From ad1cc471791951089b3998623cdb6ecf7996fa17 Mon Sep 17 00:00:00 2001 From: Romain Lenglet Date: Fri, 16 Aug 2024 14:06:10 -0700 Subject: [PATCH] Split aws_account resource into aws_account and aws_organization (#52) Update the aws_account resource to only support non-org-management accounts. Remove unnecessary attributes: account_type and management_account_id. Rename organization_id attribute into organization_master_account_id and change its semantics, because the backend correlates accounts using the org's management/master account ID instead of the organization ID. Fix the modes of aws_account attributes. Replace incorrect usages of WriteOnlyOnceAttributeMode with ImmutableAttributeMode. Add the missing RequiresReplace plan modifier to each ImmutableAttributeMode attribute. Reorder attributes by lexicographic order in the schema. Define a new aws_organization resource specific to org accounts. Update resource examples. --- api/illumio/cloud/config/v1/config.pb.go | 1306 +++++++++++++---- api/illumio/cloud/config/v1/config.proto | 66 +- api/illumio/cloud/config/v1/config_grpc.pb.go | 160 +- api/illumio/cloud/config/v1/tags.json | 2 +- api/schema/aws_account_resource.go | 62 +- api/schema/aws_organization_resource.go | 95 ++ api/schema/schema.go | 1 + docs/resources/aws_account.md | 24 +- docs/resources/aws_organization.md | 45 + .../resource.tf | 18 +- .../resource.tf | 10 + fakeserver/fakeserver.gen.go | 228 ++- internal/provider/provider.gen.go | 334 ++++- 13 files changed, 1953 insertions(+), 398 deletions(-) create mode 100644 api/schema/aws_organization_resource.go create mode 100644 docs/resources/aws_organization.md create mode 100644 examples/resources/illumio-cloudsecure_aws_organization/resource.tf diff --git a/api/illumio/cloud/config/v1/config.pb.go b/api/illumio/cloud/config/v1/config.pb.go index 678fa65..6a04072 100644 --- a/api/illumio/cloud/config/v1/config.pb.go +++ b/api/illumio/cloud/config/v1/config.pb.go @@ -30,14 +30,12 @@ type CreateAwsAccountRequest struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` - AccountType string `protobuf:"bytes,3,opt,name=account_type,json=accountType,proto3" json:"account_type,omitempty"` - ManagementAccountId *string `protobuf:"bytes,4,opt,name=management_account_id,json=managementAccountId,proto3,oneof" json:"management_account_id,omitempty"` - Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` - Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` - OrganizationId *string `protobuf:"bytes,7,opt,name=organization_id,json=organizationId,proto3,oneof" json:"organization_id,omitempty"` - RoleArn string `protobuf:"bytes,8,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` - RoleExternalId string `protobuf:"bytes,9,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` + AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + OrganizationMasterAccountId *string `protobuf:"bytes,12,opt,name=organization_master_account_id,json=organizationMasterAccountId,proto3,oneof" json:"organization_master_account_id,omitempty"` + RoleArn string `protobuf:"bytes,8,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,9,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` } func (x *CreateAwsAccountRequest) Reset() { @@ -79,84 +77,601 @@ func (x *CreateAwsAccountRequest) GetAccountId() string { return "" } -func (x *CreateAwsAccountRequest) GetAccountType() string { +func (x *CreateAwsAccountRequest) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *CreateAwsAccountRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *CreateAwsAccountRequest) GetOrganizationMasterAccountId() string { + if x != nil && x.OrganizationMasterAccountId != nil { + return *x.OrganizationMasterAccountId + } + return "" +} + +func (x *CreateAwsAccountRequest) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *CreateAwsAccountRequest) GetRoleExternalId() string { + if x != nil { + return x.RoleExternalId + } + return "" +} + +type CreateAwsAccountResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + OrganizationMasterAccountId *string `protobuf:"bytes,12,opt,name=organization_master_account_id,json=organizationMasterAccountId,proto3,oneof" json:"organization_master_account_id,omitempty"` + RoleArn string `protobuf:"bytes,8,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,9,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` +} + +func (x *CreateAwsAccountResponse) Reset() { + *x = CreateAwsAccountResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateAwsAccountResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateAwsAccountResponse) ProtoMessage() {} + +func (x *CreateAwsAccountResponse) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateAwsAccountResponse.ProtoReflect.Descriptor instead. +func (*CreateAwsAccountResponse) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{1} +} + +func (x *CreateAwsAccountResponse) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *CreateAwsAccountResponse) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *CreateAwsAccountResponse) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *CreateAwsAccountResponse) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *CreateAwsAccountResponse) GetOrganizationMasterAccountId() string { + if x != nil && x.OrganizationMasterAccountId != nil { + return *x.OrganizationMasterAccountId + } + return "" +} + +func (x *CreateAwsAccountResponse) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *CreateAwsAccountResponse) GetRoleExternalId() string { if x != nil { - return x.AccountType + return x.RoleExternalId + } + return "" +} + +type ReadAwsAccountRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` +} + +func (x *ReadAwsAccountRequest) Reset() { + *x = ReadAwsAccountRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ReadAwsAccountRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ReadAwsAccountRequest) ProtoMessage() {} + +func (x *ReadAwsAccountRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ReadAwsAccountRequest.ProtoReflect.Descriptor instead. +func (*ReadAwsAccountRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{2} +} + +func (x *ReadAwsAccountRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +type ReadAwsAccountResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + OrganizationMasterAccountId *string `protobuf:"bytes,12,opt,name=organization_master_account_id,json=organizationMasterAccountId,proto3,oneof" json:"organization_master_account_id,omitempty"` + RoleArn string `protobuf:"bytes,8,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,9,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` +} + +func (x *ReadAwsAccountResponse) Reset() { + *x = ReadAwsAccountResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ReadAwsAccountResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ReadAwsAccountResponse) ProtoMessage() {} + +func (x *ReadAwsAccountResponse) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ReadAwsAccountResponse.ProtoReflect.Descriptor instead. +func (*ReadAwsAccountResponse) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{3} +} + +func (x *ReadAwsAccountResponse) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *ReadAwsAccountResponse) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *ReadAwsAccountResponse) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *ReadAwsAccountResponse) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *ReadAwsAccountResponse) GetOrganizationMasterAccountId() string { + if x != nil && x.OrganizationMasterAccountId != nil { + return *x.OrganizationMasterAccountId + } + return "" +} + +func (x *ReadAwsAccountResponse) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *ReadAwsAccountResponse) GetRoleExternalId() string { + if x != nil { + return x.RoleExternalId + } + return "" +} + +type UpdateAwsAccountRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,10,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"` +} + +func (x *UpdateAwsAccountRequest) Reset() { + *x = UpdateAwsAccountRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpdateAwsAccountRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateAwsAccountRequest) ProtoMessage() {} + +func (x *UpdateAwsAccountRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateAwsAccountRequest.ProtoReflect.Descriptor instead. +func (*UpdateAwsAccountRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{4} +} + +func (x *UpdateAwsAccountRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *UpdateAwsAccountRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *UpdateAwsAccountRequest) GetUpdateMask() *fieldmaskpb.FieldMask { + if x != nil { + return x.UpdateMask + } + return nil +} + +type UpdateAwsAccountResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + OrganizationMasterAccountId *string `protobuf:"bytes,12,opt,name=organization_master_account_id,json=organizationMasterAccountId,proto3,oneof" json:"organization_master_account_id,omitempty"` + RoleArn string `protobuf:"bytes,8,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,9,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` +} + +func (x *UpdateAwsAccountResponse) Reset() { + *x = UpdateAwsAccountResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpdateAwsAccountResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateAwsAccountResponse) ProtoMessage() {} + +func (x *UpdateAwsAccountResponse) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateAwsAccountResponse.ProtoReflect.Descriptor instead. +func (*UpdateAwsAccountResponse) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{5} +} + +func (x *UpdateAwsAccountResponse) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *UpdateAwsAccountResponse) GetAccountId() string { + if x != nil { + return x.AccountId + } + return "" +} + +func (x *UpdateAwsAccountResponse) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *UpdateAwsAccountResponse) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *UpdateAwsAccountResponse) GetOrganizationMasterAccountId() string { + if x != nil && x.OrganizationMasterAccountId != nil { + return *x.OrganizationMasterAccountId + } + return "" +} + +func (x *UpdateAwsAccountResponse) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *UpdateAwsAccountResponse) GetRoleExternalId() string { + if x != nil { + return x.RoleExternalId + } + return "" +} + +type DeleteAwsAccountRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` +} + +func (x *DeleteAwsAccountRequest) Reset() { + *x = DeleteAwsAccountRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DeleteAwsAccountRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteAwsAccountRequest) ProtoMessage() {} + +func (x *DeleteAwsAccountRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteAwsAccountRequest.ProtoReflect.Descriptor instead. +func (*DeleteAwsAccountRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{6} +} + +func (x *DeleteAwsAccountRequest) GetId() string { + if x != nil { + return x.Id } return "" } -func (x *CreateAwsAccountRequest) GetManagementAccountId() string { - if x != nil && x.ManagementAccountId != nil { - return *x.ManagementAccountId +type CreateAwsOrganizationRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + MasterAccountId string `protobuf:"bytes,9,opt,name=master_account_id,json=masterAccountId,proto3" json:"master_account_id,omitempty"` + Mode string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + OrganizationId string `protobuf:"bytes,5,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"` + RoleArn string `protobuf:"bytes,6,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,7,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` +} + +func (x *CreateAwsOrganizationRequest) Reset() { + *x = CreateAwsOrganizationRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateAwsOrganizationRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateAwsOrganizationRequest) ProtoMessage() {} + +func (x *CreateAwsOrganizationRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateAwsOrganizationRequest.ProtoReflect.Descriptor instead. +func (*CreateAwsOrganizationRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{7} +} + +func (x *CreateAwsOrganizationRequest) GetMasterAccountId() string { + if x != nil { + return x.MasterAccountId } return "" } -func (x *CreateAwsAccountRequest) GetMode() string { +func (x *CreateAwsOrganizationRequest) GetMode() string { if x != nil { return x.Mode } return "" } -func (x *CreateAwsAccountRequest) GetName() string { +func (x *CreateAwsOrganizationRequest) GetName() string { if x != nil { return x.Name } return "" } -func (x *CreateAwsAccountRequest) GetOrganizationId() string { - if x != nil && x.OrganizationId != nil { - return *x.OrganizationId +func (x *CreateAwsOrganizationRequest) GetOrganizationId() string { + if x != nil { + return x.OrganizationId } return "" } -func (x *CreateAwsAccountRequest) GetRoleArn() string { +func (x *CreateAwsOrganizationRequest) GetRoleArn() string { if x != nil { return x.RoleArn } return "" } -func (x *CreateAwsAccountRequest) GetRoleExternalId() string { +func (x *CreateAwsOrganizationRequest) GetRoleExternalId() string { if x != nil { return x.RoleExternalId } return "" } -type CreateAwsAccountResponse struct { +type CreateAwsOrganizationResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` - AccountType string `protobuf:"bytes,3,opt,name=account_type,json=accountType,proto3" json:"account_type,omitempty"` - Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` - Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + MasterAccountId string `protobuf:"bytes,9,opt,name=master_account_id,json=masterAccountId,proto3" json:"master_account_id,omitempty"` + Mode string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + OrganizationId string `protobuf:"bytes,5,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"` + RoleArn string `protobuf:"bytes,6,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,7,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` } -func (x *CreateAwsAccountResponse) Reset() { - *x = CreateAwsAccountResponse{} +func (x *CreateAwsOrganizationResponse) Reset() { + *x = CreateAwsOrganizationResponse{} if protoimpl.UnsafeEnabled { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[1] + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } } -func (x *CreateAwsAccountResponse) String() string { +func (x *CreateAwsOrganizationResponse) String() string { return protoimpl.X.MessageStringOf(x) } -func (*CreateAwsAccountResponse) ProtoMessage() {} +func (*CreateAwsOrganizationResponse) ProtoMessage() {} -func (x *CreateAwsAccountResponse) ProtoReflect() protoreflect.Message { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[1] +func (x *CreateAwsOrganizationResponse) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[8] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -167,47 +682,61 @@ func (x *CreateAwsAccountResponse) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use CreateAwsAccountResponse.ProtoReflect.Descriptor instead. -func (*CreateAwsAccountResponse) Descriptor() ([]byte, []int) { - return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{1} +// Deprecated: Use CreateAwsOrganizationResponse.ProtoReflect.Descriptor instead. +func (*CreateAwsOrganizationResponse) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{8} } -func (x *CreateAwsAccountResponse) GetId() string { +func (x *CreateAwsOrganizationResponse) GetId() string { if x != nil { return x.Id } return "" } -func (x *CreateAwsAccountResponse) GetAccountId() string { +func (x *CreateAwsOrganizationResponse) GetMasterAccountId() string { if x != nil { - return x.AccountId + return x.MasterAccountId } return "" } -func (x *CreateAwsAccountResponse) GetAccountType() string { +func (x *CreateAwsOrganizationResponse) GetMode() string { if x != nil { - return x.AccountType + return x.Mode } return "" } -func (x *CreateAwsAccountResponse) GetMode() string { +func (x *CreateAwsOrganizationResponse) GetName() string { if x != nil { - return x.Mode + return x.Name } return "" } -func (x *CreateAwsAccountResponse) GetName() string { +func (x *CreateAwsOrganizationResponse) GetOrganizationId() string { if x != nil { - return x.Name + return x.OrganizationId } return "" } -type ReadAwsAccountRequest struct { +func (x *CreateAwsOrganizationResponse) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *CreateAwsOrganizationResponse) GetRoleExternalId() string { + if x != nil { + return x.RoleExternalId + } + return "" +} + +type ReadAwsOrganizationRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields @@ -215,23 +744,23 @@ type ReadAwsAccountRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` } -func (x *ReadAwsAccountRequest) Reset() { - *x = ReadAwsAccountRequest{} +func (x *ReadAwsOrganizationRequest) Reset() { + *x = ReadAwsOrganizationRequest{} if protoimpl.UnsafeEnabled { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[2] + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } } -func (x *ReadAwsAccountRequest) String() string { +func (x *ReadAwsOrganizationRequest) String() string { return protoimpl.X.MessageStringOf(x) } -func (*ReadAwsAccountRequest) ProtoMessage() {} +func (*ReadAwsOrganizationRequest) ProtoMessage() {} -func (x *ReadAwsAccountRequest) ProtoReflect() protoreflect.Message { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[2] +func (x *ReadAwsOrganizationRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[9] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -242,47 +771,49 @@ func (x *ReadAwsAccountRequest) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use ReadAwsAccountRequest.ProtoReflect.Descriptor instead. -func (*ReadAwsAccountRequest) Descriptor() ([]byte, []int) { - return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{2} +// Deprecated: Use ReadAwsOrganizationRequest.ProtoReflect.Descriptor instead. +func (*ReadAwsOrganizationRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{9} } -func (x *ReadAwsAccountRequest) GetId() string { +func (x *ReadAwsOrganizationRequest) GetId() string { if x != nil { return x.Id } return "" } -type ReadAwsAccountResponse struct { +type ReadAwsOrganizationResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` - AccountType string `protobuf:"bytes,3,opt,name=account_type,json=accountType,proto3" json:"account_type,omitempty"` - Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` - Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + MasterAccountId string `protobuf:"bytes,9,opt,name=master_account_id,json=masterAccountId,proto3" json:"master_account_id,omitempty"` + Mode string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + OrganizationId string `protobuf:"bytes,5,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"` + RoleArn string `protobuf:"bytes,6,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,7,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` } -func (x *ReadAwsAccountResponse) Reset() { - *x = ReadAwsAccountResponse{} +func (x *ReadAwsOrganizationResponse) Reset() { + *x = ReadAwsOrganizationResponse{} if protoimpl.UnsafeEnabled { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[3] + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } } -func (x *ReadAwsAccountResponse) String() string { +func (x *ReadAwsOrganizationResponse) String() string { return protoimpl.X.MessageStringOf(x) } -func (*ReadAwsAccountResponse) ProtoMessage() {} +func (*ReadAwsOrganizationResponse) ProtoMessage() {} -func (x *ReadAwsAccountResponse) ProtoReflect() protoreflect.Message { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[3] +func (x *ReadAwsOrganizationResponse) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[10] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -293,73 +824,87 @@ func (x *ReadAwsAccountResponse) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use ReadAwsAccountResponse.ProtoReflect.Descriptor instead. -func (*ReadAwsAccountResponse) Descriptor() ([]byte, []int) { - return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{3} +// Deprecated: Use ReadAwsOrganizationResponse.ProtoReflect.Descriptor instead. +func (*ReadAwsOrganizationResponse) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{10} } -func (x *ReadAwsAccountResponse) GetId() string { +func (x *ReadAwsOrganizationResponse) GetId() string { if x != nil { return x.Id } return "" } -func (x *ReadAwsAccountResponse) GetAccountId() string { +func (x *ReadAwsOrganizationResponse) GetMasterAccountId() string { if x != nil { - return x.AccountId + return x.MasterAccountId } return "" } -func (x *ReadAwsAccountResponse) GetAccountType() string { +func (x *ReadAwsOrganizationResponse) GetMode() string { if x != nil { - return x.AccountType + return x.Mode } return "" } -func (x *ReadAwsAccountResponse) GetMode() string { +func (x *ReadAwsOrganizationResponse) GetName() string { if x != nil { - return x.Mode + return x.Name } return "" } -func (x *ReadAwsAccountResponse) GetName() string { +func (x *ReadAwsOrganizationResponse) GetOrganizationId() string { if x != nil { - return x.Name + return x.OrganizationId } return "" } -type UpdateAwsAccountRequest struct { +func (x *ReadAwsOrganizationResponse) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *ReadAwsOrganizationResponse) GetRoleExternalId() string { + if x != nil { + return x.RoleExternalId + } + return "" +} + +type UpdateAwsOrganizationRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` - UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,10,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"` + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,8,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"` } -func (x *UpdateAwsAccountRequest) Reset() { - *x = UpdateAwsAccountRequest{} +func (x *UpdateAwsOrganizationRequest) Reset() { + *x = UpdateAwsOrganizationRequest{} if protoimpl.UnsafeEnabled { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[4] + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } } -func (x *UpdateAwsAccountRequest) String() string { +func (x *UpdateAwsOrganizationRequest) String() string { return protoimpl.X.MessageStringOf(x) } -func (*UpdateAwsAccountRequest) ProtoMessage() {} +func (*UpdateAwsOrganizationRequest) ProtoMessage() {} -func (x *UpdateAwsAccountRequest) ProtoReflect() protoreflect.Message { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[4] +func (x *UpdateAwsOrganizationRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[11] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -370,61 +915,63 @@ func (x *UpdateAwsAccountRequest) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use UpdateAwsAccountRequest.ProtoReflect.Descriptor instead. -func (*UpdateAwsAccountRequest) Descriptor() ([]byte, []int) { - return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{4} +// Deprecated: Use UpdateAwsOrganizationRequest.ProtoReflect.Descriptor instead. +func (*UpdateAwsOrganizationRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{11} } -func (x *UpdateAwsAccountRequest) GetId() string { +func (x *UpdateAwsOrganizationRequest) GetId() string { if x != nil { return x.Id } return "" } -func (x *UpdateAwsAccountRequest) GetName() string { +func (x *UpdateAwsOrganizationRequest) GetName() string { if x != nil { return x.Name } return "" } -func (x *UpdateAwsAccountRequest) GetUpdateMask() *fieldmaskpb.FieldMask { +func (x *UpdateAwsOrganizationRequest) GetUpdateMask() *fieldmaskpb.FieldMask { if x != nil { return x.UpdateMask } return nil } -type UpdateAwsAccountResponse struct { +type UpdateAwsOrganizationResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` - AccountType string `protobuf:"bytes,3,opt,name=account_type,json=accountType,proto3" json:"account_type,omitempty"` - Mode string `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"` - Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + MasterAccountId string `protobuf:"bytes,9,opt,name=master_account_id,json=masterAccountId,proto3" json:"master_account_id,omitempty"` + Mode string `protobuf:"bytes,3,opt,name=mode,proto3" json:"mode,omitempty"` + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + OrganizationId string `protobuf:"bytes,5,opt,name=organization_id,json=organizationId,proto3" json:"organization_id,omitempty"` + RoleArn string `protobuf:"bytes,6,opt,name=role_arn,json=roleArn,proto3" json:"role_arn,omitempty"` + RoleExternalId string `protobuf:"bytes,7,opt,name=role_external_id,json=roleExternalId,proto3" json:"role_external_id,omitempty"` } -func (x *UpdateAwsAccountResponse) Reset() { - *x = UpdateAwsAccountResponse{} +func (x *UpdateAwsOrganizationResponse) Reset() { + *x = UpdateAwsOrganizationResponse{} if protoimpl.UnsafeEnabled { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[5] + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[12] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } } -func (x *UpdateAwsAccountResponse) String() string { +func (x *UpdateAwsOrganizationResponse) String() string { return protoimpl.X.MessageStringOf(x) } -func (*UpdateAwsAccountResponse) ProtoMessage() {} +func (*UpdateAwsOrganizationResponse) ProtoMessage() {} -func (x *UpdateAwsAccountResponse) ProtoReflect() protoreflect.Message { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[5] +func (x *UpdateAwsOrganizationResponse) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[12] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -435,47 +982,61 @@ func (x *UpdateAwsAccountResponse) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use UpdateAwsAccountResponse.ProtoReflect.Descriptor instead. -func (*UpdateAwsAccountResponse) Descriptor() ([]byte, []int) { - return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{5} +// Deprecated: Use UpdateAwsOrganizationResponse.ProtoReflect.Descriptor instead. +func (*UpdateAwsOrganizationResponse) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{12} } -func (x *UpdateAwsAccountResponse) GetId() string { +func (x *UpdateAwsOrganizationResponse) GetId() string { if x != nil { return x.Id } return "" } -func (x *UpdateAwsAccountResponse) GetAccountId() string { +func (x *UpdateAwsOrganizationResponse) GetMasterAccountId() string { if x != nil { - return x.AccountId + return x.MasterAccountId } return "" } -func (x *UpdateAwsAccountResponse) GetAccountType() string { +func (x *UpdateAwsOrganizationResponse) GetMode() string { if x != nil { - return x.AccountType + return x.Mode } return "" } -func (x *UpdateAwsAccountResponse) GetMode() string { +func (x *UpdateAwsOrganizationResponse) GetName() string { if x != nil { - return x.Mode + return x.Name } return "" } -func (x *UpdateAwsAccountResponse) GetName() string { +func (x *UpdateAwsOrganizationResponse) GetOrganizationId() string { if x != nil { - return x.Name + return x.OrganizationId } return "" } -type DeleteAwsAccountRequest struct { +func (x *UpdateAwsOrganizationResponse) GetRoleArn() string { + if x != nil { + return x.RoleArn + } + return "" +} + +func (x *UpdateAwsOrganizationResponse) GetRoleExternalId() string { + if x != nil { + return x.RoleExternalId + } + return "" +} + +type DeleteAwsOrganizationRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields @@ -483,23 +1044,23 @@ type DeleteAwsAccountRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` } -func (x *DeleteAwsAccountRequest) Reset() { - *x = DeleteAwsAccountRequest{} +func (x *DeleteAwsOrganizationRequest) Reset() { + *x = DeleteAwsOrganizationRequest{} if protoimpl.UnsafeEnabled { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[6] + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[13] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } } -func (x *DeleteAwsAccountRequest) String() string { +func (x *DeleteAwsOrganizationRequest) String() string { return protoimpl.X.MessageStringOf(x) } -func (*DeleteAwsAccountRequest) ProtoMessage() {} +func (*DeleteAwsOrganizationRequest) ProtoMessage() {} -func (x *DeleteAwsAccountRequest) ProtoReflect() protoreflect.Message { - mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[6] +func (x *DeleteAwsOrganizationRequest) ProtoReflect() protoreflect.Message { + mi := &file_illumio_cloud_config_v1_config_proto_msgTypes[13] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -510,12 +1071,12 @@ func (x *DeleteAwsAccountRequest) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use DeleteAwsAccountRequest.ProtoReflect.Descriptor instead. -func (*DeleteAwsAccountRequest) Descriptor() ([]byte, []int) { - return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{6} +// Deprecated: Use DeleteAwsOrganizationRequest.ProtoReflect.Descriptor instead. +func (*DeleteAwsOrganizationRequest) Descriptor() ([]byte, []int) { + return file_illumio_cloud_config_v1_config_proto_rawDescGZIP(), []int{13} } -func (x *DeleteAwsAccountRequest) GetId() string { +func (x *DeleteAwsOrganizationRequest) GetId() string { if x != nil { return x.Id } @@ -532,117 +1093,245 @@ var file_illumio_cloud_config_v1_config_proto_rawDesc = []byte{ 0x1b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x66, 0x69, - 0x65, 0x6c, 0x64, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xdd, + 0x65, 0x6c, 0x64, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x92, 0x02, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, - 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, - 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0b, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x37, 0x0a, 0x15, - 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, - 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x13, 0x6d, - 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, - 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, - 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, - 0x0f, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, - 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, - 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x19, 0x0a, 0x08, 0x72, + 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, + 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, + 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x12, 0x48, 0x0a, 0x1e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x5f, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x1b, 0x6f, 0x72, 0x67, + 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x41, + 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x69, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, - 0x42, 0x18, 0x0a, 0x16, 0x5f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x5f, - 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x42, 0x12, 0x0a, 0x10, 0x5f, 0x6f, - 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x22, 0x94, - 0x01, 0x0a, 0x18, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, - 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x61, - 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x09, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, - 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0b, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, - 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, - 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x27, 0x0a, 0x15, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, - 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x92, - 0x01, 0x0a, 0x16, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, - 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x63, 0x63, - 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, - 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, - 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6d, - 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, - 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x22, 0x7a, 0x0a, 0x17, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, - 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, - 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, - 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, - 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, - 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x61, 0x73, 0x6b, 0x22, - 0x94, 0x01, 0x0a, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, - 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, - 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, - 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x09, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x61, - 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, - 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, - 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x29, 0x0a, 0x17, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x42, 0x21, 0x0a, 0x1f, 0x5f, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x5f, 0x69, 0x64, 0x22, 0xa3, 0x02, 0x0a, 0x18, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, + 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, + 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, + 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, + 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x48, 0x0a, 0x1e, 0x6f, 0x72, 0x67, 0x61, 0x6e, + 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, + 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x00, 0x52, 0x1b, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, + 0x61, 0x73, 0x74, 0x65, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x88, 0x01, + 0x01, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x6e, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, 0x12, 0x28, 0x0a, 0x10, + 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x69, 0x64, + 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, + 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x42, 0x21, 0x0a, 0x1f, 0x5f, 0x6f, 0x72, 0x67, 0x61, 0x6e, + 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, + 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x22, 0x27, 0x0a, 0x15, 0x52, 0x65, 0x61, + 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, + 0x69, 0x64, 0x22, 0xa1, 0x02, 0x0a, 0x16, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, + 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, + 0x0a, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x09, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, + 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, + 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x48, 0x0a, 0x1e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, + 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x1b, + 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x73, 0x74, + 0x65, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x19, + 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x72, 0x6f, 0x6c, + 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x69, 0x64, 0x18, 0x09, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, + 0x6c, 0x49, 0x64, 0x42, 0x21, 0x0a, 0x1f, 0x5f, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, + 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x22, 0x7a, 0x0a, 0x17, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, - 0x64, 0x32, 0xd2, 0x03, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x65, 0x72, 0x76, - 0x69, 0x63, 0x65, 0x12, 0x77, 0x0a, 0x10, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x30, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, + 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, + 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, + 0x6c, 0x64, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x61, + 0x73, 0x6b, 0x22, 0xa3, 0x02, 0x0a, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, + 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, + 0x1d, 0x0a, 0x0a, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, + 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, + 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x48, 0x0a, 0x1e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, + 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, + 0x52, 0x1b, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, + 0x73, 0x74, 0x65, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, + 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x6e, 0x18, 0x08, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x72, + 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x69, 0x64, 0x18, + 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, 0x72, + 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x42, 0x21, 0x0a, 0x1f, 0x5f, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, + 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x22, 0x29, 0x0a, 0x17, 0x44, 0x65, 0x6c, 0x65, + 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x02, 0x69, 0x64, 0x22, 0xe0, 0x01, 0x0a, 0x1c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, + 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x2a, 0x0a, 0x11, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, + 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, + 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x6f, 0x72, 0x67, 0x61, + 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, + 0x64, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x6e, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, 0x12, 0x28, 0x0a, 0x10, + 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x69, 0x64, + 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, + 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x22, 0xf1, 0x01, 0x0a, 0x1d, 0x43, 0x72, 0x65, 0x61, 0x74, + 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2a, 0x0a, 0x11, 0x6d, 0x61, 0x73, 0x74, + 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x09, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, + 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, + 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, + 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, + 0x12, 0x28, 0x0a, 0x10, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, + 0x6c, 0x5f, 0x69, 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, + 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x22, 0x2c, 0x0a, 0x1a, 0x52, 0x65, + 0x61, 0x64, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0xef, 0x01, 0x0a, 0x1b, 0x52, 0x65, 0x61, + 0x64, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2a, 0x0a, 0x11, 0x6d, 0x61, 0x73, 0x74, + 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x09, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, + 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, + 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x61, 0x72, + 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x65, 0x41, 0x72, 0x6e, + 0x12, 0x28, 0x0a, 0x10, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, + 0x6c, 0x5f, 0x69, 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x6f, 0x6c, 0x65, + 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x22, 0x7f, 0x0a, 0x1c, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3b, + 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x73, 0x6b, 0x52, + 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0xf1, 0x01, 0x0a, 0x1d, + 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x0e, 0x0a, + 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2a, 0x0a, + 0x11, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, + 0x69, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, + 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6d, 0x6f, 0x64, + 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, + 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, + 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x6f, + 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, + 0x6c, 0x65, 0x41, 0x72, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x65, 0x78, + 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x69, 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0e, 0x72, 0x6f, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x22, + 0x2e, 0x0a, 0x1c, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, + 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x32, + 0xcf, 0x07, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x12, 0x77, 0x0a, 0x10, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x30, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, + 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, - 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e, 0x69, 0x6c, 0x6c, 0x75, - 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, - 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x71, 0x0a, 0x0e, - 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2e, - 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, - 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, - 0x77, 0x0a, 0x10, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x12, 0x30, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, + 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x71, 0x0a, 0x0e, 0x52, 0x65, + 0x61, 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2e, 0x2e, 0x69, + 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x69, + 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x41, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x77, 0x0a, + 0x10, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, + 0x74, 0x12, 0x30, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, + 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, + 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5c, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x30, 0x2e, 0x69, 0x6c, 0x6c, + 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, + 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, + 0x6d, 0x70, 0x74, 0x79, 0x12, 0x86, 0x01, 0x0a, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, + 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x35, + 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, + 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x36, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, - 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5c, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, - 0x74, 0x65, 0x41, 0x77, 0x73, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x30, 0x2e, 0x69, - 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x77, 0x73, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0x89, 0x02, 0x0a, 0x1b, 0x63, 0x6f, 0x6d, 0x2e, 0x69, - 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, - 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x5e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2f, 0x74, 0x65, 0x72, 0x72, 0x61, 0x66, - 0x6f, 0x72, 0x6d, 0x2d, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x2d, 0x69, 0x6c, 0x6c, - 0x75, 0x6d, 0x69, 0x6f, 0x2d, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, - 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2f, 0x63, 0x6c, 0x6f, - 0x75, 0x64, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x3b, 0x63, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x49, 0x43, 0x43, 0xaa, 0x02, 0x17, 0x49, 0x6c, - 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x17, 0x49, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x5c, - 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0xe2, - 0x02, 0x23, 0x49, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, - 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, - 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x1a, 0x49, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x3a, - 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3a, - 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x80, 0x01, + 0x0a, 0x13, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, + 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, + 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x69, 0x6c, 0x6c, + 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, + 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x86, 0x01, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, + 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x35, 0x2e, 0x69, 0x6c, 0x6c, + 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, + 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x36, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, + 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, + 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x66, 0x0a, 0x15, 0x44, 0x65, 0x6c, + 0x65, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x12, 0x35, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2e, 0x63, 0x6c, 0x6f, + 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, + 0x65, 0x74, 0x65, 0x41, 0x77, 0x73, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, + 0x79, 0x42, 0x89, 0x02, 0x0a, 0x1b, 0x63, 0x6f, 0x6d, 0x2e, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, + 0x6f, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, + 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, + 0x5a, 0x5e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x69, 0x6c, 0x6c, + 0x75, 0x6d, 0x69, 0x6f, 0x2f, 0x74, 0x65, 0x72, 0x72, 0x61, 0x66, 0x6f, 0x72, 0x6d, 0x2d, 0x70, + 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x2d, 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2d, + 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, + 0x69, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2f, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x3b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x76, 0x31, + 0xa2, 0x02, 0x03, 0x49, 0x43, 0x43, 0xaa, 0x02, 0x17, 0x49, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, + 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x56, 0x31, + 0xca, 0x02, 0x17, 0x49, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, + 0x5c, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x23, 0x49, 0x6c, 0x6c, + 0x75, 0x6d, 0x69, 0x6f, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, + 0xea, 0x02, 0x1a, 0x49, 0x6c, 0x6c, 0x75, 0x6d, 0x69, 0x6f, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, + 0x64, 0x3a, 0x3a, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -657,33 +1346,49 @@ func file_illumio_cloud_config_v1_config_proto_rawDescGZIP() []byte { return file_illumio_cloud_config_v1_config_proto_rawDescData } -var file_illumio_cloud_config_v1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 7) +var file_illumio_cloud_config_v1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 14) var file_illumio_cloud_config_v1_config_proto_goTypes = []any{ - (*CreateAwsAccountRequest)(nil), // 0: illumio.cloud.config.v1.CreateAwsAccountRequest - (*CreateAwsAccountResponse)(nil), // 1: illumio.cloud.config.v1.CreateAwsAccountResponse - (*ReadAwsAccountRequest)(nil), // 2: illumio.cloud.config.v1.ReadAwsAccountRequest - (*ReadAwsAccountResponse)(nil), // 3: illumio.cloud.config.v1.ReadAwsAccountResponse - (*UpdateAwsAccountRequest)(nil), // 4: illumio.cloud.config.v1.UpdateAwsAccountRequest - (*UpdateAwsAccountResponse)(nil), // 5: illumio.cloud.config.v1.UpdateAwsAccountResponse - (*DeleteAwsAccountRequest)(nil), // 6: illumio.cloud.config.v1.DeleteAwsAccountRequest - (*fieldmaskpb.FieldMask)(nil), // 7: google.protobuf.FieldMask - (*emptypb.Empty)(nil), // 8: google.protobuf.Empty + (*CreateAwsAccountRequest)(nil), // 0: illumio.cloud.config.v1.CreateAwsAccountRequest + (*CreateAwsAccountResponse)(nil), // 1: illumio.cloud.config.v1.CreateAwsAccountResponse + (*ReadAwsAccountRequest)(nil), // 2: illumio.cloud.config.v1.ReadAwsAccountRequest + (*ReadAwsAccountResponse)(nil), // 3: illumio.cloud.config.v1.ReadAwsAccountResponse + (*UpdateAwsAccountRequest)(nil), // 4: illumio.cloud.config.v1.UpdateAwsAccountRequest + (*UpdateAwsAccountResponse)(nil), // 5: illumio.cloud.config.v1.UpdateAwsAccountResponse + (*DeleteAwsAccountRequest)(nil), // 6: illumio.cloud.config.v1.DeleteAwsAccountRequest + (*CreateAwsOrganizationRequest)(nil), // 7: illumio.cloud.config.v1.CreateAwsOrganizationRequest + (*CreateAwsOrganizationResponse)(nil), // 8: illumio.cloud.config.v1.CreateAwsOrganizationResponse + (*ReadAwsOrganizationRequest)(nil), // 9: illumio.cloud.config.v1.ReadAwsOrganizationRequest + (*ReadAwsOrganizationResponse)(nil), // 10: illumio.cloud.config.v1.ReadAwsOrganizationResponse + (*UpdateAwsOrganizationRequest)(nil), // 11: illumio.cloud.config.v1.UpdateAwsOrganizationRequest + (*UpdateAwsOrganizationResponse)(nil), // 12: illumio.cloud.config.v1.UpdateAwsOrganizationResponse + (*DeleteAwsOrganizationRequest)(nil), // 13: illumio.cloud.config.v1.DeleteAwsOrganizationRequest + (*fieldmaskpb.FieldMask)(nil), // 14: google.protobuf.FieldMask + (*emptypb.Empty)(nil), // 15: google.protobuf.Empty } var file_illumio_cloud_config_v1_config_proto_depIdxs = []int32{ - 7, // 0: illumio.cloud.config.v1.UpdateAwsAccountRequest.update_mask:type_name -> google.protobuf.FieldMask - 0, // 1: illumio.cloud.config.v1.ConfigService.CreateAwsAccount:input_type -> illumio.cloud.config.v1.CreateAwsAccountRequest - 2, // 2: illumio.cloud.config.v1.ConfigService.ReadAwsAccount:input_type -> illumio.cloud.config.v1.ReadAwsAccountRequest - 4, // 3: illumio.cloud.config.v1.ConfigService.UpdateAwsAccount:input_type -> illumio.cloud.config.v1.UpdateAwsAccountRequest - 6, // 4: illumio.cloud.config.v1.ConfigService.DeleteAwsAccount:input_type -> illumio.cloud.config.v1.DeleteAwsAccountRequest - 1, // 5: illumio.cloud.config.v1.ConfigService.CreateAwsAccount:output_type -> illumio.cloud.config.v1.CreateAwsAccountResponse - 3, // 6: illumio.cloud.config.v1.ConfigService.ReadAwsAccount:output_type -> illumio.cloud.config.v1.ReadAwsAccountResponse - 5, // 7: illumio.cloud.config.v1.ConfigService.UpdateAwsAccount:output_type -> illumio.cloud.config.v1.UpdateAwsAccountResponse - 8, // 8: illumio.cloud.config.v1.ConfigService.DeleteAwsAccount:output_type -> google.protobuf.Empty - 5, // [5:9] is the sub-list for method output_type - 1, // [1:5] is the sub-list for method input_type - 1, // [1:1] is the sub-list for extension type_name - 1, // [1:1] is the sub-list for extension extendee - 0, // [0:1] is the sub-list for field type_name + 14, // 0: illumio.cloud.config.v1.UpdateAwsAccountRequest.update_mask:type_name -> google.protobuf.FieldMask + 14, // 1: illumio.cloud.config.v1.UpdateAwsOrganizationRequest.update_mask:type_name -> google.protobuf.FieldMask + 0, // 2: illumio.cloud.config.v1.ConfigService.CreateAwsAccount:input_type -> illumio.cloud.config.v1.CreateAwsAccountRequest + 2, // 3: illumio.cloud.config.v1.ConfigService.ReadAwsAccount:input_type -> illumio.cloud.config.v1.ReadAwsAccountRequest + 4, // 4: illumio.cloud.config.v1.ConfigService.UpdateAwsAccount:input_type -> illumio.cloud.config.v1.UpdateAwsAccountRequest + 6, // 5: illumio.cloud.config.v1.ConfigService.DeleteAwsAccount:input_type -> illumio.cloud.config.v1.DeleteAwsAccountRequest + 7, // 6: illumio.cloud.config.v1.ConfigService.CreateAwsOrganization:input_type -> illumio.cloud.config.v1.CreateAwsOrganizationRequest + 9, // 7: illumio.cloud.config.v1.ConfigService.ReadAwsOrganization:input_type -> illumio.cloud.config.v1.ReadAwsOrganizationRequest + 11, // 8: illumio.cloud.config.v1.ConfigService.UpdateAwsOrganization:input_type -> illumio.cloud.config.v1.UpdateAwsOrganizationRequest + 13, // 9: illumio.cloud.config.v1.ConfigService.DeleteAwsOrganization:input_type -> illumio.cloud.config.v1.DeleteAwsOrganizationRequest + 1, // 10: illumio.cloud.config.v1.ConfigService.CreateAwsAccount:output_type -> illumio.cloud.config.v1.CreateAwsAccountResponse + 3, // 11: illumio.cloud.config.v1.ConfigService.ReadAwsAccount:output_type -> illumio.cloud.config.v1.ReadAwsAccountResponse + 5, // 12: illumio.cloud.config.v1.ConfigService.UpdateAwsAccount:output_type -> illumio.cloud.config.v1.UpdateAwsAccountResponse + 15, // 13: illumio.cloud.config.v1.ConfigService.DeleteAwsAccount:output_type -> google.protobuf.Empty + 8, // 14: illumio.cloud.config.v1.ConfigService.CreateAwsOrganization:output_type -> illumio.cloud.config.v1.CreateAwsOrganizationResponse + 10, // 15: illumio.cloud.config.v1.ConfigService.ReadAwsOrganization:output_type -> illumio.cloud.config.v1.ReadAwsOrganizationResponse + 12, // 16: illumio.cloud.config.v1.ConfigService.UpdateAwsOrganization:output_type -> illumio.cloud.config.v1.UpdateAwsOrganizationResponse + 15, // 17: illumio.cloud.config.v1.ConfigService.DeleteAwsOrganization:output_type -> google.protobuf.Empty + 10, // [10:18] is the sub-list for method output_type + 2, // [2:10] is the sub-list for method input_type + 2, // [2:2] is the sub-list for extension type_name + 2, // [2:2] is the sub-list for extension extendee + 0, // [0:2] is the sub-list for field type_name } func init() { file_illumio_cloud_config_v1_config_proto_init() } @@ -776,15 +1481,102 @@ func file_illumio_cloud_config_v1_config_proto_init() { return nil } } + file_illumio_cloud_config_v1_config_proto_msgTypes[7].Exporter = func(v any, i int) any { + switch v := v.(*CreateAwsOrganizationRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_illumio_cloud_config_v1_config_proto_msgTypes[8].Exporter = func(v any, i int) any { + switch v := v.(*CreateAwsOrganizationResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_illumio_cloud_config_v1_config_proto_msgTypes[9].Exporter = func(v any, i int) any { + switch v := v.(*ReadAwsOrganizationRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_illumio_cloud_config_v1_config_proto_msgTypes[10].Exporter = func(v any, i int) any { + switch v := v.(*ReadAwsOrganizationResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_illumio_cloud_config_v1_config_proto_msgTypes[11].Exporter = func(v any, i int) any { + switch v := v.(*UpdateAwsOrganizationRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_illumio_cloud_config_v1_config_proto_msgTypes[12].Exporter = func(v any, i int) any { + switch v := v.(*UpdateAwsOrganizationResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_illumio_cloud_config_v1_config_proto_msgTypes[13].Exporter = func(v any, i int) any { + switch v := v.(*DeleteAwsOrganizationRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } } file_illumio_cloud_config_v1_config_proto_msgTypes[0].OneofWrappers = []any{} + file_illumio_cloud_config_v1_config_proto_msgTypes[1].OneofWrappers = []any{} + file_illumio_cloud_config_v1_config_proto_msgTypes[3].OneofWrappers = []any{} + file_illumio_cloud_config_v1_config_proto_msgTypes[5].OneofWrappers = []any{} type x struct{} out := protoimpl.TypeBuilder{ File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_illumio_cloud_config_v1_config_proto_rawDesc, NumEnums: 0, - NumMessages: 7, + NumMessages: 14, NumExtensions: 0, NumServices: 1, }, diff --git a/api/illumio/cloud/config/v1/config.proto b/api/illumio/cloud/config/v1/config.proto index c7ad75e..bcad315 100644 --- a/api/illumio/cloud/config/v1/config.proto +++ b/api/illumio/cloud/config/v1/config.proto @@ -10,23 +10,27 @@ service ConfigService { rpc ReadAwsAccount(ReadAwsAccountRequest) returns (ReadAwsAccountResponse); rpc UpdateAwsAccount(UpdateAwsAccountRequest) returns (UpdateAwsAccountResponse); rpc DeleteAwsAccount(DeleteAwsAccountRequest) returns (google.protobuf.Empty); + rpc CreateAwsOrganization(CreateAwsOrganizationRequest) returns (CreateAwsOrganizationResponse); + rpc ReadAwsOrganization(ReadAwsOrganizationRequest) returns (ReadAwsOrganizationResponse); + rpc UpdateAwsOrganization(UpdateAwsOrganizationRequest) returns (UpdateAwsOrganizationResponse); + rpc DeleteAwsOrganization(DeleteAwsOrganizationRequest) returns (google.protobuf.Empty); } message CreateAwsAccountRequest { string account_id = 2; - string account_type = 3; - optional string management_account_id = 4; string mode = 5; string name = 6; - optional string organization_id = 7; + optional string organization_master_account_id = 12; string role_arn = 8; string role_external_id = 9; } message CreateAwsAccountResponse { string id = 1; string account_id = 2; - string account_type = 3; string mode = 5; string name = 6; + optional string organization_master_account_id = 12; + string role_arn = 8; + string role_external_id = 9; } message ReadAwsAccountRequest { string id = 1; @@ -34,9 +38,11 @@ message ReadAwsAccountRequest { message ReadAwsAccountResponse { string id = 1; string account_id = 2; - string account_type = 3; string mode = 5; string name = 6; + optional string organization_master_account_id = 12; + string role_arn = 8; + string role_external_id = 9; } message UpdateAwsAccountRequest { string id = 1; @@ -46,10 +52,58 @@ message UpdateAwsAccountRequest { message UpdateAwsAccountResponse { string id = 1; string account_id = 2; - string account_type = 3; string mode = 5; string name = 6; + optional string organization_master_account_id = 12; + string role_arn = 8; + string role_external_id = 9; } message DeleteAwsAccountRequest { string id = 1; } +message CreateAwsOrganizationRequest { + string master_account_id = 9; + string mode = 3; + string name = 4; + string organization_id = 5; + string role_arn = 6; + string role_external_id = 7; +} +message CreateAwsOrganizationResponse { + string id = 1; + string master_account_id = 9; + string mode = 3; + string name = 4; + string organization_id = 5; + string role_arn = 6; + string role_external_id = 7; +} +message ReadAwsOrganizationRequest { + string id = 1; +} +message ReadAwsOrganizationResponse { + string id = 1; + string master_account_id = 9; + string mode = 3; + string name = 4; + string organization_id = 5; + string role_arn = 6; + string role_external_id = 7; +} +message UpdateAwsOrganizationRequest { + string id = 1; + string name = 4; + google.protobuf.FieldMask update_mask = 8; +} +message UpdateAwsOrganizationResponse { + string id = 1; + string master_account_id = 9; + string mode = 3; + string name = 4; + string organization_id = 5; + string role_arn = 6; + string role_external_id = 7; +} +message DeleteAwsOrganizationRequest { + string id = 1; +} diff --git a/api/illumio/cloud/config/v1/config_grpc.pb.go b/api/illumio/cloud/config/v1/config_grpc.pb.go index 290bb5b..1169341 100644 --- a/api/illumio/cloud/config/v1/config_grpc.pb.go +++ b/api/illumio/cloud/config/v1/config_grpc.pb.go @@ -23,10 +23,14 @@ import ( const _ = grpc.SupportPackageIsVersion8 const ( - ConfigService_CreateAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/CreateAwsAccount" - ConfigService_ReadAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/ReadAwsAccount" - ConfigService_UpdateAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/UpdateAwsAccount" - ConfigService_DeleteAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/DeleteAwsAccount" + ConfigService_CreateAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/CreateAwsAccount" + ConfigService_ReadAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/ReadAwsAccount" + ConfigService_UpdateAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/UpdateAwsAccount" + ConfigService_DeleteAwsAccount_FullMethodName = "/illumio.cloud.config.v1.ConfigService/DeleteAwsAccount" + ConfigService_CreateAwsOrganization_FullMethodName = "/illumio.cloud.config.v1.ConfigService/CreateAwsOrganization" + ConfigService_ReadAwsOrganization_FullMethodName = "/illumio.cloud.config.v1.ConfigService/ReadAwsOrganization" + ConfigService_UpdateAwsOrganization_FullMethodName = "/illumio.cloud.config.v1.ConfigService/UpdateAwsOrganization" + ConfigService_DeleteAwsOrganization_FullMethodName = "/illumio.cloud.config.v1.ConfigService/DeleteAwsOrganization" ) // ConfigServiceClient is the client API for ConfigService service. @@ -37,6 +41,10 @@ type ConfigServiceClient interface { ReadAwsAccount(ctx context.Context, in *ReadAwsAccountRequest, opts ...grpc.CallOption) (*ReadAwsAccountResponse, error) UpdateAwsAccount(ctx context.Context, in *UpdateAwsAccountRequest, opts ...grpc.CallOption) (*UpdateAwsAccountResponse, error) DeleteAwsAccount(ctx context.Context, in *DeleteAwsAccountRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) + CreateAwsOrganization(ctx context.Context, in *CreateAwsOrganizationRequest, opts ...grpc.CallOption) (*CreateAwsOrganizationResponse, error) + ReadAwsOrganization(ctx context.Context, in *ReadAwsOrganizationRequest, opts ...grpc.CallOption) (*ReadAwsOrganizationResponse, error) + UpdateAwsOrganization(ctx context.Context, in *UpdateAwsOrganizationRequest, opts ...grpc.CallOption) (*UpdateAwsOrganizationResponse, error) + DeleteAwsOrganization(ctx context.Context, in *DeleteAwsOrganizationRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) } type configServiceClient struct { @@ -87,6 +95,46 @@ func (c *configServiceClient) DeleteAwsAccount(ctx context.Context, in *DeleteAw return out, nil } +func (c *configServiceClient) CreateAwsOrganization(ctx context.Context, in *CreateAwsOrganizationRequest, opts ...grpc.CallOption) (*CreateAwsOrganizationResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(CreateAwsOrganizationResponse) + err := c.cc.Invoke(ctx, ConfigService_CreateAwsOrganization_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *configServiceClient) ReadAwsOrganization(ctx context.Context, in *ReadAwsOrganizationRequest, opts ...grpc.CallOption) (*ReadAwsOrganizationResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ReadAwsOrganizationResponse) + err := c.cc.Invoke(ctx, ConfigService_ReadAwsOrganization_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *configServiceClient) UpdateAwsOrganization(ctx context.Context, in *UpdateAwsOrganizationRequest, opts ...grpc.CallOption) (*UpdateAwsOrganizationResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UpdateAwsOrganizationResponse) + err := c.cc.Invoke(ctx, ConfigService_UpdateAwsOrganization_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *configServiceClient) DeleteAwsOrganization(ctx context.Context, in *DeleteAwsOrganizationRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(emptypb.Empty) + err := c.cc.Invoke(ctx, ConfigService_DeleteAwsOrganization_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + // ConfigServiceServer is the server API for ConfigService service. // All implementations must embed UnimplementedConfigServiceServer // for forward compatibility @@ -95,6 +143,10 @@ type ConfigServiceServer interface { ReadAwsAccount(context.Context, *ReadAwsAccountRequest) (*ReadAwsAccountResponse, error) UpdateAwsAccount(context.Context, *UpdateAwsAccountRequest) (*UpdateAwsAccountResponse, error) DeleteAwsAccount(context.Context, *DeleteAwsAccountRequest) (*emptypb.Empty, error) + CreateAwsOrganization(context.Context, *CreateAwsOrganizationRequest) (*CreateAwsOrganizationResponse, error) + ReadAwsOrganization(context.Context, *ReadAwsOrganizationRequest) (*ReadAwsOrganizationResponse, error) + UpdateAwsOrganization(context.Context, *UpdateAwsOrganizationRequest) (*UpdateAwsOrganizationResponse, error) + DeleteAwsOrganization(context.Context, *DeleteAwsOrganizationRequest) (*emptypb.Empty, error) mustEmbedUnimplementedConfigServiceServer() } @@ -114,6 +166,18 @@ func (UnimplementedConfigServiceServer) UpdateAwsAccount(context.Context, *Updat func (UnimplementedConfigServiceServer) DeleteAwsAccount(context.Context, *DeleteAwsAccountRequest) (*emptypb.Empty, error) { return nil, status.Errorf(codes.Unimplemented, "method DeleteAwsAccount not implemented") } +func (UnimplementedConfigServiceServer) CreateAwsOrganization(context.Context, *CreateAwsOrganizationRequest) (*CreateAwsOrganizationResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateAwsOrganization not implemented") +} +func (UnimplementedConfigServiceServer) ReadAwsOrganization(context.Context, *ReadAwsOrganizationRequest) (*ReadAwsOrganizationResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ReadAwsOrganization not implemented") +} +func (UnimplementedConfigServiceServer) UpdateAwsOrganization(context.Context, *UpdateAwsOrganizationRequest) (*UpdateAwsOrganizationResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateAwsOrganization not implemented") +} +func (UnimplementedConfigServiceServer) DeleteAwsOrganization(context.Context, *DeleteAwsOrganizationRequest) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteAwsOrganization not implemented") +} func (UnimplementedConfigServiceServer) mustEmbedUnimplementedConfigServiceServer() {} // UnsafeConfigServiceServer may be embedded to opt out of forward compatibility for this service. @@ -199,6 +263,78 @@ func _ConfigService_DeleteAwsAccount_Handler(srv interface{}, ctx context.Contex return interceptor(ctx, in, info, handler) } +func _ConfigService_CreateAwsOrganization_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateAwsOrganizationRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ConfigServiceServer).CreateAwsOrganization(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: ConfigService_CreateAwsOrganization_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ConfigServiceServer).CreateAwsOrganization(ctx, req.(*CreateAwsOrganizationRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _ConfigService_ReadAwsOrganization_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ReadAwsOrganizationRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ConfigServiceServer).ReadAwsOrganization(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: ConfigService_ReadAwsOrganization_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ConfigServiceServer).ReadAwsOrganization(ctx, req.(*ReadAwsOrganizationRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _ConfigService_UpdateAwsOrganization_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateAwsOrganizationRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ConfigServiceServer).UpdateAwsOrganization(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: ConfigService_UpdateAwsOrganization_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ConfigServiceServer).UpdateAwsOrganization(ctx, req.(*UpdateAwsOrganizationRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _ConfigService_DeleteAwsOrganization_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteAwsOrganizationRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ConfigServiceServer).DeleteAwsOrganization(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: ConfigService_DeleteAwsOrganization_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ConfigServiceServer).DeleteAwsOrganization(ctx, req.(*DeleteAwsOrganizationRequest)) + } + return interceptor(ctx, in, info, handler) +} + // ConfigService_ServiceDesc is the grpc.ServiceDesc for ConfigService service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) @@ -222,6 +358,22 @@ var ConfigService_ServiceDesc = grpc.ServiceDesc{ MethodName: "DeleteAwsAccount", Handler: _ConfigService_DeleteAwsAccount_Handler, }, + { + MethodName: "CreateAwsOrganization", + Handler: _ConfigService_CreateAwsOrganization_Handler, + }, + { + MethodName: "ReadAwsOrganization", + Handler: _ConfigService_ReadAwsOrganization_Handler, + }, + { + MethodName: "UpdateAwsOrganization", + Handler: _ConfigService_UpdateAwsOrganization_Handler, + }, + { + MethodName: "DeleteAwsOrganization", + Handler: _ConfigService_DeleteAwsOrganization_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "illumio/cloud/config/v1/config.proto", diff --git a/api/illumio/cloud/config/v1/tags.json b/api/illumio/cloud/config/v1/tags.json index 2575b94..ec17ff8 100644 --- a/api/illumio/cloud/config/v1/tags.json +++ b/api/illumio/cloud/config/v1/tags.json @@ -1 +1 @@ -{"resource/aws_account":{"account_id":2,"account_type":3,"id":1,"management_account_id":4,"mode":5,"name":6,"organization_id":7,"role_arn":8,"role_external_id":9,"update_mask":10}} \ No newline at end of file +{"resource/aws_account":{"account_id":2,"account_type":3,"id":1,"management_account_id":4,"mode":5,"name":6,"organization_account_id":11,"organization_id":7,"organization_master_account_id":12,"role_arn":8,"role_external_id":9,"update_mask":10},"resource/aws_organization":{"account_id":2,"id":1,"master_account_id":9,"mode":3,"name":4,"organization_id":5,"role_arn":6,"role_external_id":7,"update_mask":8}} \ No newline at end of file diff --git a/api/schema/aws_account_resource.go b/api/schema/aws_account_resource.go index 167b443..013380d 100644 --- a/api/schema/aws_account_resource.go +++ b/api/schema/aws_account_resource.go @@ -6,7 +6,9 @@ package schema import ( "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" resource_schema "github.com/hashicorp/terraform-plugin-framework/resource/schema" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" "github.com/hashicorp/terraform-plugin-framework/schema/validator" ) @@ -18,25 +20,12 @@ var ( Description: "Manages an AWS account in CloudSecure.", Attributes: map[string]resource_schema.Attribute{ IDFieldName: idAttribute, - "name": resource_schema.StringAttribute{ - Description: "Display name.", - Required: true, - }, "account_id": StringResourceAttributeWithMode{ StringAttribute: resource_schema.StringAttribute{ MarkdownDescription: "AWS account ID.", Required: true, - }, - attributeWithMode: attributeWithMode{ - Mode: ImmutableAttributeMode, - }, - }, - "account_type": StringResourceAttributeWithMode{ - StringAttribute: resource_schema.StringAttribute{ - MarkdownDescription: "AWS account type, must be `\"Account\"` or `\"Organization\"`.", - Required: true, - Validators: []validator.String{ - stringvalidator.OneOf("Account", "Organization"), + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), }, }, attributeWithMode: attributeWithMode{ @@ -52,45 +41,52 @@ var ( Validators: []validator.String{ stringvalidator.OneOf("ReadWrite", "Read"), }, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, }, attributeWithMode: attributeWithMode{ Mode: ImmutableAttributeMode, }, }, - "role_external_id": StringResourceAttributeWithMode{ + "name": resource_schema.StringAttribute{ + Description: "Display name for the AWS account.", + Required: true, + }, + "organization_master_account_id": StringResourceAttributeWithMode{ StringAttribute: resource_schema.StringAttribute{ - Description: "External ID defined in the AWS role to authenticate CloudSecure when assuming that role.", - Required: true, + Description: "ID of the master account of the AWS organization this account belongs to. If specified, should be the `master_account_id` of an `aws_organization`.", + Optional: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, }, attributeWithMode: attributeWithMode{ - Mode: WriteOnlyOnceAttributeMode, + Mode: ImmutableAttributeMode, }, }, "role_arn": StringResourceAttributeWithMode{ StringAttribute: resource_schema.StringAttribute{ Description: "ARN of the AWS role to be assumed by CloudSecure to manage this account.", Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, }, attributeWithMode: attributeWithMode{ - Mode: WriteOnlyOnceAttributeMode, - }, - }, - "management_account_id": StringResourceAttributeWithMode{ - StringAttribute: resource_schema.StringAttribute{ - MarkdownDescription: "AWS organization management account ID. If specified, `organization_id` must also be specified. Required if `account_type` is `\"Organization\"`.", - Optional: true, - }, - attributeWithMode: attributeWithMode{ - Mode: WriteOnlyOnceAttributeMode, + Mode: ImmutableAttributeMode, }, }, - "organization_id": StringResourceAttributeWithMode{ + "role_external_id": StringResourceAttributeWithMode{ StringAttribute: resource_schema.StringAttribute{ - Description: "AWS organization ID. If specified, the whole AWS organization is onboarded instead of just the AWS account. If specified, `management_account_id` must also be specified. Required if `account_type` is `\"Organization\"`.", - Optional: true, + Description: "External ID defined in the AWS role to authenticate CloudSecure when assuming that role.", + Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, }, attributeWithMode: attributeWithMode{ - Mode: WriteOnlyOnceAttributeMode, + Mode: ImmutableAttributeMode, }, }, }, diff --git a/api/schema/aws_organization_resource.go b/api/schema/aws_organization_resource.go new file mode 100644 index 0000000..d7e5b57 --- /dev/null +++ b/api/schema/aws_organization_resource.go @@ -0,0 +1,95 @@ +// Copyright (c) Illumio, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package schema + +import ( + "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" + resource_schema "github.com/hashicorp/terraform-plugin-framework/resource/schema" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" + "github.com/hashicorp/terraform-plugin-framework/schema/validator" +) + +var ( + awsOrganizationResource = Resource{ + TypeName: "aws_organization", + Schema: resource_schema.Schema{ + Version: 1, + Description: "Manages an AWS organization and its master account in CloudSecure.", + Attributes: map[string]resource_schema.Attribute{ + IDFieldName: idAttribute, + "master_account_id": StringResourceAttributeWithMode{ + StringAttribute: resource_schema.StringAttribute{ + MarkdownDescription: "ID of the master account of the AWS organization.", + Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + }, + attributeWithMode: attributeWithMode{ + Mode: ImmutableAttributeMode, + }, + }, + "mode": StringResourceAttributeWithMode{ + StringAttribute: resource_schema.StringAttribute{ + Description: "Access mode, must be `\"ReadWrite\"` (default) or `\"Read\"`.", + Optional: true, + Computed: true, + Default: stringdefault.StaticString("ReadWrite"), + Validators: []validator.String{ + stringvalidator.OneOf("ReadWrite", "Read"), + }, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + }, + attributeWithMode: attributeWithMode{ + Mode: ImmutableAttributeMode, + }, + }, + "name": resource_schema.StringAttribute{ + Description: "Display name for the AWS organization's master account.", + Required: true, + }, + "organization_id": StringResourceAttributeWithMode{ + StringAttribute: resource_schema.StringAttribute{ + Description: "ID of the AWS organization.", + Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + }, + attributeWithMode: attributeWithMode{ + Mode: ImmutableAttributeMode, + }, + }, + "role_arn": StringResourceAttributeWithMode{ + StringAttribute: resource_schema.StringAttribute{ + Description: "ARN of the AWS role to be assumed by CloudSecure to manage this AWS organization's master account.", + Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + }, + attributeWithMode: attributeWithMode{ + Mode: ImmutableAttributeMode, + }, + }, + "role_external_id": StringResourceAttributeWithMode{ + StringAttribute: resource_schema.StringAttribute{ + Description: "External ID defined in the AWS role to authenticate CloudSecure when assuming that role.", + Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + }, + attributeWithMode: attributeWithMode{ + Mode: ImmutableAttributeMode, + }, + }, + }, + }, + } +) diff --git a/api/schema/schema.go b/api/schema/schema.go index a3ec9ff..cbb2a6c 100644 --- a/api/schema/schema.go +++ b/api/schema/schema.go @@ -18,6 +18,7 @@ func (c *cloudSecureSchema) Resources() Resources { // Keep all resources sorted by lexicographic name order. resources := Resources{ awsAccountResource, + awsOrganizationResource, } sort.Sort(resources) diff --git a/docs/resources/aws_account.md b/docs/resources/aws_account.md index 652c1cc..7ece90c 100644 --- a/docs/resources/aws_account.md +++ b/docs/resources/aws_account.md @@ -15,27 +15,13 @@ Manages an AWS account in CloudSecure. ```terraform resource "illumio-cloudsecure_aws_account" "account_example" { account_id = "812713887999" - account_type = "Account" name = "Test AWS Account" role_arn = "arn:aws:iam::812713887999:role/IllumioAccess" role_external_id = "eb287482f5824fab8a6988252d56eb6d" # Optional attributes - mode = "ReadWrite" -} - - -resource "illumio-cloudsecure_aws_account" "org_example" { - account_id = "812713887999" - account_type = "Organization" - name = "Test AWS Org" - role_arn = "arn:aws:iam::812713887999:role/IllumioAccess" - role_external_id = "eb287482f5824fab8a6988252d56eb6d" - management_account_id = "965208753613" - organization_id = "o-3eehyj6qk0" - - # Optional attributes - mode = "ReadWrite" + organization_master_account_id = "965208753613" + mode = "ReadWrite" } ``` @@ -45,16 +31,14 @@ resource "illumio-cloudsecure_aws_account" "org_example" { ### Required - `account_id` (String) AWS account ID. -- `account_type` (String) AWS account type, must be `"Account"` or `"Organization"`. -- `name` (String) Display name. +- `name` (String) Display name for the AWS account. - `role_arn` (String) ARN of the AWS role to be assumed by CloudSecure to manage this account. - `role_external_id` (String) External ID defined in the AWS role to authenticate CloudSecure when assuming that role. ### Optional -- `management_account_id` (String) AWS organization management account ID. If specified, `organization_id` must also be specified. Required if `account_type` is `"Organization"`. - `mode` (String) Access mode, must be `"ReadWrite"` (default) or `"Read"`. -- `organization_id` (String) AWS organization ID. If specified, the whole AWS organization is onboarded instead of just the AWS account. If specified, `management_account_id` must also be specified. Required if `account_type` is `"Organization"`. +- `organization_master_account_id` (String) ID of the master account of the AWS organization this account belongs to. If specified, should be the `master_account_id` of an `aws_organization`. ### Read-Only diff --git a/docs/resources/aws_organization.md b/docs/resources/aws_organization.md new file mode 100644 index 0000000..f5ce6c6 --- /dev/null +++ b/docs/resources/aws_organization.md @@ -0,0 +1,45 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "illumio-cloudsecure_aws_organization Resource - illumio-cloudsecure" +subcategory: "" +description: |- + Manages an AWS organization and its master account in CloudSecure. +--- + +# illumio-cloudsecure_aws_organization (Resource) + +Manages an AWS organization and its master account in CloudSecure. + +## Example Usage + +```terraform +resource "illumio-cloudsecure_aws_organization" "organization_example" { + master_account_id = "965208753613" + organization_id = "o-3eehyj6qk0" + name = "Test AWS Organization" + role_arn = "arn:aws:iam::965208753613:role/IllumioAccess" + role_external_id = "eb287482f5824fab8a6988252d56eb6d" + + # Optional attributes + mode = "ReadWrite" +} +``` + + +## Schema + +### Required + +- `master_account_id` (String) ID of the master account of the AWS organization. +- `name` (String) Display name for the AWS organization's master account. +- `organization_id` (String) ID of the AWS organization. +- `role_arn` (String) ARN of the AWS role to be assumed by CloudSecure to manage this AWS organization's master account. +- `role_external_id` (String) External ID defined in the AWS role to authenticate CloudSecure when assuming that role. + +### Optional + +- `mode` (String) Access mode, must be `"ReadWrite"` (default) or `"Read"`. + +### Read-Only + +- `id` (String) CloudSecure ID. diff --git a/examples/resources/illumio-cloudsecure_aws_account/resource.tf b/examples/resources/illumio-cloudsecure_aws_account/resource.tf index 9f38d95..dba6c07 100644 --- a/examples/resources/illumio-cloudsecure_aws_account/resource.tf +++ b/examples/resources/illumio-cloudsecure_aws_account/resource.tf @@ -1,24 +1,10 @@ resource "illumio-cloudsecure_aws_account" "account_example" { account_id = "812713887999" - account_type = "Account" name = "Test AWS Account" role_arn = "arn:aws:iam::812713887999:role/IllumioAccess" role_external_id = "eb287482f5824fab8a6988252d56eb6d" # Optional attributes - mode = "ReadWrite" -} - - -resource "illumio-cloudsecure_aws_account" "org_example" { - account_id = "812713887999" - account_type = "Organization" - name = "Test AWS Org" - role_arn = "arn:aws:iam::812713887999:role/IllumioAccess" - role_external_id = "eb287482f5824fab8a6988252d56eb6d" - management_account_id = "965208753613" - organization_id = "o-3eehyj6qk0" - - # Optional attributes - mode = "ReadWrite" + organization_master_account_id = "965208753613" + mode = "ReadWrite" } diff --git a/examples/resources/illumio-cloudsecure_aws_organization/resource.tf b/examples/resources/illumio-cloudsecure_aws_organization/resource.tf new file mode 100644 index 0000000..f14b100 --- /dev/null +++ b/examples/resources/illumio-cloudsecure_aws_organization/resource.tf @@ -0,0 +1,10 @@ +resource "illumio-cloudsecure_aws_organization" "organization_example" { + master_account_id = "965208753613" + organization_id = "o-3eehyj6qk0" + name = "Test AWS Organization" + role_arn = "arn:aws:iam::965208753613:role/IllumioAccess" + role_external_id = "eb287482f5824fab8a6988252d56eb6d" + + # Optional attributes + mode = "ReadWrite" +} diff --git a/fakeserver/fakeserver.gen.go b/fakeserver/fakeserver.gen.go index efaf6c3..c365fc7 100644 --- a/fakeserver/fakeserver.gen.go +++ b/fakeserver/fakeserver.gen.go @@ -19,9 +19,11 @@ import ( // FakeConfigServer is a fake server implementation of ConfigService that can be used for testing API clients. type FakeConfigServer struct { configv1.UnimplementedConfigServiceServer - Logger *zap.Logger - AwsAccountMap map[string]*AwsAccount - AwsAccountMutex sync.RWMutex + Logger *zap.Logger + AwsAccountMap map[string]*AwsAccount + AwsAccountMutex sync.RWMutex + AwsOrganizationMap map[string]*AwsOrganization + AwsOrganizationMutex sync.RWMutex } var _ configv1.ConfigServiceServer = &FakeConfigServer{} @@ -29,42 +31,51 @@ var _ configv1.ConfigServiceServer = &FakeConfigServer{} // NewFakeConfigServer creates a fake server implementation of ConfigService that can be used for testing API clients. func NewFakeConfigServer(logger *zap.Logger) configv1.ConfigServiceServer { return &FakeConfigServer{ - Logger: logger, - AwsAccountMap: make(map[string]*AwsAccount), + Logger: logger, + AwsAccountMap: make(map[string]*AwsAccount), + AwsOrganizationMap: make(map[string]*AwsOrganization), } } type AwsAccount struct { - Id string - AccountId string - AccountType string - ManagementAccountId *string - Mode string - Name string - OrganizationId *string - RoleArn string - RoleExternalId string + Id string + AccountId string + Mode string + Name string + OrganizationMasterAccountId *string + RoleArn string + RoleExternalId string +} + +type AwsOrganization struct { + Id string + MasterAccountId string + Mode string + Name string + OrganizationId string + RoleArn string + RoleExternalId string } func (s *FakeConfigServer) CreateAwsAccount(ctx context.Context, req *configv1.CreateAwsAccountRequest) (*configv1.CreateAwsAccountResponse, error) { id := uuid.New().String() model := &AwsAccount{ - Id: id, - AccountId: req.AccountId, - AccountType: req.AccountType, - ManagementAccountId: req.ManagementAccountId, - Mode: req.Mode, - Name: req.Name, - OrganizationId: req.OrganizationId, - RoleArn: req.RoleArn, - RoleExternalId: req.RoleExternalId, + Id: id, + AccountId: req.AccountId, + Mode: req.Mode, + Name: req.Name, + OrganizationMasterAccountId: req.OrganizationMasterAccountId, + RoleArn: req.RoleArn, + RoleExternalId: req.RoleExternalId, } resp := &configv1.CreateAwsAccountResponse{ - Id: id, - AccountId: model.AccountId, - AccountType: model.AccountType, - Mode: model.Mode, - Name: model.Name, + Id: id, + AccountId: model.AccountId, + Mode: model.Mode, + Name: model.Name, + OrganizationMasterAccountId: model.OrganizationMasterAccountId, + RoleArn: model.RoleArn, + RoleExternalId: model.RoleExternalId, } s.AwsAccountMutex.Lock() s.AwsAccountMap[id] = model @@ -91,11 +102,13 @@ func (s *FakeConfigServer) ReadAwsAccount(ctx context.Context, req *configv1.Rea return nil, status.Errorf(codes.NotFound, "no aws_account found with id %s", id) } resp := &configv1.ReadAwsAccountResponse{ - Id: id, - AccountId: model.AccountId, - AccountType: model.AccountType, - Mode: model.Mode, - Name: model.Name, + Id: id, + AccountId: model.AccountId, + Mode: model.Mode, + Name: model.Name, + OrganizationMasterAccountId: model.OrganizationMasterAccountId, + RoleArn: model.RoleArn, + RoleExternalId: model.RoleExternalId, } s.AwsAccountMutex.RUnlock() s.Logger.Info("read resource", @@ -141,11 +154,13 @@ func (s *FakeConfigServer) UpdateAwsAccount(ctx context.Context, req *configv1.U } } resp := &configv1.UpdateAwsAccountResponse{ - Id: id, - AccountId: model.AccountId, - AccountType: model.AccountType, - Mode: model.Mode, - Name: model.Name, + Id: id, + AccountId: model.AccountId, + Mode: model.Mode, + Name: model.Name, + OrganizationMasterAccountId: model.OrganizationMasterAccountId, + RoleArn: model.RoleArn, + RoleExternalId: model.RoleExternalId, } s.AwsAccountMutex.Unlock() s.Logger.Info("updated resource", @@ -179,3 +194,140 @@ func (s *FakeConfigServer) DeleteAwsAccount(ctx context.Context, req *configv1.D ) return &emptypb.Empty{}, nil } +func (s *FakeConfigServer) CreateAwsOrganization(ctx context.Context, req *configv1.CreateAwsOrganizationRequest) (*configv1.CreateAwsOrganizationResponse, error) { + id := uuid.New().String() + model := &AwsOrganization{ + Id: id, + MasterAccountId: req.MasterAccountId, + Mode: req.Mode, + Name: req.Name, + OrganizationId: req.OrganizationId, + RoleArn: req.RoleArn, + RoleExternalId: req.RoleExternalId, + } + resp := &configv1.CreateAwsOrganizationResponse{ + Id: id, + MasterAccountId: model.MasterAccountId, + Mode: model.Mode, + Name: model.Name, + OrganizationId: model.OrganizationId, + RoleArn: model.RoleArn, + RoleExternalId: model.RoleExternalId, + } + s.AwsOrganizationMutex.Lock() + s.AwsOrganizationMap[id] = model + s.AwsOrganizationMutex.Unlock() + s.Logger.Info("created resource", + zap.String("type", "aws_organization"), + zap.String("method", "CreateAwsOrganization"), + zap.String("id", id), + ) + return resp, nil +} + +func (s *FakeConfigServer) ReadAwsOrganization(ctx context.Context, req *configv1.ReadAwsOrganizationRequest) (*configv1.ReadAwsOrganizationResponse, error) { + id := req.Id + s.AwsOrganizationMutex.RLock() + model, found := s.AwsOrganizationMap[id] + if !found { + s.AwsOrganizationMutex.RUnlock() + s.Logger.Error("attempted to read resource with unknown id", + zap.String("type", "aws_organization"), + zap.String("method", "ReadAwsOrganization"), + zap.String("id", id), + ) + return nil, status.Errorf(codes.NotFound, "no aws_organization found with id %s", id) + } + resp := &configv1.ReadAwsOrganizationResponse{ + Id: id, + MasterAccountId: model.MasterAccountId, + Mode: model.Mode, + Name: model.Name, + OrganizationId: model.OrganizationId, + RoleArn: model.RoleArn, + RoleExternalId: model.RoleExternalId, + } + s.AwsOrganizationMutex.RUnlock() + s.Logger.Info("read resource", + zap.String("type", "aws_organization"), + zap.String("method", "ReadAwsOrganization"), + zap.String("id", id), + ) + return resp, nil +} + +func (s *FakeConfigServer) UpdateAwsOrganization(ctx context.Context, req *configv1.UpdateAwsOrganizationRequest) (*configv1.UpdateAwsOrganizationResponse, error) { + id := req.Id + s.AwsOrganizationMutex.Lock() + model, found := s.AwsOrganizationMap[id] + if !found { + s.AwsOrganizationMutex.Unlock() + s.Logger.Error("attempted to update resource with unknown id", + zap.String("type", "aws_organization"), + zap.String("method", "UpdateAwsOrganization"), + zap.String("id", id), + ) + return nil, status.Errorf(codes.NotFound, "no aws_organization found with id %s", id) + } + updateMask := req.UpdateMask + var updateMaskPaths []string + if updateMask != nil { + updateMaskPaths = updateMask.Paths + } + for _, path := range updateMaskPaths { + switch path { + case "name": + model.Name = req.Name + default: + s.AwsAccountMutex.Unlock() + s.Logger.Error("attempted to update resource using invalid update_mask path", + zap.String("type", "aws_organization"), + zap.String("method", "UpdateAwsOrganization"), + zap.String("id", id), + zap.Strings("updateMaskPaths", updateMaskPaths), + zap.String("invalidUpdateMaskPath", path), + ) + return nil, status.Errorf(codes.InvalidArgument, "invalid path in update_mask for aws_account: %s", path) + } + } + resp := &configv1.UpdateAwsOrganizationResponse{ + Id: id, + MasterAccountId: model.MasterAccountId, + Mode: model.Mode, + Name: model.Name, + OrganizationId: model.OrganizationId, + RoleArn: model.RoleArn, + RoleExternalId: model.RoleExternalId, + } + s.AwsOrganizationMutex.Unlock() + s.Logger.Info("updated resource", + zap.String("type", "aws_organization"), + zap.String("method", "UpdateAwsOrganization"), + zap.String("id", id), + zap.Strings("updateMaskPaths", updateMaskPaths), + ) + return resp, nil +} + +func (s *FakeConfigServer) DeleteAwsOrganization(ctx context.Context, req *configv1.DeleteAwsOrganizationRequest) (*emptypb.Empty, error) { + id := req.Id + s.AwsOrganizationMutex.Lock() + _, found := s.AwsOrganizationMap[id] + if !found { + s.AwsOrganizationMutex.Unlock() + s.Logger.Error("attempted to delete resource with unknown id", + zap.String("type", "aws_organization"), + zap.String("method", "DeleteAwsOrganization"), + zap.String("id", id), + ) + return nil, status.Errorf(codes.NotFound, "no aws_organization found with id %s", id) + } + delete(s.AwsOrganizationMap, id) + s.AwsOrganizationMutex.Unlock() + s.Logger.Info("deleted resource", + zap.String("type", "aws_organization"), + zap.String("method", "DeleteAwsOrganization"), + zap.String("id", id), + ) + return &emptypb.Empty{}, nil +} diff --git a/internal/provider/provider.gen.go b/internal/provider/provider.gen.go index ce4674c..a89ffe5 100644 --- a/internal/provider/provider.gen.go +++ b/internal/provider/provider.gen.go @@ -37,6 +37,8 @@ func (p *Provider) Resources(ctx context.Context) []func() resource.Resource { switch r.TypeName { case "aws_account": resp = append(resp, func() resource.Resource { return NewAwsAccountResource(r.Schema) }) + case "aws_organization": + resp = append(resp, func() resource.Resource { return NewAwsOrganizationResource(r.Schema) }) } } return resp @@ -226,16 +228,202 @@ func (r *AwsAccountResource) ImportState(ctx context.Context, req resource.Impor // TODO } +// AwsOrganizationResource implements the aws_organization resource. +type AwsOrganizationResource struct { + // schema is the schema of the aws_organization resource. + schema resource_schema.Schema + + // providerData is the provider configuration. + config ProviderData +} + +var _ resource.ResourceWithConfigure = &AwsOrganizationResource{} +var _ resource.ResourceWithImportState = &AwsOrganizationResource{} + +// NewAwsOrganizationResource returns a new aws_organization resource. +func NewAwsOrganizationResource(schema resource_schema.Schema) resource.Resource { + return &AwsOrganizationResource{ + schema: schema, + } +} + +func (r *AwsOrganizationResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { + resp.TypeName = req.ProviderTypeName + "_aws_organization" +} + +func (r *AwsOrganizationResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { + resp.Schema = r.schema +} + +func (r *AwsOrganizationResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) { + if req.ProviderData == nil { + return + } + + providerData, ok := req.ProviderData.(ProviderData) + if !ok { + resp.Diagnostics.AddError( + "Unexpected Resource Configure Type", + fmt.Sprintf("Expected ProviderData, got: %T. Please report this issue to the provider developers.", req.ProviderData), + ) + + return + } + + r.config = providerData +} + +func (r *AwsOrganizationResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { + var data AwsOrganizationResourceModel + + resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...) + if resp.Diagnostics.HasError() { + return + } + + protoReq := NewCreateAwsOrganizationRequest(&data) + + tflog.Trace(ctx, "creating a resource", map[string]any{"type": "aws_organization"}) + + rpcCtx, rpcCancel := context.WithTimeout(ctx, r.config.RequestTimeout()) + protoResp, err := r.config.Client().CreateAwsOrganization(rpcCtx, protoReq) + rpcCancel() + if err != nil { + resp.Diagnostics.AddError("Config API Error", fmt.Sprintf("Unable to create aws_organization, got error: %s", err)) + return + } + + CopyCreateAwsOrganizationResponse(&data, protoResp) + + tflog.Trace(ctx, "created a resource", map[string]any{"type": "aws_organization", "id": protoResp.Id}) + + resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) +} + +func (r *AwsOrganizationResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { + var data AwsOrganizationResourceModel + + resp.Diagnostics.Append(req.State.Get(ctx, &data)...) + if resp.Diagnostics.HasError() { + return + } + + protoReq := NewReadAwsOrganizationRequest(&data) + + tflog.Trace(ctx, "reading a resource", map[string]any{"type": "aws_organization", "id": protoReq.Id}) + + rpcCtx, rpcCancel := context.WithTimeout(ctx, r.config.RequestTimeout()) + protoResp, err := r.config.Client().ReadAwsOrganization(rpcCtx, protoReq) + rpcCancel() + if err != nil { + switch status.Code(err) { + case codes.NotFound: + resp.Diagnostics.AddWarning("Resource Not Found", fmt.Sprintf("No aws_organization found with id %s", protoReq.Id)) + resp.State.RemoveResource(ctx) + return + default: + resp.Diagnostics.AddError("Config API Error", fmt.Sprintf("Unable to read aws_organization, got error: %s", err)) + return + } + } + + CopyReadAwsOrganizationResponse(&data, protoResp) + + tflog.Trace(ctx, "read a resource", map[string]any{"type": "aws_organization", "id": protoResp.Id}) + + resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) +} + +func (r *AwsOrganizationResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { + var beforeData AwsOrganizationResourceModel + var afterData AwsOrganizationResourceModel + + resp.Diagnostics.Append(req.State.Get(ctx, &beforeData)...) + if resp.Diagnostics.HasError() { + return + } + + resp.Diagnostics.Append(req.Plan.Get(ctx, &afterData)...) + if resp.Diagnostics.HasError() { + return + } + + protoReq := NewUpdateAwsOrganizationRequest(&beforeData, &afterData) + + tflog.Trace(ctx, "updating a resource", map[string]any{"type": "aws_organization", "id": protoReq.Id, "update_mask": protoReq.UpdateMask.Paths}) + + rpcCtx, rpcCancel := context.WithTimeout(ctx, r.config.RequestTimeout()) + protoResp, err := r.config.Client().UpdateAwsOrganization(rpcCtx, protoReq) + rpcCancel() + if err != nil { + switch status.Code(err) { + case codes.NotFound: + resp.Diagnostics.AddError("Resource Not Found", fmt.Sprintf("No aws_organization found with id %s", protoReq.Id)) + resp.State.RemoveResource(ctx) + return + default: + resp.Diagnostics.AddError("Config API Error", fmt.Sprintf("Unable to update aws_organization, got error: %s", err)) + return + } + } + + CopyUpdateAwsOrganizationResponse(&afterData, protoResp) + + tflog.Trace(ctx, "updated a resource", map[string]any{"type": "aws_organization", "id": protoResp.Id}) + + resp.Diagnostics.Append(resp.State.Set(ctx, &afterData)...) +} + +func (r *AwsOrganizationResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { + var data AwsOrganizationResourceModel + + resp.Diagnostics.Append(req.State.Get(ctx, &data)...) + if resp.Diagnostics.HasError() { + return + } + + protoReq := NewDeleteAwsOrganizationRequest(&data) + + tflog.Trace(ctx, "deleting a resource", map[string]any{"type": "aws_organization", "id": protoReq.Id}) + + rpcCtx, rpcCancel := context.WithTimeout(ctx, r.config.RequestTimeout()) + _, err := r.config.Client().DeleteAwsOrganization(rpcCtx, protoReq) + rpcCancel() + if err != nil { + switch status.Code(err) { + case codes.NotFound: + tflog.Trace(ctx, "resource was already deleted", map[string]any{"type": "aws_organization", "id": protoReq.Id}) + default: + resp.Diagnostics.AddError("Config API Error", fmt.Sprintf("Unable to delete aws_organization, got error: %s", err)) + return + } + } + + tflog.Trace(ctx, "deleted a resource", map[string]any{"type": "aws_organization", "id": protoReq.Id}) +} + +func (r *AwsOrganizationResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) { + // TODO +} + type AwsAccountResourceModel struct { - Id types.String `tfsdk:"id"` - AccountId types.String `tfsdk:"account_id"` - AccountType types.String `tfsdk:"account_type"` - ManagementAccountId types.String `tfsdk:"management_account_id"` - Mode types.String `tfsdk:"mode"` - Name types.String `tfsdk:"name"` - OrganizationId types.String `tfsdk:"organization_id"` - RoleArn types.String `tfsdk:"role_arn"` - RoleExternalId types.String `tfsdk:"role_external_id"` + Id types.String `tfsdk:"id"` + AccountId types.String `tfsdk:"account_id"` + Mode types.String `tfsdk:"mode"` + Name types.String `tfsdk:"name"` + OrganizationMasterAccountId types.String `tfsdk:"organization_master_account_id"` + RoleArn types.String `tfsdk:"role_arn"` + RoleExternalId types.String `tfsdk:"role_external_id"` +} + +type AwsOrganizationResourceModel struct { + Id types.String `tfsdk:"id"` + MasterAccountId types.String `tfsdk:"master_account_id"` + Mode types.String `tfsdk:"mode"` + Name types.String `tfsdk:"name"` + OrganizationId types.String `tfsdk:"organization_id"` + RoleArn types.String `tfsdk:"role_arn"` + RoleExternalId types.String `tfsdk:"role_external_id"` } func NewCreateAwsAccountRequest(data *AwsAccountResourceModel) *configv1.CreateAwsAccountRequest { @@ -246,17 +434,68 @@ func NewCreateAwsAccountRequest(data *AwsAccountResourceModel) *configv1.CreateA protoValue = dataValue.(types.String).ValueString() proto.AccountId = protoValue } - if !data.AccountType.IsUnknown() && !data.AccountType.IsNull() { - var dataValue attr.Value = data.AccountType + if !data.Mode.IsUnknown() && !data.Mode.IsNull() { + var dataValue attr.Value = data.Mode + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.Mode = protoValue + } + if !data.Name.IsUnknown() && !data.Name.IsNull() { + var dataValue attr.Value = data.Name + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.Name = protoValue + } + if !data.OrganizationMasterAccountId.IsUnknown() && !data.OrganizationMasterAccountId.IsNull() { + var dataValue attr.Value = data.OrganizationMasterAccountId + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.OrganizationMasterAccountId = &protoValue + } + if !data.RoleArn.IsUnknown() && !data.RoleArn.IsNull() { + var dataValue attr.Value = data.RoleArn var protoValue string protoValue = dataValue.(types.String).ValueString() - proto.AccountType = protoValue + proto.RoleArn = protoValue } - if !data.ManagementAccountId.IsUnknown() && !data.ManagementAccountId.IsNull() { - var dataValue attr.Value = data.ManagementAccountId + if !data.RoleExternalId.IsUnknown() && !data.RoleExternalId.IsNull() { + var dataValue attr.Value = data.RoleExternalId var protoValue string protoValue = dataValue.(types.String).ValueString() - proto.ManagementAccountId = &protoValue + proto.RoleExternalId = protoValue + } + return proto +} + +func NewReadAwsAccountRequest(data *AwsAccountResourceModel) *configv1.ReadAwsAccountRequest { + proto := &configv1.ReadAwsAccountRequest{} + if !data.Id.IsUnknown() && !data.Id.IsNull() { + var dataValue attr.Value = data.Id + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.Id = protoValue + } + return proto +} + +func NewDeleteAwsAccountRequest(data *AwsAccountResourceModel) *configv1.DeleteAwsAccountRequest { + proto := &configv1.DeleteAwsAccountRequest{} + if !data.Id.IsUnknown() && !data.Id.IsNull() { + var dataValue attr.Value = data.Id + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.Id = protoValue + } + return proto +} + +func NewCreateAwsOrganizationRequest(data *AwsOrganizationResourceModel) *configv1.CreateAwsOrganizationRequest { + proto := &configv1.CreateAwsOrganizationRequest{} + if !data.MasterAccountId.IsUnknown() && !data.MasterAccountId.IsNull() { + var dataValue attr.Value = data.MasterAccountId + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.MasterAccountId = protoValue } if !data.Mode.IsUnknown() && !data.Mode.IsNull() { var dataValue attr.Value = data.Mode @@ -274,7 +513,7 @@ func NewCreateAwsAccountRequest(data *AwsAccountResourceModel) *configv1.CreateA var dataValue attr.Value = data.OrganizationId var protoValue string protoValue = dataValue.(types.String).ValueString() - proto.OrganizationId = &protoValue + proto.OrganizationId = protoValue } if !data.RoleArn.IsUnknown() && !data.RoleArn.IsNull() { var dataValue attr.Value = data.RoleArn @@ -291,8 +530,8 @@ func NewCreateAwsAccountRequest(data *AwsAccountResourceModel) *configv1.CreateA return proto } -func NewReadAwsAccountRequest(data *AwsAccountResourceModel) *configv1.ReadAwsAccountRequest { - proto := &configv1.ReadAwsAccountRequest{} +func NewReadAwsOrganizationRequest(data *AwsOrganizationResourceModel) *configv1.ReadAwsOrganizationRequest { + proto := &configv1.ReadAwsOrganizationRequest{} if !data.Id.IsUnknown() && !data.Id.IsNull() { var dataValue attr.Value = data.Id var protoValue string @@ -302,8 +541,8 @@ func NewReadAwsAccountRequest(data *AwsAccountResourceModel) *configv1.ReadAwsAc return proto } -func NewDeleteAwsAccountRequest(data *AwsAccountResourceModel) *configv1.DeleteAwsAccountRequest { - proto := &configv1.DeleteAwsAccountRequest{} +func NewDeleteAwsOrganizationRequest(data *AwsOrganizationResourceModel) *configv1.DeleteAwsOrganizationRequest { + proto := &configv1.DeleteAwsOrganizationRequest{} if !data.Id.IsUnknown() && !data.Id.IsNull() { var dataValue attr.Value = data.Id var protoValue string @@ -328,24 +567,73 @@ func NewUpdateAwsAccountRequest(beforeData, afterData *AwsAccountResourceModel) } return proto } + +func NewUpdateAwsOrganizationRequest(beforeData, afterData *AwsOrganizationResourceModel) *configv1.UpdateAwsOrganizationRequest { + proto := &configv1.UpdateAwsOrganizationRequest{} + proto.UpdateMask, _ = fieldmaskpb.New(proto) + proto.Id = beforeData.Id.ValueString() + if !afterData.Name.Equal(beforeData.Name) { + proto.UpdateMask.Append(proto, "name") + if !afterData.Name.IsUnknown() && !afterData.Name.IsNull() { + var dataValue attr.Value = afterData.Name + var protoValue string + protoValue = dataValue.(types.String).ValueString() + proto.Name = protoValue + } + } + return proto +} func CopyCreateAwsAccountResponse(dst *AwsAccountResourceModel, src *configv1.CreateAwsAccountResponse) { dst.Id = types.StringValue(src.Id) dst.AccountId = types.StringValue(src.AccountId) - dst.AccountType = types.StringValue(src.AccountType) dst.Mode = types.StringValue(src.Mode) dst.Name = types.StringValue(src.Name) + dst.OrganizationMasterAccountId = types.StringPointerValue(src.OrganizationMasterAccountId) + dst.RoleArn = types.StringValue(src.RoleArn) + dst.RoleExternalId = types.StringValue(src.RoleExternalId) } func CopyReadAwsAccountResponse(dst *AwsAccountResourceModel, src *configv1.ReadAwsAccountResponse) { dst.Id = types.StringValue(src.Id) dst.AccountId = types.StringValue(src.AccountId) - dst.AccountType = types.StringValue(src.AccountType) dst.Mode = types.StringValue(src.Mode) dst.Name = types.StringValue(src.Name) + dst.OrganizationMasterAccountId = types.StringPointerValue(src.OrganizationMasterAccountId) + dst.RoleArn = types.StringValue(src.RoleArn) + dst.RoleExternalId = types.StringValue(src.RoleExternalId) } func CopyUpdateAwsAccountResponse(dst *AwsAccountResourceModel, src *configv1.UpdateAwsAccountResponse) { dst.Id = types.StringValue(src.Id) dst.AccountId = types.StringValue(src.AccountId) - dst.AccountType = types.StringValue(src.AccountType) dst.Mode = types.StringValue(src.Mode) dst.Name = types.StringValue(src.Name) + dst.OrganizationMasterAccountId = types.StringPointerValue(src.OrganizationMasterAccountId) + dst.RoleArn = types.StringValue(src.RoleArn) + dst.RoleExternalId = types.StringValue(src.RoleExternalId) +} +func CopyCreateAwsOrganizationResponse(dst *AwsOrganizationResourceModel, src *configv1.CreateAwsOrganizationResponse) { + dst.Id = types.StringValue(src.Id) + dst.MasterAccountId = types.StringValue(src.MasterAccountId) + dst.Mode = types.StringValue(src.Mode) + dst.Name = types.StringValue(src.Name) + dst.OrganizationId = types.StringValue(src.OrganizationId) + dst.RoleArn = types.StringValue(src.RoleArn) + dst.RoleExternalId = types.StringValue(src.RoleExternalId) +} +func CopyReadAwsOrganizationResponse(dst *AwsOrganizationResourceModel, src *configv1.ReadAwsOrganizationResponse) { + dst.Id = types.StringValue(src.Id) + dst.MasterAccountId = types.StringValue(src.MasterAccountId) + dst.Mode = types.StringValue(src.Mode) + dst.Name = types.StringValue(src.Name) + dst.OrganizationId = types.StringValue(src.OrganizationId) + dst.RoleArn = types.StringValue(src.RoleArn) + dst.RoleExternalId = types.StringValue(src.RoleExternalId) +} +func CopyUpdateAwsOrganizationResponse(dst *AwsOrganizationResourceModel, src *configv1.UpdateAwsOrganizationResponse) { + dst.Id = types.StringValue(src.Id) + dst.MasterAccountId = types.StringValue(src.MasterAccountId) + dst.Mode = types.StringValue(src.Mode) + dst.Name = types.StringValue(src.Name) + dst.OrganizationId = types.StringValue(src.OrganizationId) + dst.RoleArn = types.StringValue(src.RoleArn) + dst.RoleExternalId = types.StringValue(src.RoleExternalId) }