name: 'aspectTypeId' url_param_only: true immutable: true + - name: 'aspectTypeId' + type: String description: | The aspect type id of the aspect type. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} output: true - - !ruby/object:Api::Type::String - name: 'uid' - output: true + - name: 'uid' + type: String description: | System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. - - !ruby/object:Api::Type::Time - name: 'createTime' output: true + - name: 'createTime' + type: Time description: | The time when the AspectType was created. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: | The time when the AspectType was last updated. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: | Description of the AspectType. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User friendly display name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | User-defined labels for the AspectType. - - !ruby/object:Api::Type::String - name: 'metadataTemplate' + - name: 'metadataTemplate' + type: String description: | MetadataTemplate of the Aspect. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Enum - name: 'transferStatus' - output: true + - name: 'transferStatus' + type: Enum description: | Denotes the transfer status of the Aspect Type. It is unspecified for Aspect Type created from Dataplex API. - values: - - :TRANSFER_STATUS_UNSPECIFIED - - :TRANSFER_STATUS_MIGRATED - - :TRANSFER_STATUS_TRANSFERRED -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_aspect_type_basic' - primary_resource_id: 'test_aspect_type_basic' - primary_resource_name: "fmt.Sprintf(\"tf-test-aspect-type%s\", - context[\"random_suffix\"\ - ])" - test_env_vars: - project_name: :PROJECT_NAME - vars: - aspect_type_name: aspect-type-basic - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_aspect_type_full' - primary_resource_id: 'test_aspect_type_full' - primary_resource_name: "fmt.Sprintf(\"tf-test-aspect-type%s\", - context[\"random_suffix\"\ - ])" - test_env_vars: - project_name: :PROJECT_NAME - vars: - aspect_type_name: aspect-type-full + output: true + enum_values: + - 'TRANSFER_STATUS_UNSPECIFIED' + - 'TRANSFER_STATUS_MIGRATED' + - 'TRANSFER_STATUS_TRANSFERRED' diff --git a/mmv1/products/dataplex/Asset.yaml b/mmv1/products/dataplex/Asset.yaml index 8c105ef2a527..c28f39f9a61f 100644 --- a/mmv1/products/dataplex/Asset.yaml +++ b/mmv1/products/dataplex/Asset.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,35 +11,36 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Asset' -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' -exclude_resource: true description: | Only used to generate IAM resources -properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true - description: | - Dummy property. -iam_policy: !ruby/object:Api::Resource::IamPolicy +exclude_resource: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' parent_resource_attribute: 'asset' - fetch_iam_policy_verb: :GET + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}', - '{{name}}', - ] + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' + - '{{name}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_asset_primary' + - name: 'dataplex_asset_primary' primary_resource_id: 'example' - primary_resource_name: - 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), - fmt.Sprintf("tf-test-zone%s", context["random_suffix"]), - fmt.Sprintf("tf-test-asset%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-zone%s", context["random_suffix"]), fmt.Sprintf("tf-test-asset%s", context["random_suffix"])' test_env_vars: - project_name: :PROJECT_NAME + project_name: 'PROJECT_NAME' +parameters: +properties: + - name: 'name' + type: String + description: | + Dummy property. + output: true diff --git a/mmv1/products/dataplex/Datascan.yaml b/mmv1/products/dataplex/Datascan.yaml index eb70d4b116e4..f3878e2a2839 100644 --- a/mmv1/products/dataplex/Datascan.yaml +++ b/mmv1/products/dataplex/Datascan.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,493 +11,495 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Datascan' +description: | + Represents a user-visible job which provides the insights for the related data source. +# User-provided label cannot start with goog- +exclude_attribution_label: true +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataplex/docs' + api: 'https://cloud.google.com/dataplex/docs/reference/rest' +docs: base_url: 'projects/{{project}}/locations/{{location}}/dataScans' self_link: 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' create_url: 'projects/{{project}}/locations/{{location}}/dataScans?dataScanId={{data_scan_id}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -# User-provided label cannot start with goog- -skip_attribution_label: true + +read_query_params: '?view=FULL' import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}', - '{{data_scan_id}}', - ] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' + - '{{data_scan_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 5 update_minutes: 5 delete_minutes: 5 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -autogen_async: true -read_query_params: '?view=FULL' -description: | - Represents a user-visible job which provides the insights for the related data source. -iam_policy: !ruby/object:Api::Resource::IamPolicy +iam_policy: method_name_separator: ':' parent_resource_attribute: 'data_scan_id' - fetch_iam_policy_verb: :GET + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}', - '{{data_scan_id}}', - ] -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/dataplex/docs' - api: 'https://cloud.google.com/dataplex/docs/reference/rest' + - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' + - '{{data_scan_id}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_datascan_basic_profile' + - name: 'dataplex_datascan_basic_profile' primary_resource_id: 'basic_profile' - primary_resource_name: - 'fmt.Sprintf("tf-test-dataprofile-basic%s", context["random_suffix"])' - test_env_vars: - project_name: :PROJECT_NAME + primary_resource_name: 'fmt.Sprintf("tf-test-dataprofile-basic%s", context["random_suffix"])' vars: - datascan_name: dataprofile-basic - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_datascan_full_profile' - primary_resource_id: 'full_profile' + datascan_name: 'dataprofile-basic' test_env_vars: - project_name: :PROJECT_NAME + project_name: 'PROJECT_NAME' + - name: 'dataplex_datascan_full_profile' + primary_resource_id: 'full_profile' vars: - dataset_name: dataplex_dataset - datascan_name: dataprofile-full - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_datascan_basic_quality' - primary_resource_id: 'basic_quality' + dataset_name: 'dataplex_dataset' + datascan_name: 'dataprofile-full' test_env_vars: - project_name: :PROJECT_NAME + project_name: 'PROJECT_NAME' + - name: 'dataplex_datascan_basic_quality' + primary_resource_id: 'basic_quality' vars: - datascan_name: dataquality-basic - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_datascan_full_quality' - primary_resource_id: 'full_quality' + datascan_name: 'dataquality-basic' test_env_vars: - project_name: :PROJECT_NAME + project_name: 'PROJECT_NAME' + - name: 'dataplex_datascan_full_quality' + primary_resource_id: 'full_quality' vars: - datascan_name: dataquality-full + datascan_name: 'dataquality-full' + test_env_vars: + project_name: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: 'location' - immutable: true - required: true - url_param_only: true + - name: 'location' + type: String description: | The location where the data scan should reside. - - !ruby/object:Api::Type::String - name: 'dataScanId' - immutable: true - required: true url_param_only: true + required: true + immutable: true + - name: 'dataScanId' + type: String description: | DataScan identifier. Must contain only lowercase letters, numbers and hyphens. Must start with a letter. Must end with a number or a letter. + url_param_only: true + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The relative resource name of the scan, of the form: projects/{project}/locations/{locationId}/dataScans/{datascan_id}, where project refers to a project_id or project_number and locationId refers to a GCP region. - - !ruby/object:Api::Type::String - name: 'uid' output: true + - name: 'uid' + type: String description: | System generated globally unique ID for the scan. This ID will be different if the scan is deleted and re-created with the same name. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: | Description of the scan. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User friendly display name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | User-defined labels for the scan. A list of key->value pairs. - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + - name: 'state' + type: Enum description: | Current state of the DataScan. - values: - - :STATE_UNSPECIFIED - - :ACTIVE - - :CREATING - - :DELETING - - :ACTION_REQUIRED - - !ruby/object:Api::Type::String - name: 'createTime' output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'ACTIVE' + - 'CREATING' + - 'DELETING' + - 'ACTION_REQUIRED' + - name: 'createTime' + type: String description: | The time when the scan was created. - - !ruby/object:Api::Type::String - name: 'updateTime' output: true + - name: 'updateTime' + type: String description: | The time when the scan was last updated. - - !ruby/object:Api::Type::NestedObject - name: 'data' - required: true - immutable: true + output: true + - name: 'data' + type: NestedObject description: | The data source for DataScan. + required: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'entity' - immutable: true - exactly_one_of: - - data.0.entity - - data.0.resource + - name: 'entity' + type: String description: | The Dataplex entity that represents the data source(e.g. BigQuery table) for Datascan. - - !ruby/object:Api::Type::String - name: 'resource' immutable: true exactly_one_of: - - data.0.entity - - data.0.resource + - 'data.0.entity' + - 'data.0.resource' + - name: 'resource' + type: String description: | The service-qualified full resource name of the cloud resource for a DataScan job to scan against. The field could be: (Cloud Storage bucket for DataDiscoveryScan)BigQuery table of type "TABLE" for DataProfileScan/DataQualityScan. - - !ruby/object:Api::Type::NestedObject - name: 'executionSpec' - required: true + immutable: true + exactly_one_of: + - 'data.0.entity' + - 'data.0.resource' + - name: 'executionSpec' + type: NestedObject description: | DataScan execution settings. + required: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'trigger' - required: true + - name: 'trigger' + type: NestedObject description: | Spec related to how often and when a scan should be triggered. + required: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'onDemand' - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - execution_spec.0.trigger.0.on_demand - - execution_spec.0.trigger.0.schedule + - name: 'onDemand' + type: NestedObject description: | The scan runs once via dataScans.run API. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'schedule' + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'execution_spec.0.trigger.0.on_demand' + - 'execution_spec.0.trigger.0.schedule' + properties: + [] + - name: 'schedule' + type: NestedObject description: | The scan is scheduled to run periodically. exactly_one_of: - - execution_spec.0.trigger.0.on_demand - - execution_spec.0.trigger.0.schedule + - 'execution_spec.0.trigger.0.on_demand' + - 'execution_spec.0.trigger.0.schedule' properties: - - !ruby/object:Api::Type::String - name: 'cron' - required: true + - name: 'cron' + type: String description: Cron schedule for running scans periodically. This field is required for Schedule scans. - - !ruby/object:Api::Type::String - name: 'field' - immutable: true + required: true + - name: 'field' + type: String description: | The unnested field (of type Date or Timestamp) that contains values which monotonically increase over time. If not specified, a data scan will run for all data in the table. - - !ruby/object:Api::Type::NestedObject - name: 'executionStatus' - output: true + immutable: true + - name: 'executionStatus' + type: NestedObject description: | Status of the data scan execution. + output: true properties: - - !ruby/object:Api::Type::String - name: 'latestJobEndTime' - output: true + - name: 'latestJobEndTime' + type: String description: | The time when the latest DataScanJob started. - - !ruby/object:Api::Type::String - name: 'latestJobStartTime' output: true + - name: 'latestJobStartTime' + type: String description: | The time when the latest DataScanJob ended. - - !ruby/object:Api::Type::Enum - name: 'type' - output: true + output: true + - name: 'type' + type: Enum description: | The type of DataScan. - values: - - :DATA_SCAN_TYPE_UNSPECIFIED - - :DATA_QUALITY - - :DATA_PROFILE - - !ruby/object:Api::Type::NestedObject - name: 'dataQualitySpec' - exactly_one_of: - - data_quality_spec - - data_profile_spec + output: true + enum_values: + - 'DATA_SCAN_TYPE_UNSPECIFIED' + - 'DATA_QUALITY' + - 'DATA_PROFILE' + - name: 'dataQualitySpec' + type: NestedObject description: | DataQualityScan related setting. + exactly_one_of: + - 'data_quality_spec' + - 'data_profile_spec' properties: - - !ruby/object:Api::Type::Double - name: 'samplingPercent' + - name: 'samplingPercent' + type: Double description: | The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if `sampling_percent` is not specified, 0 or 100. - - !ruby/object:Api::Type::String - name: 'rowFilter' + - name: 'rowFilter' + type: String description: | A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 - - !ruby/object:Api::Type::NestedObject - name: 'postScanActions' + - name: 'postScanActions' + type: NestedObject description: | Actions to take upon job completion. properties: - - !ruby/object:Api::Type::NestedObject - name: 'bigqueryExport' + - name: 'bigqueryExport' + type: NestedObject description: | If set, results will be exported to the provided BigQuery table. properties: - - !ruby/object:Api::Type::String - name: 'resultsTable' + - name: 'resultsTable' + type: String description: | The BigQuery table to export DataQualityScan results to. Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID - - !ruby/object:Api::Type::Array - name: 'rules' - min_size: 1 + - name: 'rules' + type: Array description: | The list of rules to evaluate against a data source. At least one rule is required. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | The unnested column which this rule is evaluated against. - - !ruby/object:Api::Type::Boolean - name: 'ignoreNull' + - name: 'ignoreNull' + type: Boolean description: | Rows with null values will automatically fail a rule, unless ignoreNull is true. In that case, such null rows are trivially considered passing. Only applicable to ColumnMap rules. - - !ruby/object:Api::Type::String - name: 'dimension' - required: true + - name: 'dimension' + type: String description: | The dimension a rule belongs to. Results are also aggregated at the dimension level. Supported dimensions are ["COMPLETENESS", "ACCURACY", "CONSISTENCY", "VALIDITY", "UNIQUENESS", "INTEGRITY"] - - !ruby/object:Api::Type::Double - name: 'threshold' + required: true + - name: 'threshold' + type: Double description: | The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of [0.0, 1.0]. 0 indicates default value (i.e. 1.0). - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | A mutable name for the rule. The name must contain only letters (a-z, A-Z), numbers (0-9), or hyphens (-). The maximum length is 63 characters. Must start with a letter. Must end with a number or a letter. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Description of the rule. The maximum length is 1,024 characters. - - !ruby/object:Api::Type::NestedObject - name: 'rangeExpectation' + - name: 'rangeExpectation' + type: NestedObject description: | ColumnMap rule which evaluates whether each column value lies between a specified range. properties: - - !ruby/object:Api::Type::String - name: 'minValue' + - name: 'minValue' + type: String description: | The minimum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. - - !ruby/object:Api::Type::String - name: 'maxValue' + - name: 'maxValue' + type: String description: | The maximum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. - - !ruby/object:Api::Type::Boolean - name: 'strictMinEnabled' - default_value: false + - name: 'strictMinEnabled' + type: Boolean description: | Whether each value needs to be strictly greater than ('>') the minimum, or if equality is allowed. Only relevant if a minValue has been defined. Default = false. - - !ruby/object:Api::Type::Boolean - name: 'strictMaxEnabled' default_value: false + - name: 'strictMaxEnabled' + type: Boolean description: | Whether each value needs to be strictly lesser than ('<') the maximum, or if equality is allowed. Only relevant if a maxValue has been defined. Default = false. - - !ruby/object:Api::Type::NestedObject - name: 'nonNullExpectation' - allow_empty_object: true - send_empty_value: true + default_value: false + - name: 'nonNullExpectation' + type: NestedObject description: | ColumnMap rule which evaluates whether each column value is null. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'setExpectation' + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'setExpectation' + type: NestedObject description: | ColumnMap rule which evaluates whether each column value is contained by a specified set. properties: - - !ruby/object:Api::Type::Array - name: 'values' - required: true + - name: 'values' + type: Array description: | Expected values for the column value. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'regexExpectation' + required: true + item_type: + type: String + - name: 'regexExpectation' + type: NestedObject description: | ColumnMap rule which evaluates whether each column value matches a specified regex. properties: - - !ruby/object:Api::Type::String - name: 'regex' - required: true + - name: 'regex' + type: String description: | A regular expression the column value is expected to match. - - !ruby/object:Api::Type::NestedObject - name: 'uniquenessExpectation' - allow_empty_object: true - send_empty_value: true + required: true + - name: 'uniquenessExpectation' + type: NestedObject description: | Row-level rule which evaluates whether each column value is unique. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'statisticRangeExpectation' + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'statisticRangeExpectation' + type: NestedObject description: | ColumnAggregate rule which evaluates whether the column aggregate statistic lies between a specified range. properties: - - !ruby/object:Api::Type::Enum - name: 'statistic' - required: true + - name: 'statistic' + type: Enum description: | column statistics. - values: - - :STATISTIC_UNDEFINED - - :MEAN - - :MIN - - :MAX - - !ruby/object:Api::Type::String - name: 'minValue' + required: true + enum_values: + - 'STATISTIC_UNDEFINED' + - 'MEAN' + - 'MIN' + - 'MAX' + - name: 'minValue' + type: String description: | The minimum column statistic value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. - - !ruby/object:Api::Type::String - name: 'maxValue' + - name: 'maxValue' + type: String description: | The maximum column statistic value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. - - !ruby/object:Api::Type::Boolean - name: 'strictMinEnabled' - default_value: false + - name: 'strictMinEnabled' + type: Boolean description: | Whether column statistic needs to be strictly greater than ('>') the minimum, or if equality is allowed. Only relevant if a minValue has been defined. Default = false. - - !ruby/object:Api::Type::Boolean - name: 'strictMaxEnabled' default_value: false + - name: 'strictMaxEnabled' + type: Boolean description: | Whether column statistic needs to be strictly lesser than ('<') the maximum, or if equality is allowed. Only relevant if a maxValue has been defined. Default = false. - - !ruby/object:Api::Type::NestedObject - name: 'rowConditionExpectation' + default_value: false + - name: 'rowConditionExpectation' + type: NestedObject description: | Table rule which evaluates whether each row passes the specified condition. properties: - - !ruby/object:Api::Type::String - name: 'sqlExpression' - required: true + - name: 'sqlExpression' + type: String description: | The SQL expression. - - !ruby/object:Api::Type::NestedObject - name: 'tableConditionExpectation' + required: true + - name: 'tableConditionExpectation' + type: NestedObject description: | Table rule which evaluates whether the provided expression is true. properties: - - !ruby/object:Api::Type::String - name: 'sqlExpression' - required: true + - name: 'sqlExpression' + type: String description: | The SQL expression. - - !ruby/object:Api::Type::NestedObject - name: 'sqlAssertion' + required: true + - name: 'sqlAssertion' + type: NestedObject description: | Table rule which evaluates whether any row matches invalid state. properties: - - !ruby/object:Api::Type::String - name: 'sqlStatement' - required: true + - name: 'sqlStatement' + type: String description: | The SQL statement. - - !ruby/object:Api::Type::NestedObject - name: 'dataProfileSpec' - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - data_quality_spec - - data_profile_spec + required: true + min_size: 1 + - name: 'dataProfileSpec' + type: NestedObject description: | DataProfileScan related setting. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'data_quality_spec' + - 'data_profile_spec' properties: - - !ruby/object:Api::Type::Double - name: 'samplingPercent' + - name: 'samplingPercent' + type: Double description: | The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if `sampling_percent` is not specified, 0 or 100. - - !ruby/object:Api::Type::String - name: 'rowFilter' + - name: 'rowFilter' + type: String description: | A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 - - !ruby/object:Api::Type::NestedObject - name: 'postScanActions' + - name: 'postScanActions' + type: NestedObject description: | Actions to take upon job completion. properties: - - !ruby/object:Api::Type::NestedObject - name: 'bigqueryExport' + - name: 'bigqueryExport' + type: NestedObject description: | If set, results will be exported to the provided BigQuery table. properties: - - !ruby/object:Api::Type::String - name: 'resultsTable' + - name: 'resultsTable' + type: String description: | The BigQuery table to export DataProfileScan results to. Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID - - !ruby/object:Api::Type::NestedObject - name: 'includeFields' + - name: 'includeFields' + type: NestedObject description: | The fields to include in data profile. If not specified, all fields at the time of profile scan job execution are included, except for ones listed in `exclude_fields`. properties: - - !ruby/object:Api::Type::Array - name: 'fieldNames' + - name: 'fieldNames' + type: Array description: | Expected input is a list of fully qualified names of fields as in the schema. Only top-level field names for nested fields are supported. For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'excludeFields' + item_type: + type: String + - name: 'excludeFields' + type: NestedObject description: | The fields to exclude from data profile. If specified, the fields will be excluded from data profile, regardless of `include_fields` value. properties: - - !ruby/object:Api::Type::Array - name: 'fieldNames' + - name: 'fieldNames' + type: Array description: | Expected input is a list of fully qualified names of fields as in the schema. Only top-level field names for nested fields are supported. For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. - item_type: Api::Type::String + item_type: + type: String diff --git a/mmv1/products/dataplex/EntryGroup.yaml b/mmv1/products/dataplex/EntryGroup.yaml index 82fa1f32c4c2..239f6977392b 100644 --- a/mmv1/products/dataplex/EntryGroup.yaml +++ b/mmv1/products/dataplex/EntryGroup.yaml @@ -11,121 +11,117 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EntryGroup' +description: | + An Entry Group represents a logical grouping of one or more Entries. +docs: base_url: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' self_link: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' create_url: 'projects/{{project}}/locations/{{location}}/entryGroups?entryGroupId={{entry_group_id}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -description: | - An Entry Group represents a logical grouping of one or more Entries. -import_format: ['projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 5 update_minutes: 5 delete_minutes: 5 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -autogen_async: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true +iam_policy: + exclude_import_test: true method_name_separator: ':' - fetch_iam_policy_verb: :GET parent_resource_attribute: 'entry_group_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}', - '{{entry_group_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' + - '{{entry_group_id}}' +custom_code: +examples: + - name: 'dataplex_entry_group_basic' + primary_resource_id: 'test_entry_group_basic' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-group%s", context["random_suffix"])' + vars: + entry_group_name: 'entry-group-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_entry_group_full' + primary_resource_id: 'test_entry_group_full' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-group%s", context["random_suffix"])' + vars: + entry_group_name: 'entry-group-full' + test_env_vars: + project_name: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true + - name: 'location' + type: String description: | The location where entry group will be created in. - - !ruby/object:Api::Type::String - name: 'entryGroupId' url_param_only: true immutable: true + - name: 'entryGroupId' + type: String description: | The entry group id of the entry group. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} output: true - - !ruby/object:Api::Type::String - name: 'uid' - output: true + - name: 'uid' + type: String description: | System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. - - !ruby/object:Api::Type::Time - name: 'createTime' output: true + - name: 'createTime' + type: Time description: | The time when the EntryGroup was created. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: | The time when the EntryGroup was last updated. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: | Description of the EntryGroup. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User friendly display name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | User-defined labels for the EntryGroup. - - !ruby/object:Api::Type::Enum - name: 'transferStatus' - output: true + - name: 'transferStatus' + type: Enum description: | Denotes the transfer status of the Entry Group. It is unspecified for Entry Group created from Dataplex API. - values: - - :TRANSFER_STATUS_UNSPECIFIED - - :TRANSFER_STATUS_MIGRATED - - :TRANSFER_STATUS_TRANSFERRED -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_entry_group_basic' - primary_resource_id: 'test_entry_group_basic' - primary_resource_name: "fmt.Sprintf(\"tf-test-entry-group%s\", - context[\"random_suffix\"\ - ])" - test_env_vars: - project_name: :PROJECT_NAME - vars: - entry_group_name: entry-group-basic - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_entry_group_full' - primary_resource_id: 'test_entry_group_full' - primary_resource_name: "fmt.Sprintf(\"tf-test-entry-group%s\", - context[\"random_suffix\"\ - ])" - test_env_vars: - project_name: :PROJECT_NAME - vars: - entry_group_name: entry-group-full + output: true + enum_values: + - 'TRANSFER_STATUS_UNSPECIFIED' + - 'TRANSFER_STATUS_MIGRATED' + - 'TRANSFER_STATUS_TRANSFERRED' diff --git a/mmv1/products/dataplex/EntryType.yaml b/mmv1/products/dataplex/EntryType.yaml index b34164baeafb..98573dfae7c7 100644 --- a/mmv1/products/dataplex/EntryType.yaml +++ b/mmv1/products/dataplex/EntryType.yaml @@ -11,134 +11,132 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EntryType' +description: | + An Entry Type is a template for creating Entries. +docs: base_url: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' self_link: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' create_url: 'projects/{{project}}/locations/{{location}}/entryTypes?entryTypeId={{entry_type_id}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -description: | - An Entry Type is a template for creating Entries. -import_format: ['projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}'] -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +import_format: + - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 5 update_minutes: 5 delete_minutes: 5 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -autogen_async: true -iam_policy: !ruby/object:Api::Resource::IamPolicy - skip_import_test: true +iam_policy: + exclude_import_test: true method_name_separator: ':' - fetch_iam_policy_verb: :GET parent_resource_attribute: 'entry_type_id' + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}', - '{{entry_type_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' + - '{{entry_type_id}}' +custom_code: +examples: + - name: 'dataplex_entry_type_basic' + primary_resource_id: 'test_entry_type_basic' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-type%s", context["random_suffix"])' + vars: + entry_type_name: 'entry-type-basic' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_entry_type_full' + primary_resource_id: 'test_entry_type_full' + primary_resource_name: 'fmt.Sprintf("tf-test-entry-type%s", context["random_suffix"])' + vars: + entry_type_name: 'entry-type-full' + test_env_vars: + project_name: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true + - name: 'location' + type: String description: | The location where entry type will be created in. - - !ruby/object:Api::Type::String - name: 'entryTypeId' url_param_only: true immutable: true + - name: 'entryTypeId' + type: String description: | The entry type id of the entry type. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The relative resource name of the EntryType, of the form: projects/{project_number}/locations/{location_id}/entryTypes/{entry_type_id} output: true - - !ruby/object:Api::Type::String - name: 'uid' - output: true + - name: 'uid' + type: String description: | System generated globally unique ID for the EntryType. This ID will be different if the EntryType is deleted and re-created with the same name. - - !ruby/object:Api::Type::Time - name: 'createTime' output: true + - name: 'createTime' + type: Time description: | The time when the EntryType was created. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: | The time when the EntryType was last updated. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: | Description of the EntryType. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User friendly display name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | User-defined labels for the EntryType. - - !ruby/object:Api::Type::Array - name: 'typeAliases' + - name: 'typeAliases' + type: Array description: | Indicates the class this Entry Type belongs to, for example, TABLE, DATABASE, MODEL. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'platform' + item_type: + type: String + - name: 'platform' + type: String description: | The platform that Entries of this type belongs to. - - !ruby/object:Api::Type::String - name: 'system' + - name: 'system' + type: String description: | The system that Entries of this type belongs to. - - !ruby/object:Api::Type::Array - name: 'requiredAspects' + - name: 'requiredAspects' + type: Array description: | AspectInfo for the entry type. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'type' + - name: 'type' + type: String description: | Required aspect type for the entry type. -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_entry_type_basic' - primary_resource_id: 'test_entry_type_basic' - primary_resource_name: "fmt.Sprintf(\"tf-test-entry-type%s\", - context[\"random_suffix\"\ - ])" - test_env_vars: - project_name: :PROJECT_NAME - vars: - entry_type_name: entry-type-basic - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_entry_type_full' - primary_resource_id: 'test_entry_type_full' - primary_resource_name: "fmt.Sprintf(\"tf-test-entry-type%s\", - context[\"random_suffix\"\ - ])" - test_env_vars: - project_name: :PROJECT_NAME - vars: - entry_type_name: entry-type-full diff --git a/mmv1/products/dataplex/Lake.yaml b/mmv1/products/dataplex/Lake.yaml index 9a9ef3e9a06c..8cecb6142d73 100644 --- a/mmv1/products/dataplex/Lake.yaml +++ b/mmv1/products/dataplex/Lake.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,30 +11,36 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Lake' -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' -exclude_resource: true description: | Only used to generate IAM resources -properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true - description: | - Dummy property. -iam_policy: !ruby/object:Api::Resource::IamPolicy +exclude_resource: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' parent_resource_attribute: 'lake' - fetch_iam_policy_verb: :GET + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - ['projects/{{project}}/locations/{{location}}/lakes/{{name}}', '{{name}}'] + - 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' + - '{{name}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_lake_primary' + - name: 'dataplex_lake_primary' primary_resource_id: 'example' - primary_resource_name: - 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"])' test_env_vars: - project_name: :PROJECT_NAME + project_name: 'PROJECT_NAME' +parameters: +properties: + - name: 'name' + type: String + description: | + Dummy property. + output: true diff --git a/mmv1/products/dataplex/Task.yaml b/mmv1/products/dataplex/Task.yaml index ecd20a1b7be5..85546ee8c272 100644 --- a/mmv1/products/dataplex/Task.yaml +++ b/mmv1/products/dataplex/Task.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -10,496 +10,499 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource + +--- name: 'Task' +description: | + A Dataplex task represents the work that you want Dataplex to do on a schedule. It encapsulates code, parameters, and the schedule. +# User-provided label cannot start with goog- +exclude_attribution_label: true +references: + guides: + 'Official Documentation': 'https://cloud.google.com/dataplex/docs' + api: 'https://cloud.google.com/dataplex/docs/reference/rest/v1/projects.locations.lakes.tasks' +docs: base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' create_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks?task_id={{task_id}}' update_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -delete_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -update_verb: :PATCH +update_verb: 'PATCH' update_mask: true -# User-provided label cannot start with goog- -skip_attribution_label: true -description: | - A Dataplex task represents the work that you want Dataplex to do on a schedule. It encapsulates code, parameters, and the schedule. -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' +delete_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' +timeouts: + insert_minutes: 5 + update_minutes: 5 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 5 update_minutes: 5 delete_minutes: 5 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + resource_inside_response: false + error: path: 'error' message: 'message' -autogen_async: true -references: !ruby/object:Api::Resource::ReferenceLinks - guides: - 'Official Documentation': 'https://cloud.google.com/dataplex/docs' - api: 'https://cloud.google.com/dataplex/docs/reference/rest/v1/projects.locations.lakes.tasks' -import_format: ['projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}'] -iam_policy: !ruby/object:Api::Resource::IamPolicy - exclude: false +iam_policy: method_name_separator: ':' parent_resource_attribute: 'task_id' - fetch_iam_policy_verb: :GET + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}', - '{{task_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' + - '{{task_id}}' +custom_code: +examples: + - name: 'dataplex_task_basic' + primary_resource_id: 'example' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_task_spark' + primary_resource_id: 'example_spark' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' + - name: 'dataplex_task_notebook' + primary_resource_id: 'example_notebook' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' + test_env_vars: + project_name: 'PROJECT_NAME' parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true + - name: 'location' + type: String description: | The location in which the task will be created in. - - !ruby/object:Api::Type::String - name: 'lake' url_param_only: true immutable: true + - name: 'lake' + type: String description: | The lake in which the task will be created in. - - !ruby/object:Api::Type::String - name: 'taskId' url_param_only: true immutable: true + - name: 'taskId' + type: String description: | The task Id of the task. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The relative resource name of the task, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/ tasks/{name}. - - !ruby/object:Api::Type::String - name: 'uid' output: true + - name: 'uid' + type: String description: | System generated globally unique ID for the task. This ID will be different if the task is deleted and re-created with the same name. - - !ruby/object:Api::Type::Time - name: 'createTime' output: true + - name: 'createTime' + type: Time description: | The time when the task was created. - - !ruby/object:Api::Type::Time - name: 'updateTime' output: true + - name: 'updateTime' + type: Time description: | The time when the task was last updated. - - !ruby/object:Api::Type::String - name: 'description' + output: true + - name: 'description' + type: String description: | User-provided description of the task. - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | User friendly display name. - - !ruby/object:Api::Type::Enum - name: 'state' - output: true + - name: 'state' + type: Enum description: | Current state of the task. - values: - - :STATE_UNSPECIFIED - - :ACTIVE - - :CREATING - - :DELETING - - :ACTION_REQUIRED - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'ACTIVE' + - 'CREATING' + - 'DELETING' + - 'ACTION_REQUIRED' + - name: 'labels' + type: KeyValueLabels description: | User-defined labels for the task. - - !ruby/object:Api::Type::NestedObject - name: 'triggerSpec' - required: true + - name: 'triggerSpec' + type: NestedObject description: | Configuration for the cluster + required: true properties: - - !ruby/object:Api::Type::Enum - name: 'type' - required: true - immutable: true + - name: 'type' + type: Enum description: | Trigger type of the user-specified Task - values: - - :ON_DEMAND - - :RECURRING - - !ruby/object:Api::Type::Time - name: 'startTime' + required: true + immutable: true + enum_values: + - 'ON_DEMAND' + - 'RECURRING' + - name: 'startTime' + type: Time description: | The first run of the task will be after this time. If not specified, the task will run shortly after being submitted if ON_DEMAND and based on the schedule if RECURRING. - - !ruby/object:Api::Type::Boolean - name: 'disabled' + - name: 'disabled' + type: Boolean description: | Prevent the task from executing. This does not cancel already running tasks. It is intended to temporarily disable RECURRING tasks. - - !ruby/object:Api::Type::Integer - name: 'maxRetries' + - name: 'maxRetries' + type: Integer description: | Number of retry attempts before aborting. Set to zero to never attempt to retry a failed task. - - !ruby/object:Api::Type::String - name: 'schedule' + - name: 'schedule' + type: String description: | Cron schedule (https://en.wikipedia.org/wiki/Cron) for running tasks periodically. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: 'CRON_TZ=${IANA_TIME_ZONE}' or 'TZ=${IANA_TIME_ZONE}'. The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *. This field is required for RECURRING tasks. - - !ruby/object:Api::Type::NestedObject - name: 'executionSpec' - required: true + - name: 'executionSpec' + type: NestedObject description: | Configuration for the cluster + required: true properties: - - !ruby/object:Api::Type::KeyValuePairs - name: 'args' + - name: 'args' + type: KeyValuePairs description: | The arguments to pass to the task. The args can use placeholders of the format ${placeholder} as part of key/value string. These will be interpolated before passing the args to the driver. Currently supported placeholders: - ${taskId} - ${job_time} To pass positional args, set the key as TASK_ARGS. The value should be a comma-separated string of all the positional arguments. To use a delimiter other than comma, refer to https://cloud.google.com/sdk/gcloud/reference/topic/escaping. In case of other keys being present in the args, then TASK_ARGS will be passed as the last argument. An object containing a list of 'key': value pairs. Example: { 'name': 'wrench', 'mass': '1.3kg', 'count': '3' }. - - !ruby/object:Api::Type::String - name: 'serviceAccount' - required: true + - name: 'serviceAccount' + type: String description: | Service account to use to execute a task. If not provided, the default Compute service account for the project is used. - - !ruby/object:Api::Type::String - name: 'project' + required: true + - name: 'project' + type: String description: | The project in which jobs are run. By default, the project containing the Lake is used. If a project is provided, the ExecutionSpec.service_account must belong to this project. - - !ruby/object:Api::Type::String - name: 'maxJobExecutionLifetime' + - name: 'maxJobExecutionLifetime' + type: String description: | The maximum duration after which the job execution is expired. A duration in seconds with up to nine fractional digits, ending with 's'. Example: '3.5s'. - - !ruby/object:Api::Type::String - name: 'kmsKey' + - name: 'kmsKey' + type: String description: | The Cloud KMS key to use for encryption, of the form: projects/{project_number}/locations/{locationId}/keyRings/{key-ring-name}/cryptoKeys/{key-name}. - - !ruby/object:Api::Type::NestedObject - name: 'executionStatus' - output: true + - name: 'executionStatus' + type: NestedObject description: | Configuration for the cluster + output: true properties: - - !ruby/object:Api::Type::String - name: 'updateTime' - output: true + - name: 'updateTime' + type: String description: | Last update time of the status. - - !ruby/object:Api::Type::NestedObject - name: 'latestJob' output: true + - name: 'latestJob' + type: NestedObject description: | latest job execution. + output: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The relative resource name of the job, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/tasks/{taskId}/jobs/{jobId}. - - !ruby/object:Api::Type::String - name: 'uid' output: true + - name: 'uid' + type: String description: | System generated globally unique ID for the job. - - !ruby/object:Api::Type::Time - name: 'startTime' output: true + - name: 'startTime' + type: Time description: | The time when the job was started. - - !ruby/object:Api::Type::Time - name: 'endTime' output: true + - name: 'endTime' + type: Time description: | The time when the job ended. - - !ruby/object:Api::Type::Enum - name: 'state' output: true + - name: 'state' + type: Enum description: | Execution state for the job. - values: - - :STATE_UNSPECIFIED - - :RUNNING - - :CANCELLING - - :CANCELLED - - :SUCCEEDED - - :FAILED - - :ABORTED - - !ruby/object:Api::Type::Integer - name: 'retryCount' output: true + enum_values: + - 'STATE_UNSPECIFIED' + - 'RUNNING' + - 'CANCELLING' + - 'CANCELLED' + - 'SUCCEEDED' + - 'FAILED' + - 'ABORTED' + - name: 'retryCount' + type: Integer description: | The number of times the job has been retried (excluding the initial attempt). - - !ruby/object:Api::Type::Enum - name: 'service' output: true + - name: 'service' + type: Enum description: | The underlying service running a job. - values: - - :SERVICE_UNSPECIFIED - - :DATAPROC - - !ruby/object:Api::Type::String - name: 'serviceJob' output: true + enum_values: + - 'SERVICE_UNSPECIFIED' + - 'DATAPROC' + - name: 'serviceJob' + type: String description: | The full resource name for the job run under a particular service. - - !ruby/object:Api::Type::String - name: 'message' output: true + - name: 'message' + type: String description: | Additional information about the current state. - - !ruby/object:Api::Type::NestedObject - name: 'spark' + output: true + - name: 'spark' + type: NestedObject description: | A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. exactly_one_of: - - spark - - notebook + - 'spark' + - 'notebook' properties: - - !ruby/object:Api::Type::Array - name: 'fileUris' + - name: 'fileUris' + type: Array description: | Cloud Storage URIs of files to be placed in the working directory of each executor. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'archiveUris' + item_type: + type: String + - name: 'archiveUris' + type: Array description: | Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'infrastructureSpec' + item_type: + type: String + - name: 'infrastructureSpec' + type: NestedObject description: | Infrastructure specification for the execution. properties: - - !ruby/object:Api::Type::NestedObject - name: 'batch' + - name: 'batch' + type: NestedObject description: | Compute resources needed for a Task when using Dataproc Serverless. properties: - - !ruby/object:Api::Type::Integer - name: 'executorsCount' - default_value: 2 + - name: 'executorsCount' + type: Integer description: | Total number of job executors. Executor Count should be between 2 and 100. [Default=2] - - !ruby/object:Api::Type::Integer - name: 'maxExecutorsCount' - default_value: 1000 + default_value: 2 + - name: 'maxExecutorsCount' + type: Integer description: | Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] - - !ruby/object:Api::Type::NestedObject - name: 'containerImage' + default_value: 1000 + - name: 'containerImage' + type: NestedObject description: | Container Image Runtime Configuration. properties: - - !ruby/object:Api::Type::String - name: 'image' + - name: 'image' + type: String description: | Container image to use. - - !ruby/object:Api::Type::Array - name: 'javaJars' + - name: 'javaJars' + type: Array description: | A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'pythonPackages' + item_type: + type: String + - name: 'pythonPackages' + type: Array description: | A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz - item_type: Api::Type::String - - !ruby/object:Api::Type::KeyValuePairs - name: 'properties' + item_type: + type: String + - name: 'properties' + type: KeyValuePairs description: | Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. - - !ruby/object:Api::Type::NestedObject - name: 'vpcNetwork' + - name: 'vpcNetwork' + type: NestedObject description: | Vpc network. properties: - - !ruby/object:Api::Type::Array - name: 'networkTags' + - name: 'networkTags' + type: Array description: | List of network tags to apply to the job. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'network' + item_type: + type: String + - name: 'network' + type: String description: | The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. exactly_one_of: - - network - - subNetwork - - !ruby/object:Api::Type::String - name: 'subNetwork' + - 'network' + - 'subNetwork' + - name: 'subNetwork' + type: String description: | The Cloud VPC sub-network in which the job is run. exactly_one_of: - - network - - subNetwork - - !ruby/object:Api::Type::String - name: 'mainJarFileUri' + - 'network' + - 'subNetwork' + - name: 'mainJarFileUri' + type: String description: | The Cloud Storage URI of the jar file that contains the main class. The execution args are passed in as a sequence of named process arguments (--key=value). exactly_one_of: - - mainJarFileUri - - mainClass - - pythonScriptFile - - sqlScriptFile - - sqlScript - - !ruby/object:Api::Type::String - name: 'mainClass' + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'mainClass' + type: String description: | The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris. The execution args are passed in as a sequence of named process arguments (--key=value). exactly_one_of: - - mainJarFileUri - - mainClass - - pythonScriptFile - - sqlScriptFile - - sqlScript - - !ruby/object:Api::Type::String - name: 'pythonScriptFile' + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'pythonScriptFile' + type: String description: | The Gcloud Storage URI of the main Python file to use as the driver. Must be a .py file. The execution args are passed in as a sequence of named process arguments (--key=value). exactly_one_of: - - mainJarFileUri - - mainClass - - pythonScriptFile - - sqlScriptFile - - sqlScript - - !ruby/object:Api::Type::String - name: 'sqlScriptFile' + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'sqlScriptFile' + type: String description: | A reference to a query file. This can be the Cloud Storage URI of the query file or it can the path to a SqlScript Content. The execution args are used to declare a set of script variables (set key='value';). exactly_one_of: - - mainJarFileUri - - mainClass - - pythonScriptFile - - sqlScriptFile - - sqlScript - - !ruby/object:Api::Type::String - name: 'sqlScript' + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'sqlScript' + type: String description: | The query text. The execution args are used to declare a set of script variables (set key='value';). exactly_one_of: - - mainJarFileUri - - mainClass - - pythonScriptFile - - sqlScriptFile - - sqlScript - - !ruby/object:Api::Type::NestedObject - name: 'notebook' + - 'mainJarFileUri' + - 'mainClass' + - 'pythonScriptFile' + - 'sqlScriptFile' + - 'sqlScript' + - name: 'notebook' + type: NestedObject description: | A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. exactly_one_of: - - spark - - notebook + - 'spark' + - 'notebook' properties: - - !ruby/object:Api::Type::String - name: 'notebook' - required: true + - name: 'notebook' + type: String description: | Path to input notebook. This can be the Cloud Storage URI of the notebook file or the path to a Notebook Content. The execution args are accessible as environment variables (TASK_key=value). - - !ruby/object:Api::Type::NestedObject - name: 'infrastructureSpec' + required: true + - name: 'infrastructureSpec' + type: NestedObject description: | Infrastructure specification for the execution. properties: - - !ruby/object:Api::Type::NestedObject - name: 'batch' + - name: 'batch' + type: NestedObject description: | Compute resources needed for a Task when using Dataproc Serverless. properties: - - !ruby/object:Api::Type::Integer - name: 'executorsCount' - default_value: 2 + - name: 'executorsCount' + type: Integer description: | Total number of job executors. Executor Count should be between 2 and 100. [Default=2] - - !ruby/object:Api::Type::Integer - name: 'maxExecutorsCount' - default_value: 1000 + default_value: 2 + - name: 'maxExecutorsCount' + type: Integer description: | Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] - - !ruby/object:Api::Type::NestedObject - name: 'containerImage' + default_value: 1000 + - name: 'containerImage' + type: NestedObject description: | Container Image Runtime Configuration. properties: - - !ruby/object:Api::Type::String - name: 'image' + - name: 'image' + type: String description: | Container image to use. - - !ruby/object:Api::Type::Array - name: 'javaJars' + - name: 'javaJars' + type: Array description: | A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'pythonPackages' + item_type: + type: String + - name: 'pythonPackages' + type: Array description: | A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz - item_type: Api::Type::String - - !ruby/object:Api::Type::KeyValuePairs - name: 'properties' + item_type: + type: String + - name: 'properties' + type: KeyValuePairs description: | Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. - - !ruby/object:Api::Type::NestedObject - name: 'vpcNetwork' + - name: 'vpcNetwork' + type: NestedObject description: | Vpc network. properties: - - !ruby/object:Api::Type::Array - name: 'networkTags' + - name: 'networkTags' + type: Array description: | List of network tags to apply to the job. - item_type: Api::Type::String - - !ruby/object:Api::Type::String - name: 'network' + item_type: + type: String + - name: 'network' + type: String description: | The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. exactly_one_of: - - network - - subNetwork - - !ruby/object:Api::Type::String - name: 'subNetwork' + - 'network' + - 'subNetwork' + - name: 'subNetwork' + type: String description: | The Cloud VPC sub-network in which the job is run. exactly_one_of: - - network - - subNetwork - - !ruby/object:Api::Type::Array - name: 'fileUris' + - 'network' + - 'subNetwork' + - name: 'fileUris' + type: Array description: | Cloud Storage URIs of files to be placed in the working directory of each executor. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'archiveUris' + item_type: + type: String + - name: 'archiveUris' + type: Array description: | Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. - item_type: Api::Type::String -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_task_basic' - primary_resource_id: 'example' - primary_resource_name: - 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), - fmt.Sprintf("tf-test-task%s", context["random_suffix"])' - test_env_vars: - project_name: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_task_spark' - primary_resource_id: 'example_spark' - primary_resource_name: - 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), - fmt.Sprintf("tf-test-task%s", context["random_suffix"])' - test_env_vars: - project_name: :PROJECT_NAME - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_task_notebook' - primary_resource_id: 'example_notebook' - primary_resource_name: - 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), - fmt.Sprintf("tf-test-task%s", context["random_suffix"])' - test_env_vars: - project_name: :PROJECT_NAME + item_type: + type: String diff --git a/mmv1/products/dataplex/Zone.yaml b/mmv1/products/dataplex/Zone.yaml index 5e2ed3656024..248121603bf2 100644 --- a/mmv1/products/dataplex/Zone.yaml +++ b/mmv1/products/dataplex/Zone.yaml @@ -1,5 +1,5 @@ -# Copyright 2023 Google Inc. -# Licensed under the Apache License, Version 2.0 (the License); +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # @@ -11,35 +11,37 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Zone' -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' -exclude_resource: true description: | Only used to generate IAM resources -properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true - description: | - Dummy property. -iam_policy: !ruby/object:Api::Resource::IamPolicy - substitute_zone_value: false +exclude_resource: true +docs: +base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' +self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +iam_policy: method_name_separator: ':' parent_resource_attribute: 'dataplex_zone' - fetch_iam_policy_verb: :GET + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}', - '{{name}}', - ] + - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' + - '{{name}}' + substitute_zone_value: false +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataplex_zone_primary' + - name: 'dataplex_zone_primary' primary_resource_id: 'example' - primary_resource_name: - 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), - fmt.Sprintf("tf-test-zone%s", context["random_suffix"])' + primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-zone%s", context["random_suffix"])' test_env_vars: - project_name: :PROJECT_NAME + project_name: 'PROJECT_NAME' +parameters: +properties: + - name: 'name' + type: String + description: | + Dummy property. + output: true diff --git a/mmv1/products/dataplex/go_AspectType.yaml b/mmv1/products/dataplex/go_AspectType.yaml deleted file mode 100644 index 942121ef6264..000000000000 --- a/mmv1/products/dataplex/go_AspectType.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AspectType' -description: | - An Aspect Type is a template for creating Aspects. -docs: -base_url: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' -self_link: 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/aspectTypes?aspectTypeId={{aspect_type_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' -timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -iam_policy: - skip_import_test: true - method_name_separator: ':' - parent_resource_attribute: 'aspect_type_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}' - - '{{aspect_type_id}}' -custom_code: -examples: - - name: 'dataplex_aspect_type_basic' - primary_resource_id: 'test_aspect_type_basic' - primary_resource_name: 'fmt.Sprintf("tf-test-aspect-type%s", context["random_suffix"])' - vars: - aspect_type_name: 'aspect-type-basic' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_aspect_type_full' - primary_resource_id: 'test_aspect_type_full' - primary_resource_name: 'fmt.Sprintf("tf-test-aspect-type%s", context["random_suffix"])' - vars: - aspect_type_name: 'aspect-type-full' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: | - The location where aspect type will be created in. - url_param_only: true - immutable: true - - name: 'aspectTypeId' - type: String - description: | - The aspect type id of the aspect type. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} - output: true - - name: 'uid' - type: String - description: | - System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. - output: true - - name: 'createTime' - type: Time - description: | - The time when the AspectType was created. - output: true - - name: 'updateTime' - type: Time - description: | - The time when the AspectType was last updated. - output: true - - name: 'description' - type: String - description: | - Description of the AspectType. - - name: 'displayName' - type: String - description: | - User friendly display name. - - name: 'labels' - type: KeyValueLabels - description: | - User-defined labels for the AspectType. - - name: 'metadataTemplate' - type: String - description: | - MetadataTemplate of the Aspect. - state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' - custom_flatten: 'templates/terraform/custom_flatten/go/json_schema.tmpl' - custom_expand: 'templates/terraform/custom_expand/go/json_schema.tmpl' - validation: - function: 'validation.StringIsJSON' - - name: 'transferStatus' - type: Enum - description: | - Denotes the transfer status of the Aspect Type. It is unspecified - for Aspect Type created from Dataplex API. - output: true - enum_values: - - 'TRANSFER_STATUS_UNSPECIFIED' - - 'TRANSFER_STATUS_MIGRATED' - - 'TRANSFER_STATUS_TRANSFERRED' diff --git a/mmv1/products/dataplex/go_Asset.yaml b/mmv1/products/dataplex/go_Asset.yaml deleted file mode 100644 index cf983c3187c4..000000000000 --- a/mmv1/products/dataplex/go_Asset.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Asset' -description: | - Only used to generate IAM resources -exclude_resource: true -docs: -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'asset' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}' - - '{{name}}' -custom_code: -examples: - - name: 'dataplex_asset_primary' - primary_resource_id: 'example' - primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-zone%s", context["random_suffix"]), fmt.Sprintf("tf-test-asset%s", context["random_suffix"])' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: -properties: - - name: 'name' - type: String - description: | - Dummy property. - output: true diff --git a/mmv1/products/dataplex/go_Datascan.yaml b/mmv1/products/dataplex/go_Datascan.yaml deleted file mode 100644 index 2277fd3499b5..000000000000 --- a/mmv1/products/dataplex/go_Datascan.yaml +++ /dev/null @@ -1,505 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Datascan' -description: | - Represents a user-visible job which provides the insights for the related data source. -skip_attribution_label: true -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dataplex/docs' - api: 'https://cloud.google.com/dataplex/docs/reference/rest' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/dataScans' -self_link: 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/dataScans?dataScanId={{data_scan_id}}' -update_verb: 'PATCH' -update_mask: true - -read_query_params: '?view=FULL' -import_format: - - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' - - '{{data_scan_id}}' -timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'data_scan_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/dataScans/{{data_scan_id}}' - - '{{data_scan_id}}' -custom_code: -examples: - - name: 'dataplex_datascan_basic_profile' - primary_resource_id: 'basic_profile' - primary_resource_name: 'fmt.Sprintf("tf-test-dataprofile-basic%s", context["random_suffix"])' - vars: - datascan_name: 'dataprofile-basic' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_datascan_full_profile' - primary_resource_id: 'full_profile' - vars: - dataset_name: 'dataplex_dataset' - datascan_name: 'dataprofile-full' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_datascan_basic_quality' - primary_resource_id: 'basic_quality' - vars: - datascan_name: 'dataquality-basic' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_datascan_full_quality' - primary_resource_id: 'full_quality' - vars: - datascan_name: 'dataquality-full' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: | - The location where the data scan should reside. - url_param_only: true - required: true - immutable: true - - name: 'dataScanId' - type: String - description: | - DataScan identifier. Must contain only lowercase letters, numbers and hyphens. Must start with a letter. Must end with a number or a letter. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The relative resource name of the scan, of the form: projects/{project}/locations/{locationId}/dataScans/{datascan_id}, where project refers to a project_id or project_number and locationId refers to a GCP region. - output: true - - name: 'uid' - type: String - description: | - System generated globally unique ID for the scan. This ID will be different if the scan is deleted and re-created with the same name. - output: true - - name: 'description' - type: String - description: | - Description of the scan. - - name: 'displayName' - type: String - description: | - User friendly display name. - - name: 'labels' - type: KeyValueLabels - description: | - User-defined labels for the scan. A list of key->value pairs. - - name: 'state' - type: Enum - description: | - Current state of the DataScan. - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'ACTIVE' - - 'CREATING' - - 'DELETING' - - 'ACTION_REQUIRED' - - name: 'createTime' - type: String - description: | - The time when the scan was created. - output: true - - name: 'updateTime' - type: String - description: | - The time when the scan was last updated. - output: true - - name: 'data' - type: NestedObject - description: | - The data source for DataScan. - required: true - immutable: true - properties: - - name: 'entity' - type: String - description: | - The Dataplex entity that represents the data source(e.g. BigQuery table) for Datascan. - immutable: true - exactly_one_of: - - 'data.0.entity' - - 'data.0.resource' - - name: 'resource' - type: String - description: | - The service-qualified full resource name of the cloud resource for a DataScan job to scan against. The field could be: - (Cloud Storage bucket for DataDiscoveryScan)BigQuery table of type "TABLE" for DataProfileScan/DataQualityScan. - immutable: true - exactly_one_of: - - 'data.0.entity' - - 'data.0.resource' - - name: 'executionSpec' - type: NestedObject - description: | - DataScan execution settings. - required: true - properties: - - name: 'trigger' - type: NestedObject - description: | - Spec related to how often and when a scan should be triggered. - required: true - properties: - - name: 'onDemand' - type: NestedObject - description: | - The scan runs once via dataScans.run API. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'execution_spec.0.trigger.0.on_demand' - - 'execution_spec.0.trigger.0.schedule' - properties: - [] - - name: 'schedule' - type: NestedObject - description: | - The scan is scheduled to run periodically. - exactly_one_of: - - 'execution_spec.0.trigger.0.on_demand' - - 'execution_spec.0.trigger.0.schedule' - properties: - - name: 'cron' - type: String - description: - Cron schedule for running scans periodically. This field is - required for Schedule scans. - required: true - - name: 'field' - type: String - description: | - The unnested field (of type Date or Timestamp) that contains values which monotonically increase over time. If not specified, a data scan will run for all data in the table. - immutable: true - - name: 'executionStatus' - type: NestedObject - description: | - Status of the data scan execution. - output: true - properties: - - name: 'latestJobEndTime' - type: String - description: | - The time when the latest DataScanJob started. - output: true - - name: 'latestJobStartTime' - type: String - description: | - The time when the latest DataScanJob ended. - output: true - - name: 'type' - type: Enum - description: | - The type of DataScan. - output: true - enum_values: - - 'DATA_SCAN_TYPE_UNSPECIFIED' - - 'DATA_QUALITY' - - 'DATA_PROFILE' - - name: 'dataQualitySpec' - type: NestedObject - description: | - DataQualityScan related setting. - exactly_one_of: - - 'data_quality_spec' - - 'data_profile_spec' - properties: - - name: 'samplingPercent' - type: Double - description: | - The percentage of the records to be selected from the dataset for DataScan. - Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. - Sampling is not applied if `sampling_percent` is not specified, 0 or 100. - - name: 'rowFilter' - type: String - description: | - A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 - - name: 'postScanActions' - type: NestedObject - description: | - Actions to take upon job completion. - properties: - - name: 'bigqueryExport' - type: NestedObject - description: | - If set, results will be exported to the provided BigQuery table. - properties: - - name: 'resultsTable' - type: String - description: | - The BigQuery table to export DataQualityScan results to. - Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID - - name: 'rules' - type: Array - description: | - The list of rules to evaluate against a data source. At least one rule is required. - item_type: - type: NestedObject - properties: - - name: 'column' - type: String - description: | - The unnested column which this rule is evaluated against. - - name: 'ignoreNull' - type: Boolean - description: | - Rows with null values will automatically fail a rule, unless ignoreNull is true. In that case, such null rows are trivially considered passing. Only applicable to ColumnMap rules. - - name: 'dimension' - type: String - description: | - The dimension a rule belongs to. Results are also aggregated at the dimension level. Supported dimensions are ["COMPLETENESS", "ACCURACY", "CONSISTENCY", "VALIDITY", "UNIQUENESS", "INTEGRITY"] - required: true - - name: 'threshold' - type: Double - description: | - The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of [0.0, 1.0]. 0 indicates default value (i.e. 1.0). - - name: 'name' - type: String - description: | - A mutable name for the rule. - The name must contain only letters (a-z, A-Z), numbers (0-9), or hyphens (-). - The maximum length is 63 characters. - Must start with a letter. - Must end with a number or a letter. - - name: 'description' - type: String - description: | - Description of the rule. - The maximum length is 1,024 characters. - - name: 'rangeExpectation' - type: NestedObject - description: | - ColumnMap rule which evaluates whether each column value lies between a specified range. - properties: - - name: 'minValue' - type: String - description: | - The minimum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. - - name: 'maxValue' - type: String - description: | - The maximum column value allowed for a row to pass this validation. At least one of minValue and maxValue need to be provided. - - name: 'strictMinEnabled' - type: Boolean - description: | - Whether each value needs to be strictly greater than ('>') the minimum, or if equality is allowed. - Only relevant if a minValue has been defined. Default = false. - default_value: false - - name: 'strictMaxEnabled' - type: Boolean - description: | - Whether each value needs to be strictly lesser than ('<') the maximum, or if equality is allowed. - Only relevant if a maxValue has been defined. Default = false. - default_value: false - - name: 'nonNullExpectation' - type: NestedObject - description: | - ColumnMap rule which evaluates whether each column value is null. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'setExpectation' - type: NestedObject - description: | - ColumnMap rule which evaluates whether each column value is contained by a specified set. - properties: - - name: 'values' - type: Array - description: | - Expected values for the column value. - required: true - item_type: - type: String - - name: 'regexExpectation' - type: NestedObject - description: | - ColumnMap rule which evaluates whether each column value matches a specified regex. - properties: - - name: 'regex' - type: String - description: | - A regular expression the column value is expected to match. - required: true - - name: 'uniquenessExpectation' - type: NestedObject - description: | - Row-level rule which evaluates whether each column value is unique. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'statisticRangeExpectation' - type: NestedObject - description: | - ColumnAggregate rule which evaluates whether the column aggregate statistic lies between a specified range. - properties: - - name: 'statistic' - type: Enum - description: | - column statistics. - required: true - enum_values: - - 'STATISTIC_UNDEFINED' - - 'MEAN' - - 'MIN' - - 'MAX' - - name: 'minValue' - type: String - description: | - The minimum column statistic value allowed for a row to pass this validation. - At least one of minValue and maxValue need to be provided. - - name: 'maxValue' - type: String - description: | - The maximum column statistic value allowed for a row to pass this validation. - At least one of minValue and maxValue need to be provided. - - name: 'strictMinEnabled' - type: Boolean - description: | - Whether column statistic needs to be strictly greater than ('>') the minimum, or if equality is allowed. - Only relevant if a minValue has been defined. Default = false. - default_value: false - - name: 'strictMaxEnabled' - type: Boolean - description: | - Whether column statistic needs to be strictly lesser than ('<') the maximum, or if equality is allowed. - Only relevant if a maxValue has been defined. Default = false. - default_value: false - - name: 'rowConditionExpectation' - type: NestedObject - description: | - Table rule which evaluates whether each row passes the specified condition. - properties: - - name: 'sqlExpression' - type: String - description: | - The SQL expression. - required: true - - name: 'tableConditionExpectation' - type: NestedObject - description: | - Table rule which evaluates whether the provided expression is true. - properties: - - name: 'sqlExpression' - type: String - description: | - The SQL expression. - required: true - - name: 'sqlAssertion' - type: NestedObject - description: | - Table rule which evaluates whether any row matches invalid state. - properties: - - name: 'sqlStatement' - type: String - description: | - The SQL statement. - required: true - min_size: 1 - - name: 'dataProfileSpec' - type: NestedObject - description: | - DataProfileScan related setting. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'data_quality_spec' - - 'data_profile_spec' - properties: - - name: 'samplingPercent' - type: Double - description: | - The percentage of the records to be selected from the dataset for DataScan. - Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. - Sampling is not applied if `sampling_percent` is not specified, 0 or 100. - - name: 'rowFilter' - type: String - description: | - A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10 - - name: 'postScanActions' - type: NestedObject - description: | - Actions to take upon job completion. - properties: - - name: 'bigqueryExport' - type: NestedObject - description: | - If set, results will be exported to the provided BigQuery table. - properties: - - name: 'resultsTable' - type: String - description: | - The BigQuery table to export DataProfileScan results to. - Format://bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID - - name: 'includeFields' - type: NestedObject - description: | - The fields to include in data profile. - If not specified, all fields at the time of profile scan job execution are included, except for ones listed in `exclude_fields`. - properties: - - name: 'fieldNames' - type: Array - description: | - Expected input is a list of fully qualified names of fields as in the schema. - Only top-level field names for nested fields are supported. - For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. - item_type: - type: String - - name: 'excludeFields' - type: NestedObject - description: | - The fields to exclude from data profile. - If specified, the fields will be excluded from data profile, regardless of `include_fields` value. - properties: - - name: 'fieldNames' - type: Array - description: | - Expected input is a list of fully qualified names of fields as in the schema. - Only top-level field names for nested fields are supported. - For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'. - item_type: - type: String diff --git a/mmv1/products/dataplex/go_EntryGroup.yaml b/mmv1/products/dataplex/go_EntryGroup.yaml deleted file mode 100644 index 9669bafe26af..000000000000 --- a/mmv1/products/dataplex/go_EntryGroup.yaml +++ /dev/null @@ -1,128 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EntryGroup' -description: | - An Entry Group represents a logical grouping of one or more Entries. -docs: -base_url: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' -self_link: 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/entryGroups?entryGroupId={{entry_group_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' -timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -iam_policy: - skip_import_test: true - method_name_separator: ':' - parent_resource_attribute: 'entry_group_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}' - - '{{entry_group_id}}' -custom_code: -examples: - - name: 'dataplex_entry_group_basic' - primary_resource_id: 'test_entry_group_basic' - primary_resource_name: 'fmt.Sprintf("tf-test-entry-group%s", context["random_suffix"])' - vars: - entry_group_name: 'entry-group-basic' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_entry_group_full' - primary_resource_id: 'test_entry_group_full' - primary_resource_name: 'fmt.Sprintf("tf-test-entry-group%s", context["random_suffix"])' - vars: - entry_group_name: 'entry-group-full' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: | - The location where entry group will be created in. - url_param_only: true - immutable: true - - name: 'entryGroupId' - type: String - description: | - The entry group id of the entry group. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} - output: true - - name: 'uid' - type: String - description: | - System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. - output: true - - name: 'createTime' - type: Time - description: | - The time when the EntryGroup was created. - output: true - - name: 'updateTime' - type: Time - description: | - The time when the EntryGroup was last updated. - output: true - - name: 'description' - type: String - description: | - Description of the EntryGroup. - - name: 'displayName' - type: String - description: | - User friendly display name. - - name: 'labels' - type: KeyValueLabels - description: | - User-defined labels for the EntryGroup. - - name: 'transferStatus' - type: Enum - description: | - Denotes the transfer status of the Entry Group. It is unspecified - for Entry Group created from Dataplex API. - output: true - enum_values: - - 'TRANSFER_STATUS_UNSPECIFIED' - - 'TRANSFER_STATUS_MIGRATED' - - 'TRANSFER_STATUS_TRANSFERRED' diff --git a/mmv1/products/dataplex/go_EntryType.yaml b/mmv1/products/dataplex/go_EntryType.yaml deleted file mode 100644 index 5af9b29a45e6..000000000000 --- a/mmv1/products/dataplex/go_EntryType.yaml +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EntryType' -description: | - An Entry Type is a template for creating Entries. -docs: -base_url: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' -self_link: 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/entryTypes?entryTypeId={{entry_type_id}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' -timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -iam_policy: - skip_import_test: true - method_name_separator: ':' - parent_resource_attribute: 'entry_type_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/entryTypes/{{entry_type_id}}' - - '{{entry_type_id}}' -custom_code: -examples: - - name: 'dataplex_entry_type_basic' - primary_resource_id: 'test_entry_type_basic' - primary_resource_name: 'fmt.Sprintf("tf-test-entry-type%s", context["random_suffix"])' - vars: - entry_type_name: 'entry-type-basic' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_entry_type_full' - primary_resource_id: 'test_entry_type_full' - primary_resource_name: 'fmt.Sprintf("tf-test-entry-type%s", context["random_suffix"])' - vars: - entry_type_name: 'entry-type-full' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: | - The location where entry type will be created in. - url_param_only: true - immutable: true - - name: 'entryTypeId' - type: String - description: | - The entry type id of the entry type. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The relative resource name of the EntryType, of the form: projects/{project_number}/locations/{location_id}/entryTypes/{entry_type_id} - output: true - - name: 'uid' - type: String - description: | - System generated globally unique ID for the EntryType. This ID will be different if the EntryType is deleted and re-created with the same name. - output: true - - name: 'createTime' - type: Time - description: | - The time when the EntryType was created. - output: true - - name: 'updateTime' - type: Time - description: | - The time when the EntryType was last updated. - output: true - - name: 'description' - type: String - description: | - Description of the EntryType. - - name: 'displayName' - type: String - description: | - User friendly display name. - - name: 'labels' - type: KeyValueLabels - description: | - User-defined labels for the EntryType. - - name: 'typeAliases' - type: Array - description: | - Indicates the class this Entry Type belongs to, for example, TABLE, DATABASE, MODEL. - item_type: - type: String - - name: 'platform' - type: String - description: | - The platform that Entries of this type belongs to. - - name: 'system' - type: String - description: | - The system that Entries of this type belongs to. - - name: 'requiredAspects' - type: Array - description: | - AspectInfo for the entry type. - item_type: - type: NestedObject - properties: - - name: 'type' - type: String - description: | - Required aspect type for the entry type. diff --git a/mmv1/products/dataplex/go_Lake.yaml b/mmv1/products/dataplex/go_Lake.yaml deleted file mode 100644 index 2258093ed721..000000000000 --- a/mmv1/products/dataplex/go_Lake.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Lake' -description: | - Only used to generate IAM resources -exclude_resource: true -docs: -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'lake' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/lakes/{{name}}' - - '{{name}}' -custom_code: -examples: - - name: 'dataplex_lake_primary' - primary_resource_id: 'example' - primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"])' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: -properties: - - name: 'name' - type: String - description: | - Dummy property. - output: true diff --git a/mmv1/products/dataplex/go_Task.yaml b/mmv1/products/dataplex/go_Task.yaml deleted file mode 100644 index f45b8d9f4cb4..000000000000 --- a/mmv1/products/dataplex/go_Task.yaml +++ /dev/null @@ -1,508 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Task' -description: | - A Dataplex task represents the work that you want Dataplex to do on a schedule. It encapsulates code, parameters, and the schedule. -skip_attribution_label: true -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dataplex/docs' - api: 'https://cloud.google.com/dataplex/docs/reference/rest/v1/projects.locations.lakes.tasks' -docs: -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks?task_id={{task_id}}' -update_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -update_verb: 'PATCH' -update_mask: true -delete_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' -timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - timeouts: - insert_minutes: 5 - update_minutes: 5 - delete_minutes: 5 - result: - path: 'response' - resource_inside_response: false - error: - path: 'error' - message: 'message' -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'task_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/tasks/{{task_id}}' - - '{{task_id}}' -custom_code: -examples: - - name: 'dataplex_task_basic' - primary_resource_id: 'example' - primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_task_spark' - primary_resource_id: 'example_spark' - primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' - test_env_vars: - project_name: 'PROJECT_NAME' - - name: 'dataplex_task_notebook' - primary_resource_id: 'example_notebook' - primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-task%s", context["random_suffix"])' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: - - name: 'location' - type: String - description: | - The location in which the task will be created in. - url_param_only: true - immutable: true - - name: 'lake' - type: String - description: | - The lake in which the task will be created in. - url_param_only: true - immutable: true - - name: 'taskId' - type: String - description: | - The task Id of the task. - url_param_only: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The relative resource name of the task, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/ tasks/{name}. - output: true - - name: 'uid' - type: String - description: | - System generated globally unique ID for the task. This ID will be different if the task is deleted and re-created with the same name. - output: true - - name: 'createTime' - type: Time - description: | - The time when the task was created. - output: true - - name: 'updateTime' - type: Time - description: | - The time when the task was last updated. - output: true - - name: 'description' - type: String - description: | - User-provided description of the task. - - name: 'displayName' - type: String - description: | - User friendly display name. - - name: 'state' - type: Enum - description: | - Current state of the task. - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'ACTIVE' - - 'CREATING' - - 'DELETING' - - 'ACTION_REQUIRED' - - name: 'labels' - type: KeyValueLabels - description: | - User-defined labels for the task. - - name: 'triggerSpec' - type: NestedObject - description: | - Configuration for the cluster - required: true - properties: - - name: 'type' - type: Enum - description: | - Trigger type of the user-specified Task - required: true - immutable: true - enum_values: - - 'ON_DEMAND' - - 'RECURRING' - - name: 'startTime' - type: Time - description: | - The first run of the task will be after this time. If not specified, the task will run shortly after being submitted if ON_DEMAND and based on the schedule if RECURRING. - - name: 'disabled' - type: Boolean - description: | - Prevent the task from executing. This does not cancel already running tasks. It is intended to temporarily disable RECURRING tasks. - - name: 'maxRetries' - type: Integer - description: | - Number of retry attempts before aborting. Set to zero to never attempt to retry a failed task. - - name: 'schedule' - type: String - description: | - Cron schedule (https://en.wikipedia.org/wiki/Cron) for running tasks periodically. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: 'CRON_TZ=${IANA_TIME_ZONE}' or 'TZ=${IANA_TIME_ZONE}'. The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *. This field is required for RECURRING tasks. - - name: 'executionSpec' - type: NestedObject - description: | - Configuration for the cluster - required: true - properties: - - name: 'args' - type: KeyValuePairs - description: | - The arguments to pass to the task. The args can use placeholders of the format ${placeholder} as part of key/value string. These will be interpolated before passing the args to the driver. Currently supported placeholders: - ${taskId} - ${job_time} To pass positional args, set the key as TASK_ARGS. The value should be a comma-separated string of all the positional arguments. To use a delimiter other than comma, refer to https://cloud.google.com/sdk/gcloud/reference/topic/escaping. In case of other keys being present in the args, then TASK_ARGS will be passed as the last argument. An object containing a list of 'key': value pairs. Example: { 'name': 'wrench', 'mass': '1.3kg', 'count': '3' }. - - name: 'serviceAccount' - type: String - description: | - Service account to use to execute a task. If not provided, the default Compute service account for the project is used. - required: true - - name: 'project' - type: String - description: | - The project in which jobs are run. By default, the project containing the Lake is used. If a project is provided, the ExecutionSpec.service_account must belong to this project. - - name: 'maxJobExecutionLifetime' - type: String - description: | - The maximum duration after which the job execution is expired. A duration in seconds with up to nine fractional digits, ending with 's'. Example: '3.5s'. - - name: 'kmsKey' - type: String - description: | - The Cloud KMS key to use for encryption, of the form: projects/{project_number}/locations/{locationId}/keyRings/{key-ring-name}/cryptoKeys/{key-name}. - - name: 'executionStatus' - type: NestedObject - description: | - Configuration for the cluster - output: true - properties: - - name: 'updateTime' - type: String - description: | - Last update time of the status. - output: true - - name: 'latestJob' - type: NestedObject - description: | - latest job execution. - output: true - properties: - - name: 'name' - type: String - description: | - The relative resource name of the job, of the form: projects/{project_number}/locations/{locationId}/lakes/{lakeId}/tasks/{taskId}/jobs/{jobId}. - output: true - - name: 'uid' - type: String - description: | - System generated globally unique ID for the job. - output: true - - name: 'startTime' - type: Time - description: | - The time when the job was started. - output: true - - name: 'endTime' - type: Time - description: | - The time when the job ended. - output: true - - name: 'state' - type: Enum - description: | - Execution state for the job. - output: true - enum_values: - - 'STATE_UNSPECIFIED' - - 'RUNNING' - - 'CANCELLING' - - 'CANCELLED' - - 'SUCCEEDED' - - 'FAILED' - - 'ABORTED' - - name: 'retryCount' - type: Integer - description: | - The number of times the job has been retried (excluding the initial attempt). - output: true - - name: 'service' - type: Enum - description: | - The underlying service running a job. - output: true - enum_values: - - 'SERVICE_UNSPECIFIED' - - 'DATAPROC' - - name: 'serviceJob' - type: String - description: | - The full resource name for the job run under a particular service. - output: true - - name: 'message' - type: String - description: | - Additional information about the current state. - output: true - - name: 'spark' - type: NestedObject - description: | - A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. - exactly_one_of: - - 'spark' - - 'notebook' - properties: - - name: 'fileUris' - type: Array - description: | - Cloud Storage URIs of files to be placed in the working directory of each executor. - item_type: - type: String - - name: 'archiveUris' - type: Array - description: | - Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. - item_type: - type: String - - name: 'infrastructureSpec' - type: NestedObject - description: | - Infrastructure specification for the execution. - properties: - - name: 'batch' - type: NestedObject - description: | - Compute resources needed for a Task when using Dataproc Serverless. - properties: - - name: 'executorsCount' - type: Integer - description: | - Total number of job executors. Executor Count should be between 2 and 100. [Default=2] - default_value: 2 - - name: 'maxExecutorsCount' - type: Integer - description: | - Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] - default_value: 1000 - - name: 'containerImage' - type: NestedObject - description: | - Container Image Runtime Configuration. - properties: - - name: 'image' - type: String - description: | - Container image to use. - - name: 'javaJars' - type: Array - description: | - A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar - item_type: - type: String - - name: 'pythonPackages' - type: Array - description: | - A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz - item_type: - type: String - - name: 'properties' - type: KeyValuePairs - description: | - Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. - - name: 'vpcNetwork' - type: NestedObject - description: | - Vpc network. - properties: - - name: 'networkTags' - type: Array - description: | - List of network tags to apply to the job. - item_type: - type: String - - name: 'network' - type: String - description: | - The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. - exactly_one_of: - - 'network' - - 'subNetwork' - - name: 'subNetwork' - type: String - description: | - The Cloud VPC sub-network in which the job is run. - exactly_one_of: - - 'network' - - 'subNetwork' - - name: 'mainJarFileUri' - type: String - description: | - The Cloud Storage URI of the jar file that contains the main class. The execution args are passed in as a sequence of named process arguments (--key=value). - exactly_one_of: - - 'mainJarFileUri' - - 'mainClass' - - 'pythonScriptFile' - - 'sqlScriptFile' - - 'sqlScript' - - name: 'mainClass' - type: String - description: | - The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris. The execution args are passed in as a sequence of named process arguments (--key=value). - exactly_one_of: - - 'mainJarFileUri' - - 'mainClass' - - 'pythonScriptFile' - - 'sqlScriptFile' - - 'sqlScript' - - name: 'pythonScriptFile' - type: String - description: | - The Gcloud Storage URI of the main Python file to use as the driver. Must be a .py file. The execution args are passed in as a sequence of named process arguments (--key=value). - exactly_one_of: - - 'mainJarFileUri' - - 'mainClass' - - 'pythonScriptFile' - - 'sqlScriptFile' - - 'sqlScript' - - name: 'sqlScriptFile' - type: String - description: | - A reference to a query file. This can be the Cloud Storage URI of the query file or it can the path to a SqlScript Content. The execution args are used to declare a set of script variables (set key='value';). - exactly_one_of: - - 'mainJarFileUri' - - 'mainClass' - - 'pythonScriptFile' - - 'sqlScriptFile' - - 'sqlScript' - - name: 'sqlScript' - type: String - description: | - The query text. The execution args are used to declare a set of script variables (set key='value';). - exactly_one_of: - - 'mainJarFileUri' - - 'mainClass' - - 'pythonScriptFile' - - 'sqlScriptFile' - - 'sqlScript' - - name: 'notebook' - type: NestedObject - description: | - A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time. - exactly_one_of: - - 'spark' - - 'notebook' - properties: - - name: 'notebook' - type: String - description: | - Path to input notebook. This can be the Cloud Storage URI of the notebook file or the path to a Notebook Content. The execution args are accessible as environment variables (TASK_key=value). - required: true - - name: 'infrastructureSpec' - type: NestedObject - description: | - Infrastructure specification for the execution. - properties: - - name: 'batch' - type: NestedObject - description: | - Compute resources needed for a Task when using Dataproc Serverless. - properties: - - name: 'executorsCount' - type: Integer - description: | - Total number of job executors. Executor Count should be between 2 and 100. [Default=2] - default_value: 2 - - name: 'maxExecutorsCount' - type: Integer - description: | - Max configurable executors. If maxExecutorsCount > executorsCount, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. [Default=1000] - default_value: 1000 - - name: 'containerImage' - type: NestedObject - description: | - Container Image Runtime Configuration. - properties: - - name: 'image' - type: String - description: | - Container image to use. - - name: 'javaJars' - type: Array - description: | - A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar - item_type: - type: String - - name: 'pythonPackages' - type: Array - description: | - A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz - item_type: - type: String - - name: 'properties' - type: KeyValuePairs - description: | - Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties. - - name: 'vpcNetwork' - type: NestedObject - description: | - Vpc network. - properties: - - name: 'networkTags' - type: Array - description: | - List of network tags to apply to the job. - item_type: - type: String - - name: 'network' - type: String - description: | - The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used. - exactly_one_of: - - 'network' - - 'subNetwork' - - name: 'subNetwork' - type: String - description: | - The Cloud VPC sub-network in which the job is run. - exactly_one_of: - - 'network' - - 'subNetwork' - - name: 'fileUris' - type: Array - description: | - Cloud Storage URIs of files to be placed in the working directory of each executor. - item_type: - type: String - - name: 'archiveUris' - type: Array - description: | - Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. - item_type: - type: String diff --git a/mmv1/products/dataplex/go_Zone.yaml b/mmv1/products/dataplex/go_Zone.yaml deleted file mode 100644 index 98a1024dd790..000000000000 --- a/mmv1/products/dataplex/go_Zone.yaml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Zone' -description: | - Only used to generate IAM resources -exclude_resource: true -docs: -base_url: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' -self_link: 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -iam_policy: - method_name_separator: ':' - parent_resource_attribute: 'dataplex_zone' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{name}}' - - '{{name}}' - substitute_zone_value: false -custom_code: -examples: - - name: 'dataplex_zone_primary' - primary_resource_id: 'example' - primary_resource_name: 'fmt.Sprintf("tf-test-lake%s", context["random_suffix"]), fmt.Sprintf("tf-test-zone%s", context["random_suffix"])' - test_env_vars: - project_name: 'PROJECT_NAME' -parameters: -properties: - - name: 'name' - type: String - description: | - Dummy property. - output: true diff --git a/mmv1/products/dataplex/go_product.yaml b/mmv1/products/dataplex/go_product.yaml deleted file mode 100644 index 8993d5cc4eec..000000000000 --- a/mmv1/products/dataplex/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Dataplex' -display_name: 'Dataplex' -versions: - - name: 'ga' - base_url: 'https://dataplex.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataplex/product.yaml b/mmv1/products/dataplex/product.yaml index 7b4434bbf8ec..72c5bf025eb6 100644 --- a/mmv1/products/dataplex/product.yaml +++ b/mmv1/products/dataplex/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Dataplex -display_name: Dataplex +--- +name: 'Dataplex' +display_name: 'Dataplex' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://dataplex.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://dataplex.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dataproc/AutoscalingPolicy.yaml b/mmv1/products/dataproc/AutoscalingPolicy.yaml index eb9c9ce45314..a955d02efdaf 100644 --- a/mmv1/products/dataproc/AutoscalingPolicy.yaml +++ b/mmv1/products/dataproc/AutoscalingPolicy.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,83 +11,81 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'AutoscalingPolicy' +description: | + Describes an autoscaling policy for Dataproc cluster autoscaler. +docs: +id_format: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' base_url: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies' self_link: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +import_format: + - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 collection_url_key: 'policies' -description: | - Describes an autoscaling policy for Dataproc cluster autoscaler. -iam_policy: !ruby/object:Api::Resource::IamPolicy +iam_policy: method_name_separator: ':' + fetch_iam_policy_verb: 'POST' parent_resource_attribute: 'policy_id' - fetch_iam_policy_verb: :POST + example_config_body: 'templates/terraform/iam/iam_attributes.go.tmpl' import_format: - [ - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}', - '{{policy_id}}', - ] -id_format: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' -import_format: - [ - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' + - '{{policy_id}}' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dataproc_autoscaling_policy_basic' - skip_docs: true + - name: 'dataproc_autoscaling_policy_basic' primary_resource_id: 'basic' - primary_resource_name: "fmt.Sprintf(\"tf-test-dataproc-policy%s\", - context[\"\ - random_suffix\"])" + primary_resource_name: 'fmt.Sprintf("tf-test-dataproc-policy%s", context["random_suffix"])' vars: name: 'dataproc-policy' - - !ruby/object:Provider::Terraform::Examples - name: 'dataproc_autoscaling_policy' + exclude_docs: true + - name: 'dataproc_autoscaling_policy' primary_resource_id: 'asp' vars: name: 'dataproc-policy' parameters: - - !ruby/object:Api::Type::String - name: 'location' - url_param_only: true - immutable: true - default_value: global + - name: 'location' + type: String description: | The location where the autoscaling policy should reside. The default value is `global`. + url_param_only: true + immutable: true + default_value: "global" properties: - - !ruby/object:Api::Type::String - name: 'policy_id' - api_name: 'id' - required: true + - name: 'policy_id' + type: String description: | The policy id. The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 50 characters. - - !ruby/object:Api::Type::String - name: 'name' - output: true + api_name: id + required: true + - name: 'name' + type: String description: | The "resource name" of the autoscaling policy. - - !ruby/object:Api::Type::NestedObject - name: 'workerConfig' + output: true + - name: 'workerConfig' + type: NestedObject description: | Describes how the autoscaler will operate for primary workers. properties: - - !ruby/object:Api::Type::Integer - name: 'minInstances' - default_value: 2 + - name: 'minInstances' + type: Integer description: | Minimum number of instances for this group. Bounds: [2, maxInstances]. Defaults to 2. - - !ruby/object:Api::Type::Integer - name: 'maxInstances' - required: true + default_value: 2 + - name: 'maxInstances' + type: Integer description: | Maximum number of instances for this group. - - !ruby/object:Api::Type::Integer - name: 'weight' - default_value: 1 + required: true + - name: 'weight' + type: Integer description: | Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, @@ -103,38 +101,34 @@ properties: within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers. - - !ruby/object:Api::Type::NestedObject - name: 'secondaryWorkerConfig' + default_value: 1 + - name: 'secondaryWorkerConfig' + type: NestedObject description: | Describes how the autoscaler will operate for secondary workers. properties: - - !ruby/object:Api::Type::Integer - name: 'minInstances' - at_least_one_of: - - secondary_worker_config.0.min_instances - - secondary_worker_config.0.max_instances - - secondary_worker_config.0.weight - default_value: 0 + - name: 'minInstances' + type: Integer description: | Minimum number of instances for this group. Bounds: [0, maxInstances]. Defaults to 0. - - !ruby/object:Api::Type::Integer - name: 'maxInstances' at_least_one_of: - - secondary_worker_config.0.min_instances - - secondary_worker_config.0.max_instances - - secondary_worker_config.0.weight + - 'secondary_worker_config.0.min_instances' + - 'secondary_worker_config.0.max_instances' + - 'secondary_worker_config.0.weight' default_value: 0 + - name: 'maxInstances' + type: Integer description: | Maximum number of instances for this group. Note that by default, clusters will not use secondary workers. Required for secondary workers if the minimum secondary instances is set. Bounds: [minInstances, ). Defaults to 0. - - !ruby/object:Api::Type::Integer - name: 'weight' at_least_one_of: - - secondary_worker_config.0.min_instances - - secondary_worker_config.0.max_instances - - secondary_worker_config.0.weight - default_value: 1 + - 'secondary_worker_config.0.min_instances' + - 'secondary_worker_config.0.max_instances' + - 'secondary_worker_config.0.weight' + default_value: 0 + - name: 'weight' + type: Integer description: | Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, @@ -150,37 +144,41 @@ properties: within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers. - - !ruby/object:Api::Type::NestedObject - name: 'basicAlgorithm' + at_least_one_of: + - 'secondary_worker_config.0.min_instances' + - 'secondary_worker_config.0.max_instances' + - 'secondary_worker_config.0.weight' + default_value: 1 + - name: 'basicAlgorithm' + type: NestedObject description: | Basic algorithm for autoscaling. properties: - - !ruby/object:Api::Type::String - name: 'cooldownPeriod' - default_value: '120s' + - name: 'cooldownPeriod' + type: String description: | Duration between scaling events. A scaling period starts after the update operation from the previous event has completed. Bounds: [2m, 1d]. Default: 2m. - - !ruby/object:Api::Type::NestedObject - name: 'yarnConfig' - required: true + default_value: "120s" + - name: 'yarnConfig' + type: NestedObject description: | YARN autoscaling configuration. + required: true properties: - - !ruby/object:Api::Type::String - name: 'gracefulDecommissionTimeout' - required: true + - name: 'gracefulDecommissionTimeout' + type: String description: | Timeout for YARN graceful decommissioning of Node Managers. Specifies the duration to wait for jobs to complete before forcefully removing workers (and potentially interrupting jobs). Only applicable to downscaling operations. Bounds: [0s, 1d]. - - !ruby/object:Api::Type::Double - name: 'scaleUpFactor' required: true + - name: 'scaleUpFactor' + type: Double description: | Fraction of average pending memory in the last cooldown period for which to add workers. A scale-up factor of 1.0 will result in scaling up so that there @@ -189,9 +187,9 @@ properties: (less aggressive scaling). Bounds: [0.0, 1.0]. - - !ruby/object:Api::Type::Double - name: 'scaleDownFactor' required: true + - name: 'scaleDownFactor' + type: Double description: | Fraction of average pending memory in the last cooldown period for which to remove workers. A scale-down factor of 1 will result in scaling down so that there @@ -200,9 +198,9 @@ properties: autoscaling a single job. Bounds: [0.0, 1.0]. - - !ruby/object:Api::Type::Double - name: 'scaleUpMinWorkerFraction' - default_value: 0.0 + required: true + - name: 'scaleUpMinWorkerFraction' + type: Double description: | Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler @@ -210,9 +208,9 @@ properties: 0 means the autoscaler will scale up on any recommended change. Bounds: [0.0, 1.0]. Default: 0.0. - - !ruby/object:Api::Type::Double - name: 'scaleDownMinWorkerFraction' default_value: 0.0 + - name: 'scaleDownMinWorkerFraction' + type: Double description: | Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must @@ -220,3 +218,4 @@ properties: means the autoscaler will scale down on any recommended change. Bounds: [0.0, 1.0]. Default: 0.0. + default_value: 0.0 diff --git a/mmv1/products/dataproc/Batch.yaml b/mmv1/products/dataproc/Batch.yaml new file mode 100644 index 000000000000..febffeeb45b8 --- /dev/null +++ b/mmv1/products/dataproc/Batch.yaml @@ -0,0 +1,539 @@ +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'Batch' +description: | + Dataproc Serverless Batches lets you run Spark workloads without requiring you to + provision and manage your own Dataproc cluster. +references: + guides: + 'Dataproc Serverless Batches Intro': 'https://cloud.google.com/dataproc-serverless/docs/overview' + api: 'https://cloud.google.com/dataproc-serverless/docs/reference/rest/v1/projects.locations.batches' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/batches/{{batch_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/batches' +self_link: 'projects/{{project}}/locations/{{location}}/batches/{{batch_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/batches?batchId={{batch_id}}' +delete_url: 'projects/{{project}}/locations/{{location}}/batches/{{batch_id}}' +immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/batches/{{batch_id}}' +timeouts: + insert_minutes: 10 + update_minutes: 20 + delete_minutes: 5 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + result: + resource_inside_response: false +collection_url_key: 'batches' +custom_code: + constants: 'templates/terraform/constants/cloud_dataproc_batch.go.tmpl' + decoder: 'templates/terraform/decoders/cloud_dataproc_batch.go.tmpl' +examples: + - name: 'dataproc_batch_spark' + primary_resource_id: 'example_batch_spark' + primary_resource_name: 'fmt.Sprintf("tf-test-spark-batch%s", context["random_suffix"])' + vars: + subnetwork_name: 'default' + prevent_destroy: 'true' + test_env_vars: + project_name: 'PROJECT_NAME' + test_vars_overrides: + 'subnetwork_name': 'acctest.BootstrapSubnetWithFirewallForDataprocBatches(t, "dataproc-spark-test-network", "dataproc-spark-test-subnetwork")' + 'prevent_destroy': 'false' + ignore_read_extra: + - 'runtime_config.0.properties' + - name: 'dataproc_batch_spark_full' + primary_resource_id: 'example_batch_spark' + primary_resource_name: 'fmt.Sprintf("tf-test-spark-batch%s", context["random_suffix"])' + vars: + dataproc_batch: 'dataproc-batch' + prevent_destroy: 'true' + key_name: 'example-key' + keyring_name: 'example-keyring' + bucket_name: 'dataproc-bucket' + test_env_vars: + project_name: 'PROJECT_NAME' + test_vars_overrides: + 'prevent_destroy': 'false' + ignore_read_extra: + - 'runtime_config.0.properties' + - name: 'dataproc_batch_sparksql' + primary_resource_id: 'example_batch_sparsql' + primary_resource_name: 'fmt.Sprintf("tf-test-spark-batch%s", context["random_suffix"])' + vars: + subnetwork_name: 'default' + prevent_destroy: 'true' + test_env_vars: + project_name: 'PROJECT_NAME' + test_vars_overrides: + 'subnetwork_name': 'acctest.BootstrapSubnetWithFirewallForDataprocBatches(t, "dataproc-sparksql-test-network", "dataproc-sparksql-test-subnetwork")' + 'prevent_destroy': 'false' + ignore_read_extra: + - 'runtime_config.0.properties' + - name: 'dataproc_batch_pyspark' + primary_resource_id: 'example_batch_pyspark' + primary_resource_name: 'fmt.Sprintf("tf-test-spark-batch%s", context["random_suffix"])' + vars: + subnetwork_name: 'default' + prevent_destroy: 'true' + test_env_vars: + project_name: 'PROJECT_NAME' + test_vars_overrides: + 'subnetwork_name': 'acctest.BootstrapSubnetWithFirewallForDataprocBatches(t, "dataproc-pyspark-test-network", "dataproc-pyspark-test-subnetwork")' + 'prevent_destroy': 'false' + ignore_read_extra: + - 'runtime_config.0.properties' + - name: 'dataproc_batch_sparkr' + primary_resource_id: 'example_batch_sparkr' + primary_resource_name: 'fmt.Sprintf("tf-test-spark-batch%s", context["random_suffix"])' + vars: + subnetwork_name: 'default' + prevent_destroy: 'true' + test_env_vars: + project_name: 'PROJECT_NAME' + test_vars_overrides: + 'subnetwork_name': 'acctest.BootstrapSubnetWithFirewallForDataprocBatches(t, "dataproc-pyspark-test-network", "dataproc-pyspark-test-subnetwork")' + 'prevent_destroy': 'false' + ignore_read_extra: + - 'runtime_config.0.properties' +parameters: + - name: 'location' + type: String + description: | + The location in which the batch will be created in. + url_param_only: true + immutable: true + - name: 'batchId' + type: String + description: | + The ID to use for the batch, which will become the final component of the batch's resource name. + This value must be 4-63 characters. Valid characters are /[a-z][0-9]-/. + url_param_only: true + immutable: true +properties: + - name: 'name' + type: String + description: | + The resource name of the batch. + output: true + - name: 'uuid' + type: String + description: | + A batch UUID (Unique Universal Identifier). The service generates this value when it creates the batch. + output: true + - name: 'createTime' + type: String + description: | + The time when the batch was created. + output: true + - name: 'runtimeInfo' + type: NestedObject + description: 'Runtime information about batch execution.' + output: true + properties: + - name: 'outputUri' + type: String + description: | + A URI pointing to the location of the stdout and stderr of the workload. + output: true + - name: 'diagnosticOutputUri' + type: String + description: | + A URI pointing to the location of the diagnostics tarball. + output: true + - name: 'endpoints' + type: KeyValuePairs + description: | + Map of remote access endpoints (such as web interfaces and APIs) to their URIs. + output: true + - name: 'approximateUsage' + type: NestedObject + description: | + Approximate workload resource usage, calculated when the workload completes(see [Dataproc Serverless pricing](https://cloud.google.com/dataproc-serverless/pricing)) + output: true + properties: + - name: 'milliDcuSeconds' + type: String + description: | + DCU (Dataproc Compute Units) usage in (milliDCU x seconds) + output: true + - name: 'shuffleStorageGbSeconds' + type: String + description: | + Shuffle storage usage in (GB x seconds) + output: true + - name: 'milliAcceleratorSeconds' + type: String + description: | + Accelerator usage in (milliAccelerator x seconds) + output: true + - name: 'acceleratorType' + type: String + description: | + Accelerator type being used, if any + output: true + - name: 'currentUsage' + type: NestedObject + description: | + Snapshot of current workload resource usage(see [Dataproc Serverless pricing](https://cloud.google.com/dataproc-serverless/pricing)) + output: true + properties: + - name: 'milliDcu' + type: String + description: | + Milli (one-thousandth) Dataproc Compute Units (DCUs). + output: true + - name: 'shuffleStorageGb' + type: String + description: | + Shuffle Storage in gigabytes (GB). + output: true + - name: 'milliDcuPremium' + type: String + description: | + Milli (one-thousandth) Dataproc Compute Units (DCUs) charged at premium tier. + output: true + - name: 'shuffleStorageGbPremium' + type: String + description: | + Shuffle Storage in gigabytes (GB) charged at premium tier. + output: true + - name: 'milliAccelerator' + type: String + description: | + Milli (one-thousandth) accelerator.. + output: true + - name: 'acceleratorType' + type: String + description: | + Accelerator type being used, if any. + output: true + - name: 'snapshotTime' + type: String + description: | + The timestamp of the usage snapshot. + output: true + - name: 'state' + type: String + description: | + The state of the batch. For possible values, see the [API documentation](https://cloud.google.com/dataproc-serverless/docs/reference/rest/v1/projects.locations.batches#State). + output: true + - name: 'stateMessage' + type: String + description: | + Batch state details, such as a failure description if the state is FAILED. + output: true + - name: 'stateTime' + type: String + description: | + Batch state details, such as a failure description if the state is FAILED. + output: true + - name: 'creator' + type: String + description: | + The email address of the user who created the batch. + output: true + - name: 'labels' + type: KeyValueLabels + description: | + The labels to associate with this batch. + - name: 'runtimeConfig' + type: NestedObject + description: | + Runtime configuration for the batch execution. + properties: + - name: 'version' + type: String + description: | + Version of the batch runtime. + default_from_api: true + diff_suppress_func: 'CloudDataprocBatchRuntimeConfigVersionDiffSuppress' + - name: 'containerImage' + type: String + description: | + Optional custom container image for the job runtime environment. If not specified, a default container image will be used. + - name: 'properties' + type: KeyValuePairs + description: | + A mapping of property names to values, which are used to configure workload execution. + - name: 'effective_properties' + type: KeyValuePairs + description: | + A mapping of property names to values, which are used to configure workload execution. + output: true + - name: 'environmentConfig' + type: NestedObject + description: | + Environment configuration for the batch execution. + properties: + - name: 'executionConfig' + type: NestedObject + description: | + Execution configuration for a workload. + properties: + - name: 'serviceAccount' + type: String + description: | + Service account that used to execute workload. + default_from_api: true + - name: 'networkTags' + type: Array + description: | + Tags used for network traffic control. + item_type: + type: String + - name: 'kmsKey' + type: String + description: | + The Cloud KMS key to use for encryption. + - name: 'ttl' + type: String + description: | + The duration after which the workload will be terminated. + When the workload exceeds this duration, it will be unconditionally terminated without waiting for ongoing + work to finish. If ttl is not specified for a batch workload, the workload will be allowed to run until it + exits naturally (or run forever without exiting). If ttl is not specified for an interactive session, + it defaults to 24 hours. If ttl is not specified for a batch that uses 2.1+ runtime version, it defaults to 4 hours. + Minimum value is 10 minutes; maximum value is 14 days. If both ttl and idleTtl are specified (for an interactive session), + the conditions are treated as OR conditions: the workload will be terminated when it has been idle for idleTtl or + when ttl has been exceeded, whichever occurs first. + default_from_api: true + - name: 'stagingBucket' + type: String + description: | + A Cloud Storage bucket used to stage workload dependencies, config files, and store + workload output and other ephemeral data, such as Spark history files. If you do not specify a staging bucket, + Cloud Dataproc will determine a Cloud Storage location according to the region where your workload is running, + and then create and manage project-level, per-location staging and temporary buckets. + This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket. + - name: 'networkUri' + type: String + description: | + Network configuration for workload execution. + conflicts: + - environment_config.0.execution_config.0.subnetwork_uri + - name: 'subnetworkUri' + type: String + description: | + Subnetwork configuration for workload execution. + conflicts: + - environment_config.0.execution_config.0.network_uri + - name: 'peripheralsConfig' + type: NestedObject + description: | + Peripherals configuration that workload has access to. + default_from_api: true + allow_empty_object: true + properties: + - name: 'metastoreService' + type: String + description: | + Resource name of an existing Dataproc Metastore service. + - name: 'sparkHistoryServerConfig' + type: NestedObject + description: | + The Spark History Server configuration for the workload. + properties: + - name: 'dataprocCluster' + type: String + description: | + Resource name of an existing Dataproc Cluster to act as a Spark History Server for the workload. + - name: 'operation' + type: String + description: | + The resource name of the operation associated with this batch. + output: true + - name: 'stateHistory' + type: Array + description: | + Historical state information for the batch. + output: true + item_type: + type: NestedObject + properties: + - name: 'state' + type: String + description: | + The state of the batch at this point in history. For possible values, see the [API documentation](https://cloud.google.com/dataproc-serverless/docs/reference/rest/v1/projects.locations.batches#State). + output: true + - name: 'stateMessage' + type: String + description: | + Details about the state at this point in history. + output: true + - name: 'stateStartTime' + type: String + description: | + The time when the batch entered the historical state. + output: true + - name: 'pysparkBatch' + type: NestedObject + description: | + PySpark batch config. + exactly_one_of: + - 'pyspark_batch' + - 'spark_batch' + - 'spark_sql_batch' + - 'spark_r_batch' + properties: + - name: 'mainPythonFileUri' + type: String + description: | + The HCFS URI of the main Python file to use as the Spark driver. Must be a .py file. + - name: 'args' + type: Array + description: | + The arguments to pass to the driver. Do not include arguments that can be set as batch + properties, such as --conf, since a collision can occur that causes an incorrect batch submission. + item_type: + type: String + - name: 'pythonFileUris' + type: Array + description: | + HCFS file URIs of Python files to pass to the PySpark framework. + Supported file types: .py, .egg, and .zip. + item_type: + type: String + - name: 'jarFileUris' + type: Array + description: | + HCFS URIs of jar files to add to the classpath of the Spark driver and tasks. + item_type: + type: String + - name: 'fileUris' + type: Array + description: | + HCFS URIs of files to be placed in the working directory of each executor. + item_type: + type: String + - name: 'archiveUris' + type: Array + description: | + HCFS URIs of archives to be extracted into the working directory of each executor. + Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: + type: String + - name: 'sparkBatch' + type: NestedObject + description: | + Spark batch config. + exactly_one_of: + - 'pyspark_batch' + - 'spark_batch' + - 'spark_sql_batch' + - 'spark_r_batch' + properties: + - name: 'args' + type: Array + description: | + The arguments to pass to the driver. Do not include arguments that can be set as batch + properties, such as --conf, since a collision can occur that causes an incorrect batch submission. + item_type: + type: String + - name: 'jarFileUris' + type: Array + description: | + HCFS URIs of jar files to add to the classpath of the Spark driver and tasks. + item_type: + type: String + - name: 'fileUris' + type: Array + description: | + HCFS URIs of files to be placed in the working directory of each executor. + item_type: + type: String + - name: 'archiveUris' + type: Array + description: | + HCFS URIs of archives to be extracted into the working directory of each executor. + Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: + type: String + - name: 'mainJarFileUri' + type: String + description: | + The HCFS URI of the jar file that contains the main class. + exactly_one_of: + - 'spark_batch.0.main_class' + - name: 'mainClass' + type: String + description: | + The name of the driver main class. The jar file that contains the class must be in the + classpath or specified in jarFileUris. + exactly_one_of: + - 'spark_batch.0.main_jar_file_uri' + - name: 'sparkRBatch' + type: NestedObject + description: | + SparkR batch config. + exactly_one_of: + - 'pyspark_batch' + - 'spark_batch' + - 'spark_sql_batch' + - 'spark_r_batch' + properties: + - name: 'mainRFileUri' + type: String + description: | + The HCFS URI of the main R file to use as the driver. Must be a .R or .r file. + - name: 'args' + type: Array + description: | + The arguments to pass to the driver. Do not include arguments that can be set as batch + properties, such as --conf, since a collision can occur that causes an incorrect batch submission. + item_type: + type: String + - name: 'fileUris' + type: Array + description: | + HCFS URIs of files to be placed in the working directory of each executor. + item_type: + type: String + - name: 'archiveUris' + type: Array + description: | + HCFS URIs of archives to be extracted into the working directory of each executor. + Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip. + item_type: + type: String + - name: 'sparkSqlBatch' + type: NestedObject + description: | + Spark SQL batch config. + exactly_one_of: + - 'pyspark_batch' + - 'spark_batch' + - 'spark_sql_batch' + - 'spark_r_batch' + properties: + - name: 'queryFileUri' + type: String + description: | + The HCFS URI of the script that contains Spark SQL queries to execute. + - name: 'jarFileUris' + type: Array + description: | + HCFS URIs of jar files to be added to the Spark CLASSPATH. + item_type: + type: String + - name: 'queryVariables' + type: KeyValuePairs + description: | + Mapping of query variable names to values (equivalent to the Spark SQL command: SET name="value";). diff --git a/mmv1/products/dataproc/go_AutoscalingPolicy.yaml b/mmv1/products/dataproc/go_AutoscalingPolicy.yaml deleted file mode 100644 index f0e4a513c67e..000000000000 --- a/mmv1/products/dataproc/go_AutoscalingPolicy.yaml +++ /dev/null @@ -1,222 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AutoscalingPolicy' -description: | - Describes an autoscaling policy for Dataproc cluster autoscaler. -docs: -id_format: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies' -self_link: 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' -import_format: - - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -collection_url_key: 'policies' -iam_policy: - method_name_separator: ':' - fetch_iam_policy_verb: 'POST' - parent_resource_attribute: 'policy_id' - example_config_body: 'templates/terraform/iam/go/iam_attributes.go.tmpl' - import_format: - - 'projects/{{project}}/locations/{{location}}/autoscalingPolicies/{{policy_id}}' - - '{{policy_id}}' -custom_code: -examples: - - name: 'dataproc_autoscaling_policy_basic' - primary_resource_id: 'basic' - primary_resource_name: 'fmt.Sprintf("tf-test-dataproc-policy%s", context["random_suffix"])' - vars: - name: 'dataproc-policy' - skip_docs: true - - name: 'dataproc_autoscaling_policy' - primary_resource_id: 'asp' - vars: - name: 'dataproc-policy' -parameters: - - name: 'location' - type: String - description: | - The location where the autoscaling policy should reside. - The default value is `global`. - url_param_only: true - immutable: true - default_value: "global" -properties: - - name: 'policy_id' - type: String - description: | - The policy id. The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), - and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between - 3 and 50 characters. - api_name: id - required: true - - name: 'name' - type: String - description: | - The "resource name" of the autoscaling policy. - output: true - - name: 'workerConfig' - type: NestedObject - description: | - Describes how the autoscaler will operate for primary workers. - properties: - - name: 'minInstances' - type: Integer - description: | - Minimum number of instances for this group. Bounds: [2, maxInstances]. Defaults to 2. - default_value: 2 - - name: 'maxInstances' - type: Integer - description: | - Maximum number of instances for this group. - required: true - - name: 'weight' - type: Integer - description: | - Weight for the instance group, which is used to determine the fraction of total workers - in the cluster from this instance group. For example, if primary workers have weight 2, - and secondary workers have weight 1, the cluster will have approximately 2 primary workers - for each secondary worker. - - The cluster may not reach the specified balance if constrained by min/max bounds or other - autoscaling settings. For example, if maxInstances for secondary workers is 0, then only - primary workers will be added. The cluster can also be out of balance when created. - - If weight is not set on any instance group, the cluster will default to equal weight for - all groups: the cluster will attempt to maintain an equal number of workers in each group - within the configured size bounds for each group. If weight is set for one group only, - the cluster will default to zero weight on the unset group. For example if weight is set - only on primary workers, the cluster will use primary workers only and no secondary workers. - default_value: 1 - - name: 'secondaryWorkerConfig' - type: NestedObject - description: | - Describes how the autoscaler will operate for secondary workers. - properties: - - name: 'minInstances' - type: Integer - description: | - Minimum number of instances for this group. Bounds: [0, maxInstances]. Defaults to 0. - at_least_one_of: - - 'secondary_worker_config.0.min_instances' - - 'secondary_worker_config.0.max_instances' - - 'secondary_worker_config.0.weight' - default_value: 0 - - name: 'maxInstances' - type: Integer - description: | - Maximum number of instances for this group. Note that by default, clusters will not use - secondary workers. Required for secondary workers if the minimum secondary instances is set. - Bounds: [minInstances, ). Defaults to 0. - at_least_one_of: - - 'secondary_worker_config.0.min_instances' - - 'secondary_worker_config.0.max_instances' - - 'secondary_worker_config.0.weight' - default_value: 0 - - name: 'weight' - type: Integer - description: | - Weight for the instance group, which is used to determine the fraction of total workers - in the cluster from this instance group. For example, if primary workers have weight 2, - and secondary workers have weight 1, the cluster will have approximately 2 primary workers - for each secondary worker. - - The cluster may not reach the specified balance if constrained by min/max bounds or other - autoscaling settings. For example, if maxInstances for secondary workers is 0, then only - primary workers will be added. The cluster can also be out of balance when created. - - If weight is not set on any instance group, the cluster will default to equal weight for - all groups: the cluster will attempt to maintain an equal number of workers in each group - within the configured size bounds for each group. If weight is set for one group only, - the cluster will default to zero weight on the unset group. For example if weight is set - only on primary workers, the cluster will use primary workers only and no secondary workers. - at_least_one_of: - - 'secondary_worker_config.0.min_instances' - - 'secondary_worker_config.0.max_instances' - - 'secondary_worker_config.0.weight' - default_value: 1 - - name: 'basicAlgorithm' - type: NestedObject - description: | - Basic algorithm for autoscaling. - properties: - - name: 'cooldownPeriod' - type: String - description: | - Duration between scaling events. A scaling period starts after the - update operation from the previous event has completed. - - Bounds: [2m, 1d]. Default: 2m. - default_value: "120s" - - name: 'yarnConfig' - type: NestedObject - description: | - YARN autoscaling configuration. - required: true - properties: - - name: 'gracefulDecommissionTimeout' - type: String - description: | - Timeout for YARN graceful decommissioning of Node Managers. Specifies the - duration to wait for jobs to complete before forcefully removing workers - (and potentially interrupting jobs). Only applicable to downscaling operations. - - Bounds: [0s, 1d]. - required: true - - name: 'scaleUpFactor' - type: Double - description: | - Fraction of average pending memory in the last cooldown period for which to - add workers. A scale-up factor of 1.0 will result in scaling up so that there - is no pending memory remaining after the update (more aggressive scaling). - A scale-up factor closer to 0 will result in a smaller magnitude of scaling up - (less aggressive scaling). - - Bounds: [0.0, 1.0]. - required: true - - name: 'scaleDownFactor' - type: Double - description: | - Fraction of average pending memory in the last cooldown period for which to - remove workers. A scale-down factor of 1 will result in scaling down so that there - is no available memory remaining after the update (more aggressive scaling). - A scale-down factor of 0 disables removing workers, which can be beneficial for - autoscaling a single job. - - Bounds: [0.0, 1.0]. - required: true - - name: 'scaleUpMinWorkerFraction' - type: Double - description: | - Minimum scale-up threshold as a fraction of total cluster size before scaling - occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler - must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of - 0 means the autoscaler will scale up on any recommended change. - - Bounds: [0.0, 1.0]. Default: 0.0. - default_value: 0.0 - - name: 'scaleDownMinWorkerFraction' - type: Double - description: | - Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. - For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must - recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 - means the autoscaler will scale down on any recommended change. - - Bounds: [0.0, 1.0]. Default: 0.0. - default_value: 0.0 diff --git a/mmv1/products/dataproc/go_product.yaml b/mmv1/products/dataproc/go_product.yaml deleted file mode 100644 index 84783b9848aa..000000000000 --- a/mmv1/products/dataproc/go_product.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Dataproc' -display_name: 'Dataproc' -versions: - - name: 'ga' - base_url: 'https://dataproc.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://dataproc.googleapis.com/v1beta2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/dataproc/product.yaml b/mmv1/products/dataproc/product.yaml index acf70992e563..d471a9673cc0 100644 --- a/mmv1/products/dataproc/product.yaml +++ b/mmv1/products/dataproc/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Dataproc +--- +name: 'Dataproc' +display_name: 'Dataproc' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://dataproc.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://dataproc.googleapis.com/v1beta2/ + - name: 'ga' + base_url: 'https://dataproc.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-identity + - 'https://www.googleapis.com/auth/cloud-identity' diff --git a/mmv1/products/datastream/ConnectionProfile.yaml b/mmv1/products/datastream/ConnectionProfile.yaml index 7d4cbf28411d..fc1b594225a2 100644 --- a/mmv1/products/datastream/ConnectionProfile.yaml +++ b/mmv1/products/datastream/ConnectionProfile.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,36 +11,48 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'ConnectionProfile' -base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' -create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}&force={{create_without_validation}}' -self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + A set of reusable connection configurations to be used as a source or destination for a stream. +references: guides: 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-connection-profiles' api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.connectionProfiles' -description: | - A set of reusable connection configurations to be used as a source or destination for a stream. -id_format: projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}} +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' +self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}&force={{create_without_validation}}' +update_verb: 'PATCH' +update_mask: true import_format: - [ - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}', - ] + - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_connection_profile_basic' + - name: 'datastream_connection_profile_basic' primary_resource_id: 'default' vars: connection_profile_id: 'my-profile' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_connection_profile_postgresql_private_connection' - external_providers: ["random", "time"] + - name: 'datastream_connection_profile_postgresql_private_connection' primary_resource_id: 'default' - # Random provider - skip_vcr: true vars: private_connection_id: 'my-connection' connection_profile_id: 'my-profile' @@ -48,34 +60,32 @@ examples: database_instance_name: 'my-instance' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_connection_profile_full' - primary_resource_id: - 'default' + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'datastream_connection_profile_full' + primary_resource_id: 'default' + vars: + connection_profile_id: 'my-profile' # Workaround for https://github.com/hashicorp/terraform-provider-google/issues/12410 ignore_read_extra: - 'forward_ssh_connectivity.0.password' - vars: - connection_profile_id: 'my-profile' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_connection_profile_postgres' + - name: 'datastream_connection_profile_postgres' primary_resource_id: 'default' vars: connection_profile_id: 'my-profile' database_instance_name: 'my-instance' deletion_protection: 'true' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_connection_profile_sql_server' + 'deletion_protection': 'false' + exclude_test: true + - name: 'datastream_connection_profile_sql_server' primary_resource_id: 'default' - skip_test: true vars: database_name: 'db' database_password: 'password' @@ -85,327 +95,329 @@ examples: sql_server_name: 'sql-server' sql_server_root_password: 'root-password' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: connectionProfileId + - name: 'connectionProfileId' + type: String description: |- The connection profile identifier. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Boolean - name: create_without_validation + - name: 'create_without_validation' + type: Boolean description: |- Create the connection profile without validating it. + url_param_only: true required: false - default_value: false immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + default_value: false + - name: 'location' + type: String description: | The name of the location this connection profile is located in. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: The resource's name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: Labels. - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + - name: 'displayName' + type: String description: Display name. - - !ruby/object:Api::Type::NestedObject - name: 'oracleProfile' - exactly_one_of: - - oracle_profile - - gcs_profile - - mysql_profile - - bigquery_profile - - postgresql_profile - - sql_server_profile + required: true + - name: 'oracleProfile' + type: NestedObject description: | Oracle database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' properties: - - !ruby/object:Api::Type::String - name: 'hostname' - required: true + - name: 'hostname' + type: String description: | Hostname for the Oracle connection. - - !ruby/object:Api::Type::Integer - name: 'port' - default_value: 1521 + required: true + - name: 'port' + type: Integer description: | Port for the Oracle connection. - - !ruby/object:Api::Type::String - name: 'username' - required: true + default_value: 1521 + - name: 'username' + type: String description: | Username for the Oracle connection. - - !ruby/object:Api::Type::String - name: 'password' required: true + - name: 'password' + type: String description: | Password for the Oracle connection. - sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_oracle_profile_password.go.erb - - !ruby/object:Api::Type::String - name: 'databaseService' required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_oracle_profile_password.go.tmpl' + - name: 'databaseService' + type: String description: | Database for the Oracle connection. - - !ruby/object:Api::Type::KeyValuePairs - name: 'connectionAttributes' + required: true + - name: 'connectionAttributes' + type: KeyValuePairs description: Connection string attributes - - !ruby/object:Api::Type::NestedObject - name: 'gcsProfile' - exactly_one_of: - - oracle_profile - - gcs_profile - - mysql_profile - - bigquery_profile - - postgresql_profile - - sql_server_profile + - name: 'gcsProfile' + type: NestedObject description: | Cloud Storage bucket profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' properties: - - !ruby/object:Api::Type::String - name: 'bucket' - required: true + - name: 'bucket' + type: String description: | The Cloud Storage bucket name. - - !ruby/object:Api::Type::String - name: 'rootPath' + required: true + - name: 'rootPath' + type: String description: | The root path inside the Cloud Storage bucket. - - !ruby/object:Api::Type::NestedObject - name: 'mysqlProfile' - exactly_one_of: - - oracle_profile - - gcs_profile - - mysql_profile - - bigquery_profile - - postgresql_profile - - sql_server_profile + - name: 'mysqlProfile' + type: NestedObject description: | MySQL database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' properties: - - !ruby/object:Api::Type::String - name: 'hostname' - required: true + - name: 'hostname' + type: String description: | Hostname for the MySQL connection. - - !ruby/object:Api::Type::Integer - name: 'port' - default_value: 3306 + required: true + - name: 'port' + type: Integer description: | Port for the MySQL connection. - - !ruby/object:Api::Type::String - name: 'username' - required: true + default_value: 3306 + - name: 'username' + type: String description: | Username for the MySQL connection. - - !ruby/object:Api::Type::String - name: 'password' required: true + - name: 'password' + type: String description: | Password for the MySQL connection. + required: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_password.go.erb - - !ruby/object:Api::Type::NestedObject - name: 'sslConfig' + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_password.go.tmpl' + - name: 'sslConfig' + type: NestedObject description: | SSL configuration for the MySQL connection. properties: - - !ruby/object:Api::Type::String - name: 'clientKey' - immutable: true + - name: 'clientKey' + type: String description: | PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' and the 'ca_certificate' fields are mandatory. + immutable: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_key.go.erb - - !ruby/object:Api::Type::Boolean - name: 'clientKeySet' - output: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_key.go.tmpl' + - name: 'clientKeySet' + type: Boolean description: | Indicates whether the clientKey field is set. - - !ruby/object:Api::Type::String - name: 'clientCertificate' - immutable: true + output: true + - name: 'clientCertificate' + type: String description: | PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'clientKey' and the 'caCertificate' fields are mandatory. + immutable: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_certificate.go.erb - - !ruby/object:Api::Type::Boolean - name: 'clientCertificateSet' - output: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_client_certificate.go.tmpl' + - name: 'clientCertificateSet' + type: Boolean description: | Indicates whether the clientCertificate field is set. - - !ruby/object:Api::Type::String - name: 'caCertificate' - immutable: true + output: true + - name: 'caCertificate' + type: String description: | PEM-encoded certificate of the CA that signed the source database server's certificate. + immutable: true sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_ca_certificate.go.erb - - !ruby/object:Api::Type::Boolean - name: 'caCertificateSet' - output: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_mysql_profile_ssl_config_ca_certificate.go.tmpl' + - name: 'caCertificateSet' + type: Boolean description: | Indicates whether the clientKey field is set. - - !ruby/object:Api::Type::NestedObject - name: 'bigqueryProfile' - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - oracle_profile - - gcs_profile - - mysql_profile - - bigquery_profile - - postgresql_profile - - sql_server_profile + output: true + - name: 'bigqueryProfile' + type: NestedObject description: | BigQuery warehouse profile. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'postgresqlProfile' + send_empty_value: true + allow_empty_object: true exactly_one_of: - - oracle_profile - - gcs_profile - - mysql_profile - - bigquery_profile - - postgresql_profile - - sql_server_profile + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' + properties: + [] + - name: 'postgresqlProfile' + type: NestedObject description: | PostgreSQL database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' properties: - - !ruby/object:Api::Type::String - name: 'hostname' - required: true + - name: 'hostname' + type: String description: | Hostname for the PostgreSQL connection. - - !ruby/object:Api::Type::Integer - name: 'port' - default_value: 5432 + required: true + - name: 'port' + type: Integer description: | Port for the PostgreSQL connection. - - !ruby/object:Api::Type::String - name: 'username' - required: true + default_value: 5432 + - name: 'username' + type: String description: | Username for the PostgreSQL connection. - - !ruby/object:Api::Type::String - name: 'password' required: true + - name: 'password' + type: String description: | Password for the PostgreSQL connection. - sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_postgresql_profile_password.go.erb - - !ruby/object:Api::Type::String - name: 'database' required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_postgresql_profile_password.go.tmpl' + - name: 'database' + type: String description: | Database for the PostgreSQL connection. - - !ruby/object:Api::Type::NestedObject - name: 'sqlServerProfile' - exactly_one_of: - - oracle_profile - - gcs_profile - - mysql_profile - - bigquery_profile - - postgresql_profile - - sql_server_profile + required: true + - name: 'sqlServerProfile' + type: NestedObject description: | SQL Server database profile. + exactly_one_of: + - 'oracle_profile' + - 'gcs_profile' + - 'mysql_profile' + - 'bigquery_profile' + - 'postgresql_profile' + - 'sql_server_profile' properties: - - !ruby/object:Api::Type::String - name: 'hostname' - required: true + - name: 'hostname' + type: String description: | Hostname for the SQL Server connection. - - !ruby/object:Api::Type::Integer - name: 'port' - default_value: 1433 + required: true + - name: 'port' + type: Integer description: | Port for the SQL Server connection. - - !ruby/object:Api::Type::String - name: 'username' - required: true + default_value: 1433 + - name: 'username' + type: String description: | Username for the SQL Server connection. - - !ruby/object:Api::Type::String - name: 'password' required: true + - name: 'password' + type: String description: | Password for the SQL Server connection. - sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_sql_server_profile_password.go.erb - - !ruby/object:Api::Type::String - name: 'database' required: true + sensitive: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_sql_server_profile_password.go.tmpl' + - name: 'database' + type: String description: | Database for the SQL Server connection. - - !ruby/object:Api::Type::NestedObject - name: 'forwardSshConnectivity' + required: true + - name: 'forwardSshConnectivity' + type: NestedObject description: | Forward SSH tunnel connectivity. conflicts: - private_connectivity properties: - - !ruby/object:Api::Type::String - name: 'hostname' - required: true + - name: 'hostname' + type: String description: | Hostname for the SSH tunnel. - - !ruby/object:Api::Type::String - name: 'username' required: true + - name: 'username' + type: String description: | Username for the SSH tunnel. - - !ruby/object:Api::Type::Integer - name: 'port' - default_value: 22 + required: true + - name: 'port' + type: Integer description: | Port for the SSH tunnel. - - !ruby/object:Api::Type::String - name: 'password' - immutable: true + default_value: 22 + - name: 'password' + type: String description: | SSH password. + immutable: true + sensitive: true conflicts: - forward_ssh_connectivity.0.private_key - sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_password.go.erb - - !ruby/object:Api::Type::String - name: 'privateKey' - immutable: true + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_password.go.tmpl' + - name: 'privateKey' + type: String description: | SSH private key. + immutable: true + sensitive: true conflicts: - forward_ssh_connectivity.0.password - sensitive: true - custom_flatten: templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_private_key.go.erb - - !ruby/object:Api::Type::NestedObject - name: 'privateConnectivity' + custom_flatten: 'templates/terraform/custom_flatten/datastream_connection_profile_forward_ssh_connectivity_private_key.go.tmpl' + - name: 'privateConnectivity' + type: NestedObject description: | Private connectivity. conflicts: - forward_ssh_connectivity properties: - - !ruby/object:Api::Type::String - name: 'privateConnection' - required: true + - name: 'privateConnection' + type: String description: | A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}` + required: true diff --git a/mmv1/products/datastream/PrivateConnection.yaml b/mmv1/products/datastream/PrivateConnection.yaml index efbf27bff194..5a192645fa00 100644 --- a/mmv1/products/datastream/PrivateConnection.yaml +++ b/mmv1/products/datastream/PrivateConnection.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,114 +11,129 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'PrivateConnection' -base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' -create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}&force={{create_without_validation}}' -self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + The PrivateConnection resource is used to establish private connectivity between Datastream and a customer's network. +references: guides: 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-private-connectivity-configuration' api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.privateConnections' -description: | - The PrivateConnection resource is used to establish private connectivity between Datastream and a customer's network. +docs: +id_format: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' +self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}&force={{create_without_validation}}' immutable: true +import_format: + - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/private_connection.go.tmpl' + post_create: 'templates/terraform/post_create/private_connection.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/private_connection.go.tmpl' + post_import: 'templates/terraform/post_import/private_connection.go.tmpl' +# Skipping the sweeper since the resource needs force-deletion +exclude_sweeper: true schema_version: 1 state_upgraders: true -# Skipping the sweeper since the resource needs force-deletion -skip_sweeper: true -id_format: projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}} -import_format: - [ - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}', - ] examples: - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_private_connection_full' + - name: 'datastream_private_connection_full' primary_resource_id: 'default' vars: private_connection_id: 'my-connection' network_name: 'my-network' -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: templates/terraform/constants/private_connection.go.erb - post_create: templates/terraform/post_create/private_connection.go.erb - post_import: templates/terraform/post_import/private_connection.go.erb - pre_delete: templates/terraform/pre_delete/private_connection.go.erb parameters: - - !ruby/object:Api::Type::String - name: privateConnectionId + - name: 'privateConnectionId' + type: String description: |- The private connectivity identifier. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Boolean - name: create_without_validation + - name: 'create_without_validation' + type: Boolean description: |- If set to true, will skip validations. + url_param_only: true required: false - default_value: false immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + default_value: false + - name: 'location' + type: String description: | The name of the location this private connection is located in. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: The resource's name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: Labels. - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + - name: 'displayName' + type: String description: Display name. - - !ruby/object:Api::Type::Enum - name: 'state' + required: true + - name: 'state' + type: Enum description: | State of the PrivateConnection. output: true - values: - - :CREATING - - :CREATED - - :FAILED - - :DELETING - - :FAILED_TO_DELETE - - !ruby/object:Api::Type::NestedObject - name: 'error' - output: true + enum_values: + - 'CREATING' + - 'CREATED' + - 'FAILED' + - 'DELETING' + - 'FAILED_TO_DELETE' + - name: 'error' + type: NestedObject description: | The PrivateConnection error in case of failure. + output: true properties: - - !ruby/object:Api::Type::String - name: 'message' + - name: 'message' + type: String description: | A message containing more information about the error that occurred. - - !ruby/object:Api::Type::KeyValuePairs - name: 'details' + - name: 'details' + type: KeyValuePairs description: | A list of messages that carry the error details. - - !ruby/object:Api::Type::NestedObject - name: 'vpcPeeringConfig' - required: true + - name: 'vpcPeeringConfig' + type: NestedObject description: | The VPC Peering configuration is used to create VPC peering between Datastream and the consumer's VPC. + required: true properties: - - !ruby/object:Api::Type::String - name: 'vpc' - required: true + - name: 'vpc' + type: String description: | Fully qualified name of the VPC that Datastream will peer to. Format: projects/{project}/global/{networks}/{name} - - !ruby/object:Api::Type::String - name: 'subnet' required: true + - name: 'subnet' + type: String description: | A free subnet for peering. (CIDR of /29) + required: true diff --git a/mmv1/products/datastream/Stream.yaml b/mmv1/products/datastream/Stream.yaml index 48a4373e9373..71cb12278406 100644 --- a/mmv1/products/datastream/Stream.yaml +++ b/mmv1/products/datastream/Stream.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,50 +11,52 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Stream' -base_url: 'projects/{{project}}/locations/{{location}}/streams' -create_url: 'projects/{{project}}/locations/{{location}}/streams?streamId={{stream_id}}&force={{create_without_validation}}' -self_link: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' -update_verb: :PATCH -update_mask: true -references: !ruby/object:Api::Resource::ReferenceLinks +description: | + A resource representing streaming data from a source to a destination. +references: guides: 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-stream' api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.streams' -description: | - A resource representing streaming data from a source to a destination. -id_format: projects/{{project}}/locations/{{location}}/streams/{{stream_id}} +docs: +id_format: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/streams' +self_link: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/streams?streamId={{stream_id}}&force={{create_without_validation}}' +update_verb: 'PATCH' +update_mask: true import_format: - ['projects/{{project}}/locations/{{location}}/streams/{{stream_id}}'] -virtual_fields: - - !ruby/object:Api::Type::String - name: 'desired_state' - description: | - Desired state of the Stream. Set this field to `RUNNING` to start the stream, - `NOT_STARTED` to create the stream without starting and `PAUSED` to pause - the stream from a `RUNNING` state. - Possible values: NOT_STARTED, RUNNING, PAUSED. Default: NOT_STARTED - default_value: NOT_STARTED -custom_code: !ruby/object:Provider::Terraform::CustomCode - constants: 'templates/terraform/constants/datastream_stream.go.erb' - post_create: 'templates/terraform/post_create/datastream_stream.go.erb' - post_import: 'templates/terraform/post_import/datastream_stream.go.erb' - pre_update: 'templates/terraform/pre_update/datastream_stream.go.erb' - post_update: 'templates/terraform/post_update/datastream_stream.go.erb' - encoder: 'templates/terraform/encoders/datastream_stream.go.erb' -custom_diff: [ - 'resourceDatastreamStreamCustomDiff', -] + - 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: + constants: 'templates/terraform/constants/datastream_stream.go.tmpl' + encoder: 'templates/terraform/encoders/datastream_stream.go.tmpl' + post_create: 'templates/terraform/post_create/datastream_stream.go.tmpl' + pre_update: 'templates/terraform/pre_update/datastream_stream.go.tmpl' + post_update: 'templates/terraform/post_update/datastream_stream.go.tmpl' + post_import: 'templates/terraform/post_import/datastream_stream.go.tmpl' +custom_diff: + - 'resourceDatastreamStreamCustomDiff' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_basic' - external_providers: ["random", "time"] + - name: 'datastream_stream_basic' primary_resource_id: 'default' - skip_docs: - true - # Random provider - skip_vcr: true vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -65,16 +67,15 @@ examples: bucket_name: 'my-bucket' destination_connection_profile_id: 'destination-profile' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_full' + 'deletion_protection': 'false' external_providers: ["random", "time"] - primary_resource_id: - 'default' + exclude_docs: true # Random provider skip_vcr: true + - name: 'datastream_stream_full' + primary_resource_id: 'default' vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -86,30 +87,29 @@ examples: destination_connection_profile_id: 'destination-profile' stream_cmek: 'kms-name' test_vars_overrides: - deletion_protection: 'false' - stream_cmek: 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + 'deletion_protection': 'false' + 'stream_cmek': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' oics_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_postgresql' + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true + - name: 'datastream_stream_postgresql' primary_resource_id: 'default' - skip_test: true vars: stream_id: 'my-stream' source_connection_profile_id: 'source-profile' destination_connection_profile_id: 'destination-profile' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_oracle' + exclude_test: true + - name: 'datastream_stream_oracle' primary_resource_id: 'default' - skip_test: true vars: stream_id: 'my-stream' source_connection_profile_id: 'source-profile' destination_connection_profile_id: 'destination-profile' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_sql_server' + exclude_test: true + - name: 'datastream_stream_sql_server' primary_resource_id: 'default' - skip_test: true vars: database_name: 'db' database_password: 'password' @@ -121,12 +121,10 @@ examples: sql_server_root_password: 'root-password' stream_id: 'stream' test_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_sql_server_change_tables' + 'deletion_protection': 'false' + exclude_test: true + - name: 'datastream_stream_sql_server_change_tables' primary_resource_id: 'default' - # Requires SQLServer Configuration - skip_test: true vars: database_name: 'db' database_password: 'password' @@ -138,9 +136,10 @@ examples: sql_server_root_password: 'root-password' stream_id: 'stream' test_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_postgresql_bigquery_dataset_id' + 'deletion_protection': 'false' + # Requires SQLServer Configuration + exclude_test: true + - name: 'datastream_stream_postgresql_bigquery_dataset_id' primary_resource_id: 'default' vars: dataset_id: 'postgres' @@ -152,13 +151,8 @@ examples: external_providers: ["random", "time"] # Random provider skip_vcr: true - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_bigquery' - external_providers: ["random", "time"] - primary_resource_id: - 'default' - # Random provider - skip_vcr: true + - name: 'datastream_stream_bigquery' + primary_resource_id: 'default' vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -169,18 +163,15 @@ examples: destination_connection_profile_id: 'destination-profile' bigquery_destination_table_kms_key_name: 'bigquery-kms-name' test_vars_overrides: - deletion_protection: 'false' - bigquery_destination_table_kms_key_name: - 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' + 'deletion_protection': 'false' + 'bigquery_destination_table_kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' oics_vars_overrides: - deletion_protection: 'false' - - !ruby/object:Provider::Terraform::Examples - name: 'datastream_stream_bigquery_append_only' + 'deletion_protection': 'false' external_providers: ["random", "time"] - primary_resource_id: - 'default' # Random provider skip_vcr: true + - name: 'datastream_stream_bigquery_append_only' + primary_resource_id: 'default' vars: stream_id: 'my-stream' private_connection_id: 'my-connection' @@ -190,1352 +181,1408 @@ examples: deletion_protection: 'true' destination_connection_profile_id: 'destination-profile' test_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' oics_vars_overrides: - deletion_protection: 'false' + 'deletion_protection': 'false' + external_providers: ["random", "time"] + # Random provider + skip_vcr: true +virtual_fields: + - name: 'desired_state' + description: | + Desired state of the Stream. Set this field to `RUNNING` to start the stream, + `NOT_STARTED` to create the stream without starting and `PAUSED` to pause + the stream from a `RUNNING` state. + Possible values: NOT_STARTED, RUNNING, PAUSED. Default: NOT_STARTED + type: String + default_value: "NOT_STARTED" parameters: - - !ruby/object:Api::Type::String - name: streamId + - name: 'streamId' + type: String description: |- The stream identifier. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::Boolean - name: create_without_validation + - name: 'create_without_validation' + type: Boolean description: |- Create the stream without validating it. + url_param_only: true required: false - default_value: false immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'location' + default_value: false + - name: 'location' + type: String description: | The name of the location this stream is located in. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: The stream's name. - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + output: true + - name: 'labels' + type: KeyValueLabels description: Labels. - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + - name: 'displayName' + type: String description: Display name. - - !ruby/object:Api::Type::NestedObject - name: 'sourceConfig' required: true + - name: 'sourceConfig' + type: NestedObject description: | Source connection profile configuration. + required: true properties: - - !ruby/object:Api::Type::String - name: 'sourceConnectionProfile' - immutable: true - required: true + - name: 'sourceConnectionProfile' + type: String description: | Source connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} + required: true + immutable: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - !ruby/object:Api::Type::NestedObject - name: 'mysqlSourceConfig' - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - source_config.0.mysql_source_config - - source_config.0.oracle_source_config - - source_config.0.postgresql_source_config - - source_config.0.sql_server_source_config + - name: 'mysqlSourceConfig' + type: NestedObject description: | MySQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' properties: - - !ruby/object:Api::Type::NestedObject - name: 'includeObjects' + - name: 'includeObjects' + type: NestedObject description: | MySQL objects to retrieve from the source. properties: - - !ruby/object:Api::Type::Array - name: 'mysqlDatabases' - required: true - min_size: 1 + - name: 'mysqlDatabases' + type: Array description: | MySQL databases on the server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | MySQL database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'database' - required: true + - name: 'database' + type: String description: | Database name. - - !ruby/object:Api::Type::Array - name: 'mysqlTables' - min_size: 1 + required: true + - name: 'mysqlTables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | MySQL table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'mysqlColumns' - min_size: 1 + required: true + - name: 'mysqlColumns' + type: Array description: | MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | MySQL Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::String - name: 'collation' + output: true + - name: 'collation' + type: String description: | Column collation. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'excludeObjects' + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject description: | MySQL objects to exclude from the stream. properties: - - !ruby/object:Api::Type::Array - name: 'mysqlDatabases' - required: true - min_size: 1 + - name: 'mysqlDatabases' + type: Array description: | MySQL databases on the server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | MySQL database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'database' - required: true + - name: 'database' + type: String description: | Database name. - - !ruby/object:Api::Type::Array - name: 'mysqlTables' - min_size: 1 + required: true + - name: 'mysqlTables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | MySQL table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'mysqlColumns' - min_size: 1 + required: true + - name: 'mysqlColumns' + type: Array description: | MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | MySQL Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::String - name: 'collation' + output: true + - name: 'collation' + type: String description: | Column collation. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentCdcTasks' - send_empty_value: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'maxConcurrentCdcTasks' + type: Integer description: | Maximum number of concurrent CDC tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentBackfillTasks' send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'maxConcurrentBackfillTasks' + type: Integer description: | Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation + send_empty_value: true + validation: function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::NestedObject - name: 'oracleSourceConfig' - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - source_config.0.mysql_source_config - - source_config.0.oracle_source_config - - source_config.0.postgresql_source_config - - source_config.0.sql_server_source_config + - name: 'oracleSourceConfig' + type: NestedObject description: | MySQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' properties: - - !ruby/object:Api::Type::NestedObject - name: 'includeObjects' + - name: 'includeObjects' + type: NestedObject description: | Oracle objects to retrieve from the source. properties: - - !ruby/object:Api::Type::Array - name: 'oracleSchemas' - required: true - min_size: 1 + - name: 'oracleSchemas' + type: Array description: | Oracle schemas/databases in the database server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | MySQL database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Schema name. - - !ruby/object:Api::Type::Array - name: 'oracleTables' - min_size: 1 + required: true + - name: 'oracleTables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | Oracle table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'oracleColumns' - min_size: 1 + required: true + - name: 'oracleColumns' + type: Array description: | Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | Oracle Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The Oracle data type. Full data types list can be found here: https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::String - name: 'encoding' output: true + - name: 'encoding' + type: String description: | Column encoding. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' output: true + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' output: true + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'excludeObjects' + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject description: | Oracle objects to exclude from the stream. properties: - - !ruby/object:Api::Type::Array - name: 'oracleSchemas' - required: true - min_size: 1 + - name: 'oracleSchemas' + type: Array description: | Oracle schemas/databases in the database server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | MySQL database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Schema name. - - !ruby/object:Api::Type::Array - name: 'oracleTables' - min_size: 1 + required: true + - name: 'oracleTables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | Oracle table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'oracleColumns' - min_size: 1 + required: true + - name: 'oracleColumns' + type: Array description: | Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | Oracle Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The Oracle data type. Full data types list can be found here: https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::String - name: 'encoding' output: true + - name: 'encoding' + type: String description: | Column encoding. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' output: true + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' output: true + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentCdcTasks' - send_empty_value: true + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'maxConcurrentCdcTasks' + type: Integer description: | Maximum number of concurrent CDC tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentBackfillTasks' send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'maxConcurrentBackfillTasks' + type: Integer description: | Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::NestedObject - name: 'dropLargeObjects' - allow_empty_object: true send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'dropLargeObjects' + type: NestedObject description: | Configuration to drop large object values. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'streamLargeObjects' - allow_empty_object: true send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'streamLargeObjects' + type: NestedObject description: | Configuration to drop large object values. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'postgresqlSourceConfig' - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - source_config.0.mysql_source_config - - source_config.0.oracle_source_config - - source_config.0.postgresql_source_config - - source_config.0.sql_server_source_config + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'postgresqlSourceConfig' + type: NestedObject description: | PostgreSQL data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' properties: - - !ruby/object:Api::Type::NestedObject - name: 'includeObjects' + - name: 'includeObjects' + type: NestedObject description: | PostgreSQL objects to retrieve from the source. properties: - - !ruby/object:Api::Type::Array - name: 'postgresqlSchemas' - required: true - min_size: 1 + - name: 'postgresqlSchemas' + type: Array description: | PostgreSQL schemas on the server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | PostgreSQL schema. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Database name. - - !ruby/object:Api::Type::Array - name: 'postgresqlTables' - min_size: 1 + required: true + - name: 'postgresqlTables' + type: Array description: | Tables in the schema. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | PostgreSQL table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'postgresqlColumns' - min_size: 1 + required: true + - name: 'postgresqlColumns' + type: Array description: | PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | PostgreSQL Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The PostgreSQL data type. Full data types list can be found here: https://www.postgresql.org/docs/current/datatype.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' + output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'excludeObjects' + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject description: | PostgreSQL objects to exclude from the stream. properties: - - !ruby/object:Api::Type::Array - name: 'postgresqlSchemas' - required: true - min_size: 1 + - name: 'postgresqlSchemas' + type: Array description: | PostgreSQL schemas on the server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | PostgreSQL schema. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Database name. - - !ruby/object:Api::Type::Array - name: 'postgresqlTables' - min_size: 1 + required: true + - name: 'postgresqlTables' + type: Array description: | Tables in the schema. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | PostgreSQL table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'postgresqlColumns' - min_size: 1 + required: true + - name: 'postgresqlColumns' + type: Array description: | PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | PostgreSQL Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The PostgreSQL data type. Full data types list can be found here: https://www.postgresql.org/docs/current/datatype.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' + output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::String - name: 'replicationSlot' - required: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'replicationSlot' + type: String description: | The name of the logical replication slot that's configured with the pgoutput plugin. - - !ruby/object:Api::Type::String - name: 'publication' required: true + - name: 'publication' + type: String description: | The name of the publication that includes the set of all tables that are defined in the stream's include_objects. - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentBackfillTasks' - send_empty_value: true + required: true + - name: 'maxConcurrentBackfillTasks' + type: Integer description: | Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation + send_empty_value: true + validation: function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::NestedObject - name: 'sqlServerSourceConfig' - allow_empty_object: true - send_empty_value: true - exactly_one_of: - - source_config.0.mysql_source_config - - source_config.0.oracle_source_config - - source_config.0.postgresql_source_config - - source_config.0.sql_server_source_config + - name: 'sqlServerSourceConfig' + type: NestedObject description: | SQL Server data source configuration. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'source_config.0.mysql_source_config' + - 'source_config.0.oracle_source_config' + - 'source_config.0.postgresql_source_config' + - 'source_config.0.sql_server_source_config' properties: - - !ruby/object:Api::Type::NestedObject - name: 'includeObjects' + - name: 'includeObjects' + type: NestedObject description: | SQL Server objects to retrieve from the source. properties: - - !ruby/object:Api::Type::Array - name: 'schemas' - required: true - min_size: 1 + - name: 'schemas' + type: Array description: | SQL Server schemas/databases in the database server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | SQL Server database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Schema name. - - !ruby/object:Api::Type::Array - name: 'tables' - min_size: 1 + required: true + - name: 'tables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | SQL Server table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'columns' - min_size: 1 + required: true + - name: 'columns' + type: Array description: | SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | SQL Server Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The SQL Server data type. Full data types list can be found here: https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' output: true + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' output: true + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'excludeObjects' + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'excludeObjects' + type: NestedObject description: | SQL Server objects to exclude from the stream. properties: - - !ruby/object:Api::Type::Array - name: 'schemas' - required: true - min_size: 1 + - name: 'schemas' + type: Array description: | SQL Server schemas/databases in the database server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | SQL Server database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Schema name. - - !ruby/object:Api::Type::Array - name: 'tables' - min_size: 1 + required: true + - name: 'tables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | SQL Server table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'columns' - min_size: 1 + required: true + - name: 'columns' + type: Array description: | SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | SQL Server Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The SQL Server data type. Full data types list can be found here: https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' output: true + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' output: true + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentCdcTasks' - send_empty_value: true + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'maxConcurrentCdcTasks' + type: Integer description: | Max concurrent CDC tasks. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::Integer - name: 'maxConcurrentBackfillTasks' send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'maxConcurrentBackfillTasks' + type: Integer description: | Max concurrent backfill tasks. default_from_api: true - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.IntAtLeast(0)' - - !ruby/object:Api::Type::NestedObject - name: 'transactionLogs' - allow_empty_object: true send_empty_value: true + validation: + function: 'validation.IntAtLeast(0)' + - name: 'transactionLogs' + type: NestedObject description: | CDC reader reads from transaction logs. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'changeTables' - allow_empty_object: true send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'changeTables' + type: NestedObject description: | CDC reader reads from change tables. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'destinationConfig' - required: true + send_empty_value: true + allow_empty_object: true + properties: + [] + - name: 'destinationConfig' + type: NestedObject description: | Destination connection profile configuration. + required: true properties: - - !ruby/object:Api::Type::String - name: 'destinationConnectionProfile' - immutable: true - required: true + - name: 'destinationConnectionProfile' + type: String description: | Destination connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} + required: true + immutable: true diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - !ruby/object:Api::Type::NestedObject - name: 'gcsDestinationConfig' - exactly_one_of: - - destination_config.0.gcs_destination_config - - destination_config.0.bigquery_destination_config + - name: 'gcsDestinationConfig' + type: NestedObject description: | A configuration for how data should be loaded to Cloud Storage. + exactly_one_of: + - 'destination_config.0.gcs_destination_config' + - 'destination_config.0.bigquery_destination_config' properties: - - !ruby/object:Api::Type::String - name: 'path' + - name: 'path' + type: String description: | Path inside the Cloud Storage bucket to write data to. - - !ruby/object:Api::Type::Integer - name: 'fileRotationMb' + - name: 'fileRotationMb' + type: Integer description: | The maximum file size to be saved in the bucket. default_from_api: true - - !ruby/object:Api::Type::String - name: 'fileRotationInterval' + - name: 'fileRotationInterval' + type: String description: | The maximum duration for which new events are added before a file is closed and a new file is created. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. default_from_api: true - - !ruby/object:Api::Type::NestedObject - name: 'avroFileFormat' - exactly_one_of: - - destination_config.0.gcs_destination_config.0.avro_file_format - - destination_config.0.gcs_destination_config.0.json_file_format - allow_empty_object: true - send_empty_value: true + - name: 'avroFileFormat' + type: NestedObject description: | AVRO file format configuration. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'jsonFileFormat' + send_empty_value: true + allow_empty_object: true exactly_one_of: - - destination_config.0.gcs_destination_config.0.avro_file_format - - destination_config.0.gcs_destination_config.0.json_file_format + - 'destination_config.0.gcs_destination_config.0.avro_file_format' + - 'destination_config.0.gcs_destination_config.0.json_file_format' + properties: + [] + - name: 'jsonFileFormat' + type: NestedObject description: | JSON file format configuration. + exactly_one_of: + - 'destination_config.0.gcs_destination_config.0.avro_file_format' + - 'destination_config.0.gcs_destination_config.0.json_file_format' properties: - - !ruby/object:Api::Type::Enum - name: 'schemaFileFormat' + - name: 'schemaFileFormat' + type: Enum description: | The schema file format along JSON data files. - values: - - NO_SCHEMA_FILE - - AVRO_SCHEMA_FILE - - !ruby/object:Api::Type::Enum - name: 'compression' + enum_values: + - 'NO_SCHEMA_FILE' + - 'AVRO_SCHEMA_FILE' + - name: 'compression' + type: Enum description: | Compression of the loaded JSON file. - values: - - NO_COMPRESSION - - GZIP - - !ruby/object:Api::Type::NestedObject - name: 'bigqueryDestinationConfig' - exactly_one_of: - - destination_config.0.gcs_destination_config - - destination_config.0.bigquery_destination_config + enum_values: + - 'NO_COMPRESSION' + - 'GZIP' + - name: 'bigqueryDestinationConfig' + type: NestedObject description: | A configuration for how data should be loaded to Google BigQuery. + exactly_one_of: + - 'destination_config.0.gcs_destination_config' + - 'destination_config.0.bigquery_destination_config' properties: - - !ruby/object:Api::Type::String - name: 'dataFreshness' + - name: 'dataFreshness' + type: String description: | The guaranteed data freshness (in seconds) when querying tables created by the stream. Editing this field will only affect new tables created in the future, but existing tables will not be impacted. Lower values mean that queries will return fresher data, but may result in higher cost. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. - - !ruby/object:Api::Type::NestedObject - name: 'singleTargetDataset' - exactly_one_of: - - destination_config.0.bigquery_destination_config.0.single_target_dataset - - destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets + - name: 'singleTargetDataset' + type: NestedObject description: | A single target dataset to which all data will be streamed. + exactly_one_of: + - 'destination_config.0.bigquery_destination_config.0.single_target_dataset' + - 'destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets' properties: - - !ruby/object:Api::Type::String - name: 'datasetId' - required: true + - name: 'datasetId' + type: String description: | Dataset ID in the format projects/{project}/datasets/{dataset_id} or {project}:{dataset_id} - custom_expand: 'templates/terraform/custom_expand/datastream_stream_dataset_id.go.erb' - diff_suppress_func: resourceDatastreamStreamDatabaseIdDiffSuppress - - !ruby/object:Api::Type::NestedObject - name: 'sourceHierarchyDatasets' - exactly_one_of: - - destination_config.0.bigquery_destination_config.0.single_target_dataset - - destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets + required: true + diff_suppress_func: 'resourceDatastreamStreamDatabaseIdDiffSuppress' + custom_expand: 'templates/terraform/custom_expand/datastream_stream_dataset_id.go.tmpl' + - name: 'sourceHierarchyDatasets' + type: NestedObject description: | Destination datasets are created so that hierarchy of the destination data objects matches the source hierarchy. + exactly_one_of: + - 'destination_config.0.bigquery_destination_config.0.single_target_dataset' + - 'destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets' properties: - - !ruby/object:Api::Type::NestedObject - name: 'datasetTemplate' - required: true + - name: 'datasetTemplate' + type: NestedObject description: | Dataset template used for dynamic dataset creation. + required: true properties: - - !ruby/object:Api::Type::String - name: 'location' - required: true + - name: 'location' + type: String description: | The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations. - - !ruby/object:Api::Type::String - name: 'datasetIdPrefix' + required: true + - name: 'datasetIdPrefix' + type: String description: | If supplied, every created dataset will have its name prefixed by the provided value. The prefix and name will be separated by an underscore. i.e. _. - - !ruby/object:Api::Type::String - name: 'kmsKeyName' - immutable: true + - name: 'kmsKeyName' + type: String description: | Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. i.e. projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{cryptoKey}. See https://cloud.google.com/bigquery/docs/customer-managed-encryption for more information. - - !ruby/object:Api::Type::NestedObject - name: 'merge' - send_empty_value: true - allow_empty_object: true - immutable: true - conflicts: - - destination_config.0.bigquery_destination_config.0.append_only + immutable: true + - name: 'merge' + type: NestedObject description: | Merge mode defines that all changes to a table will be merged at the destination Google BigQuery table. This is the default write mode. When selected, BigQuery reflects the way the data is stored in the source database. With Merge mode, no historical record of the change events is kept. - properties: [] - - !ruby/object:Api::Type::NestedObject - name: 'appendOnly' + immutable: true send_empty_value: true allow_empty_object: true - immutable: true conflicts: - - destination_config.0.bigquery_destination_config.0.merge + - destination_config.0.bigquery_destination_config.0.append_only + properties: + [] + - name: 'appendOnly' + type: NestedObject description: | AppendOnly mode defines that the stream of changes (INSERT, UPDATE-INSERT, UPDATE-DELETE and DELETE events) to a source table will be written to the destination Google BigQuery table, retaining the historical state of the data. - properties: [] - - !ruby/object:Api::Type::String - name: 'state' + immutable: true + send_empty_value: true + allow_empty_object: true + conflicts: + - destination_config.0.bigquery_destination_config.0.merge + properties: + [] + - name: 'state' + type: String description: The state of the stream. output: true - - !ruby/object:Api::Type::NestedObject - name: 'backfillAll' - exactly_one_of: - - backfill_all - - backfill_none - allow_empty_object: true - send_empty_value: true + - name: 'backfillAll' + type: NestedObject description: | Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'backfill_all' + - 'backfill_none' properties: - - !ruby/object:Api::Type::NestedObject - name: 'mysqlExcludedObjects' + - name: 'mysqlExcludedObjects' + type: NestedObject description: | MySQL data source objects to avoid backfilling. properties: - - !ruby/object:Api::Type::Array - name: 'mysqlDatabases' - required: true - min_size: 1 + - name: 'mysqlDatabases' + type: Array description: | MySQL databases on the server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | MySQL database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'database' - required: true + - name: 'database' + type: String description: | Database name. - - !ruby/object:Api::Type::Array - name: 'mysqlTables' - min_size: 1 + required: true + - name: 'mysqlTables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | MySQL table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'mysqlColumns' - min_size: 1 + required: true + - name: 'mysqlColumns' + type: Array description: | MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | MySQL Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::String - name: 'collation' + output: true + - name: 'collation' + type: String description: | Column collation. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'postgresqlExcludedObjects' + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'postgresqlExcludedObjects' + type: NestedObject description: | PostgreSQL data source objects to avoid backfilling. properties: - - !ruby/object:Api::Type::Array - name: 'postgresqlSchemas' - required: true - min_size: 1 + - name: 'postgresqlSchemas' + type: Array description: | PostgreSQL schemas on the server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | PostgreSQL schema. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Database name. - - !ruby/object:Api::Type::Array - name: 'postgresqlTables' - min_size: 1 + required: true + - name: 'postgresqlTables' + type: Array description: | Tables in the schema. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | PostgreSQL table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'postgresqlColumns' - min_size: 1 + required: true + - name: 'postgresqlColumns' + type: Array description: | PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | PostgreSQL Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The PostgreSQL data type. Full data types list can be found here: https://www.postgresql.org/docs/current/datatype.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' + output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'oracleExcludedObjects' + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'oracleExcludedObjects' + type: NestedObject description: | PostgreSQL data source objects to avoid backfilling. properties: - - !ruby/object:Api::Type::Array - name: 'oracleSchemas' - required: true - min_size: 1 + - name: 'oracleSchemas' + type: Array description: | Oracle schemas/databases in the database server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | MySQL database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Schema name. - - !ruby/object:Api::Type::Array - name: 'oracleTables' - min_size: 1 + required: true + - name: 'oracleTables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | Oracle table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'oracleColumns' - min_size: 1 + required: true + - name: 'oracleColumns' + type: Array description: | Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | Oracle Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The Oracle data type. Full data types list can be found here: https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::String - name: 'encoding' output: true + - name: 'encoding' + type: String description: | Column encoding. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' output: true + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' output: true + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'sqlServerExcludedObjects' + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'sqlServerExcludedObjects' + type: NestedObject description: | SQL Server data source objects to avoid backfilling. properties: - - !ruby/object:Api::Type::Array - name: 'schemas' - required: true - min_size: 1 + - name: 'schemas' + type: Array description: | SQL Server schemas/databases in the database server - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: description: | SQL Server database. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'schema' - required: true + - name: 'schema' + type: String description: | Schema name. - - !ruby/object:Api::Type::Array - name: 'tables' - min_size: 1 + required: true + - name: 'tables' + type: Array description: | Tables in the database. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | SQL Server table. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'table' - required: true + - name: 'table' + type: String description: | Table name. - - !ruby/object:Api::Type::Array - name: 'columns' - min_size: 1 + required: true + - name: 'columns' + type: Array description: | SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: !ruby/object:Api::Type::NestedObject + item_type: description: | SQL Server Column. + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'column' + - name: 'column' + type: String description: | Column name. - - !ruby/object:Api::Type::String - name: 'dataType' + - name: 'dataType' + type: String description: | The SQL Server data type. Full data types list can be found here: https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - !ruby/object:Api::Type::Integer - name: 'length' - output: true + - name: 'length' + type: Integer description: | Column length. - - !ruby/object:Api::Type::Integer - name: 'precision' output: true + - name: 'precision' + type: Integer description: | Column precision. - - !ruby/object:Api::Type::Integer - name: 'scale' output: true + - name: 'scale' + type: Integer description: | Column scale. - - !ruby/object:Api::Type::Boolean - name: 'primaryKey' output: true + - name: 'primaryKey' + type: Boolean description: | Whether or not the column represents a primary key. - - !ruby/object:Api::Type::Boolean - name: 'nullable' output: true + - name: 'nullable' + type: Boolean description: | Whether or not the column can accept a null value. - - !ruby/object:Api::Type::Integer - name: 'ordinalPosition' output: true + - name: 'ordinalPosition' + type: Integer description: | The ordinal position of the column in the table. - - !ruby/object:Api::Type::NestedObject - name: 'backfillNone' - exactly_one_of: - - backfill_all - - backfill_none - allow_empty_object: true - send_empty_value: true + output: true + min_size: 1 + min_size: 1 + min_size: 1 + - name: 'backfillNone' + type: NestedObject description: | Backfill strategy to disable automatic backfill for the Stream's objects. - properties: [] - - !ruby/object:Api::Type::String - name: 'customerManagedEncryptionKey' - immutable: true + send_empty_value: true + allow_empty_object: true + exactly_one_of: + - 'backfill_all' + - 'backfill_none' + properties: + [] + - name: 'customerManagedEncryptionKey' + type: String description: | A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be encrypted using an internal Stream-specific encryption key provisioned through KMS. + immutable: true diff --git a/mmv1/products/datastream/go_ConnectionProfile.yaml b/mmv1/products/datastream/go_ConnectionProfile.yaml deleted file mode 100644 index 1a750190635f..000000000000 --- a/mmv1/products/datastream/go_ConnectionProfile.yaml +++ /dev/null @@ -1,418 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ConnectionProfile' -description: | - A set of reusable connection configurations to be used as a source or destination for a stream. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-connection-profiles' - api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.connectionProfiles' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles' -self_link: 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/connectionProfiles?connectionProfileId={{connection_profile_id}}&force={{create_without_validation}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: -examples: - - name: 'datastream_connection_profile_basic' - primary_resource_id: 'default' - vars: - connection_profile_id: 'my-profile' - - name: 'datastream_connection_profile_postgresql_private_connection' - primary_resource_id: 'default' - vars: - private_connection_id: 'my-connection' - connection_profile_id: 'my-profile' - network_name: 'my-network' - database_instance_name: 'my-instance' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'datastream_connection_profile_full' - primary_resource_id: 'default' - vars: - connection_profile_id: 'my-profile' - ignore_read_extra: - - 'forward_ssh_connectivity.0.password' - - name: 'datastream_connection_profile_postgres' - primary_resource_id: 'default' - vars: - connection_profile_id: 'my-profile' - database_instance_name: 'my-instance' - deletion_protection: 'true' - test_vars_overrides: - 'deletion_protection': 'false' - skip_test: true - - name: 'datastream_connection_profile_sql_server' - primary_resource_id: 'default' - vars: - database_name: 'db' - database_password: 'password' - database_user: 'user' - deletion_protection: 'true' - source_connection_profile_id: 'source-profile' - sql_server_name: 'sql-server' - sql_server_root_password: 'root-password' - test_vars_overrides: - 'deletion_protection': 'false' - skip_test: true -parameters: - - name: 'connectionProfileId' - type: String - description: |- - The connection profile identifier. - url_param_only: true - required: true - immutable: true - - name: 'create_without_validation' - type: Boolean - description: |- - Create the connection profile without validating it. - url_param_only: true - required: false - immutable: true - default_value: false - - name: 'location' - type: String - description: | - The name of the location this connection profile is located in. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: The resource's name. - output: true - - name: 'labels' - type: KeyValueLabels - description: Labels. - - name: 'displayName' - type: String - description: Display name. - required: true - - name: 'oracleProfile' - type: NestedObject - description: | - Oracle database profile. - exactly_one_of: - - 'oracle_profile' - - 'gcs_profile' - - 'mysql_profile' - - 'bigquery_profile' - - 'postgresql_profile' - - 'sql_server_profile' - properties: - - name: 'hostname' - type: String - description: | - Hostname for the Oracle connection. - required: true - - name: 'port' - type: Integer - description: | - Port for the Oracle connection. - default_value: 1521 - - name: 'username' - type: String - description: | - Username for the Oracle connection. - required: true - - name: 'password' - type: String - description: | - Password for the Oracle connection. - required: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_oracle_profile_password.go.tmpl' - - name: 'databaseService' - type: String - description: | - Database for the Oracle connection. - required: true - - name: 'connectionAttributes' - type: KeyValuePairs - description: Connection string attributes - - name: 'gcsProfile' - type: NestedObject - description: | - Cloud Storage bucket profile. - exactly_one_of: - - 'oracle_profile' - - 'gcs_profile' - - 'mysql_profile' - - 'bigquery_profile' - - 'postgresql_profile' - - 'sql_server_profile' - properties: - - name: 'bucket' - type: String - description: | - The Cloud Storage bucket name. - required: true - - name: 'rootPath' - type: String - description: | - The root path inside the Cloud Storage bucket. - - name: 'mysqlProfile' - type: NestedObject - description: | - MySQL database profile. - exactly_one_of: - - 'oracle_profile' - - 'gcs_profile' - - 'mysql_profile' - - 'bigquery_profile' - - 'postgresql_profile' - - 'sql_server_profile' - properties: - - name: 'hostname' - type: String - description: | - Hostname for the MySQL connection. - required: true - - name: 'port' - type: Integer - description: | - Port for the MySQL connection. - default_value: 3306 - - name: 'username' - type: String - description: | - Username for the MySQL connection. - required: true - - name: 'password' - type: String - description: | - Password for the MySQL connection. - required: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_password.go.tmpl' - - name: 'sslConfig' - type: NestedObject - description: | - SSL configuration for the MySQL connection. - properties: - - name: 'clientKey' - type: String - description: | - PEM-encoded private key associated with the Client Certificate. - If this field is used then the 'client_certificate' and the - 'ca_certificate' fields are mandatory. - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_ssl_config_client_key.go.tmpl' - - name: 'clientKeySet' - type: Boolean - description: | - Indicates whether the clientKey field is set. - output: true - - name: 'clientCertificate' - type: String - description: | - PEM-encoded certificate that will be used by the replica to - authenticate against the source database server. If this field - is used then the 'clientKey' and the 'caCertificate' fields are - mandatory. - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_ssl_config_client_certificate.go.tmpl' - - name: 'clientCertificateSet' - type: Boolean - description: | - Indicates whether the clientCertificate field is set. - output: true - - name: 'caCertificate' - type: String - description: | - PEM-encoded certificate of the CA that signed the source database - server's certificate. - immutable: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_mysql_profile_ssl_config_ca_certificate.go.tmpl' - - name: 'caCertificateSet' - type: Boolean - description: | - Indicates whether the clientKey field is set. - output: true - - name: 'bigqueryProfile' - type: NestedObject - description: | - BigQuery warehouse profile. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'oracle_profile' - - 'gcs_profile' - - 'mysql_profile' - - 'bigquery_profile' - - 'postgresql_profile' - - 'sql_server_profile' - properties: - [] - - name: 'postgresqlProfile' - type: NestedObject - description: | - PostgreSQL database profile. - exactly_one_of: - - 'oracle_profile' - - 'gcs_profile' - - 'mysql_profile' - - 'bigquery_profile' - - 'postgresql_profile' - - 'sql_server_profile' - properties: - - name: 'hostname' - type: String - description: | - Hostname for the PostgreSQL connection. - required: true - - name: 'port' - type: Integer - description: | - Port for the PostgreSQL connection. - default_value: 5432 - - name: 'username' - type: String - description: | - Username for the PostgreSQL connection. - required: true - - name: 'password' - type: String - description: | - Password for the PostgreSQL connection. - required: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_postgresql_profile_password.go.tmpl' - - name: 'database' - type: String - description: | - Database for the PostgreSQL connection. - required: true - - name: 'sqlServerProfile' - type: NestedObject - description: | - SQL Server database profile. - exactly_one_of: - - 'oracle_profile' - - 'gcs_profile' - - 'mysql_profile' - - 'bigquery_profile' - - 'postgresql_profile' - - 'sql_server_profile' - properties: - - name: 'hostname' - type: String - description: | - Hostname for the SQL Server connection. - required: true - - name: 'port' - type: Integer - description: | - Port for the SQL Server connection. - default_value: 1433 - - name: 'username' - type: String - description: | - Username for the SQL Server connection. - required: true - - name: 'password' - type: String - description: | - Password for the SQL Server connection. - required: true - sensitive: true - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_sql_server_profile_password.go.tmpl' - - name: 'database' - type: String - description: | - Database for the SQL Server connection. - required: true - - name: 'forwardSshConnectivity' - type: NestedObject - description: | - Forward SSH tunnel connectivity. - conflicts: - - private_connectivity - properties: - - name: 'hostname' - type: String - description: | - Hostname for the SSH tunnel. - required: true - - name: 'username' - type: String - description: | - Username for the SSH tunnel. - required: true - - name: 'port' - type: Integer - description: | - Port for the SSH tunnel. - default_value: 22 - - name: 'password' - type: String - description: | - SSH password. - immutable: true - sensitive: true - conflicts: - - forward_ssh_connectivity.0.private_key - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_forward_ssh_connectivity_password.go.tmpl' - - name: 'privateKey' - type: String - description: | - SSH private key. - immutable: true - sensitive: true - conflicts: - - forward_ssh_connectivity.0.password - custom_flatten: 'templates/terraform/custom_flatten/go/datastream_connection_profile_forward_ssh_connectivity_private_key.go.tmpl' - - name: 'privateConnectivity' - type: NestedObject - description: | - Private connectivity. - conflicts: - - forward_ssh_connectivity - properties: - - name: 'privateConnection' - type: String - description: | - A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}` - required: true diff --git a/mmv1/products/datastream/go_PrivateConnection.yaml b/mmv1/products/datastream/go_PrivateConnection.yaml deleted file mode 100644 index 1a4d6550ef51..000000000000 --- a/mmv1/products/datastream/go_PrivateConnection.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'PrivateConnection' -description: | - The PrivateConnection resource is used to establish private connectivity between Datastream and a customer's network. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-private-connectivity-configuration' - api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.privateConnections' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/privateConnections' -self_link: 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/privateConnections?privateConnectionId={{private_connection_id}}&force={{create_without_validation}}' -immutable: true -import_format: - - 'projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/private_connection.go.tmpl' - post_create: 'templates/terraform/post_create/go/private_connection.go.tmpl' - pre_delete: 'templates/terraform/pre_delete/go/private_connection.go.tmpl' - post_import: 'templates/terraform/post_import/go/private_connection.go.tmpl' -exclude_sweeper: true -schema_version: 1 -state_upgraders: true -examples: - - name: 'datastream_private_connection_full' - primary_resource_id: 'default' - vars: - private_connection_id: 'my-connection' - network_name: 'my-network' -parameters: - - name: 'privateConnectionId' - type: String - description: |- - The private connectivity identifier. - url_param_only: true - required: true - immutable: true - - name: 'create_without_validation' - type: Boolean - description: |- - If set to true, will skip validations. - url_param_only: true - required: false - immutable: true - default_value: false - - name: 'location' - type: String - description: | - The name of the location this private connection is located in. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: The resource's name. - output: true - - name: 'labels' - type: KeyValueLabels - description: Labels. - - name: 'displayName' - type: String - description: Display name. - required: true - - name: 'state' - type: Enum - description: | - State of the PrivateConnection. - output: true - enum_values: - - 'CREATING' - - 'CREATED' - - 'FAILED' - - 'DELETING' - - 'FAILED_TO_DELETE' - - name: 'error' - type: NestedObject - description: | - The PrivateConnection error in case of failure. - output: true - properties: - - name: 'message' - type: String - description: | - A message containing more information about the error that occurred. - - name: 'details' - type: KeyValuePairs - description: | - A list of messages that carry the error details. - - name: 'vpcPeeringConfig' - type: NestedObject - description: | - The VPC Peering configuration is used to create VPC peering - between Datastream and the consumer's VPC. - required: true - properties: - - name: 'vpc' - type: String - description: | - Fully qualified name of the VPC that Datastream will peer to. - Format: projects/{project}/global/{networks}/{name} - required: true - - name: 'subnet' - type: String - description: | - A free subnet for peering. (CIDR of /29) - required: true diff --git a/mmv1/products/datastream/go_Stream.yaml b/mmv1/products/datastream/go_Stream.yaml deleted file mode 100644 index 8a93d5c6dce0..000000000000 --- a/mmv1/products/datastream/go_Stream.yaml +++ /dev/null @@ -1,1575 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Stream' -description: | - A resource representing streaming data from a source to a destination. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/datastream/docs/create-a-stream' - api: 'https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.streams' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/streams' -self_link: 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/streams?streamId={{stream_id}}&force={{create_without_validation}}' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project}}/locations/{{location}}/streams/{{stream_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/datastream_stream.go.tmpl' - encoder: 'templates/terraform/encoders/go/datastream_stream.go.tmpl' - post_create: 'templates/terraform/post_create/go/datastream_stream.go.tmpl' - pre_update: 'templates/terraform/pre_update/go/datastream_stream.go.tmpl' - post_update: 'templates/terraform/post_update/go/datastream_stream.go.tmpl' - post_import: 'templates/terraform/post_import/go/datastream_stream.go.tmpl' -custom_diff: - - 'resourceDatastreamStreamCustomDiff' -examples: - - name: 'datastream_stream_basic' - primary_resource_id: 'default' - vars: - stream_id: 'my-stream' - private_connection_id: 'my-connection' - network_name: 'my-network' - source_connection_profile_id: 'source-profile' - database_instance_name: 'my-instance' - deletion_protection: 'true' - bucket_name: 'my-bucket' - destination_connection_profile_id: 'destination-profile' - test_vars_overrides: - 'deletion_protection': 'false' - external_providers: ["random", "time"] - skip_docs: true - skip_vcr: true - - name: 'datastream_stream_full' - primary_resource_id: 'default' - vars: - stream_id: 'my-stream' - private_connection_id: 'my-connection' - network_name: 'my-network' - source_connection_profile_id: 'source-profile' - database_instance_name: 'my-instance' - deletion_protection: 'true' - bucket_name: 'my-bucket' - destination_connection_profile_id: 'destination-profile' - stream_cmek: 'kms-name' - test_vars_overrides: - 'deletion_protection': 'false' - 'stream_cmek': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'datastream_stream_postgresql' - primary_resource_id: 'default' - vars: - stream_id: 'my-stream' - source_connection_profile_id: 'source-profile' - destination_connection_profile_id: 'destination-profile' - skip_test: true - - name: 'datastream_stream_oracle' - primary_resource_id: 'default' - vars: - stream_id: 'my-stream' - source_connection_profile_id: 'source-profile' - destination_connection_profile_id: 'destination-profile' - skip_test: true - - name: 'datastream_stream_sql_server' - primary_resource_id: 'default' - vars: - database_name: 'db' - database_password: 'password' - database_user: 'user' - deletion_protection: 'true' - destination_connection_profile_id: 'destination-profile' - source_connection_profile_id: 'source-profile' - sql_server_name: 'sql-server' - sql_server_root_password: 'root-password' - stream_id: 'stream' - test_vars_overrides: - 'deletion_protection': 'false' - skip_test: true - - name: 'datastream_stream_sql_server_change_tables' - primary_resource_id: 'default' - vars: - database_name: 'db' - database_password: 'password' - database_user: 'user' - deletion_protection: 'true' - destination_connection_profile_id: 'destination-profile' - source_connection_profile_id: 'source-profile' - sql_server_name: 'sql-server' - sql_server_root_password: 'root-password' - stream_id: 'stream' - test_vars_overrides: - 'deletion_protection': 'false' - skip_test: true - - name: 'datastream_stream_postgresql_bigquery_dataset_id' - primary_resource_id: 'default' - vars: - dataset_id: 'postgres' - stream_id: 'postgres-bigquery' - dest_connection_profile_id: 'dest-profile' - instance_name: 'instance-name' - sql_user_name: 'my-user' - source_connection_profile_id: 'source-profile' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'datastream_stream_bigquery' - primary_resource_id: 'default' - vars: - stream_id: 'my-stream' - private_connection_id: 'my-connection' - network_name: 'my-network' - source_connection_profile_id: 'source-profile' - database_instance_name: 'my-instance' - deletion_protection: 'true' - destination_connection_profile_id: 'destination-profile' - bigquery_destination_table_kms_key_name: 'bigquery-kms-name' - test_vars_overrides: - 'deletion_protection': 'false' - 'bigquery_destination_table_kms_key_name': 'acctest.BootstrapKMSKeyInLocation(t, "us-central1").CryptoKey.Name' - external_providers: ["random", "time"] - skip_vcr: true - - name: 'datastream_stream_bigquery_append_only' - primary_resource_id: 'default' - vars: - stream_id: 'my-stream' - private_connection_id: 'my-connection' - network_name: 'my-network' - source_connection_profile_id: 'source-profile' - database_instance_name: 'my-instance' - deletion_protection: 'true' - destination_connection_profile_id: 'destination-profile' - test_vars_overrides: - 'deletion_protection': 'false' - external_providers: ["random", "time"] - skip_vcr: true -virtual_fields: - - name: 'desired_state' - description: | - Desired state of the Stream. Set this field to `RUNNING` to start the stream, - `NOT_STARTED` to create the stream without starting and `PAUSED` to pause - the stream from a `RUNNING` state. - Possible values: NOT_STARTED, RUNNING, PAUSED. Default: NOT_STARTED - type: String - default_value: "NOT_STARTED" -parameters: - - name: 'streamId' - type: String - description: |- - The stream identifier. - url_param_only: true - required: true - immutable: true - - name: 'create_without_validation' - type: Boolean - description: |- - Create the stream without validating it. - url_param_only: true - required: false - immutable: true - default_value: false - - name: 'location' - type: String - description: | - The name of the location this stream is located in. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: The stream's name. - output: true - - name: 'labels' - type: KeyValueLabels - description: Labels. - - name: 'displayName' - type: String - description: Display name. - required: true - - name: 'sourceConfig' - type: NestedObject - description: | - Source connection profile configuration. - required: true - properties: - - name: 'sourceConnectionProfile' - type: String - description: | - Source connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'mysqlSourceConfig' - type: NestedObject - description: | - MySQL data source configuration. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'source_config.0.mysql_source_config' - - 'source_config.0.oracle_source_config' - - 'source_config.0.postgresql_source_config' - - 'source_config.0.sql_server_source_config' - properties: - - name: 'includeObjects' - type: NestedObject - description: | - MySQL objects to retrieve from the source. - properties: - - name: 'mysqlDatabases' - type: Array - description: | - MySQL databases on the server - required: true - item_type: - description: | - MySQL database. - type: NestedObject - properties: - - name: 'database' - type: String - description: | - Database name. - required: true - - name: 'mysqlTables' - type: Array - description: | - Tables in the database. - item_type: - description: | - MySQL table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'mysqlColumns' - type: Array - description: | - MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - MySQL Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The MySQL data type. Full data types list can be found here: - https://dev.mysql.com/doc/refman/8.0/en/data-types.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'collation' - type: String - description: | - Column collation. - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'excludeObjects' - type: NestedObject - description: | - MySQL objects to exclude from the stream. - properties: - - name: 'mysqlDatabases' - type: Array - description: | - MySQL databases on the server - required: true - item_type: - description: | - MySQL database. - type: NestedObject - properties: - - name: 'database' - type: String - description: | - Database name. - required: true - - name: 'mysqlTables' - type: Array - description: | - Tables in the database. - item_type: - description: | - MySQL table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'mysqlColumns' - type: Array - description: | - MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - MySQL Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The MySQL data type. Full data types list can be found here: - https://dev.mysql.com/doc/refman/8.0/en/data-types.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'collation' - type: String - description: | - Column collation. - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'maxConcurrentCdcTasks' - type: Integer - description: | - Maximum number of concurrent CDC tasks. The number should be non negative. - If not set (or set to 0), the system's default value will be used. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'maxConcurrentBackfillTasks' - type: Integer - description: | - Maximum number of concurrent backfill tasks. The number should be non negative. - If not set (or set to 0), the system's default value will be used. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'oracleSourceConfig' - type: NestedObject - description: | - MySQL data source configuration. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'source_config.0.mysql_source_config' - - 'source_config.0.oracle_source_config' - - 'source_config.0.postgresql_source_config' - - 'source_config.0.sql_server_source_config' - properties: - - name: 'includeObjects' - type: NestedObject - description: | - Oracle objects to retrieve from the source. - properties: - - name: 'oracleSchemas' - type: Array - description: | - Oracle schemas/databases in the database server - required: true - item_type: - description: | - MySQL database. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Schema name. - required: true - - name: 'oracleTables' - type: Array - description: | - Tables in the database. - item_type: - description: | - Oracle table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'oracleColumns' - type: Array - description: | - Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - Oracle Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The Oracle data type. Full data types list can be found here: - https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'encoding' - type: String - description: | - Column encoding. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'excludeObjects' - type: NestedObject - description: | - Oracle objects to exclude from the stream. - properties: - - name: 'oracleSchemas' - type: Array - description: | - Oracle schemas/databases in the database server - required: true - item_type: - description: | - MySQL database. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Schema name. - required: true - - name: 'oracleTables' - type: Array - description: | - Tables in the database. - item_type: - description: | - Oracle table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'oracleColumns' - type: Array - description: | - Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - Oracle Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The Oracle data type. Full data types list can be found here: - https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'encoding' - type: String - description: | - Column encoding. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'maxConcurrentCdcTasks' - type: Integer - description: | - Maximum number of concurrent CDC tasks. The number should be non negative. - If not set (or set to 0), the system's default value will be used. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'maxConcurrentBackfillTasks' - type: Integer - description: | - Maximum number of concurrent backfill tasks. The number should be non negative. - If not set (or set to 0), the system's default value will be used. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'dropLargeObjects' - type: NestedObject - description: | - Configuration to drop large object values. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'streamLargeObjects' - type: NestedObject - description: | - Configuration to drop large object values. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'postgresqlSourceConfig' - type: NestedObject - description: | - PostgreSQL data source configuration. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'source_config.0.mysql_source_config' - - 'source_config.0.oracle_source_config' - - 'source_config.0.postgresql_source_config' - - 'source_config.0.sql_server_source_config' - properties: - - name: 'includeObjects' - type: NestedObject - description: | - PostgreSQL objects to retrieve from the source. - properties: - - name: 'postgresqlSchemas' - type: Array - description: | - PostgreSQL schemas on the server - required: true - item_type: - description: | - PostgreSQL schema. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Database name. - required: true - - name: 'postgresqlTables' - type: Array - description: | - Tables in the schema. - item_type: - description: | - PostgreSQL table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'postgresqlColumns' - type: Array - description: | - PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - PostgreSQL Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The PostgreSQL data type. Full data types list can be found here: - https://www.postgresql.org/docs/current/datatype.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'excludeObjects' - type: NestedObject - description: | - PostgreSQL objects to exclude from the stream. - properties: - - name: 'postgresqlSchemas' - type: Array - description: | - PostgreSQL schemas on the server - required: true - item_type: - description: | - PostgreSQL schema. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Database name. - required: true - - name: 'postgresqlTables' - type: Array - description: | - Tables in the schema. - item_type: - description: | - PostgreSQL table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'postgresqlColumns' - type: Array - description: | - PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - PostgreSQL Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The PostgreSQL data type. Full data types list can be found here: - https://www.postgresql.org/docs/current/datatype.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'replicationSlot' - type: String - description: | - The name of the logical replication slot that's configured with - the pgoutput plugin. - required: true - - name: 'publication' - type: String - description: | - The name of the publication that includes the set of all tables - that are defined in the stream's include_objects. - required: true - - name: 'maxConcurrentBackfillTasks' - type: Integer - description: | - Maximum number of concurrent backfill tasks. The number should be non - negative. If not set (or set to 0), the system's default value will be used. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'sqlServerSourceConfig' - type: NestedObject - description: | - SQL Server data source configuration. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'source_config.0.mysql_source_config' - - 'source_config.0.oracle_source_config' - - 'source_config.0.postgresql_source_config' - - 'source_config.0.sql_server_source_config' - properties: - - name: 'includeObjects' - type: NestedObject - description: | - SQL Server objects to retrieve from the source. - properties: - - name: 'schemas' - type: Array - description: | - SQL Server schemas/databases in the database server - required: true - item_type: - description: | - SQL Server database. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Schema name. - required: true - - name: 'tables' - type: Array - description: | - Tables in the database. - item_type: - description: | - SQL Server table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'columns' - type: Array - description: | - SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - SQL Server Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The SQL Server data type. Full data types list can be found here: - https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'excludeObjects' - type: NestedObject - description: | - SQL Server objects to exclude from the stream. - properties: - - name: 'schemas' - type: Array - description: | - SQL Server schemas/databases in the database server - required: true - item_type: - description: | - SQL Server database. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Schema name. - required: true - - name: 'tables' - type: Array - description: | - Tables in the database. - item_type: - description: | - SQL Server table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'columns' - type: Array - description: | - SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - SQL Server Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The SQL Server data type. Full data types list can be found here: - https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'maxConcurrentCdcTasks' - type: Integer - description: | - Max concurrent CDC tasks. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'maxConcurrentBackfillTasks' - type: Integer - description: | - Max concurrent backfill tasks. - default_from_api: true - send_empty_value: true - validation: - function: 'validation.IntAtLeast(0)' - - name: 'transactionLogs' - type: NestedObject - description: | - CDC reader reads from transaction logs. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'changeTables' - type: NestedObject - description: | - CDC reader reads from change tables. - send_empty_value: true - allow_empty_object: true - properties: - [] - - name: 'destinationConfig' - type: NestedObject - description: | - Destination connection profile configuration. - required: true - properties: - - name: 'destinationConnectionProfile' - type: String - description: | - Destination connection profile resource. Format: projects/{project}/locations/{location}/connectionProfiles/{name} - required: true - immutable: true - diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress' - - name: 'gcsDestinationConfig' - type: NestedObject - description: | - A configuration for how data should be loaded to Cloud Storage. - exactly_one_of: - - 'destination_config.0.gcs_destination_config' - - 'destination_config.0.bigquery_destination_config' - properties: - - name: 'path' - type: String - description: | - Path inside the Cloud Storage bucket to write data to. - - name: 'fileRotationMb' - type: Integer - description: | - The maximum file size to be saved in the bucket. - default_from_api: true - - name: 'fileRotationInterval' - type: String - description: | - The maximum duration for which new events are added before a file is closed and a new file is created. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. - default_from_api: true - - name: 'avroFileFormat' - type: NestedObject - description: | - AVRO file format configuration. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'destination_config.0.gcs_destination_config.0.avro_file_format' - - 'destination_config.0.gcs_destination_config.0.json_file_format' - properties: - [] - - name: 'jsonFileFormat' - type: NestedObject - description: | - JSON file format configuration. - exactly_one_of: - - 'destination_config.0.gcs_destination_config.0.avro_file_format' - - 'destination_config.0.gcs_destination_config.0.json_file_format' - properties: - - name: 'schemaFileFormat' - type: Enum - description: | - The schema file format along JSON data files. - enum_values: - - 'NO_SCHEMA_FILE' - - 'AVRO_SCHEMA_FILE' - - name: 'compression' - type: Enum - description: | - Compression of the loaded JSON file. - enum_values: - - 'NO_COMPRESSION' - - 'GZIP' - - name: 'bigqueryDestinationConfig' - type: NestedObject - description: | - A configuration for how data should be loaded to Google BigQuery. - exactly_one_of: - - 'destination_config.0.gcs_destination_config' - - 'destination_config.0.bigquery_destination_config' - properties: - - name: 'dataFreshness' - type: String - description: | - The guaranteed data freshness (in seconds) when querying tables created by the stream. - Editing this field will only affect new tables created in the future, but existing tables - will not be impacted. Lower values mean that queries will return fresher data, but may result in higher cost. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Defaults to 900s. - - name: 'singleTargetDataset' - type: NestedObject - description: | - A single target dataset to which all data will be streamed. - exactly_one_of: - - 'destination_config.0.bigquery_destination_config.0.single_target_dataset' - - 'destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets' - properties: - - name: 'datasetId' - type: String - description: | - Dataset ID in the format projects/{project}/datasets/{dataset_id} or - {project}:{dataset_id} - required: true - diff_suppress_func: 'resourceDatastreamStreamDatabaseIdDiffSuppress' - custom_expand: 'templates/terraform/custom_expand/go/datastream_stream_dataset_id.go.tmpl' - - name: 'sourceHierarchyDatasets' - type: NestedObject - description: | - Destination datasets are created so that hierarchy of the destination data objects matches the source hierarchy. - exactly_one_of: - - 'destination_config.0.bigquery_destination_config.0.single_target_dataset' - - 'destination_config.0.bigquery_destination_config.0.source_hierarchy_datasets' - properties: - - name: 'datasetTemplate' - type: NestedObject - description: | - Dataset template used for dynamic dataset creation. - required: true - properties: - - name: 'location' - type: String - description: | - The geographic location where the dataset should reside. - See https://cloud.google.com/bigquery/docs/locations for supported locations. - required: true - - name: 'datasetIdPrefix' - type: String - description: | - If supplied, every created dataset will have its name prefixed by the provided value. - The prefix and name will be separated by an underscore. i.e. _. - - name: 'kmsKeyName' - type: String - description: | - Describes the Cloud KMS encryption key that will be used to protect destination BigQuery - table. The BigQuery Service Account associated with your project requires access to this - encryption key. i.e. projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{cryptoKey}. - See https://cloud.google.com/bigquery/docs/customer-managed-encryption for more information. - immutable: true - - name: 'merge' - type: NestedObject - description: | - Merge mode defines that all changes to a table will be merged at the destination Google BigQuery - table. This is the default write mode. When selected, BigQuery reflects the way the data is stored - in the source database. With Merge mode, no historical record of the change events is kept. - immutable: true - send_empty_value: true - allow_empty_object: true - conflicts: - - destination_config.0.bigquery_destination_config.0.append_only - properties: - [] - - name: 'appendOnly' - type: NestedObject - description: | - AppendOnly mode defines that the stream of changes (INSERT, UPDATE-INSERT, UPDATE-DELETE and DELETE - events) to a source table will be written to the destination Google BigQuery table, retaining the - historical state of the data. - immutable: true - send_empty_value: true - allow_empty_object: true - conflicts: - - destination_config.0.bigquery_destination_config.0.merge - properties: - [] - - name: 'state' - type: String - description: The state of the stream. - output: true - - name: 'backfillAll' - type: NestedObject - description: | - Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'backfill_all' - - 'backfill_none' - properties: - - name: 'mysqlExcludedObjects' - type: NestedObject - description: | - MySQL data source objects to avoid backfilling. - properties: - - name: 'mysqlDatabases' - type: Array - description: | - MySQL databases on the server - required: true - item_type: - description: | - MySQL database. - type: NestedObject - properties: - - name: 'database' - type: String - description: | - Database name. - required: true - - name: 'mysqlTables' - type: Array - description: | - Tables in the database. - item_type: - description: | - MySQL table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'mysqlColumns' - type: Array - description: | - MySQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - MySQL Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The MySQL data type. Full data types list can be found here: - https://dev.mysql.com/doc/refman/8.0/en/data-types.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'collation' - type: String - description: | - Column collation. - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'postgresqlExcludedObjects' - type: NestedObject - description: | - PostgreSQL data source objects to avoid backfilling. - properties: - - name: 'postgresqlSchemas' - type: Array - description: | - PostgreSQL schemas on the server - required: true - item_type: - description: | - PostgreSQL schema. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Database name. - required: true - - name: 'postgresqlTables' - type: Array - description: | - Tables in the schema. - item_type: - description: | - PostgreSQL table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'postgresqlColumns' - type: Array - description: | - PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - PostgreSQL Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The PostgreSQL data type. Full data types list can be found here: - https://www.postgresql.org/docs/current/datatype.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'oracleExcludedObjects' - type: NestedObject - description: | - PostgreSQL data source objects to avoid backfilling. - properties: - - name: 'oracleSchemas' - type: Array - description: | - Oracle schemas/databases in the database server - required: true - item_type: - description: | - MySQL database. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Schema name. - required: true - - name: 'oracleTables' - type: Array - description: | - Tables in the database. - item_type: - description: | - Oracle table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'oracleColumns' - type: Array - description: | - Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - Oracle Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The Oracle data type. Full data types list can be found here: - https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/Data-Types.html - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'encoding' - type: String - description: | - Column encoding. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'sqlServerExcludedObjects' - type: NestedObject - description: | - SQL Server data source objects to avoid backfilling. - properties: - - name: 'schemas' - type: Array - description: | - SQL Server schemas/databases in the database server - required: true - item_type: - description: | - SQL Server database. - type: NestedObject - properties: - - name: 'schema' - type: String - description: | - Schema name. - required: true - - name: 'tables' - type: Array - description: | - Tables in the database. - item_type: - description: | - SQL Server table. - type: NestedObject - properties: - - name: 'table' - type: String - description: | - Table name. - required: true - - name: 'columns' - type: Array - description: | - SQL Server columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything. - item_type: - description: | - SQL Server Column. - type: NestedObject - properties: - - name: 'column' - type: String - description: | - Column name. - - name: 'dataType' - type: String - description: | - The SQL Server data type. Full data types list can be found here: - https://learn.microsoft.com/en-us/sql/t-sql/data-types/data-types-transact-sql?view=sql-server-ver16 - - name: 'length' - type: Integer - description: | - Column length. - output: true - - name: 'precision' - type: Integer - description: | - Column precision. - output: true - - name: 'scale' - type: Integer - description: | - Column scale. - output: true - - name: 'primaryKey' - type: Boolean - description: | - Whether or not the column represents a primary key. - output: true - - name: 'nullable' - type: Boolean - description: | - Whether or not the column can accept a null value. - output: true - - name: 'ordinalPosition' - type: Integer - description: | - The ordinal position of the column in the table. - output: true - min_size: 1 - min_size: 1 - min_size: 1 - - name: 'backfillNone' - type: NestedObject - description: | - Backfill strategy to disable automatic backfill for the Stream's objects. - send_empty_value: true - allow_empty_object: true - exactly_one_of: - - 'backfill_all' - - 'backfill_none' - properties: - [] - - name: 'customerManagedEncryptionKey' - type: String - description: | - A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data - will be encrypted using an internal Stream-specific encryption key provisioned through KMS. - immutable: true diff --git a/mmv1/products/datastream/go_product.yaml b/mmv1/products/datastream/go_product.yaml deleted file mode 100644 index faba08aae9b5..000000000000 --- a/mmv1/products/datastream/go_product.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Datastream' -display_name: 'Datastream' -versions: - - name: 'ga' - base_url: 'https://datastream.googleapis.com/v1/' - - name: 'beta' - base_url: 'https://datastream.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' -async: - type: "OpAsync" - operation: - base_url: '{{op_id}}' - path: 'name' - wait_ms: 1000 - result: - path: 'response' - resource_inside_response: true - error: - path: 'error' - message: 'message' diff --git a/mmv1/products/datastream/product.yaml b/mmv1/products/datastream/product.yaml index ce7f1ef2eba9..593efcc3368e 100644 --- a/mmv1/products/datastream/product.yaml +++ b/mmv1/products/datastream/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,31 +11,25 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Datastream +--- +name: 'Datastream' +display_name: 'Datastream' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://datastream.googleapis.com/v1/ - - !ruby/object:Api::Product::Version - name: beta - base_url: https://datastream.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://datastream.googleapis.com/v1/' + - name: 'beta' + base_url: 'https://datastream.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + - 'https://www.googleapis.com/auth/cloud-platform' +async: + type: "OpAsync" + operation: base_url: '{{op_id}}' + path: 'name' wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' diff --git a/mmv1/products/deploymentmanager/Deployment.yaml b/mmv1/products/deploymentmanager/Deployment.yaml index dff0560306c5..3964e1cf0d27 100644 --- a/mmv1/products/deploymentmanager/Deployment.yaml +++ b/mmv1/products/deploymentmanager/Deployment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,46 +11,13 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Deployment' kind: 'deploymentmanager#deployment' -base_url: projects/{{project}}/global/deployments -self_link: projects/{{project}}/global/deployments/{{name}} -create_url: projects/{{project}}/global/deployments?preview={{preview}}&createPolicy={{create_policy}} -delete_url: projects/{{project}}/global/deployments/{{name}}?deletePolicy={{delete_policy}} -# A deployment is updatable, but we need to have custom update behavior. -immutable: true -update_verb: :PATCH -update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} description: | A collection of resources that are deployed and managed together using a configuration file -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - kind: 'deploymentmanager#operation' - path: 'name' - full_url: 'selfLink' - wait_ms: 1000 - result: !ruby/object:Api::OpAsync::Result - path: 'targetLink' - status: !ruby/object:Api::OpAsync::Status - path: 'status' - complete: 'DONE' - allowed: - - 'PENDING' - - 'RUNNING' - - 'DONE' - error: !ruby/object:Api::OpAsync::Error - path: 'error/errors' - message: 'message' -id_format: 'projects/{{project}}/deployments/{{name}}' -import_format: ['projects/{{project}}/deployments/{{name}}'] -timeouts: - !ruby/object:Api::Timeouts # Very long to support very long deployments - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 -docs: !ruby/object:Provider::Terraform::Docs +docs: warning: | Deployment Manager shares similar behavior with Terraform as both products manage GCP resource lifecycle and state. This Terraform @@ -64,38 +31,61 @@ docs: !ruby/object:Provider::Terraform::Docs deployments in preview as recreate-only for any update operation other than actually deploying an in-preview deployment (i.e. `preview=true` to `preview=false`). +id_format: 'projects/{{project}}/deployments/{{name}}' +base_url: 'projects/{{project}}/global/deployments' +self_link: 'projects/{{project}}/global/deployments/{{name}}' +create_url: 'projects/{{project}}/global/deployments?preview={{preview}}&createPolicy={{create_policy}}' +update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' +update_verb: 'PATCH' +delete_url: 'projects/{{project}}/global/deployments/{{name}}?deletePolicy={{delete_policy}}' +# A deployment is updatable, but we need to have custom update behavior. +immutable: true +import_format: + - 'projects/{{project}}/deployments/{{name}}' + # Very long to support very long deployments +timeouts: + insert_minutes: 60 + update_minutes: 60 + delete_minutes: 60 +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + full_url: 'selfLink' + kind: 'deploymentmanager#operation' + path: 'name' + wait_ms: 1000 + result: + path: 'targetLink' + resource_inside_response: false + error: + path: 'error/errors' + message: 'message' +custom_code: + # Custom diff to force new if 'preview' is true + constants: 'templates/terraform/constants/deployment_manager_deployment.go.tmpl' + # post-create failure: Delete deployment if an invalid deployment was created + post_create_failure: 'templates/terraform/post_create_failure/delete_on_failure.go.tmpl' +custom_diff: + - 'customDiffDeploymentManagerDeployment' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'deployment_manager_deployment_basic' + - name: 'deployment_manager_deployment_basic' primary_resource_id: 'deployment' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-deployment-%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-deployment-%s", context["random_suffix"])' vars: deployment_name: 'my-deployment' - skip_test: true - - !ruby/object:Provider::Terraform::Examples - name: 'deployment_manager_deployment_imports' + exclude_test: true + - name: 'deployment_manager_deployment_imports' primary_resource_id: 'deployment' - primary_resource_name: "fmt.Sprintf(\"tf-test-my-deployment-%s\", - context[\"random_suffix\"\ - ])" + primary_resource_name: 'fmt.Sprintf("tf-test-my-deployment-%s", context["random_suffix"])' vars: deployment_name: 'my-deployment' - skip_test: true -custom_code: - !ruby/object:Provider::Terraform::CustomCode # post-create failure: Delete deployment if an invalid deployment was created - post_create_failure: 'templates/terraform/post_create_failure/delete_on_failure.go.erb' - # Custom diff to force new if 'preview' is true - constants: 'templates/terraform/constants/deployment_manager_deployment.go.erb' -custom_diff: [ - 'customDiffDeploymentManagerDeployment', -] + exclude_test: true parameters: # These properties are query parameters given on create/update/delete. # They should be tracked and updatable. - - !ruby/object:Api::Type::Enum - name: 'createPolicy' + - name: 'createPolicy' + type: Enum description: | Set the policy to use for creating new resources. Only used on create and update. Valid values are `CREATE_OR_ACQUIRE` (default) or @@ -103,12 +93,12 @@ parameters: the deployment will fail. Note that updating this field does not actually affect the deployment, just how it is updated. url_param_only: true - default_value: :CREATE_OR_ACQUIRE - values: - - :ACQUIRE - - :CREATE_OR_ACQUIRE - - !ruby/object:Api::Type::Enum - name: 'deletePolicy' + default_value: "CREATE_OR_ACQUIRE" + enum_values: + - 'ACQUIRE' + - 'CREATE_OR_ACQUIRE' + - name: 'deletePolicy' + type: Enum description: | Set the policy to use for deleting new resources on update/delete. Valid values are `DELETE` (default) or `ABANDON`. If `DELETE`, @@ -117,12 +107,13 @@ parameters: and is not actually deleted. Note that updating this field does not actually change the deployment, just how it is updated. url_param_only: true - default_value: :DELETE - values: - - :ABANDON - - :DELETE - - !ruby/object:Api::Type::Boolean - name: 'preview' + default_value: "DELETE" + enum_values: + - 'ABANDON' + - 'DELETE' + # Custom Update + - name: 'preview' + type: Boolean description: | If set to true, a deployment is created with "shell" resources that are not actually instantiated. This allows you to preview a @@ -132,104 +123,101 @@ parameters: of a deployment in preview (unless updating to preview=false). Thus, Terraform will force-recreate deployments if either preview is updated to true or if other fields are updated while preview is true. - default_value: false url_param_only: true - # Custom Update + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' update_id: '0_preview' fingerprint_name: 'fingerprint' - update_verb: :PATCH - update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} + default_value: false properties: - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | Unique name for the deployment required: true - - !ruby/object:Api::Type::String - name: 'description' + # Custom Update + - name: 'description' + type: String description: | Optional user-provided description of deployment. - # Custom Update - fingerprint_name: 'fingerprint' + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' update_id: '1_non-preview' - update_verb: :PATCH - update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} - - !ruby/object:Api::Type::Array - name: 'labels' + fingerprint_name: 'fingerprint' + # Custom Update + - name: 'labels' + type: Array description: | Key-value pairs to apply to this labels. + is_set: true send_empty_value: true - # Custom Update - fingerprint_name: 'fingerprint' + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' update_id: '1_non-preview' - update_verb: :PATCH - update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} - is_set: true - item_type: !ruby/object:Api::Type::NestedObject + fingerprint_name: 'fingerprint' + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'key' + - name: 'key' + type: String description: | Key for label. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | Value of label. - - !ruby/object:Api::Type::NestedObject - name: 'target' - required: true + # Custom Update + - name: 'target' + type: NestedObject description: | Parameters that define your deployment, including the deployment configuration and relevant templates. - # Custom Update - fingerprint_name: 'fingerprint' - update_id: '1_non-preview' - update_verb: :PATCH - update_url: projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}} + required: true ignore_read: true + update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' + update_id: '1_non-preview' + fingerprint_name: 'fingerprint' properties: - - !ruby/object:Api::Type::NestedObject - name: 'config' - required: true + - name: 'config' + type: NestedObject description: | The root configuration file to use for this deployment. + required: true properties: - - !ruby/object:Api::Type::String - name: 'content' - required: true + - name: 'content' + type: String description: | The full YAML contents of your configuration file. - - !ruby/object:Api::Type::Array - name: 'imports' + required: true + - name: 'imports' + type: Array description: | Specifies import files for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'content' + - name: 'content' + type: String description: | The full contents of the template that you want to import. - - !ruby/object:Api::Type::String - name: 'name' + - name: 'name' + type: String description: | The name of the template to import, as declared in the YAML configuration. - - !ruby/object:Api::Type::String - name: 'deployment_id' - api_name: id - output: true + - name: 'deployment_id' + type: String description: | Unique identifier for deployment. Output only. - - !ruby/object:Api::Type::String - name: 'manifest' + api_name: id output: true + - name: 'manifest' + type: String description: | Output only. URL of the manifest representing the last manifest that was successfully deployed. - - !ruby/object:Api::Type::String - name: 'selfLink' output: true + - name: 'selfLink' + type: String description: | Output only. Server defined URL for the resource. + output: true diff --git a/mmv1/products/deploymentmanager/go_Deployment.yaml b/mmv1/products/deploymentmanager/go_Deployment.yaml deleted file mode 100644 index 2fc755bfe6db..000000000000 --- a/mmv1/products/deploymentmanager/go_Deployment.yaml +++ /dev/null @@ -1,216 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Deployment' -kind: 'deploymentmanager#deployment' -description: | - A collection of resources that are deployed and managed together using - a configuration file -docs: - warning: | - Deployment Manager shares similar behavior with Terraform as both - products manage GCP resource lifecycle and state. This Terraform - resource is intended only to manage a Deployment resource, - and attempts to manage the Deployment's resources in Terraform as well - will likely result in errors or unexpected behavior as the two tools - fight over ownership. We strongly discourage doing so unless you are an - experienced user of both tools. - - In addition, due to limitations of the API, Terraform will treat - deployments in preview as recreate-only for any update operation other - than actually deploying an in-preview deployment (i.e. `preview=true` to - `preview=false`). -id_format: 'projects/{{project}}/deployments/{{name}}' -base_url: 'projects/{{project}}/global/deployments' -self_link: 'projects/{{project}}/global/deployments/{{name}}' -create_url: 'projects/{{project}}/global/deployments?preview={{preview}}&createPolicy={{create_policy}}' -update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' -update_verb: 'PATCH' -delete_url: 'projects/{{project}}/global/deployments/{{name}}?deletePolicy={{delete_policy}}' -immutable: true -import_format: - - 'projects/{{project}}/deployments/{{name}}' -timeouts: - insert_minutes: 60 - update_minutes: 60 - delete_minutes: 60 -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - full_url: 'selfLink' - kind: 'deploymentmanager#operation' - path: 'name' - wait_ms: 1000 - result: - path: 'targetLink' - resource_inside_response: false - error: - path: 'error/errors' - message: 'message' -custom_code: - constants: 'templates/terraform/constants/go/deployment_manager_deployment.go.tmpl' - post_create_failure: 'templates/terraform/post_create_failure/go/delete_on_failure.go.tmpl' -custom_diff: - - 'customDiffDeploymentManagerDeployment' -examples: - - name: 'deployment_manager_deployment_basic' - primary_resource_id: 'deployment' - primary_resource_name: 'fmt.Sprintf("tf-test-my-deployment-%s", context["random_suffix"])' - vars: - deployment_name: 'my-deployment' - skip_test: true - - name: 'deployment_manager_deployment_imports' - primary_resource_id: 'deployment' - primary_resource_name: 'fmt.Sprintf("tf-test-my-deployment-%s", context["random_suffix"])' - vars: - deployment_name: 'my-deployment' - skip_test: true -parameters: - - name: 'createPolicy' - type: Enum - description: | - Set the policy to use for creating new resources. Only used on - create and update. Valid values are `CREATE_OR_ACQUIRE` (default) or - `ACQUIRE`. If set to `ACQUIRE` and resources do not already exist, - the deployment will fail. Note that updating this field does not - actually affect the deployment, just how it is updated. - url_param_only: true - default_value: "CREATE_OR_ACQUIRE" - enum_values: - - 'ACQUIRE' - - 'CREATE_OR_ACQUIRE' - - name: 'deletePolicy' - type: Enum - description: | - Set the policy to use for deleting new resources on update/delete. - Valid values are `DELETE` (default) or `ABANDON`. If `DELETE`, - resource is deleted after removal from Deployment Manager. If - `ABANDON`, the resource is only removed from Deployment Manager - and is not actually deleted. Note that updating this field does not - actually change the deployment, just how it is updated. - url_param_only: true - default_value: "DELETE" - enum_values: - - 'ABANDON' - - 'DELETE' - - name: 'preview' - type: Boolean - description: | - If set to true, a deployment is created with "shell" resources - that are not actually instantiated. This allows you to preview a - deployment. It can be updated to false to actually deploy - with real resources. - ~>**NOTE:** Deployment Manager does not allow update - of a deployment in preview (unless updating to preview=false). Thus, - Terraform will force-recreate deployments if either preview is updated - to true or if other fields are updated while preview is true. - url_param_only: true - update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' - update_id: '0_preview' - fingerprint_name: 'fingerprint' - default_value: false -properties: - - name: 'name' - type: String - description: | - Unique name for the deployment - required: true - - name: 'description' - type: String - description: | - Optional user-provided description of deployment. - # Custom Update - update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' - update_id: '1_non-preview' - fingerprint_name: 'fingerprint' - - name: 'labels' - type: Array - description: | - Key-value pairs to apply to this labels. - is_set: true - send_empty_value: true - update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' - update_id: '1_non-preview' - fingerprint_name: 'fingerprint' - item_type: - type: NestedObject - properties: - - name: 'key' - type: String - description: | - Key for label. - - name: 'value' - type: String - description: | - Value of label. - - name: 'target' - type: NestedObject - description: | - Parameters that define your deployment, including the deployment - configuration and relevant templates. - # Custom Update - required: true - ignore_read: true - update_url: 'projects/{{project}}/global/deployments/{{name}}?preview={{preview}}&createPolicy={{create_policy}}&deletePolicy={{delete_policy}}' - update_id: '1_non-preview' - fingerprint_name: 'fingerprint' - properties: - - name: 'config' - type: NestedObject - description: | - The root configuration file to use for this deployment. - required: true - properties: - - name: 'content' - type: String - description: | - The full YAML contents of your configuration file. - required: true - - name: 'imports' - type: Array - description: | - Specifies import files for this configuration. This can be - used to import templates or other files. For example, you might - import a text file in order to use the file in a template. - item_type: - type: NestedObject - properties: - - name: 'content' - type: String - description: | - The full contents of the template that you want to import. - - name: 'name' - type: String - description: | - The name of the template to import, as declared in the YAML - configuration. - - name: 'deployment_id' - type: String - description: | - Unique identifier for deployment. Output only. - api_name: id - output: true - - name: 'manifest' - type: String - description: | - Output only. URL of the manifest representing the last manifest that - was successfully deployed. - output: true - - name: 'selfLink' - type: String - description: | - Output only. Server defined URL for the resource. - output: true diff --git a/mmv1/products/deploymentmanager/go_product.yaml b/mmv1/products/deploymentmanager/go_product.yaml deleted file mode 100644 index 1fe4f3ba24e4..000000000000 --- a/mmv1/products/deploymentmanager/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'DeploymentManager' -display_name: 'Cloud Deployment Manager' -versions: - - name: 'ga' - base_url: 'https://www.googleapis.com/deploymentmanager/v2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/deploymentmanager/product.yaml b/mmv1/products/deploymentmanager/product.yaml index 119dd6f312f2..f9b701f5ef94 100644 --- a/mmv1/products/deploymentmanager/product.yaml +++ b/mmv1/products/deploymentmanager/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2019 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: DeploymentManager -display_name: Cloud Deployment Manager +--- +name: 'DeploymentManager' +display_name: 'Cloud Deployment Manager' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://www.googleapis.com/deploymentmanager/v2/ + - name: 'ga' + base_url: 'https://www.googleapis.com/deploymentmanager/v2/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/developerconnect/Connection.yaml b/mmv1/products/developerconnect/Connection.yaml index 16bfdd723d67..1366e08e794d 100644 --- a/mmv1/products/developerconnect/Connection.yaml +++ b/mmv1/products/developerconnect/Connection.yaml @@ -1,3 +1,4 @@ +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -10,170 +11,212 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/{{location}}/connections -create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}} -self_link: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} -id_format: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} +--- +name: 'Connection' +description: | + A connection to a GitHub App installation. +min_version: 'beta' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}}' +update_verb: 'PATCH' +update_mask: true import_format: - - projects/{{project}}/locations/{{location}}/connections/{{connection_id}} + - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: examples: - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: "developer_connect_connection_basic" - primary_resource_id: "my-connection" - primary_resource_name: "fmt.Sprintf(\"tf-test-connection%s\", - context[\"random_suffix\"\ - ])" + - name: 'developer_connect_connection_basic' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + min_version: 'beta' vars: - connection_name: "tf-test-connection" - - !ruby/object:Provider::Terraform::Examples - min_version: beta - name: "developer_connect_connection_github_doc" - skip_test: true -name: Connection -description: "A connection to a GitHub App installation." -min_version: "beta" -update_verb: :PATCH -update_mask: true -autogen_async: true + connection_name: 'tf-test-connection' + - name: 'developer_connect_connection_github_doc' + min_version: 'beta' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: location - description: - "Resource ID segment making up resource `name`. It identifies the resource + - name: 'location' + type: String + description: | + Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation - for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " + for resource type `developerconnect.googleapis.com/GitRepositoryLink`. + min_version: 'beta' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: connectionId - description: - "Required. Id of the requesting object\nIf auto-generating Id server-side, - remove this field and\nconnection_id from the method_signature of Create RPC " + - name: 'connectionId' + type: String + description: | + Required. Id of the requesting object. If auto-generating Id server-side, + remove this field and connection_id from the method_signature of Create RPC. + min_version: 'beta' url_param_only: true required: true immutable: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" - wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response - resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message properties: - - !ruby/object:Api::Type::NestedObject - name: githubConfig - description: "Configuration for connections to github.com. " + - name: 'githubConfig' + type: NestedObject + description: | + Configuration for connections to github.com. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: githubApp - description: - "Required. Immutable. The GitHub Application that was installed to - the GitHub user or\norganization. \n Possible values:\n GIT_HUB_APP_UNSPECIFIED\nDEVELOPER_CONNECT\nFIREBASE" + - name: 'githubApp' + type: String + description: | + Required. Immutable. The GitHub Application that was installed to + the GitHub user or organization. + Possible values: + GIT_HUB_APP_UNSPECIFIED + DEVELOPER_CONNECT + FIREBASE" + min_version: 'beta' required: true immutable: true - - !ruby/object:Api::Type::NestedObject - name: authorizerCredential - description: - "Represents an OAuth token of the account that authorized the Connection,\nand - associated metadata. " + - name: 'authorizerCredential' + type: NestedObject + description: | + Represents an OAuth token of the account that authorized the Connection,and + associated metadata. + min_version: 'beta' properties: - - !ruby/object:Api::Type::String - name: oauthTokenSecretVersion - description: - "Required. A SecretManager resource containing the OAuth token - that authorizes\nthe connection. Format: `projects/*/secrets/*/versions/*`. " + - name: 'oauthTokenSecretVersion' + type: String + description: | + Required. A SecretManager resource containing the OAuth token + that authorizes the connection. + Format: `projects/*/secrets/*/versions/*`. + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: username - description: "Output only. The username associated with this token. " + - name: 'username' + type: String + description: | + Output only. The username associated with this token. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: appInstallationId - description: "Optional. GitHub App installation id. " - - !ruby/object:Api::Type::String - name: installationUri - description: - "Output only. The URI to navigate to in order to manage the installation - associated\nwith this GitHubConfig. " + - name: 'appInstallationId' + type: String + description: | + Optional. GitHub App installation id. + min_version: 'beta' + - name: 'installationUri' + type: String + description: | + Output only. The URI to navigate to in order to manage the installation + associated with this GitHubConfig. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: name - description: "Identifier. The resource name of the connection, in the format\n`projects/{project}/locations/{location}/connections/{connection_id}`. " + - name: 'name' + type: String + description: | + Identifier. The resource name of the connection, in the format + `projects/{project}/locations/{location}/connections/{connection_id}`. + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: createTime - description: "Output only. [Output only] Create timestamp " + - name: 'createTime' + type: String + description: | + Output only. [Output only] Create timestamp + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: updateTime - description: "Output only. [Output only] Update timestamp " + - name: 'updateTime' + type: String + description: | + Output only. [Output only] Update timestamp + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: deleteTime - description: "Output only. [Output only] Delete timestamp " + - name: 'deleteTime' + type: String + description: | + Output only. [Output only] Delete timestamp + min_version: 'beta' output: true - - !ruby/object:Api::Type::KeyValueLabels - name: labels - description: "Optional. Labels as key value pairs " - - !ruby/object:Api::Type::NestedObject - name: installationState - description: - "Describes stage and necessary actions to be taken by the\nuser to - complete the installation. Used for GitHub and GitHub Enterprise\nbased connections. " + - name: 'labels' + type: KeyValueLabels + description: | + Optional. Labels as key value pairs + min_version: 'beta' + - name: 'installationState' + type: NestedObject + description: | + Describes stage and necessary actions to be taken by the user to complete the installation. + Used for GitHub and GitHub Enterprise based connections. + min_version: 'beta' output: true properties: - - !ruby/object:Api::Type::String - name: stage - description: - "Output only. Current step of the installation process. \n Possible - values:\n STAGE_UNSPECIFIED\nPENDING_CREATE_APP\nPENDING_USER_OAUTH\nPENDING_INSTALL_APP\nCOMPLETE" + - name: 'stage' + type: String + description: | + Output only. Current step of the installation process. + Possible values: + STAGE_UNSPECIFIED + PENDING_CREATE_APP + PENDING_USER_OAUTH + PENDING_INSTALL_APP + COMPLETE + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: message - description: - "Output only. Message of what the user should do next to continue - the installation.\nEmpty string if the installation is already complete. " - - !ruby/object:Api::Type::String - name: actionUri - description: - "Output only. Link to follow for next action. Empty string if the - installation is already\ncomplete. " - - !ruby/object:Api::Type::Boolean - name: disabled - description: - "Optional. If disabled is set to true, functionality is disabled for - this connection.\nRepository based API methods and webhooks processing for repositories - in\nthis connection will be disabled. " - - !ruby/object:Api::Type::Boolean - name: reconciling + - name: 'message' + type: String + description: | + Output only. Message of what the user should do next to continue + the installation.Empty string if the installation is already complete. + min_version: 'beta' + - name: 'actionUri' + type: String + description: | + Output only. Link to follow for next action. Empty string if the + installation is already complete. + min_version: 'beta' + - name: 'disabled' + type: Boolean description: - "Output only. Set to true when the connection is being set up or updated - in the\nbackground. " + Optional. If disabled is set to true, functionality is disabled for + this connection. Repository based API methods and webhooks processing + for repositories in this connection will be disabled. + min_version: 'beta' + - name: 'reconciling' + type: Boolean + description: | + Output only. Set to true when the connection is being set up or updated + in the background. + min_version: 'beta' output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: annotations - description: "Optional. Allows clients to store small amounts of arbitrary data. " - - !ruby/object:Api::Type::String - name: etag - description: - "Optional. This checksum is computed by the server based on the value - of other\nfields, and may be sent on update and delete requests to ensure the\nclient - has an up-to-date value before proceeding. " - - !ruby/object:Api::Type::String - name: uid - description: "Output only. A system-assigned unique identifier for a the GitRepositoryLink. " + - name: 'annotations' + type: KeyValueAnnotations + description: | + Optional. Allows clients to store small amounts of arbitrary data. + min_version: 'beta' + - name: 'etag' + type: String + description: | + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + min_version: 'beta' + - name: 'uid' + type: String + description: | + Output only. A system-assigned unique identifier for a the GitRepositoryLink. + min_version: 'beta' output: true diff --git a/mmv1/products/developerconnect/GitRepositoryLink.yaml b/mmv1/products/developerconnect/GitRepositoryLink.yaml index 07d15b5eadc7..54ea3c39287d 100644 --- a/mmv1/products/developerconnect/GitRepositoryLink.yaml +++ b/mmv1/products/developerconnect/GitRepositoryLink.yaml @@ -1,116 +1,141 @@ ---- !ruby/object:Api::Resource -base_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks -create_url: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks?gitRepositoryLinkId={{git_repository_link_id}} -self_link: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}} -id_format: projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}} +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'GitRepositoryLink' +description: "A git repository link to a parent connection." +min_version: 'beta' +docs: +id_format: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' +base_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks' +self_link: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' +create_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks?gitRepositoryLinkId={{git_repository_link_id}}' +immutable: true import_format: - - projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}} + - 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +autogen_async: true +async: + actions: ['create', 'delete', 'update'] + type: 'OpAsync' + operation: + base_url: '{{op_id}}' + path: 'name' + wait_ms: 1000 + result: + path: 'response' + resource_inside_response: true + error: + path: 'error' + message: 'message' +custom_code: examples: # These tests depend on secrets stored in a separate project, so we prefer not # to show them in the docs. - - !ruby/object:Provider::Terraform::Examples - name: "developer_connect_git_repository_link_github" - primary_resource_id: "primary" - skip_docs: true - min_version: beta + - name: 'developer_connect_git_repository_link_github' + primary_resource_id: 'primary' + min_version: 'beta' vars: - connection_name: "my-connection" - git_repository_link_name: "my-repository" - - !ruby/object:Provider::Terraform::Examples - name: "developer_connect_git_repository_link_github_doc" - min_version: beta - skip_test: true -name: GitRepositoryLink -description: "A git repository link to a parent connection." -min_version: "beta" -autogen_async: true + connection_name: 'my-connection' + git_repository_link_name: 'my-repository' + exclude_docs: true + - name: 'developer_connect_git_repository_link_github_doc' + min_version: 'beta' + exclude_test: true parameters: - - !ruby/object:Api::Type::String - name: location + - name: 'location' + type: String description: "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " + min_version: 'beta' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: parent_connection + - name: 'parent_connection' + type: String description: "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " + min_version: 'beta' url_param_only: true required: true immutable: true - - !ruby/object:Api::Type::String - name: gitRepositoryLinkId + - name: 'gitRepositoryLinkId' + type: String description: "Required. The ID to use for the repository, which will become the final component of\nthe repository's resource name. This ID should be unique in the connection.\nAllows alphanumeric characters and any of -._~%!$&'()*+,;=@. " + min_version: 'beta' url_param_only: true required: true immutable: true -async: !ruby/object:Api::OpAsync - operation: !ruby/object:Api::OpAsync::Operation - path: name - base_url: "{{op_id}}" - wait_ms: 1000 - timeouts: - result: !ruby/object:Api::OpAsync::Result - path: response - resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: done - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error - path: error - message: message -immutable: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: "Identifier. Resource name of the repository, in the format\n`projects/*/locations/*/connections/*/gitRepositoryLinks/*`. " + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: cloneUri + - name: 'cloneUri' + type: String description: "Required. Git Clone URI. " + min_version: 'beta' required: true - - !ruby/object:Api::Type::String - name: createTime + - name: 'createTime' + type: String description: "Output only. [Output only] Create timestamp " + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: updateTime + - name: 'updateTime' + type: String description: "Output only. [Output only] Update timestamp " + min_version: 'beta' output: true - - !ruby/object:Api::Type::String - name: deleteTime + - name: 'deleteTime' + type: String description: "Output only. [Output only] Delete timestamp " + min_version: 'beta' output: true - - !ruby/object:Api::Type::KeyValueLabels - name: labels + - name: 'labels' + type: KeyValueLabels description: "Optional. Labels as key value pairs " - - !ruby/object:Api::Type::String - name: etag + min_version: 'beta' + - name: 'etag' + type: String description: "Optional. This checksum is computed by the server based on the value of other\nfields, and may be sent on update and delete requests to ensure the\nclient has an up-to-date value before proceeding. " - - !ruby/object:Api::Type::Boolean - name: reconciling + min_version: 'beta' + - name: 'reconciling' + type: Boolean description: "Output only. Set to true when the connection is being set up or updated in the\nbackground. " + min_version: 'beta' output: true - - !ruby/object:Api::Type::KeyValueAnnotations - name: annotations + - name: 'annotations' + type: KeyValueAnnotations description: "Optional. Allows clients to store small amounts of arbitrary data. " - - !ruby/object:Api::Type::String - name: uid + min_version: 'beta' + - name: 'uid' + type: String description: "Output only. A system-assigned unique identifier for a the GitRepositoryLink. " + min_version: 'beta' output: true diff --git a/mmv1/products/developerconnect/product.yaml b/mmv1/products/developerconnect/product.yaml index 1ef1c4da99a8..5a32e127e0af 100644 --- a/mmv1/products/developerconnect/product.yaml +++ b/mmv1/products/developerconnect/product.yaml @@ -1,9 +1,21 @@ ---- !ruby/object:Api::Product +# Copyright 2024 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +name: 'DeveloperConnect' +display_name: 'Developer Connect' versions: - - !ruby/object:Api::Product::Version - base_url: https://developerconnect.googleapis.com/v1/ - name: beta -name: DeveloperConnect -display_name: Developer Connect + - name: 'beta' + base_url: 'https://developerconnect.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dialogflow/Agent.yaml b/mmv1/products/dialogflow/Agent.yaml index 127e7df98daf..c651a30ec446 100644 --- a/mmv1/products/dialogflow/Agent.yaml +++ b/mmv1/products/dialogflow/Agent.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,103 +11,108 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Agent' -base_url: 'projects/{{project}}/agent' -self_link: 'projects/{{project}}/agent' -update_verb: :POST description: | A Dialogflow agent is a virtual agent that handles conversations with your end-users. It is a natural language understanding module that understands the nuances of human language. Dialogflow translates end-user text or audio during a conversation to structured data that your apps and services can understand. You design and build a Dialogflow agent to handle the types of conversations required for your system. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects/agent' -timeouts: !ruby/object:Api::Timeouts +docs: +# Only one agent per project, API does not have an agent ID +id_format: '{{project}}' +base_url: 'projects/{{project}}/agent' +self_link: 'projects/{{project}}/agent' +update_verb: 'POST' +import_format: + - '{{project}}' +timeouts: insert_minutes: 40 update_minutes: 40 + delete_minutes: 20 +custom_code: +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflow_agent_full' + - name: 'dialogflow_agent_full' primary_resource_id: 'full_agent' vars: agent_name: 'dialogflow-agent' -# Only one agent per project, API does not have an agent ID -id_format: '{{project}}' -import_format: ['{{project}}'] -skip_sweeper: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + - name: 'displayName' + type: String description: | The name of this agent. - - !ruby/object:Api::Type::String - name: 'defaultLanguageCode' + required: true + - name: 'defaultLanguageCode' + type: String description: | The default language of the agent as a language tag. [See Language Support](https://cloud.google.com/dialogflow/docs/reference/language) for a list of the currently supported language codes. This field cannot be updated after creation. - immutable: true required: true - - !ruby/object:Api::Type::Array - name: 'supportedLanguageCodes' - item_type: Api::Type::String + immutable: true + - name: 'supportedLanguageCodes' + type: Array description: | The list of all languages supported by this agent (except for the defaultLanguageCode). - - !ruby/object:Api::Type::String - name: 'timeZone' + item_type: + type: String + - name: 'timeZone' + type: String description: | The time zone of this agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | The description of this agent. The maximum length is 500 characters. If exceeded, the request is rejected. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.StringLenBetween(0, 500)' - - !ruby/object:Api::Type::String - name: 'avatarUri' + - name: 'avatarUri' + type: String description: | The URI of the agent's avatar, which are used throughout the Dialogflow console. When an image URL is entered into this field, the Dialogflow will save the image in the backend. The address of the backend image returned from the API will be shown in the [avatarUriBackend] field. ignore_read: true - - !ruby/object:Api::Type::String - name: 'avatarUriBackend' + - name: 'avatarUriBackend' + type: String description: | The URI of the agent's avatar as returned from the API. Output only. To provide an image URL for the agent avatar, the [avatarUri] field can be used. - output: true api_name: avatarUri - - !ruby/object:Api::Type::Boolean - name: 'enableLogging' + output: true + - name: 'enableLogging' + type: Boolean description: | Determines whether this agent should log conversation queries. - - !ruby/object:Api::Type::Enum - name: 'matchMode' + - name: 'matchMode' + type: Enum description: | Determines how intents are detected from user queries. * MATCH_MODE_HYBRID: Best for agents with a small number of examples in intents and/or wide use of templates syntax and composite entities. * MATCH_MODE_ML_ONLY: Can be used for agents with a large number of examples in intents, especially the ones using @sys.any or very large developer entities. - values: - - :MATCH_MODE_HYBRID - - :MATCH_MODE_ML_ONLY default_from_api: true - - !ruby/object:Api::Type::Double - name: 'classificationThreshold' + enum_values: + - 'MATCH_MODE_HYBRID' + - 'MATCH_MODE_ML_ONLY' + - name: 'classificationThreshold' + type: Double description: | To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a fallback intent will be triggered or, if there are no fallback intents defined, no intent will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used. - - !ruby/object:Api::Type::Enum - name: 'apiVersion' + - name: 'apiVersion' + type: Enum description: | API version displayed in Dialogflow console. If not specified, V2 API is assumed. Clients are free to query different service endpoints for different API versions. However, bots connectors and webhook calls will follow @@ -115,13 +120,13 @@ properties: * API_VERSION_V1: Legacy V1 API. * API_VERSION_V2: V2 API. * API_VERSION_V2_BETA_1: V2beta1 API. - values: - - :API_VERSION_V1 - - :API_VERSION_V2 - - :API_VERSION_V2_BETA_1 default_from_api: true - - !ruby/object:Api::Type::Enum - name: 'tier' + enum_values: + - 'API_VERSION_V1' + - 'API_VERSION_V2' + - 'API_VERSION_V2_BETA_1' + - name: 'tier' + type: Enum description: | The agent tier. If not specified, TIER_STANDARD is assumed. * TIER_STANDARD: Standard tier. @@ -129,8 +134,8 @@ properties: * TIER_ENTERPRISE_PLUS: Enterprise tier (Plus). NOTE: Due to consistency issues, the provider will not read this field from the API. Drift is possible between the Terraform state and Dialogflow if the agent tier is changed outside of Terraform. - values: - - :TIER_STANDARD - - :TIER_ENTERPRISE - - :TIER_ENTERPRISE_PLUS ignore_read: true + enum_values: + - 'TIER_STANDARD' + - 'TIER_ENTERPRISE' + - 'TIER_ENTERPRISE_PLUS' diff --git a/mmv1/products/dialogflow/EntityType.yaml b/mmv1/products/dialogflow/EntityType.yaml index 59712997b037..57a185b89f58 100644 --- a/mmv1/products/dialogflow/EntityType.yaml +++ b/mmv1/products/dialogflow/EntityType.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,69 +11,75 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EntityType' -base_url: 'projects/{{project}}/agent/entityTypes/' -self_link: '{{name}}' -update_verb: :PATCH description: | Represents an entity type. Entity types serve as a tool for extracting parameter values from natural language queries. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.entityTypes' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/agent/entityTypes/' +self_link: '{{name}}' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/self_link_as_name_set_project.go.tmpl' +# Skip sweeper gen since this is a child resource. +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflow_entity_type_basic' + - name: 'dialogflow_entity_type_basic' primary_resource_id: 'basic_entity_type' - skip_test: true vars: intent_name: 'basic-entity-type' -# Skip sweeper gen since this is a child resource. -skip_sweeper: true -id_format: '{{name}}' -import_format: ['{{name}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/self_link_as_name_set_project.go.erb - post_create: 'templates/terraform/post_create/set_computed_name.erb' + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the entity type. Format: projects//agent/entityTypes/. - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + - name: 'displayName' + type: String description: | The name of this entity type to be displayed on the console. - - !ruby/object:Api::Type::Enum - name: 'kind' required: true + - name: 'kind' + type: Enum description: | Indicates the kind of entity type. * KIND_MAP: Map entity types allow mapping of a group of synonyms to a reference value. * KIND_LIST: List entity types contain a set of entries that do not map to reference values. However, list entity types can contain references to other entity types (with or without aliases). * KIND_REGEXP: Regexp entity types allow to specify regular expressions in entries values. - values: - - :KIND_MAP - - :KIND_LIST - - :KIND_REGEXP - - !ruby/object:Api::Type::Boolean - name: 'enableFuzzyExtraction' + required: true + enum_values: + - 'KIND_MAP' + - 'KIND_LIST' + - 'KIND_REGEXP' + - name: 'enableFuzzyExtraction' + type: Boolean description: | Enables fuzzy entity extraction during classification. - - !ruby/object:Api::Type::Array - name: 'entities' + - name: 'entities' + type: Array description: | The collection of entity entries associated with the entity type. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'value' - required: true + - name: 'value' + type: String description: | The primary value associated with this entity entry. For example, if the entity type is vegetable, the value could be scallions. @@ -81,12 +87,14 @@ properties: * A reference value to be used in place of synonyms. For KIND_LIST entity types: * A string that can contain references to other entity types (with or without aliases). - - !ruby/object:Api::Type::Array - name: 'synonyms' required: true - item_type: Api::Type::String + - name: 'synonyms' + type: Array description: | A collection of value synonyms. For example, if the entity type is vegetable, and value is scallions, a synonym could be green onions. For KIND_LIST entity types: * This collection must contain exactly one synonym equal to value. + required: true + item_type: + type: String diff --git a/mmv1/products/dialogflow/Fulfillment.yaml b/mmv1/products/dialogflow/Fulfillment.yaml index a63582dec806..dfe06ae2c1fa 100644 --- a/mmv1/products/dialogflow/Fulfillment.yaml +++ b/mmv1/products/dialogflow/Fulfillment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,86 +11,93 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Fulfillment' -base_url: 'projects/{{project}}/agent/fulfillment/' -self_link: '{{name}}' -update_verb: :PATCH -delete_verb: :PATCH -create_verb: :PATCH -create_url: projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features -update_url: projects/{{project}}/agent/fulfillment/ -delete_url: projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features -update_mask: true description: | By default, your agent responds to a matched intent with a static response. If you're using one of the integration options, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/es/docs/fulfillment-overview' api: 'https://cloud.google.com/dialogflow/es/docs/reference/rest/v2/projects.agent/getFulfillment' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/agent/fulfillment/' +self_link: '{{name}}' +create_url: 'projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features' +create_verb: 'PATCH' +update_url: 'projects/{{project}}/agent/fulfillment/' +update_verb: 'PATCH' +update_mask: true +delete_url: 'projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features' +delete_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/self_link_as_name_set_project.go.tmpl' +# Skip sweeper gen since this is a child resource. +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflow_fulfillment_basic' + - name: 'dialogflow_fulfillment_basic' primary_resource_id: 'basic_fulfillment' - skip_test: true vars: fulfillment_name: 'basic-fulfillment' -# Skip sweeper gen since this is a child resource. -skip_sweeper: true -id_format: '{{name}}' -import_format: ['{{name}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/self_link_as_name_set_project.go.erb - post_create: 'templates/terraform/post_create/set_computed_name.erb' + exclude_test: true +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the fulfillment. Format: projects//agent/fulfillment - projects//locations//agent/fulfillment - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + - name: 'displayName' + type: String description: | The human-readable name of the fulfillment, unique within the agent. - - !ruby/object:Api::Type::Boolean - name: 'enabled' + required: true + - name: 'enabled' + type: Boolean description: | Whether fulfillment is enabled. - - !ruby/object:Api::Type::Array - name: 'features' + - name: 'features' + type: Array description: | The field defines whether the fulfillment is enabled for certain features. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::Enum - name: 'type' - required: true + - name: 'type' + type: Enum description: | The type of the feature that enabled for fulfillment. * SMALLTALK: Fulfillment is enabled for SmallTalk. - values: - - :SMALLTALK - - !ruby/object:Api::Type::NestedObject - name: 'genericWebService' + required: true + enum_values: + - 'SMALLTALK' + - name: 'genericWebService' + type: NestedObject description: | Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. properties: - - !ruby/object:Api::Type::String - name: 'uri' - required: true + - name: 'uri' + type: String description: | The fulfillment URI for receiving POST requests. It must use https protocol. - - !ruby/object:Api::Type::String - name: 'username' + required: true + - name: 'username' + type: String description: | The user name for HTTP Basic authentication. - - !ruby/object:Api::Type::String - name: 'password' + - name: 'password' + type: String description: | The password for HTTP Basic authentication. - - !ruby/object:Api::Type::KeyValuePairs - name: 'requestHeaders' + - name: 'requestHeaders' + type: KeyValuePairs description: | The HTTP request headers to send together with fulfillment requests. diff --git a/mmv1/products/dialogflow/Intent.yaml b/mmv1/products/dialogflow/Intent.yaml index 477dfee43ccc..bf6ea9a9e373 100644 --- a/mmv1/products/dialogflow/Intent.yaml +++ b/mmv1/products/dialogflow/Intent.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,156 +11,164 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Intent' -base_url: 'projects/{{project}}/agent/intents/' -self_link: '{{name}}' -update_verb: :PATCH description: | Represents a Dialogflow intent. Intents convert a number of user expressions or patterns into an action. An action is an extraction of a user command or sentence semantics. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.intents' +docs: +id_format: '{{name}}' +base_url: 'projects/{{project}}/agent/intents/' +self_link: '{{name}}' +update_verb: 'PATCH' +import_format: + - '{{name}}' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/set_computed_name.tmpl' + custom_import: 'templates/terraform/custom_import/self_link_as_name_set_project.go.tmpl' +# Skip sweeper gen since this is a child resource. +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflow_intent_basic' + - name: 'dialogflow_intent_basic' primary_resource_id: 'basic_intent' - skip_test: true vars: intent_name: 'basic-intent' - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflow_intent_full' + exclude_test: true + - name: 'dialogflow_intent_full' primary_resource_id: 'full_intent' vars: project_id: 'my-project' account_id: 'my-account' intent_name: 'full-intent' test_env_vars: - org_id: :ORG_ID -# Skip sweeper gen since this is a child resource. -skip_sweeper: true -id_format: '{{name}}' -import_format: ['{{name}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/self_link_as_name_set_project.go.erb - post_create: 'templates/terraform/post_create/set_computed_name.erb' + org_id: 'ORG_ID' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of this intent. Format: projects//agent/intents/. - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + - name: 'displayName' + type: String description: | The name of this intent to be displayed on the console. - - !ruby/object:Api::Type::Enum - name: 'webhookState' + required: true + - name: 'webhookState' + type: Enum description: | Indicates whether webhooks are enabled for the intent. * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot filling prompt is forwarded to the webhook. - values: - - :WEBHOOK_STATE_ENABLED - - :WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING default_from_api: true - - !ruby/object:Api::Type::Integer - name: 'priority' + enum_values: + - 'WEBHOOK_STATE_ENABLED' + - 'WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING' + - name: 'priority' + type: Integer description: | The priority of this intent. Higher numbers represent higher priorities. - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the Normal priority in the console. - If the supplied value is negative, the intent is ignored in runtime detect intent requests. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'isFallback' + - name: 'isFallback' + type: Boolean description: | Indicates whether this is a fallback intent. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'mlDisabled' + - name: 'mlDisabled' + type: Boolean description: | Indicates whether Machine Learning is disabled for the intent. Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML ONLY match mode. Also, auto-markup in the UI is turned off. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'inputContextNames' - item_type: Api::Type::String + - name: 'inputContextNames' + type: Array description: | The list of context names required for this intent to be triggered. Format: projects//agent/sessions/-/contexts/. - - !ruby/object:Api::Type::Array - name: 'events' - item_type: Api::Type::String + item_type: + type: String + - name: 'events' + type: Array description: | The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of the contexts must be present in the active user session for an event to trigger this intent. See the [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. - - !ruby/object:Api::Type::String - name: 'action' + item_type: + type: String + - name: 'action' + type: String description: | The name of the action associated with the intent. Note: The action name must not contain whitespaces. default_from_api: true - - !ruby/object:Api::Type::Boolean - name: 'resetContexts' + - name: 'resetContexts' + type: Boolean description: | Indicates whether to delete all contexts in the current session when this intent is matched. default_from_api: true - - !ruby/object:Api::Type::Array - name: 'defaultResponsePlatforms' + - name: 'defaultResponsePlatforms' + type: Array description: | The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED (i.e. default platform). - item_type: !ruby/object:Api::Type::Enum - name: 'platform' + item_type: + type: Enum description: | Represents different platforms that a rich message can be intended for. - values: - - :FACEBOOK - - :SLACK - - :TELEGRAM - - :KIK - - :SKYPE - - :LINE - - :VIBER - - :ACTIONS_ON_GOOGLE - - :GOOGLE_HANGOUTS - - !ruby/object:Api::Type::String - name: 'rootFollowupIntentName' + enum_values: + - 'FACEBOOK' + - 'SLACK' + - 'TELEGRAM' + - 'KIK' + - 'SKYPE' + - 'LINE' + - 'VIBER' + - 'ACTIONS_ON_GOOGLE' + - 'GOOGLE_HANGOUTS' + - name: 'rootFollowupIntentName' + type: String description: | The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup intents chain for this intent. Format: projects//agent/intents/. output: true - - !ruby/object:Api::Type::String - name: 'parentFollowupIntentName' + - name: 'parentFollowupIntentName' + type: String description: | The unique identifier of the parent intent in the chain of followup intents. Format: projects//agent/intents/. immutable: true default_from_api: true - - !ruby/object:Api::Type::Array - name: 'followupIntentInfo' - output: true + - name: 'followupIntentInfo' + type: Array description: | Information about all followup intents that have this intent as a direct or indirect parent. We populate this field only in the output. - item_type: !ruby/object:Api::Type::NestedObject + output: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'followupIntentName' + - name: 'followupIntentName' + type: String description: | The unique identifier of the followup intent. Format: projects//agent/intents/. - - !ruby/object:Api::Type::String - name: 'parentFollowupIntentName' + - name: 'parentFollowupIntentName' + type: String description: | The unique identifier of the followup intent's parent. Format: projects//agent/intents/. diff --git a/mmv1/products/dialogflow/go_Agent.yaml b/mmv1/products/dialogflow/go_Agent.yaml deleted file mode 100644 index 78d202bb759b..000000000000 --- a/mmv1/products/dialogflow/go_Agent.yaml +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Agent' -description: | - A Dialogflow agent is a virtual agent that handles conversations with your end-users. It is a natural language - understanding module that understands the nuances of human language. Dialogflow translates end-user text or audio - during a conversation to structured data that your apps and services can understand. You design and build a Dialogflow - agent to handle the types of conversations required for your system. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' - api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects/agent' -docs: -id_format: '{{project}}' -base_url: 'projects/{{project}}/agent' -self_link: 'projects/{{project}}/agent' -update_verb: 'POST' -import_format: - - '{{project}}' -timeouts: - insert_minutes: 40 - update_minutes: 40 - delete_minutes: 20 -custom_code: -exclude_sweeper: true -examples: - - name: 'dialogflow_agent_full' - primary_resource_id: 'full_agent' - vars: - agent_name: 'dialogflow-agent' -parameters: -properties: - - name: 'displayName' - type: String - description: | - The name of this agent. - required: true - - name: 'defaultLanguageCode' - type: String - description: | - The default language of the agent as a language tag. [See Language Support](https://cloud.google.com/dialogflow/docs/reference/language) - for a list of the currently supported language codes. This field cannot be updated after creation. - required: true - immutable: true - - name: 'supportedLanguageCodes' - type: Array - description: | - The list of all languages supported by this agent (except for the defaultLanguageCode). - item_type: - type: String - - name: 'timeZone' - type: String - description: | - The time zone of this agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, - Europe/Paris. - required: true - - name: 'description' - type: String - description: | - The description of this agent. The maximum length is 500 characters. If exceeded, the request is rejected. - validation: - function: 'validation.StringLenBetween(0, 500)' - - name: 'avatarUri' - type: String - description: | - The URI of the agent's avatar, which are used throughout the Dialogflow console. When an image URL is entered - into this field, the Dialogflow will save the image in the backend. The address of the backend image returned - from the API will be shown in the [avatarUriBackend] field. - ignore_read: true - - name: 'avatarUriBackend' - type: String - description: | - The URI of the agent's avatar as returned from the API. Output only. To provide an image URL for the agent avatar, - the [avatarUri] field can be used. - api_name: avatarUri - output: true - - name: 'enableLogging' - type: Boolean - description: | - Determines whether this agent should log conversation queries. - - name: 'matchMode' - type: Enum - description: | - Determines how intents are detected from user queries. - * MATCH_MODE_HYBRID: Best for agents with a small number of examples in intents and/or wide use of templates - syntax and composite entities. - * MATCH_MODE_ML_ONLY: Can be used for agents with a large number of examples in intents, especially the ones - using @sys.any or very large developer entities. - default_from_api: true - enum_values: - - 'MATCH_MODE_HYBRID' - - 'MATCH_MODE_ML_ONLY' - - name: 'classificationThreshold' - type: Double - description: | - To filter out false positive results and still get variety in matched natural language inputs for your agent, - you can tune the machine learning classification threshold. If the returned score value is less than the threshold - value, then a fallback intent will be triggered or, if there are no fallback intents defined, no intent will be - triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the - default of 0.3 is used. - - name: 'apiVersion' - type: Enum - description: | - API version displayed in Dialogflow console. If not specified, V2 API is assumed. Clients are free to query - different service endpoints for different API versions. However, bots connectors and webhook calls will follow - the specified API version. - * API_VERSION_V1: Legacy V1 API. - * API_VERSION_V2: V2 API. - * API_VERSION_V2_BETA_1: V2beta1 API. - default_from_api: true - enum_values: - - 'API_VERSION_V1' - - 'API_VERSION_V2' - - 'API_VERSION_V2_BETA_1' - - name: 'tier' - type: Enum - description: | - The agent tier. If not specified, TIER_STANDARD is assumed. - * TIER_STANDARD: Standard tier. - * TIER_ENTERPRISE: Enterprise tier (Essentials). - * TIER_ENTERPRISE_PLUS: Enterprise tier (Plus). - NOTE: Due to consistency issues, the provider will not read this field from the API. Drift is possible between - the Terraform state and Dialogflow if the agent tier is changed outside of Terraform. - ignore_read: true - enum_values: - - 'TIER_STANDARD' - - 'TIER_ENTERPRISE' - - 'TIER_ENTERPRISE_PLUS' diff --git a/mmv1/products/dialogflow/go_EntityType.yaml b/mmv1/products/dialogflow/go_EntityType.yaml deleted file mode 100644 index d300fa5f9161..000000000000 --- a/mmv1/products/dialogflow/go_EntityType.yaml +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'EntityType' -description: | - Represents an entity type. Entity types serve as a tool for extracting parameter values from natural language queries. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' - api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.entityTypes' -docs: -id_format: '{{name}}' -base_url: 'projects/{{project}}/agent/entityTypes/' -self_link: '{{name}}' -update_verb: 'PATCH' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' - custom_import: 'templates/terraform/custom_import/go/self_link_as_name_set_project.go.tmpl' -exclude_sweeper: true -examples: - - name: 'dialogflow_entity_type_basic' - primary_resource_id: 'basic_entity_type' - vars: - intent_name: 'basic-entity-type' - skip_test: true -parameters: -properties: - - name: 'name' - type: String - description: | - The unique identifier of the entity type. - Format: projects//agent/entityTypes/. - output: true - - name: 'displayName' - type: String - description: | - The name of this entity type to be displayed on the console. - required: true - - name: 'kind' - type: Enum - description: | - Indicates the kind of entity type. - * KIND_MAP: Map entity types allow mapping of a group of synonyms to a reference value. - * KIND_LIST: List entity types contain a set of entries that do not map to reference values. However, list entity - types can contain references to other entity types (with or without aliases). - * KIND_REGEXP: Regexp entity types allow to specify regular expressions in entries values. - required: true - enum_values: - - 'KIND_MAP' - - 'KIND_LIST' - - 'KIND_REGEXP' - - name: 'enableFuzzyExtraction' - type: Boolean - description: | - Enables fuzzy entity extraction during classification. - - name: 'entities' - type: Array - description: | - The collection of entity entries associated with the entity type. - item_type: - type: NestedObject - properties: - - name: 'value' - type: String - description: | - The primary value associated with this entity entry. For example, if the entity type is vegetable, the value - could be scallions. - For KIND_MAP entity types: - * A reference value to be used in place of synonyms. - For KIND_LIST entity types: - * A string that can contain references to other entity types (with or without aliases). - required: true - - name: 'synonyms' - type: Array - description: | - A collection of value synonyms. For example, if the entity type is vegetable, and value is scallions, a synonym - could be green onions. - For KIND_LIST entity types: - * This collection must contain exactly one synonym equal to value. - required: true - item_type: - type: String diff --git a/mmv1/products/dialogflow/go_Fulfillment.yaml b/mmv1/products/dialogflow/go_Fulfillment.yaml deleted file mode 100644 index d72585c7fc74..000000000000 --- a/mmv1/products/dialogflow/go_Fulfillment.yaml +++ /dev/null @@ -1,103 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Fulfillment' -description: | - By default, your agent responds to a matched intent with a static response. If you're using one of the integration options, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dialogflow/es/docs/fulfillment-overview' - api: 'https://cloud.google.com/dialogflow/es/docs/reference/rest/v2/projects.agent/getFulfillment' -docs: -id_format: '{{name}}' -base_url: 'projects/{{project}}/agent/fulfillment/' -self_link: '{{name}}' -create_url: 'projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features' -create_verb: 'PATCH' -update_url: 'projects/{{project}}/agent/fulfillment/' -update_verb: 'PATCH' -update_mask: true -delete_url: 'projects/{{project}}/agent/fulfillment/?updateMask=name,displayName,enabled,genericWebService,features' -delete_verb: 'PATCH' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' - custom_import: 'templates/terraform/custom_import/go/self_link_as_name_set_project.go.tmpl' -exclude_sweeper: true -examples: - - name: 'dialogflow_fulfillment_basic' - primary_resource_id: 'basic_fulfillment' - vars: - fulfillment_name: 'basic-fulfillment' - skip_test: true -parameters: -properties: - - name: 'name' - type: String - description: | - The unique identifier of the fulfillment. - Format: projects//agent/fulfillment - projects//locations//agent/fulfillment - output: true - - name: 'displayName' - type: String - description: | - The human-readable name of the fulfillment, unique within the agent. - required: true - - name: 'enabled' - type: Boolean - description: | - Whether fulfillment is enabled. - - name: 'features' - type: Array - description: | - The field defines whether the fulfillment is enabled for certain features. - item_type: - type: NestedObject - properties: - - name: 'type' - type: Enum - description: | - The type of the feature that enabled for fulfillment. - * SMALLTALK: Fulfillment is enabled for SmallTalk. - required: true - enum_values: - - 'SMALLTALK' - - name: 'genericWebService' - type: NestedObject - description: | - Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. - properties: - - name: 'uri' - type: String - description: | - The fulfillment URI for receiving POST requests. It must use https protocol. - required: true - - name: 'username' - type: String - description: | - The user name for HTTP Basic authentication. - - name: 'password' - type: String - description: | - The password for HTTP Basic authentication. - - name: 'requestHeaders' - type: KeyValuePairs - description: | - The HTTP request headers to send together with fulfillment requests. diff --git a/mmv1/products/dialogflow/go_Intent.yaml b/mmv1/products/dialogflow/go_Intent.yaml deleted file mode 100644 index 009e13b2cb94..000000000000 --- a/mmv1/products/dialogflow/go_Intent.yaml +++ /dev/null @@ -1,174 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Intent' -description: | - Represents a Dialogflow intent. Intents convert a number of user expressions or patterns into an action. An action - is an extraction of a user command or sentence semantics. -references: - guides: - 'Official Documentation': 'https://cloud.google.com/dialogflow/docs/' - api: 'https://cloud.google.com/dialogflow/docs/reference/rest/v2/projects.agent.intents' -docs: -id_format: '{{name}}' -base_url: 'projects/{{project}}/agent/intents/' -self_link: '{{name}}' -update_verb: 'PATCH' -import_format: - - '{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - post_create: 'templates/terraform/post_create/go/set_computed_name.tmpl' - custom_import: 'templates/terraform/custom_import/go/self_link_as_name_set_project.go.tmpl' -exclude_sweeper: true -examples: - - name: 'dialogflow_intent_basic' - primary_resource_id: 'basic_intent' - vars: - intent_name: 'basic-intent' - skip_test: true - - name: 'dialogflow_intent_full' - primary_resource_id: 'full_intent' - vars: - project_id: 'my-project' - account_id: 'my-account' - intent_name: 'full-intent' - test_env_vars: - org_id: 'ORG_ID' -parameters: -properties: - - name: 'name' - type: String - description: | - The unique identifier of this intent. - Format: projects//agent/intents/. - output: true - - name: 'displayName' - type: String - description: | - The name of this intent to be displayed on the console. - required: true - - name: 'webhookState' - type: Enum - description: | - Indicates whether webhooks are enabled for the intent. - * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. - * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot - filling prompt is forwarded to the webhook. - default_from_api: true - enum_values: - - 'WEBHOOK_STATE_ENABLED' - - 'WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING' - - name: 'priority' - type: Integer - description: | - The priority of this intent. Higher numbers represent higher priorities. - - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds - to the Normal priority in the console. - - If the supplied value is negative, the intent is ignored in runtime detect intent requests. - default_from_api: true - - name: 'isFallback' - type: Boolean - description: | - Indicates whether this is a fallback intent. - default_from_api: true - - name: 'mlDisabled' - type: Boolean - description: | - Indicates whether Machine Learning is disabled for the intent. - Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML - ONLY match mode. Also, auto-markup in the UI is turned off. - default_from_api: true - - name: 'inputContextNames' - type: Array - description: | - The list of context names required for this intent to be triggered. - Format: projects//agent/sessions/-/contexts/. - item_type: - type: String - - name: 'events' - type: Array - description: | - The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of - the contexts must be present in the active user session for an event to trigger this intent. See the - [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. - item_type: - type: String - - name: 'action' - type: String - description: | - The name of the action associated with the intent. - Note: The action name must not contain whitespaces. - default_from_api: true - - name: 'resetContexts' - type: Boolean - description: | - Indicates whether to delete all contexts in the current session when this intent is matched. - default_from_api: true - - name: 'defaultResponsePlatforms' - type: Array - description: | - The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED - (i.e. default platform). - item_type: - type: Enum - description: | - Represents different platforms that a rich message can be intended for. - enum_values: - - 'FACEBOOK' - - 'SLACK' - - 'TELEGRAM' - - 'KIK' - - 'SKYPE' - - 'LINE' - - 'VIBER' - - 'ACTIONS_ON_GOOGLE' - - 'GOOGLE_HANGOUTS' - - name: 'rootFollowupIntentName' - type: String - description: | - The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup - intents chain for this intent. - Format: projects//agent/intents/. - output: true - - name: 'parentFollowupIntentName' - type: String - description: | - The unique identifier of the parent intent in the chain of followup intents. - Format: projects//agent/intents/. - immutable: true - default_from_api: true - - name: 'followupIntentInfo' - type: Array - description: | - Information about all followup intents that have this intent as a direct or indirect parent. We populate this field - only in the output. - output: true - item_type: - type: NestedObject - properties: - - name: 'followupIntentName' - type: String - description: | - The unique identifier of the followup intent. - Format: projects//agent/intents/. - - name: 'parentFollowupIntentName' - type: String - description: | - The unique identifier of the followup intent's parent. - Format: projects//agent/intents/. diff --git a/mmv1/products/dialogflow/go_product.yaml b/mmv1/products/dialogflow/go_product.yaml deleted file mode 100644 index 71e8e3d4fb82..000000000000 --- a/mmv1/products/dialogflow/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'Dialogflow' -display_name: 'Dialogflow' -versions: - - name: 'ga' - base_url: 'https://dialogflow.googleapis.com/v2/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dialogflow/product.yaml b/mmv1/products/dialogflow/product.yaml index b071ad685efd..7a0d9d06d0a5 100644 --- a/mmv1/products/dialogflow/product.yaml +++ b/mmv1/products/dialogflow/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: Dialogflow -display_name: Dialogflow +--- +name: 'Dialogflow' +display_name: 'Dialogflow' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://dialogflow.googleapis.com/v2/ + - name: 'ga' + base_url: 'https://dialogflow.googleapis.com/v2/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/dialogflowcx/Agent.yaml b/mmv1/products/dialogflowcx/Agent.yaml index c661bb18ecbc..85270a9abc33 100644 --- a/mmv1/products/dialogflowcx/Agent.yaml +++ b/mmv1/products/dialogflowcx/Agent.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,130 +11,135 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Agent' -base_url: 'projects/{{project}}/locations/{{location}}/agents' -update_verb: :PATCH -update_mask: true description: | Agents are best described as Natural Language Understanding (NLU) modules that transform user requests into actionable data. You can include agents in your app, product, or service to determine user intent and respond to the user in a natural way. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents' -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: 'projects/{{project}}/locations/{{location}}/agents/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/agents' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/agents/{{name}}' +timeouts: insert_minutes: 40 update_minutes: 40 + delete_minutes: 20 +custom_code: +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_agent_full' + - name: 'dialogflowcx_agent_full' primary_resource_id: 'full_agent' vars: agent_name: 'dialogflowcx-agent' bucket_name: 'dialogflowcx-bucket' ignore_read_extra: - - git_integration_settings.0.github_settings.0.access_token -id_format: 'projects/{{project}}/locations/{{location}}/agents/{{name}}' -import_format: ['projects/{{project}}/locations/{{location}}/agents/{{name}}'] -skip_sweeper: true + - 'git_integration_settings.0.github_settings.0.access_token' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the agent. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'location' + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'location' + type: String description: | The name of the location this agent is located in. ~> **Note:** The first time you are deploying an Agent in your project you must configure location settings. This is a one time step but at the moment you can only [configure location settings](https://cloud.google.com/dialogflow/cx/docs/concept/region#location-settings) via the Dialogflow CX console. Another options is to use global location so you don't need to manually configure location settings. - required: true - immutable: true url_param_only: true - - !ruby/object:Api::Type::String - name: 'displayName' required: true + immutable: true + - name: 'displayName' + type: String description: | The human-readable name of the agent, unique within the location. - - !ruby/object:Api::Type::String - name: 'defaultLanguageCode' + required: true + - name: 'defaultLanguageCode' + type: String description: | The default language of the agent as a language tag. [See Language Support](https://cloud.google.com/dialogflow/cx/docs/reference/language) for a list of the currently supported language codes. This field cannot be updated after creation. - immutable: true required: true - - !ruby/object:Api::Type::Array - name: 'supportedLanguageCodes' - item_type: Api::Type::String + immutable: true + - name: 'supportedLanguageCodes' + type: Array description: | The list of all languages supported by this agent (except for the default_language_code). - - !ruby/object:Api::Type::String - name: 'timeZone' + item_type: + type: String + - name: 'timeZone' + type: String description: | The time zone of this agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. required: true - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | The description of this agent. The maximum length is 500 characters. If exceeded, the request is rejected. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.StringLenBetween(0, 500)' - - !ruby/object:Api::Type::String - name: 'avatarUri' + - name: 'avatarUri' + type: String description: | The URI of the agent's avatar. Avatars are used throughout the Dialogflow console and in the self-hosted Web Demo integration. - - !ruby/object:Api::Type::NestedObject - name: 'speechToTextSettings' + - name: 'speechToTextSettings' + type: NestedObject description: | Settings related to speech recognition. properties: - - !ruby/object:Api::Type::Boolean - name: 'enableSpeechAdaptation' + - name: 'enableSpeechAdaptation' + type: Boolean description: | Whether to use speech adaptation for speech recognition. - - !ruby/object:Api::Type::String - name: 'startFlow' - output: true + - name: 'startFlow' + type: String description: | Name of the start flow in this agent. A start flow will be automatically created when the agent is created, and can only be deleted by deleting the agent. Format: projects//locations//agents//flows/. - - !ruby/object:Api::Type::String - name: 'securitySettings' + output: true + - name: 'securitySettings' + type: String description: | Name of the SecuritySettings reference for the agent. Format: projects//locations//securitySettings/. - - !ruby/object:Api::Type::Boolean - name: 'enableStackdriverLogging' + - name: 'enableStackdriverLogging' + type: Boolean description: | Determines whether this agent should log conversation queries. - - !ruby/object:Api::Type::Boolean - name: 'enableSpellCorrection' + - name: 'enableSpellCorrection' + type: Boolean description: | Indicates if automatic spell correction is enabled in detect intent requests. - - !ruby/object:Api::Type::NestedObject - name: 'advancedSettings' + - name: 'advancedSettings' + type: NestedObject description: | Hierarchical advanced settings for this agent. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. default_from_api: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'audioExportGcsDestination' + - name: 'audioExportGcsDestination' + type: NestedObject description: | If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: * Agent level * Flow level properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: | The Google Cloud Storage URI for the exported objects. Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation. Format: gs://bucket/object-name-or-prefix - - !ruby/object:Api::Type::NestedObject - name: 'dtmfSettings' + - name: 'dtmfSettings' + type: NestedObject description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -142,71 +147,71 @@ properties: * Page level * Parameter level properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: | If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). - - !ruby/object:Api::Type::Integer - name: 'maxDigits' + - name: 'maxDigits' + type: Integer description: | Max length of DTMF digits. - - !ruby/object:Api::Type::String - name: 'finishDigit' + - name: 'finishDigit' + type: String description: | The digit that terminates a DTMF digit sequence. - - !ruby/object:Api::Type::NestedObject - name: 'gitIntegrationSettings' + - name: 'gitIntegrationSettings' + type: NestedObject description: | Git integration settings for this agent. allow_empty_object: true properties: - - !ruby/object:Api::Type::NestedObject - name: 'githubSettings' + - name: 'githubSettings' + type: NestedObject description: | Settings of integration with GitHub. - custom_flatten: 'templates/terraform/custom_flatten/dialogflowcx_agent_git_integration_settings_github_settings.go.erb' # accessToken comes from config, no response + # accessToken comes from config, no response + custom_flatten: 'templates/terraform/custom_flatten/dialogflowcx_agent_git_integration_settings_github_settings.go.tmpl' properties: - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | The unique repository display name for the GitHub repository. - - !ruby/object:Api::Type::String - name: 'repositoryUri' + - name: 'repositoryUri' + type: String description: | The GitHub repository URI related to the agent. - - !ruby/object:Api::Type::String - name: 'trackingBranch' + - name: 'trackingBranch' + type: String description: | The branch of the GitHub repository tracked for this agent. - - !ruby/object:Api::Type::String - name: 'accessToken' + - name: 'accessToken' + type: String description: | The access token used to authenticate the access to the GitHub repository. - sensitive: true ignore_read: true - - !ruby/object:Api::Type::Array - name: 'branches' + sensitive: true + - name: 'branches' + type: Array description: | A list of branches configured to be used from Dialogflow. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'textToSpeechSettings' + item_type: + type: String + - name: 'textToSpeechSettings' + type: NestedObject description: | Settings related to speech synthesizing. allow_empty_object: true properties: # This is a map of language -> some settings. List of languages is large and constantly expanding so we use a string instead of a NestedObject with 100 properties. - - !ruby/object:Api::Type::String - name: 'synthesizeSpeechConfigs' + - name: 'synthesizeSpeechConfigs' + type: String description: | Configuration of how speech should be synthesized, mapping from [language](https://cloud.google.com/dialogflow/cx/docs/reference/language) to [SynthesizeSpeechConfig](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents#synthesizespeechconfig). These settings affect: * The phone gateway synthesize configuration set via Agent.text_to_speech_settings. * How speech is synthesized when invoking session APIs. `Agent.text_to_speech_settings` only applies if `OutputAudioConfig.synthesize_speech_config` is not specified. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' diff --git a/mmv1/products/dialogflowcx/EntityType.yaml b/mmv1/products/dialogflowcx/EntityType.yaml index 53aa2ed91698..5b6ddc4c89c1 100644 --- a/mmv1/products/dialogflowcx/EntityType.yaml +++ b/mmv1/products/dialogflowcx/EntityType.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,125 +11,130 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'EntityType' -base_url: '{{parent}}/entityTypes' -update_verb: :PATCH -update_mask: true description: | Entities are extracted from user input and represent parameters that are meaningful to your application. For example, a date range, a proper name such as a geographic location or landmark, and so on. Entities represent actionable data for your application. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.entityTypes' -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: '{{parent}}/entityTypes/{{name}}' +base_url: '{{parent}}/entityTypes' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{parent}}/entityTypes/{{name}}' +timeouts: insert_minutes: 40 update_minutes: 40 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/dialogflowcx_entity_type.go.erb - pre_create: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_delete: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_read: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_update: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_delete: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + custom_import: 'templates/terraform/custom_import/dialogflowcx_entity_type.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_entity_type_full' + - name: 'dialogflowcx_entity_type_full' primary_resource_id: 'basic_entity_type' vars: agent_name: 'dialogflowcx-agent' -skip_sweeper: true -id_format: '{{parent}}/entityTypes/{{name}}' -import_format: ['{{parent}}/entityTypes/{{name}}'] parameters: - - !ruby/object:Api::Type::String - name: parent - url_param_only: true - immutable: true + - name: 'parent' + type: String description: | The agent to create a entity type for. Format: projects//locations//agents/. - - !ruby/object:Api::Type::String - name: 'languageCode' + url_param_only: true + immutable: true + - name: 'languageCode' + type: String description: | The language of the following fields in entityType: EntityType.entities.value EntityType.entities.synonyms EntityType.excluded_phrases.value If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. - immutable: true url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the entity type. Format: projects//locations//agents//entityTypes/. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'displayName' + type: String description: | The human-readable name of the entity type, unique within the agent. - validation: !ruby/object:Provider::Terraform::Validation - function: 'validation.StringLenBetween(0, 64)' - - !ruby/object:Api::Type::Enum - name: 'kind' required: true + validation: + function: 'validation.StringLenBetween(0, 64)' + - name: 'kind' + type: Enum description: | Indicates whether the entity type can be automatically expanded. * KIND_MAP: Map entity types allow mapping of a group of synonyms to a canonical value. * KIND_LIST: List entity types contain a set of entries that do not map to canonical values. However, list entity types can contain references to other entity types (with or without aliases). * KIND_REGEXP: Regexp entity types allow to specify regular expressions in entries values. - values: - - :KIND_MAP - - :KIND_LIST - - :KIND_REGEXP - - !ruby/object:Api::Type::Enum - name: 'autoExpansionMode' + required: true + enum_values: + - 'KIND_MAP' + - 'KIND_LIST' + - 'KIND_REGEXP' + - name: 'autoExpansionMode' + type: Enum description: | Represents kinds of entities. * AUTO_EXPANSION_MODE_UNSPECIFIED: Auto expansion disabled for the entity. * AUTO_EXPANSION_MODE_DEFAULT: Allows an agent to recognize values that have not been explicitly listed in the entity. - values: - - :AUTO_EXPANSION_MODE_DEFAULT - - :AUTO_EXPANSION_MODE_UNSPECIFIED - - !ruby/object:Api::Type::Array - name: 'entities' - required: true + enum_values: + - 'AUTO_EXPANSION_MODE_DEFAULT' + - 'AUTO_EXPANSION_MODE_UNSPECIFIED' + - name: 'entities' + type: Array description: | The collection of entity entries associated with the entity type. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The primary value associated with this entity entry. For example, if the entity type is vegetable, the value could be scallions. For KIND_MAP entity types: A canonical value to be used in place of synonyms. For KIND_LIST entity types: A string that can contain references to other entity types (with or without aliases). - - !ruby/object:Api::Type::Array - name: 'synonyms' - item_type: Api::Type::String + - name: 'synonyms' + type: Array description: | A collection of value synonyms. For example, if the entity type is vegetable, and value is scallions, a synonym could be green onions. For KIND_LIST entity types: This collection must contain exactly one synonym equal to value. - - !ruby/object:Api::Type::Array - name: 'excludedPhrases' + item_type: + type: String + - name: 'excludedPhrases' + type: Array description: | Collection of exceptional words and phrases that shouldn't be matched. For example, if you have a size entity type with entry giant(an adjective), you might consider adding giants(a noun) as an exclusion. If the kind of entity type is KIND_MAP, then the phrases specified by entities and excluded phrases should be mutually exclusive. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The word or phrase to be excluded. - - !ruby/object:Api::Type::Boolean - name: 'enableFuzzyExtraction' + - name: 'enableFuzzyExtraction' + type: Boolean description: | Enables fuzzy entity extraction during classification. - - !ruby/object:Api::Type::Boolean - name: 'redact' + - name: 'redact' + type: Boolean description: | Indicates whether parameters of the entity type should be redacted in log. If redaction is enabled, page parameters and intent parameters referring to the entity type will be replaced by parameter name when logging. diff --git a/mmv1/products/dialogflowcx/Environment.yaml b/mmv1/products/dialogflowcx/Environment.yaml index b8ad55a4b8ae..a453a2049cba 100644 --- a/mmv1/products/dialogflowcx/Environment.yaml +++ b/mmv1/products/dialogflowcx/Environment.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,110 +11,108 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Environment' -base_url: '{{parent}}/environments' -update_verb: :PATCH -update_mask: true description: | Represents an environment for an agent. You can create multiple versions of your agent and publish them to separate environments. When you edit an agent, you are editing the draft agent. At any point, you can save the draft agent as an agent version, which is an immutable snapshot of your agent. When you save the draft agent, it is published to the default environment. When you create agent versions, you can publish them to custom environments. You can create a variety of custom environments for testing, development, production, etc. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.environments' -async: !ruby/object:Api::OpAsync +docs: +id_format: '{{parent}}/environments/{{name}}' +base_url: '{{parent}}/environments' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{parent}}/environments/{{name}}' +timeouts: + insert_minutes: 40 + update_minutes: 40 + delete_minutes: 20 +async: actions: ['create', 'update'] - operation: !ruby/object:Api::OpAsync::Operation - path: 'name' + type: 'OpAsync' + operation: full_url: 'https://{{location}}-dialogflow.googleapis.com/v3/{{op_id}}' + path: 'name' wait_ms: 1000 - timeouts: !ruby/object:Api::Timeouts + timeouts: insert_minutes: 60 update_minutes: 60 - result: !ruby/object:Api::OpAsync::Result + delete_minutes: 20 + result: path: 'response' resource_inside_response: true - status: !ruby/object:Api::OpAsync::Status - path: 'done' - complete: true - allowed: - - true - - false - error: !ruby/object:Api::OpAsync::Error + error: path: 'error' message: 'message' -timeouts: !ruby/object:Api::Timeouts - insert_minutes: 40 - update_minutes: 40 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/dialogflowcx_environment.go.erb - pre_create: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_delete: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb +custom_code: + pre_create: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_read: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_update: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_delete: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + custom_import: 'templates/terraform/custom_import/dialogflowcx_environment.go.tmpl' custom_diff: - 'tpgresource.DefaultProviderProject' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_environment_full' + - name: 'dialogflowcx_environment_full' primary_resource_id: 'development' vars: agent_name: 'dialogflowcx-agent' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - name: 'dialogflowcx_environment_regional' + - name: 'dialogflowcx_environment_regional' primary_resource_id: 'development' vars: agent_name: 'issue-12880' -skip_sweeper: true -id_format: '{{parent}}/environments/{{name}}' -import_format: ['{{parent}}/environments/{{name}}'] + exclude_docs: true parameters: - - !ruby/object:Api::Type::String - name: parent - url_param_only: true - immutable: true + - name: 'parent' + type: String description: | The Agent to create an Environment for. Format: projects//locations//agents/. + url_param_only: true + immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The name of the environment. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'displayName' + type: String description: | The human-readable name of the environment (unique in an agent). Limit of 64 characters. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: function: 'validation.StringLenBetween(0, 64)' - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | The human-readable description of the environment. The maximum length is 500 characters. If exceeded, the request is rejected. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.StringLenBetween(0, 500)' - - !ruby/object:Api::Type::Array - name: 'versionConfigs' - required: true + - name: 'versionConfigs' + type: Array description: | A list of configurations for flow versions. You should include version configs for all flows that are reachable from [Start Flow][Agent.start_flow] in the agent. Otherwise, an error will be returned. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'version' - required: true + - name: 'version' + type: String description: | Format: projects/{{project}}/locations/{{location}}/agents/{{agent}}/flows/{{flow}}/versions/{{version}}. - - !ruby/object:Api::Type::Time - name: 'updateTime' - output: true + required: true + - name: 'updateTime' + type: Time description: 'Update time of this environment. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".' + output: true diff --git a/mmv1/products/dialogflowcx/Flow.yaml b/mmv1/products/dialogflowcx/Flow.yaml index 061b2e2b222f..22c11a4ac68b 100644 --- a/mmv1/products/dialogflowcx/Flow.yaml +++ b/mmv1/products/dialogflowcx/Flow.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,66 +11,66 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Flow' -base_url: '{{parent}}/flows' -update_verb: :PATCH -update_mask: true description: | Flows represents the conversation flows when you build your chatbot agent. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.flows' -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: '{{parent}}/flows/{{name}}' +base_url: '{{parent}}/flows' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{parent}}/flows/{{name}}' +timeouts: insert_minutes: 40 update_minutes: 40 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/dialogflowcx_flow.go.erb - pre_create: templates/terraform/pre_create/dialogflowcx_set_location_skip_default_obj.go.erb - pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_delete: templates/terraform/pre_delete/dialogflowcx_set_location_skip_default_obj.go.erb - pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb -virtual_fields: - - !ruby/object:Api::Type::Boolean - name: is_default_start_flow - immutable: true - description: | - Marks this as the [Default Start Flow](https://cloud.google.com/dialogflow/cx/docs/concept/flow#start) for an agent. When you create an agent, the Default Start Flow is created automatically. - The Default Start Flow cannot be deleted; deleting the `google_dialogflow_cx_flow` resource does nothing to the underlying GCP resources. - - ~> Avoid having multiple `google_dialogflow_cx_flow` resources linked to the same agent with `is_default_start_flow = true` because they will compete to control a single Default Start Flow resource in GCP. + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/pre_create/dialogflowcx_set_location_skip_default_obj.go.tmpl' + pre_read: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_update: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/dialogflowcx_set_location_skip_default_obj.go.tmpl' + custom_import: 'templates/terraform/custom_import/dialogflowcx_flow.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_flow_basic' + - name: 'dialogflowcx_flow_basic' primary_resource_id: 'basic_flow' vars: agent_name: 'dialogflowcx-agent' - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_flow_full' + - name: 'dialogflowcx_flow_full' primary_resource_id: 'basic_flow' vars: agent_name: 'dialogflowcx-agent' bucket_name: 'dialogflowcx-bucket' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - name: 'dialogflowcx_flow_default_start_flow' + - name: 'dialogflowcx_flow_default_start_flow' primary_resource_id: 'default_start_flow' vars: agent_name: 'dialogflowcx-agent' -skip_sweeper: true -id_format: '{{parent}}/flows/{{name}}' -import_format: ['{{parent}}/flows/{{name}}'] -parameters: - - !ruby/object:Api::Type::String - name: parent - url_param_only: true + exclude_docs: true +virtual_fields: + - name: 'is_default_start_flow' + description: | + Marks this as the [Default Start Flow](https://cloud.google.com/dialogflow/cx/docs/concept/flow#start) for an agent. When you create an agent, the Default Start Flow is created automatically. + The Default Start Flow cannot be deleted; deleting the `google_dialogflow_cx_flow` resource does nothing to the underlying GCP resources. + + ~> Avoid having multiple `google_dialogflow_cx_flow` resources linked to the same agent with `is_default_start_flow = true` because they will compete to control a single Default Start Flow resource in GCP. + type: Boolean immutable: true +parameters: + - name: 'parent' + type: String description: | The agent to create a flow for. Format: projects//locations//agents/. - - !ruby/object:Api::Type::String - name: 'languageCode' + url_param_only: true + immutable: true + - name: 'languageCode' + type: String description: | The language of the following fields in flow: Flow.event_handlers.trigger_fulfillment.messages @@ -80,26 +80,26 @@ parameters: If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the flow. Format: projects//locations//agents//flows/. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'displayName' + type: String description: | The human-readable name of the flow. - - !ruby/object:Api::Type::String - name: 'description' + required: true + - name: 'description' + type: String description: | The description of the flow. The maximum length is 500 characters. If exceeded, the request is rejected. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.StringLenBetween(0, 500)' - - !ruby/object:Api::Type::Array - name: 'transitionRoutes' + - name: 'transitionRoutes' + type: Array description: | A flow's transition routes serve two purposes: They are responsible for matching the user's first utterances in the flow. @@ -109,67 +109,68 @@ properties: TransitionRoutes with intent specified. TransitionRoutes with only condition specified. TransitionRoutes with intent specified are inherited by pages in the flow. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of this transition route. - - !ruby/object:Api::Type::String - name: 'intent' + output: true + - name: 'intent' + type: String description: | The unique identifier of an Intent. Format: projects//locations//agents//intents/. Indicates that the transition can only happen when the given intent is matched. At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. - - !ruby/object:Api::Type::String - name: 'condition' + - name: 'condition' + type: String description: | The condition to evaluate against form parameters or session parameters. At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. - - !ruby/object:Api::Type::NestedObject - name: 'triggerFulfillment' + - name: 'triggerFulfillment' + type: NestedObject description: | The fulfillment to call when the condition is satisfied. At least one of triggerFulfillment and target must be specified. When both are defined, triggerFulfillment is executed first. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + output: true # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -178,37 +179,35 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -217,167 +216,163 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'targetPage' + - name: 'targetPage' + type: String description: | The target page to transition to. Format: projects//locations//agents//flows//pages/. - - !ruby/object:Api::Type::String - name: 'targetFlow' + - name: 'targetFlow' + type: String description: | The target flow to transition to. Format: projects//locations//agents//flows/. - - !ruby/object:Api::Type::Array - name: 'eventHandlers' + - name: 'eventHandlers' + type: Array description: | A flow's event handlers serve two purposes: They are responsible for handling events (e.g. no match, webhook errors) in the flow. They are inherited by every page's [event handlers][Page.event_handlers], which can be used to handle common events regardless of the current page. Event handlers defined in the page have higher priority than those defined in the flow. Unlike transitionRoutes, these handlers are evaluated on a first-match basis. The first one that matches the event get executed, with the rest being ignored. default_from_api: true - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of this event handler. - - !ruby/object:Api::Type::String - name: 'event' + output: true + - name: 'event' + type: String description: | The name of the event to handle. - - !ruby/object:Api::Type::NestedObject - name: 'triggerFulfillment' + - name: 'triggerFulfillment' + type: NestedObject description: | The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + output: true + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -385,38 +380,35 @@ properties: * In the entryFulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue. properties: - # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -424,161 +416,156 @@ properties: * In the entryFulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human. properties: - # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'targetPage' + - name: 'targetPage' + type: String description: | The target page to transition to. Format: projects//locations//agents//flows//pages/. - - !ruby/object:Api::Type::String - name: 'targetFlow' + - name: 'targetFlow' + type: String description: | The target flow to transition to. Format: projects//locations//agents//flows/. - - !ruby/object:Api::Type::Array - name: 'transitionRouteGroups' + - name: 'transitionRouteGroups' + type: Array description: | A flow's transition route group serve two purposes: They are responsible for matching the user's first utterances in the flow. They are inherited by every page's [transition route groups][Page.transition_route_groups]. Transition route groups defined in the page have higher priority than those defined in the flow. Format:projects//locations//agents//flows//transitionRouteGroups/. - item_type: Api::Type::String - - !ruby/object:Api::Type::NestedObject - name: 'nluSettings' + item_type: + type: String + - name: 'nluSettings' + type: NestedObject description: | NLU related settings of the flow. properties: - - !ruby/object:Api::Type::Enum - name: 'modelType' + - name: 'modelType' + type: Enum description: | Indicates the type of NLU model. * MODEL_TYPE_STANDARD: Use standard NLU model. * MODEL_TYPE_ADVANCED: Use advanced NLU model. - values: - - :MODEL_TYPE_STANDARD - - :MODEL_TYPE_ADVANCED - - !ruby/object:Api::Type::Double - name: 'classificationThreshold' + enum_values: + - 'MODEL_TYPE_STANDARD' + - 'MODEL_TYPE_ADVANCED' + - name: 'classificationThreshold' + type: Double description: | To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used. - - !ruby/object:Api::Type::Enum - name: 'modelTrainingMode' + - name: 'modelTrainingMode' + type: Enum description: | Indicates NLU model training mode. * MODEL_TRAINING_MODE_AUTOMATIC: NLU model training is automatically triggered when a flow gets modified. User can also manually trigger model training in this mode. * MODEL_TRAINING_MODE_MANUAL: User needs to manually trigger NLU model training. Best for large flows whose models take long time to train. - values: - - :MODEL_TRAINING_MODE_AUTOMATIC - - :MODEL_TRAINING_MODE_MANUAL - - !ruby/object:Api::Type::NestedObject - name: 'advancedSettings' + enum_values: + - 'MODEL_TRAINING_MODE_AUTOMATIC' + - 'MODEL_TRAINING_MODE_MANUAL' + - name: 'advancedSettings' + type: NestedObject description: | Hierarchical advanced settings for this flow. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. properties: - - !ruby/object:Api::Type::NestedObject - name: 'audioExportGcsDestination' + - name: 'audioExportGcsDestination' + type: NestedObject description: | If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: * Agent level * Flow level properties: - - !ruby/object:Api::Type::String - name: 'uri' + - name: 'uri' + type: String description: | The Google Cloud Storage URI for the exported objects. Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation. Format: gs://bucket/object-name-or-prefix - - !ruby/object:Api::Type::NestedObject - name: 'dtmfSettings' + - name: 'dtmfSettings' + type: NestedObject description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -586,15 +573,15 @@ properties: * Page level * Parameter level properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: | If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). - - !ruby/object:Api::Type::Integer - name: 'maxDigits' + - name: 'maxDigits' + type: Integer description: | Max length of DTMF digits. - - !ruby/object:Api::Type::String - name: 'finishDigit' + - name: 'finishDigit' + type: String description: | The digit that terminates a DTMF digit sequence. diff --git a/mmv1/products/dialogflowcx/Intent.yaml b/mmv1/products/dialogflowcx/Intent.yaml index 3a287a4f5b07..bcb8d90d85a1 100644 --- a/mmv1/products/dialogflowcx/Intent.yaml +++ b/mmv1/products/dialogflowcx/Intent.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,108 +11,108 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Intent' -base_url: '{{parent}}/intents' -update_verb: :PATCH -update_mask: true description: | An intent represents a user's intent to interact with a conversational agent. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.intents' -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: '{{parent}}/intents/{{name}}' +base_url: '{{parent}}/intents' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{parent}}/intents/{{name}}' +timeouts: insert_minutes: 40 update_minutes: 40 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/dialogflowcx_intent.go.erb - pre_create: templates/terraform/pre_create/dialogflowcx_set_location_skip_default_obj.go.erb - pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_delete: templates/terraform/pre_delete/dialogflowcx_set_location_skip_default_obj.go.erb - pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/pre_create/dialogflowcx_set_location_skip_default_obj.go.tmpl' + pre_read: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_update: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_delete: 'templates/terraform/pre_delete/dialogflowcx_set_location_skip_default_obj.go.tmpl' + custom_import: 'templates/terraform/custom_import/dialogflowcx_intent.go.tmpl' +exclude_sweeper: true +examples: + - name: 'dialogflowcx_intent_full' + primary_resource_id: 'basic_intent' + vars: + agent_name: 'dialogflowcx-agent' + - name: 'dialogflowcx_intent_default_negative_intent' + primary_resource_id: 'default_negative_intent' + vars: + agent_name: 'dialogflowcx-agent' + exclude_docs: true + - name: 'dialogflowcx_intent_default_welcome_intent' + primary_resource_id: 'default_welcome_intent' + vars: + agent_name: 'dialogflowcx-agent' + exclude_docs: true virtual_fields: - - !ruby/object:Api::Type::Boolean - name: is_default_welcome_intent - immutable: true + - name: 'is_default_welcome_intent' description: | Marks this as the [Default Welcome Intent](https://cloud.google.com/dialogflow/cx/docs/concept/intent#welcome) for an agent. When you create an agent, a Default Welcome Intent is created automatically. The Default Welcome Intent cannot be deleted; deleting the `google_dialogflow_cx_intent` resource does nothing to the underlying GCP resources. ~> Avoid having multiple `google_dialogflow_cx_intent` resources linked to the same agent with `is_default_welcome_intent = true` because they will compete to control a single Default Welcome Intent resource in GCP. - - !ruby/object:Api::Type::Boolean - name: is_default_negative_intent + type: Boolean immutable: true + - name: 'is_default_negative_intent' description: | Marks this as the [Default Negative Intent](https://cloud.google.com/dialogflow/cx/docs/concept/intent#negative) for an agent. When you create an agent, a Default Negative Intent is created automatically. The Default Negative Intent cannot be deleted; deleting the `google_dialogflow_cx_intent` resource does nothing to the underlying GCP resources. ~> Avoid having multiple `google_dialogflow_cx_intent` resources linked to the same agent with `is_default_negative_intent = true` because they will compete to control a single Default Negative Intent resource in GCP. -examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_intent_full' - primary_resource_id: 'basic_intent' - vars: - agent_name: 'dialogflowcx-agent' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - name: 'dialogflowcx_intent_default_negative_intent' - primary_resource_id: 'default_negative_intent' - vars: - agent_name: 'dialogflowcx-agent' - - !ruby/object:Provider::Terraform::Examples - skip_docs: true - name: 'dialogflowcx_intent_default_welcome_intent' - primary_resource_id: 'default_welcome_intent' - vars: - agent_name: 'dialogflowcx-agent' -skip_sweeper: true -id_format: '{{parent}}/intents/{{name}}' -import_format: ['{{parent}}/intents/{{name}}'] -parameters: - - !ruby/object:Api::Type::String - name: parent - url_param_only: true + type: Boolean immutable: true +parameters: + - name: 'parent' + type: String description: | The agent to create an intent for. Format: projects//locations//agents/. - - !ruby/object:Api::Type::String - name: 'languageCode' + url_param_only: true + immutable: true + - name: 'languageCode' + type: String description: | The language of the following fields in intent: Intent.training_phrases.parts.text If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the intent. Format: projects//locations//agents//intents/. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'displayName' + type: String description: | The human-readable name of the intent, unique within the agent. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: function: 'validation.StringLenBetween(0, 64)' - - !ruby/object:Api::Type::Array - name: 'trainingPhrases' + - name: 'trainingPhrases' + type: Array description: | The collection of training phrases the agent is trained on to identify the intent. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'id' - output: true + - name: 'id' + type: String description: | The unique identifier of the training phrase. - - !ruby/object:Api::Type::Array - name: 'parts' - required: true + output: true + - name: 'parts' + type: Array description: | The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. @@ -121,68 +121,71 @@ properties: If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: Part.text is set to a part of the phrase that has no parameters. Part.text is set to a part of the phrase that you want to annotate, and the parameterId field is set. - item_type: !ruby/object:Api::Type::NestedObject + required: true + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'text' - required: true + - name: 'text' + type: String description: | The text for this part. - - !ruby/object:Api::Type::String - name: 'parameterId' + required: true + - name: 'parameterId' + type: String description: | The parameter used to annotate this part of the training phrase. This field is required for annotated parts of the training phrase. - - !ruby/object:Api::Type::Integer - name: 'repeatCount' + - name: 'repeatCount' + type: Integer description: | Indicates how many times this example was added to the intent. - - !ruby/object:Api::Type::Array - name: 'parameters' + - name: 'parameters' + type: Array description: | The collection of parameters associated with the intent. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'id' - required: true + - name: 'id' + type: String description: | The unique identifier of the parameter. This field is used by training phrases to annotate their parts. - - !ruby/object:Api::Type::String - name: 'entityType' required: true + - name: 'entityType' + type: String description: | The entity type of the parameter. Format: projects/-/locations/-/agents/-/entityTypes/ for system entity types (for example, projects/-/locations/-/agents/-/entityTypes/sys.date), or projects//locations//agents//entityTypes/ for developer entity types. - - !ruby/object:Api::Type::Boolean - name: 'isList' + required: true + - name: 'isList' + type: Boolean description: | Indicates whether the parameter represents a list of values. - - !ruby/object:Api::Type::Boolean - name: 'redact' + - name: 'redact' + type: Boolean description: | Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled. - - !ruby/object:Api::Type::Integer - name: 'priority' + - name: 'priority' + type: Integer description: | The priority of this intent. Higher numbers represent higher priorities. If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the Normal priority in the console. If the supplied value is negative, the intent is ignored in runtime detect intent requests. - - !ruby/object:Api::Type::Boolean - name: 'isFallback' + - name: 'isFallback' + type: Boolean description: | Indicates whether this is a fallback intent. Currently only default fallback intent is allowed in the agent, which is added upon agent creation. Adding training phrases to fallback intent is useful in the case of requests that are mistakenly matched, since training phrases assigned to fallback intents act as negative examples that triggers no-match event. To manage the fallback intent, set `is_default_negative_intent = true` - - !ruby/object:Api::Type::KeyValueLabels - name: 'labels' + - name: 'labels' + type: KeyValueLabels description: | The key/value metadata to label an intent. Labels can contain lowercase letters, digits and the symbols '-' and '_'. International characters are allowed, including letters from unicase alphabets. Keys must start with a letter. Keys and values can be no longer than 63 characters and no more than 128 bytes. Prefix "sys-" is reserved for Dialogflow defined labels. Currently allowed Dialogflow defined labels include: * sys-head * sys-contextual The above labels do not require value. "sys-head" means the intent is a head intent. "sys.contextual" means the intent is a contextual intent. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. - - !ruby/object:Api::Type::String - name: 'description' + - name: 'description' + type: String description: | Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters. - validation: !ruby/object:Provider::Terraform::Validation + validation: function: 'validation.StringLenBetween(0, 140)' diff --git a/mmv1/products/dialogflowcx/Page.yaml b/mmv1/products/dialogflowcx/Page.yaml index 8081fc155667..4166d047f098 100644 --- a/mmv1/products/dialogflowcx/Page.yaml +++ b/mmv1/products/dialogflowcx/Page.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,45 +11,47 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'Page' -base_url: '{{parent}}/pages' -update_verb: :PATCH -update_mask: true description: | A Dialogflow CX conversation (session) can be described and visualized as a state machine. The states of a CX session are represented by pages. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.agents.flows.pages' -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: '{{parent}}/pages/{{name}}' +base_url: '{{parent}}/pages' +update_verb: 'PATCH' +update_mask: true +import_format: + - '{{parent}}/pages/{{name}}' +timeouts: insert_minutes: 40 update_minutes: 40 -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/dialogflowcx_page.go.erb - pre_create: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_update: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_delete: templates/terraform/pre_create/dialogflow_set_location.go.erb - pre_read: templates/terraform/pre_create/dialogflow_set_location.go.erb + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_read: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_update: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + pre_delete: 'templates/terraform/pre_create/dialogflow_set_location.go.tmpl' + custom_import: 'templates/terraform/custom_import/dialogflowcx_page.go.tmpl' +exclude_sweeper: true examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_page_full' + - name: 'dialogflowcx_page_full' primary_resource_id: 'basic_page' vars: agent_name: 'dialogflowcx-agent' -skip_sweeper: true -id_format: '{{parent}}/pages/{{name}}' -import_format: ['{{parent}}/pages/{{name}}'] parameters: - - !ruby/object:Api::Type::String - name: parent - url_param_only: true - immutable: true + - name: 'parent' + type: String description: | The flow to create a page for. Format: projects//locations//agents//flows/. - - !ruby/object:Api::Type::String - name: 'languageCode' + url_param_only: true + immutable: true + - name: 'languageCode' + type: String description: | The language of the following fields in page: @@ -66,64 +68,64 @@ parameters: If not specified, the agent's default language is used. Many languages are supported. Note: languages must be enabled in the agent before they can be used. immutable: true properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the page. Format: projects//locations//agents//flows//pages/. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'displayName' - required: true + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'displayName' + type: String description: | The human-readable name of the page, unique within the agent. - validation: !ruby/object:Provider::Terraform::Validation + required: true + validation: function: 'validation.StringLenBetween(0, 64)' - - !ruby/object:Api::Type::NestedObject - name: 'entryFulfillment' + - name: 'entryFulfillment' + type: NestedObject description: | The fulfillment to call when the session is entering the page. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + output: true # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -132,37 +134,35 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -171,172 +171,169 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'form' + - name: 'form' + type: NestedObject description: | The form associated with the page, used for collecting parameters relevant to the page. properties: - - !ruby/object:Api::Type::Array - name: 'parameters' + - name: 'parameters' + type: Array description: | Parameters to collect from the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | The human-readable name of the parameter, unique within the form. - - !ruby/object:Api::Type::Boolean - name: 'required' + - name: 'required' + type: Boolean description: | Indicates whether the parameter is required. Optional parameters will not trigger prompts; however, they are filled if the user specifies them. Required parameters must be filled before form filling concludes. - - !ruby/object:Api::Type::String - name: 'entityType' + - name: 'entityType' + type: String description: | The entity type of the parameter. Format: projects/-/locations/-/agents/-/entityTypes/ for system entity types (for example, projects/-/locations/-/agents/-/entityTypes/sys.date), or projects//locations//agents//entityTypes/ for developer entity types. - - !ruby/object:Api::Type::Boolean - name: 'isList' + - name: 'isList' + type: Boolean description: | Indicates whether the parameter represents a list of values. - - !ruby/object:Api::Type::NestedObject - name: 'fillBehavior' + - name: 'fillBehavior' + type: NestedObject description: | Defines fill behavior for the parameter. properties: - - !ruby/object:Api::Type::NestedObject - name: 'initialPromptFulfillment' + - name: 'initialPromptFulfillment' + type: NestedObject description: | The fulfillment to provide the initial prompt that the agent can present to the user in order to fill the parameter. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + output: true # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -345,37 +342,35 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -384,96 +379,92 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'repromptEventHandlers' + - name: 'repromptEventHandlers' + type: Array description: | The handlers for parameter-level events, used to provide reprompt for the parameter or transition to a different page/flow. The supported events are: * sys.no-match-, where N can be from 1 to 6 @@ -486,61 +477,62 @@ properties: A sys.no-match-default or sys.no-input-default handler will be used to handle all following no-match/no-input events after all numbered no-match/no-input handlers for the parameter are consumed. A sys.invalid-parameter handler can be defined to handle the case where the parameter values have been invalidated by webhook. For example, if the user's response fill the parameter, however the parameter was invalidated by webhook, the fulfillment associated with the sys.invalid-parameter handler (if defined) will be called to provide a prompt. If the event handler for the corresponding event can't be found on the parameter, initialPromptFulfillment will be re-prompted. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of this event handler. - - !ruby/object:Api::Type::String - name: 'event' + output: true + - name: 'event' + type: String description: | The name of the event to handle. - - !ruby/object:Api::Type::NestedObject - name: 'triggerFulfillment' + - name: 'triggerFulfillment' + type: NestedObject description: | The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + output: true # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -549,37 +541,35 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -588,129 +578,123 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'targetPage' + - name: 'targetPage' + type: String description: | The target page to transition to. Format: projects//locations//agents//flows//pages/. - - !ruby/object:Api::Type::String - name: 'targetFlow' + - name: 'targetFlow' + type: String description: | The target flow to transition to. Format: projects//locations//agents//flows/. # This can be an arbitrary value, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'defaultValue' + - name: 'defaultValue' + type: String description: | The default value of an optional parameter. If the parameter is required, the default value will be ignored. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Boolean - name: 'redact' + - name: 'redact' + type: Boolean description: | Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled. - - !ruby/object:Api::Type::NestedObject - name: 'advancedSettings' + - name: 'advancedSettings' + type: NestedObject description: | Hierarchical advanced settings for this parameter. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. properties: - - !ruby/object:Api::Type::NestedObject - name: 'dtmfSettings' + - name: 'dtmfSettings' + type: NestedObject description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -718,28 +702,29 @@ properties: * Page level * Parameter level properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: | If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). - - !ruby/object:Api::Type::Integer - name: 'maxDigits' + - name: 'maxDigits' + type: Integer description: | Max length of DTMF digits. - - !ruby/object:Api::Type::String - name: 'finishDigit' + - name: 'finishDigit' + type: String description: | The digit that terminates a DTMF digit sequence. - - !ruby/object:Api::Type::Array - name: 'transitionRouteGroups' + - name: 'transitionRouteGroups' + type: Array description: | Ordered list of TransitionRouteGroups associated with the page. Transition route groups must be unique within a page. If multiple transition routes within a page scope refer to the same intent, then the precedence order is: page's transition route -> page's transition route group -> flow's transition routes. If multiple transition route groups within a page contain the same intent, then the first group in the ordered list takes precedence. Format:projects//locations//agents//flows//transitionRouteGroups/. - item_type: Api::Type::String - - !ruby/object:Api::Type::Array - name: 'transitionRoutes' + item_type: + type: String + - name: 'transitionRoutes' + type: Array description: | A list of transitions for the transition rules of this page. They route the conversation to another page in the same flow, or another flow. When we are in a certain page, the TransitionRoutes are evalauted in the following order: @@ -749,67 +734,68 @@ properties: TransitionRoutes defined in the transition route groups with intent specified. TransitionRoutes defined in the page with only condition specified. TransitionRoutes defined in the transition route groups with only condition specified. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of this transition route. - - !ruby/object:Api::Type::String - name: 'intent' + output: true + - name: 'intent' + type: String description: | The unique identifier of an Intent. Format: projects//locations//agents//intents/. Indicates that the transition can only happen when the given intent is matched. At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. - - !ruby/object:Api::Type::String - name: 'condition' + - name: 'condition' + type: String description: | The condition to evaluate against form parameters or session parameters. At least one of intent or condition must be specified. When both intent and condition are specified, the transition can only happen when both are fulfilled. - - !ruby/object:Api::Type::NestedObject - name: 'triggerFulfillment' + - name: 'triggerFulfillment' + type: NestedObject description: | The fulfillment to call when the condition is satisfied. At least one of triggerFulfillment and target must be specified. When both are defined, triggerFulfillment is executed first. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. + output: true # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -818,37 +804,35 @@ properties: * In a webhook response when you determine that you handled the customer issue. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -857,163 +841,159 @@ properties: * In a webhook response when you determine that the customer issue can only be handled by a human. properties: # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'targetPage' + - name: 'targetPage' + type: String description: | The target page to transition to. Format: projects//locations//agents//flows//pages/. - - !ruby/object:Api::Type::String - name: 'targetFlow' + - name: 'targetFlow' + type: String description: | The target flow to transition to. Format: projects//locations//agents//flows/. - - !ruby/object:Api::Type::Array - name: 'eventHandlers' + - name: 'eventHandlers' + type: Array description: | Handlers associated with the page to handle events such as webhook errors, no match or no input. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of this event handler. - - !ruby/object:Api::Type::String - name: 'event' + output: true + - name: 'event' + type: String description: | The name of the event to handle. - - !ruby/object:Api::Type::NestedObject - name: 'triggerFulfillment' + - name: 'triggerFulfillment' + type: NestedObject description: | The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks. properties: - - !ruby/object:Api::Type::Array - name: 'messages' + - name: 'messages' + type: Array description: | The list of rich message responses to present to the user. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'channel' + - name: 'channel' + type: String description: | The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned. - - !ruby/object:Api::Type::NestedObject - name: 'text' + - name: 'text' + type: NestedObject description: | The text response message. properties: - - !ruby/object:Api::Type::Array - name: 'text' + - name: 'text' + type: Array description: | A collection of text responses. - item_type: Api::Type::String - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + item_type: + type: String + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'payload' + output: true + - name: 'payload' + type: String description: | A custom, platform-specific payload. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'conversationSuccess' + - name: 'conversationSuccess' + type: NestedObject description: | Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. @@ -1021,38 +1001,35 @@ properties: * In the entryFulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue. properties: - # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'outputAudioText' + - name: 'outputAudioText' + type: NestedObject description: | A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message. properties: - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::String - name: 'text' + output: true + - name: 'text' + type: String description: | The raw text to be synthesized. - - !ruby/object:Api::Type::String - name: 'ssml' + - name: 'ssml' + type: String description: | The SSML text to be synthesized. For more information, see SSML. - - !ruby/object:Api::Type::NestedObject - name: 'liveAgentHandoff' + - name: 'liveAgentHandoff' + type: NestedObject description: | Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. @@ -1060,113 +1037,107 @@ properties: * In the entryFulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human. properties: - # This can be an arbitrary json blob, so we use a string instead of a NestedObject. - - !ruby/object:Api::Type::String - name: 'metadata' + - name: 'metadata' + type: String description: | Custom metadata. Dialogflow doesn't impose any structure on this. - custom_expand: 'templates/terraform/custom_expand/json_schema.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_schema.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::NestedObject - name: 'playAudio' + - name: 'playAudio' + type: NestedObject description: | Specifies an audio clip to be played by the client as part of the response. properties: - - !ruby/object:Api::Type::String - name: 'audioUri' - required: true + - name: 'audioUri' + type: String description: | URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it. - - !ruby/object:Api::Type::Boolean - name: 'allowPlaybackInterruption' - output: true + required: true + - name: 'allowPlaybackInterruption' + type: Boolean description: | Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request. - - !ruby/object:Api::Type::NestedObject - name: 'telephonyTransferCall' + output: true + - name: 'telephonyTransferCall' + type: NestedObject description: | Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint. properties: - - !ruby/object:Api::Type::String - name: 'phoneNumber' - required: true + - name: 'phoneNumber' + type: String description: | Transfer the call to a phone number in E.164 format. - - !ruby/object:Api::Type::String - name: 'webhook' + required: true + - name: 'webhook' + type: String description: | The webhook to call. Format: projects//locations//agents//webhooks/. - - !ruby/object:Api::Type::Boolean - name: 'returnPartialResponses' + - name: 'returnPartialResponses' + type: Boolean description: | Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks. - - !ruby/object:Api::Type::String - name: 'tag' + - name: 'tag' + type: String description: | The tag used by the webhook to identify which fulfillment is being called. This field is required if webhook is specified. - - !ruby/object:Api::Type::Array - name: 'setParameterActions' + - name: 'setParameterActions' + type: Array description: | Set parameter values before executing the webhook. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: 'parameter' + - name: 'parameter' + type: String description: | Display name of the parameter. - - !ruby/object:Api::Type::String - name: 'value' + - name: 'value' + type: String description: | The new JSON-encoded value of the parameter. A null value clears the parameter. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::Array - name: 'conditionalCases' + - name: 'conditionalCases' + type: Array description: | Conditional cases for this fulfillment. - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - # This object has a recursive schema so we use a string instead of a NestedObject - - !ruby/object:Api::Type::String - name: 'cases' + - name: 'cases' + type: String description: | A JSON encoded list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored. See [Case](https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/Fulfillment#case) for the schema. - custom_expand: 'templates/terraform/custom_expand/json_value.erb' - custom_flatten: 'templates/terraform/custom_flatten/json_schema.erb' - state_func: - 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); - return s }' - validation: !ruby/object:Provider::Terraform::Validation + state_func: 'func(v interface{}) string { s, _ := structure.NormalizeJsonString(v); return s }' + custom_flatten: 'templates/terraform/custom_flatten/json_schema.tmpl' + custom_expand: 'templates/terraform/custom_expand/json_value.tmpl' + validation: function: 'validation.StringIsJSON' - - !ruby/object:Api::Type::String - name: 'targetPage' + - name: 'targetPage' + type: String description: | The target page to transition to. Format: projects//locations//agents//flows//pages/. - - !ruby/object:Api::Type::String - name: 'targetFlow' + - name: 'targetFlow' + type: String description: | The target flow to transition to. Format: projects//locations//agents//flows/. - - !ruby/object:Api::Type::NestedObject - name: 'advancedSettings' + - name: 'advancedSettings' + type: NestedObject description: | Hierarchical advanced settings for this page. The settings exposed at the lower level overrides the settings exposed at the higher level. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter. properties: - - !ruby/object:Api::Type::NestedObject - name: 'dtmfSettings' + - name: 'dtmfSettings' + type: NestedObject description: | Define behaviors for DTMF (dual tone multi frequency). DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Exposed at the following levels: * Agent level @@ -1174,15 +1145,15 @@ properties: * Page level * Parameter level properties: - - !ruby/object:Api::Type::Boolean - name: 'enabled' + - name: 'enabled' + type: Boolean description: | If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a "3" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance). - - !ruby/object:Api::Type::Integer - name: 'maxDigits' + - name: 'maxDigits' + type: Integer description: | Max length of DTMF digits. - - !ruby/object:Api::Type::String - name: 'finishDigit' + - name: 'finishDigit' + type: String description: | The digit that terminates a DTMF digit sequence. diff --git a/mmv1/products/dialogflowcx/SecuritySettings.yaml b/mmv1/products/dialogflowcx/SecuritySettings.yaml index 28c14d9f55d2..24bbc3f9d967 100644 --- a/mmv1/products/dialogflowcx/SecuritySettings.yaml +++ b/mmv1/products/dialogflowcx/SecuritySettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,29 +11,34 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource +--- name: 'SecuritySettings' -base_url: 'projects/{{project}}/locations/{{location}}/securitySettings' -update_verb: :PATCH -update_mask: true description: | Represents the settings related to security issues, such as data redaction and data retention. It may take hours for updates on the settings to propagate to all the related components and take effect. Multiple security settings can be configured in each location. Each agent can specify the security settings to apply, and each setting can be applied to multiple agents in the same project and location. -references: !ruby/object:Api::Resource::ReferenceLinks +references: guides: 'Official Documentation': 'https://cloud.google.com/dialogflow/cx/docs' api: 'https://cloud.google.com/dialogflow/cx/docs/reference/rest/v3/projects.locations.securitySettings' -timeouts: !ruby/object:Api::Timeouts +docs: +id_format: 'projects/{{project}}/locations/{{location}}/securitySettings/{{name}}' +base_url: 'projects/{{project}}/locations/{{location}}/securitySettings' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project}}/locations/{{location}}/securitySettings/{{name}}' +timeouts: insert_minutes: 40 update_minutes: 40 + delete_minutes: 20 +custom_code: + post_create: 'templates/terraform/post_create/sleep.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_security_settings_basic' + - name: 'dialogflowcx_security_settings_basic' primary_resource_id: 'basic_security_settings' vars: settings_name: 'dialogflowcx-security-settings' - - !ruby/object:Provider::Terraform::Examples - name: 'dialogflowcx_security_settings_full' + - name: 'dialogflowcx_security_settings_full' primary_resource_id: 'basic_security_settings' vars: inspect_name: 'dialogflowcx-inspect-template' @@ -41,124 +46,121 @@ examples: settings_name: 'dialogflowcx-security-settings' bucket_name: 'dialogflowcx-bucket' test_env_vars: - project: :PROJECT_NAME -id_format: 'projects/{{project}}/locations/{{location}}/securitySettings/{{name}}' -import_format: ['projects/{{project}}/locations/{{location}}/securitySettings/{{name}}'] -custom_code: !ruby/object:Provider::Terraform::CustomCode - post_create: templates/terraform/post_create/sleep.go.erb + project: 'PROJECT_NAME' +parameters: properties: - - !ruby/object:Api::Type::String - name: 'name' - output: true + - name: 'name' + type: String description: | The unique identifier of the settings. Format: projects//locations//securitySettings/. - custom_flatten: templates/terraform/custom_flatten/name_from_self_link.erb - - !ruby/object:Api::Type::String - name: 'location' + output: true + custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.tmpl' + - name: 'location' + type: String description: | The location these settings are located in. Settings can only be applied to an agent in the same location. See [Available Regions](https://cloud.google.com/dialogflow/cx/docs/concept/region#avail) for a list of supported locations. + url_param_only: true required: true immutable: true - url_param_only: true - - !ruby/object:Api::Type::String - name: 'displayName' + - name: 'displayName' + type: String description: | The human-readable name of the security settings, unique within the location. required: true - - !ruby/object:Api::Type::Enum - name: 'redactionStrategy' + - name: 'redactionStrategy' + type: Enum description: | Defines how we redact data. If not set, defaults to not redacting. * REDACT_WITH_SERVICE: Call redaction service to clean up the data to be persisted. - values: - - :REDACT_WITH_SERVICE - - !ruby/object:Api::Type::Enum - name: 'redactionScope' + enum_values: + - 'REDACT_WITH_SERVICE' + - name: 'redactionScope' + type: Enum description: | Defines what types of data to redact. If not set, defaults to not redacting any kind of data. * REDACT_DISK_STORAGE: On data to be written to disk or similar devices that are capable of holding data even if power is disconnected. This includes data that are temporarily saved on disk. - values: - - :REDACT_DISK_STORAGE - - !ruby/object:Api::Type::String - name: 'inspectTemplate' + enum_values: + - 'REDACT_DISK_STORAGE' + - name: 'inspectTemplate' + type: String description: | [DLP](https://cloud.google.com/dlp/docs) inspect template name. Use this template to define inspect base settings. If empty, we use the default DLP inspect config. Note: inspectTemplate must be located in the same region as the SecuritySettings. Format: projects//locations//inspectTemplates/