googleapis

/// <reference types="node" /> import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosPromise, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace networkservices_v1 { export interface Options extends GlobalOptions { version: 'v1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * Network Services API * * * * @example * ```js * const {google} = require('googleapis'); * const networkservices = google.networkservices('v1'); * ``` */ export class Networkservices { context: APIRequestContext; projects: Resource$Projects; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \}, { "log_type": "ADMIN_READ" \} ] \}, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" \}, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] \} ] \} ] \} For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. */ export interface Schema$AuditConfig { /** * The configuration for logging of each type of permission. */ auditLogConfigs?: Schema$AuditLogConfig[]; /** * Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. */ service?: string | null; } /** * Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \} ] \} This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging. */ export interface Schema$AuditLogConfig { /** * Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. */ exemptedMembers?: string[] | null; /** * The log type that this config enables. */ logType?: string | null; } /** * Associates `members`, or principals, with a `role`. */ export interface Schema$Binding { /** * The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ condition?: Schema$Expr; /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid\}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid\}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid\}.svc.id.goog[{namespace\}/{kubernetes-sa\}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid\}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain\}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid\}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid\}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid\}` and the recovered group retains the role in the binding. */ members?: string[] | null; /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. */ role?: string | null; } /** * The request message for Operations.CancelOperation. */ export interface Schema$CancelOperationRequest { } /** * A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); \} */ export interface Schema$Empty { } /** * A definition of a matcher that selects endpoints to which the policies should be applied. */ export interface Schema$EndpointMatcher { /** * The matcher is based on node metadata presented by xDS clients. */ metadataLabelMatcher?: Schema$EndpointMatcherMetadataLabelMatcher; } /** * The matcher that is based on node metadata presented by xDS clients. */ export interface Schema$EndpointMatcherMetadataLabelMatcher { /** * Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown. */ metadataLabelMatchCriteria?: string | null; /** * The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client). */ metadataLabels?: Schema$EndpointMatcherMetadataLabelMatcherMetadataLabels[]; } /** * Defines a name-pair value for a single label. */ export interface Schema$EndpointMatcherMetadataLabelMatcherMetadataLabels { /** * Required. Label name presented as key in xDS Node Metadata. */ labelName?: string | null; /** * Required. Label value presented as value corresponding to the above key, in xDS Node Metadata. */ labelValue?: string | null; } /** * EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080. */ export interface Schema$EndpointPolicy { /** * Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. */ authorizationPolicy?: string | null; /** * Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY. */ clientTlsPolicy?: string | null; /** * Output only. The timestamp when the resource was created. */ createTime?: string | null; /** * Optional. A free-text description of the resource. Max length 1024 characters. */ description?: string | null; /** * Required. A matcher that selects endpoints to which the policies should be applied. */ endpointMatcher?: Schema$EndpointMatcher; /** * Optional. Set of label tags associated with the EndpointPolicy resource. */ labels?: { [key: string]: string; } | null; /** * Required. Name of the EndpointPolicy resource. It matches pattern `projects/{project\}/locations/global/endpointPolicies/{endpoint_policy\}`. */ name?: string | null; /** * Optional. A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. If this field is not set, authentication is disabled(open) for this endpoint. */ serverTlsPolicy?: string | null; /** * Optional. Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports. */ trafficPortSelector?: Schema$TrafficPortSelector; /** * Required. The type of endpoint policy. This is primarily used to validate the configuration. */ type?: string | null; /** * Output only. The timestamp when the resource was updated. */ updateTime?: string | null; } /** * Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. */ export interface Schema$Expr { /** * Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */ description?: string | null; /** * Textual representation of an expression in Common Expression Language syntax. */ expression?: string | null; /** * Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. */ location?: string | null; /** * Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */ title?: string | null; } /** * Gateway represents the configuration for a proxy, typically a load balancer. It captures the ip:port over which the services are exposed by the proxy, along with any policy configurations. Routes have reference to to Gateways to dictate how requests should be routed by this Gateway. */ export interface Schema$Gateway { /** * Optional. Zero or one IPv4 or IPv6 address on which the Gateway will receive the traffic. When no address is provided, an IP from the subnetwork is allocated This field only applies to gateways of type 'SECURE_WEB_GATEWAY'. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6. */ addresses?: string[] | null; /** * Optional. A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection. This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'. */ certificateUrls?: string[] | null; /** * Output only. The timestamp when the resource was created. */ createTime?: string | null; /** * Optional. A free-text description of the resource. Max length 1024 characters. */ description?: string | null; /** * Optional. A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections. For example: `projects/x/locations/x/gatewaySecurityPolicies/swg-policy`. This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'. */ gatewaySecurityPolicy?: string | null; /** * Optional. Set of label tags associated with the Gateway resource. */ labels?: { [key: string]: string; } | null; /** * Required. Name of the Gateway resource. It matches pattern `projects/x/locations/x/gateways/`. */ name?: string | null; /** * Optional. The relative resource name identifying the VPC network that is using this configuration. For example: `projects/x/global/networks/network-1`. Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'. */ network?: string | null; /** * Required. One or more port numbers (1-65535), on which the Gateway will receive traffic. The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6 and support multiple ports. */ ports?: number[] | null; /** * Optional. Scope determines how configuration across multiple Gateway instances are merged. The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer. Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens. */ scope?: string | null; /** * Output only. Server-defined URL of this resource */ selfLink?: string | null; /** * Optional. A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated. If empty, TLS termination is disabled. */ serverTlsPolicy?: string | null; /** * Optional. The relative resource name identifying the subnetwork in which this SWG is allocated. For example: `projects/x/regions/us-central1/subnetworks/network-1` Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY". */ subnetwork?: string | null; /** * Immutable. The type of the customer managed gateway. This field is required. If unspecified, an error is returned. */ type?: string | null; /** * Output only. The timestamp when the resource was updated. */ updateTime?: string | null; } /** * GrpcRoute is the resource defining how gRPC traffic routed by a Mesh or Gateway resource is routed. */ export interface Schema$GrpcRoute { /** * Output only. The timestamp when the resource was created. */ createTime?: string | null; /** * Optional. A free-text description of the resource. Max length 1024 characters. */ description?: string | null; /** * Optional. Gateways defines a list of gateways this GrpcRoute is attached to, as one of the routing rules to route the requests served by the gateway. Each gateway reference should match the pattern: `projects/x/locations/global/gateways/` */ gateways?: string[] | null; /** * Required. Service hostnames with an optional port for which this route describes traffic. Format: [:] Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 definition of a hostname with 2 notable exceptions: - IPs are not allowed. - A hostname may be prefixed with a wildcard label (`*.`). The wildcard label must appear by itself as the first label. Hostname can be "precise" which is a domain name without the terminating dot of a network host (e.g. `foo.example.com`) or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. `*.example.com`). Note that as per RFC1035 and RFC1123, a label must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character. No other punctuation is allowed. The routes associated with a Mesh or Gateway must have unique hostnames. If you attempt to attach multiple routes with conflicting hostnames, the configuration will be rejected. For example, while it is acceptable for routes for the hostnames `*.foo.bar.com` and `*.bar.com` to be associated with the same route, it is not possible to associate two routes both with `*.bar.com` or both with `bar.com`. If a port is specified, then gRPC clients must use the channel URI with the port to match this rule (i.e. "xds:///service:123"), otherwise they must supply the URI without a port (i.e. "xds:///service"). */ hostnames?: string[] | null; /** * Optional. Set of label tags associated with the GrpcRoute resource. */ labels?: { [key: string]: string; } | null; /** * Optional. Meshes defines a list of meshes this GrpcRoute is attached to, as one of the routing rules to route the requests served by the mesh. Each mesh reference should match the pattern: `projects/x/locations/global/meshes/` */ meshes?: string[] | null; /** * Required. Name of the GrpcRoute resource. It matches pattern `projects/x/locations/global/grpcRoutes/` */ name?: string | null; /** * Required. A list of detailed rules defining how to route traffic. Within a single GrpcRoute, the GrpcRoute.RouteAction associated with the first matching GrpcRoute.RouteRule will be executed. At least one rule must be supplied. */ rules?: Schema$GrpcRouteRouteRule[]; /** * Output only. Server-defined URL of this resource */ selfLink?: string | null; /** * Output only. The timestamp when the resource was updated. */ updateTime?: string | null; } /** * The destination to which traffic will be routed. */ export interface Schema$GrpcRouteDestination { /** * Required. The URL of a destination service to which to route traffic. Must refer to either a BackendService or ServiceDirectoryService. */ serviceName?: string | null; /** * Optional. Specifies the proportion of requests forwarded to the backend referenced by the serviceName field. This is computed as: weight/Sum(weights in this destination list). For non-zero values, there may be some epsilon from the exact proportion defined here depending on the precision an implementation supports. If only one serviceName is specified and it has a weight greater than 0, 100% of the traffic is forwarded to that backend. If weights are specified for any one service name, they need to be specified for all of them. If weights are unspecified for all services, then, traffic is distributed in equal proportions to all of them. */ weight?: number | null; } /** * The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced on a percentage of requests before sending those requests to the destination service. Similarly requests from clients can be aborted by for a percentage of requests. */ export interface Schema$GrpcRouteFaultInjectionPolicy { /** * The specification for aborting to client requests. */ abort?: Schema$GrpcRouteFaultInjectionPolicyAbort; /** * The specification for injecting delay to client requests. */ delay?: Schema$GrpcRouteFaultInjectionPolicyDelay; } /** * Specification of how client requests are aborted as part of fault injection before being sent to a destination. */ export interface Schema$GrpcRouteFaultInjectionPolicyAbort { /** * The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. */ httpStatus?: number | null; /** * The percentage of traffic which will be aborted. The value must be between [0, 100] */ percentage?: number | null; } /** * Specification of how client requests are delayed as part of fault injection before being sent to a destination. */ export interface Schema$GrpcRouteFaultInjectionPolicyDelay { /** * Specify a fixed delay before forwarding the request. */ fixedDelay?: string | null; /** * The percentage of traffic on which delay will be injected. The value must be between [0, 100] */ percentage?: number | null; } /** * A match against a collection of headers. */ export interface Schema$GrpcRouteHeaderMatch { /** * Required. The key of the header. */ key?: string | null; /** * Optional. Specifies how to match against the value of the header. If not specified, a default value of EXACT is used. */ type?: string | null; /** * Required. The value of the header. */ value?: string | null; } /** * Specifies a match against a method. */ export interface Schema$GrpcRouteMethodMatch { /** * Optional. Specifies that matches are case sensitive. The default value is true. case_sensitive must not be used with a type of REGULAR_EXPRESSION. */ caseSensitive?: boolean | null; /** * Required. Name of the method to match against. If unspecified, will match all methods. */ grpcMethod?: string | null; /** * Required. Name of the service to match against. If unspecified, will match all services. */ grpcService?: string | null; /** * Optional. Specifies how to match against the name. If not specified, a default value of "EXACT" is used. */ type?: string | null; } /** * The specifications for retries. */ export interface Schema$GrpcRouteRetryPolicy { /** * Specifies the allowed number of retries. This number must be \> 0. If not specified, default to 1. */ numRetries?: number | null; /** * - connect-failure: Router will retry on failures connecting to Backend Services, for example due to connection timeouts. - refused-stream: Router will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: Router will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Router will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Router will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Router will retry if the gRPC status code in the response header is set to unavailable */ retryConditions?: string[] | null; } /** * Specifies how to route matched traffic. */ export interface Schema$GrpcRouteRouteAction { /** * Optional. The destination services to which traffic should be forwarded. If multiple destinations are specified, traffic will be split between Backend Service(s) according to the weight field of these destinations. */ destinations?: Schema$GrpcRouteDestination[]; /** * Optional. The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced on a percentage of requests before sending those requests to the destination service. Similarly requests from clients can be aborted by for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy */ faultInjectionPolicy?: Schema$GrpcRouteFaultInjectionPolicy; /** * Optional. Specifies the retry policy associated with this route. */ retryPolicy?: Schema$GrpcRouteRetryPolicy; /** * Optional. Specifies the timeout for selected route. Timeout is computed from the time the request has been fully processed (i.e. end of stream) up until the response has been completely processed. Timeout includes all retries. */ timeout?: string | null; } /** * Criteria for matching traffic. A RouteMatch will be considered to match when all supplied fields match. */ export interface Schema$GrpcRouteRouteMatch { /** * Optional. Specifies a collection of headers to match. */ headers?: Schema$GrpcRouteHeaderMatch[]; /** * Optional. A gRPC method to match against. If this field is empty or omitted, will match all methods. */ method?: Schema$GrpcRouteMethodMatch; } /** * Describes how to route traffic. */ export interface Schema$GrpcRouteRouteRule { /** * Required. A detailed rule defining how to route traffic. This field is required. */ action?: Schema$GrpcRouteRouteAction; /** * Optional. Matches define conditions used for matching the rule against incoming gRPC requests. Each match is independent, i.e. this rule will be matched if ANY one of the matches is satisfied. If no matches field is specified, this rule will unconditionally match traffic. */ matches?: Schema$GrpcRouteRouteMatch[]; } /** * HttpRoute is the resource defining how HTTP traffic should be routed by a Mesh or Gateway resource. */ export interface Schema$HttpRoute { /** * Output only. The timestamp when the resource was created. */ createTime?: string | null; /** * Optional. A free-text description of the resource. Max length 1024 characters. */ description?: string | null; /** * Optional. Gateways defines a list of gateways this HttpRoute is attached to, as one of the routing rules to route the requests served by the gateway. Each gateway reference should match the pattern: `projects/x/locations/global/gateways/` */ gateways?: string[] | null; /** * Required. Hostnames define a set of hosts that should match against the HTTP host header to select a HttpRoute to process the request. Hostname is the fully qualified domain name of a network host, as defined by RFC 1123 with the exception that: - IPs are not allowed. - A hostname may be prefixed with a wildcard label (`*.`). The wildcard label must appear by itself as the first label. Hostname can be "precise" which is a domain name without the terminating dot of a network host (e.g. `foo.example.com`) or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. `*.example.com`). Note that as per RFC1035 and RFC1123, a label must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character. No other punctuation is allowed. The routes associated with a Mesh or Gateways must have unique hostnames. If you attempt to attach multiple routes with conflicting hostnames, the configuration will be rejected. For example, while it is acceptable for routes for the hostnames `*.foo.bar.com` and `*.bar.com` to be associated with the same Mesh (or Gateways under the same scope), it is not possible to associate two routes both with `*.bar.com` or both with `bar.com`. */ hostnames?: string[] | null; /** * Optional. Set of label tags associated with the HttpRoute resource. */ labels?: { [key: string]: string; } | null; /** * Optional. Meshes defines a list of meshes this HttpRoute is attached to, as one of the routing rules to route the requests served by the mesh. Each mesh reference should match the pattern: `projects/x/locations/global/meshes/` The attached Mesh should be of a type SIDECAR */ meshes?: string[] | null; /** * Required. Name of the HttpRoute resource. It matches pattern `projects/x/locations/global/httpRoutes/http_route_name\>`. */ name?: string | null; /** * Required. Rules that define how traffic is routed and handled. Rules will be matched sequentially based on the RouteMatch specified for the rule. */ rules?: Schema$HttpRouteRouteRule[]; /** * Output only. Server-defined URL of this resource */ selfLink?: string | null; /** * Output only. The timestamp when the resource was updated. */ updateTime?: string | null; } /** * The Specification for allowing client side cross-origin requests. */ export interface Schema$HttpRouteCorsPolicy { /** * In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default value is false. */ allowCredentials?: boolean | null; /** * Specifies the content for Access-Control-Allow-Headers header. */ allowHeaders?: string[] | null; /** * Specifies the content for Access-Control-Allow-Methods header. */ allowMethods?: string[] | null; /** * Specifies the regular expression patterns that match allowed origins. For regular expression grammar, please see https://github.com/google/re2/wiki/Syntax. */ allowOriginRegexes?: string[] | null; /** * Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allow_origins or an item in allow_origin_regexes. */ allowOrigins?: string[] | null; /** * If true, the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect. */ disabled?: boolean | null; /** * Specifies the content for Access-Control-Expose-Headers header. */ exposeHeaders?: string[] | null; /** * Specifies how long result of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. */ maxAge?: string | null; } /** * Specifications of a destination to which the request should be routed to. */ export interface Schema$HttpRouteDestination { /** * The URL of a BackendService to route traffic to. */ serviceName?: string | null; /** * Specifies the proportion of requests forwarded to the backend referenced by the serviceName field. This is computed as: weight/Sum(weights in this destination list). For non-zero values, there may be some epsilon from the exact proportion defined here depending on the precision an implementation supports. If only one serviceName is specified and it has a weight greater than 0, 100% of the traffic is forwarded to that backend. If weights are specified for any one service name, they need to be specified for all of them. If weights are unspecified for all services, then, traffic is distributed in equal proportions to all of them. */ weight?: number | null; } /** * The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced by client proxy on a percentage of requests before sending those requests to the destination service. Similarly requests can be aborted by client proxy for a percentage of requests. */ export interface Schema$HttpRouteFaultInjectionPolicy { /** * The specification for aborting to client requests. */ abort?: Schema$HttpRouteFaultInjectionPolicyAbort; /** * The specification for injecting delay to client requests. */ delay?: Schema$HttpRouteFaultInjectionPolicyDelay; } /** * Specification of how client requests are aborted as part of fault injection before being sent to a destination. */ export interface Schema$HttpRouteFaultInjectionPolicyAbort { /** * The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. */ httpStatus?: number | null; /** * The percentage of traffic which will be aborted. The value must be between [0, 100] */ percentage?: number | null; } /** * Specification of how client requests are delayed as part of fault injection before being sent to a destination. */ export interface Schema$HttpRouteFaultInjectionPolicyDelay { /** * Specify a fixed delay before forwarding the request. */ fixedDelay?: string | null; /** * The percentage of traffic on which delay will be injected. The value must be between [0, 100] */ percentage?: number | null; } /** * Specifies how to select a route rule based on HTTP request headers. */ export interface Schema$HttpRouteHeaderMatch { /** * The value of the header should match exactly the content of exact_match. */ exactMatch?: string | null; /** * The name of the HTTP header to match against. */ header?: string | null; /** * If specified, the match result will be inverted before checking. Default value is set to false. */ invertMatch?: boolean | null; /** * The value of the header must start with the contents of prefix_match. */ prefixMatch?: string | null; /** * A header with header_name must exist. The match takes place whether or not the header has a value. */ presentMatch?: boolean | null; /** * If specified, the rule will match if the request header value is within the range. */ rangeMatch?: Schema$HttpRouteHeaderMatchIntegerRange; /** * The value of the header must match the regular expression specified in regex_match. For regular expression grammar, please see: https://github.com/google/re2/wiki/Syntax */ regexMatch?: string | null; /** * The value of the header must end with the contents of suffix_match. */ suffixMatch?: string | null; } /** * Represents an integer value range. */ export interface Schema$HttpRouteHeaderMatchIntegerRange { /** * End of the range (exclusive) */ end?: number | null; /** * Start of the range (inclusive) */ start?: number | null; } /** * The specification for modifying HTTP header in HTTP request and HTTP response. */ export interface Schema$HttpRouteHeaderModifier { /** * Add the headers with given map where key is the name of the header, value is the value of the header. */ add?: { [key: string]: string; } | null; /** * Remove headers (matching by header names) specified in the list. */ remove?: string[] | null; /** * Completely overwrite/replace the headers with given map where key is the name of the header, value is the value of the header. */ set?: { [key: string]: string; } | null; } /** * Specifications to match a query parameter in the request. */ export interface Schema$HttpRouteQueryParameterMatch { /** * The value of the query parameter must exactly match the contents of exact_match. Only one of exact_match, regex_match, or present_match must be set. */ exactMatch?: string | null; /** * Specifies that the QueryParameterMatcher matches if request contains query parameter, irrespective of whether the parameter has a value or not. Only one of exact_match, regex_match, or present_match must be set. */ presentMatch?: boolean | null; /** * The name of the query parameter to match. */ queryParameter?: string | null; /** * The value of the query parameter must match the regular expression specified by regex_match. For regular expression grammar, please see https://github.com/google/re2/wiki/Syntax Only one of exact_match, regex_match, or present_match must be set. */ regexMatch?: string | null; } /** * The specification for redirecting traffic. */ export interface Schema$HttpRouteRedirect { /** * The host that will be used in the redirect response instead of the one that was supplied in the request. */ hostRedirect?: string | null; /** * If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. The default is set to false. */ httpsRedirect?: boolean | null; /** * The path that will be used in the redirect response instead of the one that was supplied in the request. path_redirect can not be supplied together with prefix_redirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. */ pathRedirect?: string | null; /** * The port that will be used in the redirected request instead of the one that was supplied in the request. */ portRedirect?: number | null; /** * Indicates that during redirection, the matched prefix (or path) should be swapped with this value. This option allows URLs be dynamically created based on the request. */ prefixRewrite?: string | null; /** * The HTTP Status code to use for the redirect. */ responseCode?: string | null; /** * if set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. */ stripQuery?: boolean | null; } /** * Specifies the policy on how requests are shadowed to a separate mirrored destination service. The proxy does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host/authority header is suffixed with -shadow. */ export interface Schema$HttpRouteRequestMirrorPolicy { /** * The destination the requests will be mirrored to. The weight of the destination will be ignored. */ destination?: Schema$HttpRouteDestination; } /** * The specifications for retries. */ export interface Schema$HttpRouteRetryPolicy { /** * Specifies the allowed number of retries. This number must be \> 0. If not specified, default to 1. */ numRetries?: number | null; /** * Specifies a non-zero timeout per retry attempt. */ perTryTimeout?: string | null; /** * Specifies one or more conditions when this retry policy applies. Valid values are: 5xx: Proxy will attempt a retry if the destination service responds with any 5xx response code, of if the destination service does not respond at all, example: disconnect, reset, read timeout, connection failure and refused streams. gateway-error: Similar to 5xx, but only applies to response codes 502, 503, 504. reset: Proxy will attempt a retry if the destination service does not respond at all (disconnect/reset/read timeout) connect-failure: Proxy will retry on failures connecting to destination for example due to connection timeouts. retriable-4xx: Proxy will retry fro retriable 4xx response codes. Currently the only retriable error supported is 409. refused-stream: Proxy will retry if the destination resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. */ retryConditions?: string[] | null; } /** * The specifications for routing traffic and applying associated policies. */ export interface Schema$HttpRouteRouteAction { /** * The specification for allowing client side cross-origin requests. */ corsPolicy?: Schema$HttpRouteCorsPolicy; /** * The destination to which traffic should be forwarded. */ destinations?: Schema$HttpRouteDestination[]; /** * The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted for a percentage of requests. timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy */ faultInjectionPolicy?: Schema$HttpRouteFaultInjectionPolicy; /** * If set, the request is directed as configured by this field. */ redirect?: Schema$HttpRouteRedirect; /** * The specification for modifying the headers of a matching request prior to delivery of the request to the destination. If HeaderModifiers are set on both the Destination and the RouteAction, they will be merged. Conflicts between the two will not be resolved on the configuration. */ requestHeaderModifier?: Schema$HttpRouteHeaderModifier; /** * Specifies the policy on how requests intended for the routes destination are shadowed to a separate mirrored destination. Proxy will not wait for the shadow destination to respond before returning the response. Prior to sending traffic to the shadow service, the host/authority header is suffixed with -shadow. */ requestMirrorPolicy?: Schema$HttpRouteRequestMirrorPolicy; /** * The specification for modifying the headers of a response prior to sending the response back to the client. If HeaderModifiers are set on both the Destination and the RouteAction, they will be merged. Conflicts between the two will not be resolved on the configuration. */ responseHeaderModifier?: Schema$HttpRouteHeaderModifier; /** * Specifies the retry policy associated with this route. */ retryPolicy?: Schema$HttpRouteRetryPolicy; /** * Specifies the timeout for selected route. Timeout is computed from the time the request has been fully processed (i.e. end of stream) up until the response has been completely processed. Timeout includes all retries. */ timeout?: string | null; /** * The specification for rewrite URL before forwarding requests to the destination. */ urlRewrite?: Schema$HttpRouteURLRewrite; } /** * RouteMatch defines specifications used to match requests. If multiple match types are set, this RouteMatch will match if ALL type of matches are matched. */ export interface Schema$HttpRouteRouteMatch { /** * The HTTP request path value should exactly match this value. Only one of full_path_match, prefix_match, or regex_match should be used. */ fullPathMatch?: string | null; /** * Specifies a list of HTTP request headers to match against. ALL of the supplied headers must be matched. */ headers?: Schema$HttpRouteHeaderMatch[]; /** * Specifies if prefix_match and full_path_match matches are case sensitive. The default value is false. */ ignoreCase?: boolean | null; /** * The HTTP request path value must begin with specified prefix_match. prefix_match must begin with a /. Only one of full_path_match, prefix_match, or regex_match should be used. */ prefixMatch?: string | null; /** * Specifies a list of query parameters to match ag