googleapis

/// <reference types="node" /> import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosPromise, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace beyondcorp_v1 { export interface Options extends GlobalOptions { version: 'v1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * BeyondCorp API * * Beyondcorp Enterprise provides identity and context aware access controls for enterprise resources and enables zero-trust access. Using the Beyondcorp Enterprise APIs, enterprises can set up multi-cloud and on-prem connectivity solutions. * * @example * ```js * const {google} = require('googleapis'); * const beyondcorp = google.beyondcorp('v1'); * ``` */ export class Beyondcorp { context: APIRequestContext; organizations: Resource$Organizations; projects: Resource$Projects; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * Allocated connection of the AppGateway. */ export interface Schema$AllocatedConnection { /** * Required. The ingress port of an allocated connection */ ingressPort?: number | null; /** * Required. The PSC uri of an allocated connection */ pscUri?: string | null; } /** * A BeyondCorp AppGateway resource represents a BeyondCorp protected AppGateway to a remote application. It creates all the necessary GCP components needed for creating a BeyondCorp protected AppGateway. Multiple connectors can be authorised for a single AppGateway. */ export interface Schema$AppGateway { /** * Output only. A list of connections allocated for the Gateway */ allocatedConnections?: Schema$AllocatedConnection[]; /** * Output only. Timestamp when the resource was created. */ createTime?: string | null; /** * Optional. An arbitrary user-provided name for the AppGateway. Cannot exceed 64 characters. */ displayName?: string | null; /** * Required. The type of hosting used by the AppGateway. */ hostType?: string | null; /** * Optional. Resource labels to represent user provided metadata. */ labels?: { [key: string]: string; } | null; /** * Required. Unique resource name of the AppGateway. The name is ignored when creating an AppGateway. */ name?: string | null; /** * Output only. The current state of the AppGateway. */ state?: string | null; /** * Required. The type of network connectivity used by the AppGateway. */ type?: string | null; /** * Output only. A unique identifier for the instance generated by the system. */ uid?: string | null; /** * Output only. Timestamp when the resource was last modified. */ updateTime?: string | null; /** * Output only. Server-defined URI for this resource. */ uri?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$AppGatewayOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * ConnectionConfig represents a Connection Configuration object. */ export interface Schema$CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig { /** * application_endpoint is the endpoint of the application the form of host:port. For example, "localhost:80". */ applicationEndpoint?: string | null; /** * application_name represents the given name of the application the connection is connecting with. */ applicationName?: string | null; /** * gateway lists all instances running a gateway in GCP. They all connect to a connector on the host. */ gateway?: Schema$CloudSecurityZerotrustApplinkAppConnectorProtoGateway[]; /** * name is the unique ID for each connection. TODO(b/190732451) returns connection name from user-specified name in config. Now, name = ${application_name\}:${application_endpoint\} */ name?: string | null; /** * project represents the consumer project the connection belongs to. */ project?: string | null; /** * tunnels_per_gateway reflects the number of tunnels between a connector and a gateway. */ tunnelsPerGateway?: number | null; /** * user_port specifies the reserved port on gateways for user connections. */ userPort?: number | null; } /** * ConnectorDetails reflects the details of a connector. */ export interface Schema$CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails { } /** * Gateway represents a GCE VM Instance endpoint for use by IAP TCP. */ export interface Schema$CloudSecurityZerotrustApplinkAppConnectorProtoGateway { /** * interface specifies the network interface of the gateway to connect to. */ interface?: string | null; /** * name is the name of an instance running a gateway. It is the unique ID for a gateway. All gateways under the same connection have the same prefix. It is derived from the gateway URL. For example, name=${instance\} assuming a gateway URL. https://www.googleapis.com/compute/${version\}/projects/${project\}/zones/${zone\}/instances/${instance\} */ name?: string | null; /** * port specifies the port of the gateway for tunnel connections from the connectors. */ port?: number | null; /** * project is the tenant project the gateway belongs to. Different from the project in the connection, it is a BeyondCorpAPI internally created project to manage all the gateways. It is sharing the same network with the consumer project user owned. It is derived from the gateway URL. For example, project=${project\} assuming a gateway URL. https://www.googleapis.com/compute/${version\}/projects/${project\}/zones/${zone\}/instances/${instance\} */ project?: string | null; /** * self_link is the gateway URL in the form https://www.googleapis.com/compute/${version\}/projects/${project\}/zones/${zone\}/instances/${instance\} */ selfLink?: string | null; /** * zone represents the zone the instance belongs. It is derived from the gateway URL. For example, zone=${zone\} assuming a gateway URL. https://www.googleapis.com/compute/${version\}/projects/${project\}/zones/${zone\}/instances/${instance\} */ zone?: string | null; } /** * LogAgentDetails reflects the details of a log agent. */ export interface Schema$CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails { } /** * A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); \} */ export interface Schema$Empty { } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * A BeyondCorp AppConnection resource represents a BeyondCorp protected AppConnection to a remote application. It creates all the necessary GCP components needed for creating a BeyondCorp protected AppConnection. Multiple connectors can be authorised for a single AppConnection. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnection { /** * Required. Address of the remote application endpoint for the BeyondCorp AppConnection. */ applicationEndpoint?: Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint; /** * Optional. List of [google.cloud.beyondcorp.v1main.Connector.name] that are authorised to be associated with this AppConnection. */ connectors?: string[] | null; /** * Output only. Timestamp when the resource was created. */ createTime?: string | null; /** * Optional. An arbitrary user-provided name for the AppConnection. Cannot exceed 64 characters. */ displayName?: string | null; /** * Optional. Gateway used by the AppConnection. */ gateway?: Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway; /** * Optional. Resource labels to represent user provided metadata. */ labels?: { [key: string]: string; } | null; /** * Required. Unique resource name of the AppConnection. The name is ignored when creating a AppConnection. */ name?: string | null; /** * Output only. The current state of the AppConnection. */ state?: string | null; /** * Required. The type of network connectivity used by the AppConnection. */ type?: string | null; /** * Output only. A unique identifier for the instance generated by the system. */ uid?: string | null; /** * Output only. Timestamp when the resource was last modified. */ updateTime?: string | null; } /** * ApplicationEndpoint represents a remote application endpoint. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint { /** * Required. Hostname or IP address of the remote application endpoint. */ host?: string | null; /** * Required. Port of the remote application endpoint. */ port?: number | null; } /** * Gateway represents a user facing component that serves as an entrance to enable connectivity. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway { /** * Required. AppGateway name in following format: `projects/{project_id\}/locations/{location_id\}/appgateways/{gateway_id\}` */ appGateway?: string | null; /** * Output only. Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443. */ ingressPort?: number | null; /** * Output only. L7 private service connection for this resource. */ l7psc?: string | null; /** * Required. The type of hosting used by the gateway. */ type?: string | null; /** * Output only. Server-defined URI for this resource. */ uri?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * Response message for BeyondCorp.ListAppConnections. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse { /** * A list of BeyondCorp AppConnections in the project. */ appConnections?: Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnection[]; /** * A token to retrieve the next page of results, or empty if there are no more results in the list. */ nextPageToken?: string | null; /** * A list of locations that could not be reached. */ unreachable?: string[] | null; } /** * Response message for BeyondCorp.ResolveAppConnections. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse { /** * A list of BeyondCorp AppConnections with details in the project. */ appConnectionDetails?: Schema$GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails[]; /** * A token to retrieve the next page of results, or empty if there are no more results in the list. */ nextPageToken?: string | null; /** * A list of locations that could not be reached. */ unreachable?: string[] | null; } /** * Details of the AppConnection. */ export interface Schema$GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails { /** * A BeyondCorp AppConnection in the project. */ appConnection?: Schema$GoogleCloudBeyondcorpAppconnectionsV1AppConnection; /** * If type=GCP_REGIONAL_MIG, contains most recent VM instances, like `https://www.googleapis.com/compute/v1/projects/{project_id\}/zones/{zone_id\}/instances/{instance_id\}`. */ recentMigVms?: string[] | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * ContainerHealthDetails reflects the health details of a container. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails { /** * The version of the current config. */ currentConfigVersion?: string | null; /** * The latest error message. */ errorMsg?: string | null; /** * The version of the expected config. */ expectedConfigVersion?: string | null; /** * The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. */ extendedStatus?: { [key: string]: string; } | null; } /** * RemoteAgentDetails reflects the details of a remote agent. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails { } /** * A BeyondCorp connector resource that represents an application facing component deployed proximal to and with direct access to the application instances. It is used to establish connectivity between the remote enterprise environment and GCP. It initiates connections to the applications and can proxy the data from users over the connection. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnector { /** * Output only. Timestamp when the resource was created. */ createTime?: string | null; /** * Optional. An arbitrary user-provided name for the AppConnector. Cannot exceed 64 characters. */ displayName?: string | null; /** * Optional. Resource labels to represent user provided metadata. */ labels?: { [key: string]: string; } | null; /** * Required. Unique resource name of the AppConnector. The name is ignored when creating a AppConnector. */ name?: string | null; /** * Required. Principal information about the Identity of the AppConnector. */ principalInfo?: Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo; /** * Optional. Resource info of the connector. */ resourceInfo?: Schema$GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo; /** * Output only. The current state of the AppConnector. */ state?: string | null; /** * Output only. A unique identifier for the instance generated by the system. */ uid?: string | null; /** * Output only. Timestamp when the resource was last modified. */ updateTime?: string | null; } /** * AppConnectorInstanceConfig defines the instance config of a AppConnector. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig { /** * ImageConfig defines the GCR images to run for the remote agent's control plane. */ imageConfig?: Schema$GoogleCloudBeyondcorpAppconnectorsV1ImageConfig; /** * The SLM instance agent configuration. */ instanceConfig?: { [key: string]: any; } | null; /** * NotificationConfig defines the notification mechanism that the remote instance should subscribe to in order to receive notification. */ notificationConfig?: Schema$GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig; /** * Required. A monotonically increasing number generated and maintained by the API provider. Every time a config changes in the backend, the sequenceNumber should be bumped up to reflect the change. */ sequenceNumber?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * PrincipalInfo represents an Identity oneof. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo { /** * A GCP service account. */ serviceAccount?: Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount; } /** * ServiceAccount represents a GCP service account. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount { /** * Email address of the service account. */ email?: string | null; } /** * ContainerHealthDetails reflects the health details of a container. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails { /** * The version of the current config. */ currentConfigVersion?: string | null; /** * The latest error message. */ errorMsg?: string | null; /** * The version of the expected config. */ expectedConfigVersion?: string | null; /** * The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. */ extendedStatus?: { [key: string]: string; } | null; } /** * ImageConfig defines the control plane images to run. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1ImageConfig { /** * The stable image that the remote agent will fallback to if the target image fails. Format would be a gcr image path, e.g.: gcr.io/PROJECT-ID/my-image:tag1 */ stableImage?: string | null; /** * The initial image the remote agent will attempt to run for the control plane. Format would be a gcr image path, e.g.: gcr.io/PROJECT-ID/my-image:tag1 */ targetImage?: string | null; } /** * Response message for BeyondCorp.ListAppConnectors. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse { /** * A list of BeyondCorp AppConnectors in the project. */ appConnectors?: Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnector[]; /** * A token to retrieve the next page of results, or empty if there are no more results in the list. */ nextPageToken?: string | null; /** * A list of locations that could not be reached. */ unreachable?: string[] | null; } /** * NotificationConfig defines the mechanisms to notify instance agent. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig { /** * Cloud Pub/Sub Configuration to receive notifications. */ pubsubNotification?: Schema$GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig; } /** * The configuration for Pub/Sub messaging for the AppConnector. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig { /** * The Pub/Sub subscription the AppConnector uses to receive notifications. */ pubsubSubscription?: string | null; } /** * RemoteAgentDetails reflects the details of a remote agent. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails { } /** * Request report the connector status. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest { /** * Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). */ requestId?: string | null; /** * Required. Resource info of the connector. */ resourceInfo?: Schema$GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo; /** * Optional. If set, validates request by executing a dry-run which would not alter the resource in any way. */ validateOnly?: boolean | null; } /** * Response message for BeyondCorp.ResolveInstanceConfig. */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse { /** * AppConnectorInstanceConfig. */ instanceConfig?: Schema$GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig; } /** * ResourceInfo represents the information/status of an app connector resource. Such as: - remote_agent - container - runtime - appgateway - appconnector - appconnection - tunnel - logagent */ export interface Schema$GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo { /** * Required. Unique Id for the resource. */ id?: string | null; /** * Specific details for the resource. This is for internal use only. */ resource?: { [key: string]: any; } | null; /** * Overall health status. Overall status is derived based on the status of each sub level resources. */ status?: string | null; /** * List of Info for the sub level resources. */ sub?: Schema$GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo[]; /** * The timestamp to collect the info. It is suggested to be set by the topmost level resource only. */ time?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * ContainerHealthDetails reflects the health details of a container. */ export interface Schema$GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails { /** * The version of the current config. */ currentConfigVersion?: string | null; /** * The latest error message. */ errorMsg?: string | null; /** * The version of the expected config. */ expectedConfigVersion?: string | null; /** * The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. */ extendedStatus?: { [key: string]: string; } | null; } /** * RemoteAgentDetails reflects the details of a remote agent. */ export interface Schema$GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails { } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the caller has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the caller has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Human-readable status of the operation, if any. */ statusMessage?: string | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * The response message for Locations.ListLocations. */ export interface Schema$GoogleCloudLocationListLocationsResponse { /** * A list of locations that matches the specified filter in the request. */ locations?: Schema$GoogleCloudLocationLocation[]; /** * The standard List next-page token. */ nextPageToken?: string | null; } /** * A resource that represents a Google Cloud location. */ export interface Schema$GoogleCloudLocationLocation { /** * The friendly name for this location, typically a nearby city name. For example, "Tokyo". */ displayName?: string | null; /** * Cross-service attributes for the location. For example {"cloud.googleapis.com/region": "us-east1"\} */ labels?: { [key: string]: string; } | null; /** * The canonical id for this location. For example: `"us-east1"`. */ locationId?: string | null; /** * Service-specific metadata. For example the available capacity at the given location. */ metadata?: { [key: string]: any; } | null; /** * Resource name for the location, which may vary between implementations. For example: `"projects/example-project/locations/us-east1"` */ name?: string | null; } /** * Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \}, { "log_type": "ADMIN_READ" \} ] \}, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" \}, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] \} ] \} ] \} For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. */ export interface Schema$GoogleIamV1AuditConfig { /** * The configuration for logging of each type of permission. */ auditLogConfigs?: Schema$GoogleIamV1AuditLogConfig[]; /** * Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. */ service?: string | null; } /** * Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \} ] \} This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging. */ export interface Schema$GoogleIamV1AuditLogConfig { /** * Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. */ exemptedMembers?: string[] | null; /** * The log type that this config enables. */ logType?: string | null; } /** * Associates `members`, or principals, with a `role`. */ export interface Schema$GoogleIamV1Binding { /** * The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ condition?: Schema$GoogleTypeExpr; /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid\}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid\}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid\}.svc.id.goog[{namespace\}/{kubernetes-sa\}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid\}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain\}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid\}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid\}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid\}` and the recovered group retains the role in the binding. */ members?: string[] | null; /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. */ role?: string | null; } /** * An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] \}, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", \} \} ], "etag": "BwWWja0YfJA=", "version": 3 \} **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). */ export interface Schema$GoogleIamV1Policy { /** * Specifies cloud audit logging configuration for this policy. */ auditConfigs?: Schema$GoogleIamV1AuditConfig[]; /** * Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. */ bindings?: Schema$GoogleIamV1Binding[]; /** * `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. */ etag?: string | null; /** * Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ version?: number | null; } /** * Request message for `SetIamPolicy` method. */ export interface Schema$GoogleIamV1SetIamPolicyRequest { /** * REQUIRED: The complete policy t