googleapis

import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosResponseWithHTTP2, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace eventarc_v1 { export interface Options extends GlobalOptions { version: 'v1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * Eventarc API * * Build event-driven applications on Google Cloud Platform. * * @example * ```js * const {google} = require('googleapis'); * const eventarc = google.eventarc('v1'); * ``` */ export class Eventarc { context: APIRequestContext; projects: Resource$Projects; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \}, { "log_type": "ADMIN_READ" \} ] \}, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" \}, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] \} ] \} ] \} For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. */ export interface Schema$AuditConfig { /** * The configuration for logging of each type of permission. */ auditLogConfigs?: Schema$AuditLogConfig[]; /** * Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. */ service?: string | null; } /** * Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \} ] \} This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging. */ export interface Schema$AuditLogConfig { /** * Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. */ exemptedMembers?: string[] | null; /** * The log type that this config enables. */ logType?: string | null; } /** * Associates `members`, or principals, with a `role`. */ export interface Schema$Binding { /** * The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ condition?: Schema$Expr; /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid\}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid\}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid\}.svc.id.goog[{namespace\}/{kubernetes-sa\}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid\}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain\}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/subject/{subject_attribute_value\}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/group/{group_id\}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/attribute.{attribute_name\}/{attribute_value\}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/x`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/subject/{subject_attribute_value\}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/group/{group_id\}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/attribute.{attribute_name\}/{attribute_value\}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/x`: All identities in a workload identity pool. * `deleted:user:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid\}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid\}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid\}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/subject/{subject_attribute_value\}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. */ members?: string[] | null; /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). */ role?: string | null; } /** * A representation of the Channel resource. A Channel is a resource on which event providers publish their events. The published events are delivered through the transport associated with the channel. Note that a channel is associated with exactly one event provider. */ export interface Schema$Channel { /** * Output only. The activation token for the channel. The token must be used by the provider to register the channel for publishing. */ activationToken?: string | null; /** * Output only. The creation time. */ createTime?: string | null; /** * Optional. Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt their event data. It must match the pattern `projects/x/locations/x/keyRings/x/cryptoKeys/x`. */ cryptoKeyName?: string | null; /** * Optional. Resource labels. */ labels?: { [key: string]: string; } | null; /** * Required. The resource name of the channel. Must be unique within the location on the project and must be in `projects/{project\}/locations/{location\}/channels/{channel_id\}` format. */ name?: string | null; /** * The name of the event provider (e.g. Eventarc SaaS partner) associated with the channel. This provider will be granted permissions to publish events to the channel. Format: `projects/{project\}/locations/{location\}/providers/{provider_id\}`. */ provider?: string | null; /** * Output only. The name of the Pub/Sub topic created and managed by Eventarc system as a transport for the event delivery. Format: `projects/{project\}/topics/{topic_id\}`. */ pubsubTopic?: string | null; /** * Output only. Whether or not this Channel satisfies the requirements of physical zone separation */ satisfiesPzs?: boolean | null; /** * Output only. The state of a Channel. */ state?: string | null; /** * Output only. Server assigned unique identifier for the channel. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. */ uid?: string | null; /** * Output only. The last-modified time. */ updateTime?: string | null; } /** * A representation of the ChannelConnection resource. A ChannelConnection is a resource which event providers create during the activation process to establish a connection between the provider and the subscriber channel. */ export interface Schema$ChannelConnection { /** * Input only. Activation token for the channel. The token will be used during the creation of ChannelConnection to bind the channel with the provider project. This field will not be stored in the provider resource. */ activationToken?: string | null; /** * Required. The name of the connected subscriber Channel. This is a weak reference to avoid cross project and cross accounts references. This must be in `projects/{project\}/location/{location\}/channels/{channel_id\}` format. */ channel?: string | null; /** * Output only. The creation time. */ createTime?: string | null; /** * Optional. Resource labels. */ labels?: { [key: string]: string; } | null; /** * Required. The name of the connection. */ name?: string | null; /** * Output only. Server assigned ID of the resource. The server guarantees uniqueness and immutability until deleted. */ uid?: string | null; /** * Output only. The last-modified time. */ updateTime?: string | null; } /** * Represents a Cloud Run destination. */ export interface Schema$CloudRun { /** * Optional. The relative path on the Cloud Run service the events should be sent to. The value must conform to the definition of a URI path segment (section 3.3 of RFC2396). Examples: "/route", "route", "route/subroute". */ path?: string | null; /** * Required. The region the Cloud Run service is deployed in. */ region?: string | null; /** * Required. The name of the Cloud Run service being addressed. See https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services. Only services located in the same project as the trigger object can be addressed. */ service?: string | null; } /** * Represents a target of an invocation over HTTP. */ export interface Schema$Destination { /** * The Cloud Function resource name. Cloud Functions V1 and V2 are supported. Format: `projects/{project\}/locations/{location\}/functions/{function\}` This is a read-only field. Creating Cloud Functions V1/V2 triggers is only supported via the Cloud Functions product. An error will be returned if the user sets this value. */ cloudFunction?: string | null; /** * Cloud Run fully-managed resource that receives the events. The resource should be in the same project as the trigger. */ cloudRun?: Schema$CloudRun; /** * A GKE service capable of receiving events. The service should be running in the same project as the trigger. */ gke?: Schema$GKE; /** * An HTTP endpoint destination described by an URI. */ httpEndpoint?: Schema$HttpEndpoint; /** * Optional. Network config is used to configure how Eventarc resolves and connect to a destination. This should only be used with HttpEndpoint destination type. */ networkConfig?: Schema$NetworkConfig; /** * The resource name of the Workflow whose Executions are triggered by the events. The Workflow resource should be deployed in the same project as the trigger. Format: `projects/{project\}/locations/{location\}/workflows/{workflow\}` */ workflow?: string | null; } /** * A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); \} */ export interface Schema$Empty { } /** * An enrollment represents a subscription for messages on a particular message bus. It defines a matching criteria for messages on the bus and the subscriber endpoint where matched messages should be delivered. */ export interface Schema$Enrollment { /** * Optional. Resource annotations. */ annotations?: { [key: string]: string; } | null; /** * Required. A CEL expression identifying which messages this enrollment applies to. */ celMatch?: string | null; /** * Output only. The creation time. */ createTime?: string | null; /** * Required. Destination is the Pipeline that the Enrollment is delivering to. It must point to the full resource name of a Pipeline. Format: "projects/{PROJECT_ID\}/locations/{region\}/pipelines/{PIPELINE_ID)" */ destination?: string | null; /** * Optional. Resource display name. */ displayName?: string | null; /** * Output only. This checksum is computed by the server based on the value of other fields, and might be sent only on update and delete requests to ensure that the client has an up-to-date value before proceeding. */ etag?: string | null; /** * Optional. Resource labels. */ labels?: { [key: string]: string; } | null; /** * Required. Immutable. Resource name of the message bus identifying the source of the messages. It matches the form projects/{project\}/locations/{location\}/messageBuses/{messageBus\}. */ messageBus?: string | null; /** * Identifier. Resource name of the form projects/{project\}/locations/{location\}/enrollments/{enrollment\} */ name?: string | null; /** * Output only. Server assigned unique identifier for the channel. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. */ uid?: string | null; /** * Output only. The last-modified time. */ updateTime?: string | null; } /** * Filters events based on exact matches on the CloudEvents attributes. */ export interface Schema$EventFilter { /** * Required. The name of a CloudEvents attribute. Currently, only a subset of attributes are supported for filtering. You can [retrieve a specific provider's supported event types](/eventarc/docs/list-providers#describe-provider). All triggers MUST provide a filter for the 'type' attribute. */ attribute?: string | null; /** * Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The allowed values are `path_pattern` and `match-path-pattern`. `path_pattern` is only allowed for GCFv1 triggers. */ operator?: string | null; /** * Required. The value for the attribute. */ value?: string | null; } /** * A representation of the event type resource. */ export interface Schema$EventType { /** * Output only. Human friendly description of what the event type is about. For example "Bucket created in Cloud Storage". */ description?: string | null; /** * Output only. URI for the event schema. For example "https://github.com/googleapis/google-cloudevents/blob/master/proto/google/events/cloud/storage/v1/events.proto" */ eventSchemaUri?: string | null; /** * Output only. Filtering attributes for the event type. */ filteringAttributes?: Schema$FilteringAttribute[]; /** * Output only. The full name of the event type (for example, "google.cloud.storage.object.v1.finalized"). In the form of {provider-specific-prefix\}.{resource\}.{version\}.{verb\}. Types MUST be versioned and event schemas are guaranteed to remain backward compatible within one version. Note that event type versions and API versions do not need to match. */ type?: string | null; } /** * Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. */ export interface Schema$Expr { /** * Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */ description?: string | null; /** * Textual representation of an expression in Common Expression Language syntax. */ expression?: string | null; /** * Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. */ location?: string | null; /** * Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */ title?: string | null; } /** * A representation of the FilteringAttribute resource. Filtering attributes are per event type. */ export interface Schema$FilteringAttribute { /** * Output only. Attribute used for filtering the event type. */ attribute?: string | null; /** * Output only. Description of the purpose of the attribute. */ description?: string | null; /** * Output only. If true, the attribute accepts matching expressions in the Eventarc PathPattern format. */ pathPatternSupported?: boolean | null; /** * Output only. If true, the triggers for this provider should always specify a filter on these attributes. Trigger creation will fail otherwise. */ required?: boolean | null; } /** * Represents a GKE destination. */ export interface Schema$GKE { /** * Required. The name of the cluster the GKE service is running in. The cluster must be running in the same project as the trigger being created. */ cluster?: string | null; /** * Required. The name of the Google Compute Engine in which the cluster resides, which can either be compute zone (for example, us-central1-a) for the zonal clusters or region (for example, us-central1) for regional clusters. */ location?: string | null; /** * Required. The namespace the GKE service is running in. */ namespace?: string | null; /** * Optional. The relative path on the GKE service the events should be sent to. The value must conform to the definition of a URI path segment (section 3.3 of RFC2396). Examples: "/route", "route", "route/subroute". */ path?: string | null; /** * Required. Name of the GKE service. */ service?: string | null; } /** * A GoogleApiSource represents a subscription of 1P events from a MessageBus. */ export interface Schema$GoogleApiSource { /** * Optional. Resource annotations. */ annotations?: { [key: string]: string; } | null; /** * Output only. The creation time. */ createTime?: string | null; /** * Optional. Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt their event data. It must match the pattern `projects/x/locations/x/keyRings/x/cryptoKeys/x`. */ cryptoKeyName?: string | null; /** * Required. Destination is the message bus that the GoogleApiSource is delivering to. It must be point to the full resource name of a MessageBus. Format: "projects/{PROJECT_ID\}/locations/{region\}/messagesBuses/{MESSAGE_BUS_ID) */ destination?: string | null; /** * Optional. Resource display name. */ displayName?: string | null; /** * Output only. This checksum is computed by the server based on the value of other fields, and might be sent only on update and delete requests to ensure that the client has an up-to-date value before proceeding. */ etag?: string | null; /** * Optional. Resource labels. */ labels?: { [key: string]: string; } | null; /** * Optional. Config to control Platform logging for the GoogleApiSource. */ loggingConfig?: Schema$LoggingConfig; /** * Identifier. Resource name of the form projects/{project\}/locations/{location\}/googleApiSources/{google_api_source\} */ name?: string | null; /** * Optional. Config to enable subscribing to events from all projects in the GoogleApiSource's org. */ organizationSubscription?: Schema$OrganizationSubscription; /** * Optional. Config to enable subscribing to all events from a list of projects. All the projects must be in the same org as the GoogleApiSource. */ projectSubscriptions?: Schema$ProjectSubscriptions; /** * Output only. Server assigned unique identifier for the channel. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. */ uid?: string | null; /** * Output only. The last-modified time. */ updateTime?: string | null; } /** * A GoogleChannelConfig is a resource that stores the custom settings respected by Eventarc first-party triggers in the matching region. Once configured, first-party event data will be protected using the specified custom managed encryption key instead of Google-managed encryption keys. */ export interface Schema$GoogleChannelConfig { /** * Optional. Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt their event data. It must match the pattern `projects/x/locations/x/keyRings/x/cryptoKeys/x`. */ cryptoKeyName?: string | null; /** * Optional. Resource labels. */ labels?: { [key: string]: string; } | null; /** * Required. The resource name of the config. Must be in the format of, `projects/{project\}/locations/{location\}/googleChannelConfig`. In API responses, the config name always includes the projectID, regardless of whether the projectID or projectNumber was provided. */ name?: string | null; /** * Output only. The last-modified time. */ updateTime?: string | null; } /** * Represents a target of an invocation over HTTP. */ export interface Schema$GoogleCloudEventarcV1PipelineDestination { /** * Optional. An authentication config used to authenticate message requests, such that destinations can verify the source. For example, this can be used with private Google Cloud destinations that require Google Cloud credentials for access like Cloud Run. This field is optional and should be set only by users interested in authenticated push. */ authenticationConfig?: Schema$GoogleCloudEventarcV1PipelineDestinationAuthenticationConfig; /** * Optional. An HTTP endpoint destination described by an URI. If a DNS FQDN is provided as the endpoint, Pipeline will create a peering zone to the consumer VPC and forward DNS requests to the VPC specified by network config to resolve the service endpoint. See: https://cloud.google.com/dns/docs/zones/zones-overview#peering_zones */ httpEndpoint?: Schema$GoogleCloudEventarcV1PipelineDestinationHttpEndpoint; /** * Optional. The resource name of the Message Bus to which events should be published. The Message Bus resource should exist in the same project as the Pipeline. Format: `projects/{project\}/locations/{location\}/messageBuses/{message_bus\}` */ messageBus?: string | null; /** * Optional. Network config is used to configure how Pipeline resolves and connects to a destination. */ networkConfig?: Schema$GoogleCloudEventarcV1PipelineDestinationNetworkConfig; /** * Optional. The message format before it is delivered to the destination. If not set, the message will be delivered in the format it was originally delivered to the Pipeline. This field can only be set if Pipeline.input_payload_format is also set. */ outputPayloadFormat?: Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormat; /** * Optional. The resource name of the Pub/Sub topic to which events should be published. Format: `projects/{project\}/locations/{location\}/topics/{topic\}` */ topic?: string | null; /** * Optional. The resource name of the Workflow whose Executions are triggered by the events. The Workflow resource should be deployed in the same project as the Pipeline. Format: `projects/{project\}/locations/{location\}/workflows/{workflow\}` */ workflow?: string | null; } /** * Represents a config used to authenticate message requests. */ export interface Schema$GoogleCloudEventarcV1PipelineDestinationAuthenticationConfig { /** * Optional. This authenticate method will apply Google OIDC tokens signed by a Google Cloud service account to the requests. */ googleOidc?: Schema$GoogleCloudEventarcV1PipelineDestinationAuthenticationConfigOidcToken; /** * Optional. If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com. */ oauthToken?: Schema$GoogleCloudEventarcV1PipelineDestinationAuthenticationConfigOAuthToken; } /** * Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com. */ export interface Schema$GoogleCloudEventarcV1PipelineDestinationAuthenticationConfigOAuthToken { /** * Optional. OAuth scope to be used for generating OAuth access token. If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. */ scope?: string | null; /** * Required. Service account email used to generate the [OAuth token](https://developers.google.com/identity/protocols/OAuth2). The principal who calls this API must have iam.serviceAccounts.actAs permission in the service account. See https://cloud.google.com/iam/docs/understanding-service-accounts for more information. Eventarc service agents must have roles/roles/iam.serviceAccountTokenCreator role to allow Pipeline to create OAuth2 tokens for authenticated requests. */ serviceAccount?: string | null; } /** * Represents a config used to authenticate with a Google OIDC token using a Google Cloud service account. Use this authentication method to invoke your Cloud Run and Cloud Functions destinations or HTTP endpoints that support Google OIDC. */ export interface Schema$GoogleCloudEventarcV1PipelineDestinationAuthenticationConfigOidcToken { /** * Optional. Audience to be used to generate the OIDC Token. The audience claim identifies the recipient that the JWT is intended for. If unspecified, the destination URI will be used. */ audience?: string | null; /** * Required. Service account email used to generate the OIDC Token. The principal who calls this API must have iam.serviceAccounts.actAs permission in the service account. See https://cloud.google.com/iam/docs/understanding-service-accounts for more information. Eventarc service agents must have roles/roles/iam.serviceAccountTokenCreator role to allow the Pipeline to create OpenID tokens for authenticated requests. */ serviceAccount?: string | null; } /** * Represents a HTTP endpoint destination. */ export interface Schema$GoogleCloudEventarcV1PipelineDestinationHttpEndpoint { /** * Optional. The CEL expression used to modify how the destination-bound HTTP request is constructed. If a binding expression is not specified here, the message is treated as a CloudEvent and is mapped to the HTTP request according to the CloudEvent HTTP Protocol Binding Binary Content Mode (https://github.com/cloudevents/spec/blob/main/cloudevents/bindings/http-protocol-binding.md#31-binary-content-mode). In this representation, all fields except the `data` and `datacontenttype` field on the message are mapped to HTTP request headers with a prefix of `ce-`. To construct the HTTP request payload and the value of the content-type HTTP header, the payload format is defined as follows: 1) Use the output_payload_format_type on the Pipeline.Destination if it is set, else: 2) Use the input_payload_format_type on the Pipeline if it is set, else: 3) Treat the payload as opaque binary data. The `data` field of the message is converted to the payload format or left as-is for case 3) and then attached as the payload of the HTTP request. The `content-type` header on the HTTP request is set to the payload format type or left empty for case 3). However, if a mediation has updated the `datacontenttype` field on the message so that it is not the same as the payload format type but it is still a prefix of the payload format type, then the `content-type` header on the HTTP request is set to this `datacontenttype` value. For example, if the `datacontenttype` is "application/json" and the payload format type is "application/json; charset=utf-8", then the `content-type` header on the HTTP request is set to "application/json; charset=utf-8". If a non-empty binding expression is specified then this expression is used to modify the default CloudEvent HTTP Protocol Binding Binary Content representation. The result of the CEL expression must be a map of key/value pairs which is used as follows: - If a map named `headers` exists on the result of the expression, then its key/value pairs are directly mapped to the HTTP request headers. The headers values are constructed from the corresponding value type's canonical representation. If the `headers` field doesn't exist then the resulting HTTP request will be the headers of the CloudEvent HTTP Binding Binary Content Mode representation of the final message. Note: If the specified binding expression, has updated the `datacontenttype` field on the message so that it is not the same as the payload format type but it is still a prefix of the payload format type, then the `content-type` header in the `headers` map is set to this `datacontenttype` value. - If a field named `body` exists on the result of the expression then its value is directly mapped to the body of the request. If the value of the `body` field is of type bytes or string then it is used for the HTTP request body as-is, with no conversion. If the body field is of any other type then it is converted to a JSON string. If the body field does not exist then the resulting payload of the HTTP request will be data value of the CloudEvent HTTP Binding Binary Content Mode representation of the final message as described earlier. - Any other fields in the resulting expression will be ignored. The CEL expression may access the incoming CloudEvent message in its definition, as follows: - The `data` field of the incoming CloudEvent message can be accessed using the `message.data` value. Subfields of `message.data` may also be accessed if an input_payload_format has been specified on the Pipeline. - Each attribute of the incoming CloudEvent message can be accessed using the `message.` value, where is replaced with the name of the attribute. - Existing headers can be accessed in the CEL expression using the `headers` variable. The `headers` variable defines a map of key/value pairs corresponding to the HTTP headers of the CloudEvent HTTP Binding Binary Content Mode representation of the final message as described earlier. For example, the following CEL expression can be used to construct an HTTP request by adding an additional header to the HTTP headers of the CloudEvent HTTP Binding Binary Content Mode representation of the final message and by overwriting the body of the request: ``` { "headers": headers.merge({"new-header-key": "new-header-value"\}), "body": "new-body" \} ``` - The default binding for the message payload can be accessed using the `body` variable. It conatins a string representation of the message payload in the format specified by the `output_payload_format` field. If the `input_payload_format` field is not set, the `body` variable contains the same message payload bytes that were published. Additionally, the following CEL extension functions are provided for use in this CEL expression: - toBase64Url: map.toBase64Url() -\> string - Converts a CelValue to a base64url encoded string - toJsonString: map.toJsonString() -\> string - Converts a CelValue to a JSON string - merge: map1.merge(map2) -\> map3 - Merges the passed CEL map with the existing CEL map the function is applied to. - If the same key exists in both maps, if the key's value is type map both maps are merged else the value from the passed map is used. - denormalize: map.denormalize() -\> map - Denormalizes a CEL map such that every value of type map or key in the map is expanded to return a single level map. - The resulting keys are "." separated indices of the map keys. - For example: { "a": 1, "b": { "c": 2, "d": 3 \} "e": [4, 5] \} .denormalize() -\> { "a": 1, "b.c": 2, "b.d": 3, "e.0": 4, "e.1": 5 \} - setField: map.setField(key, value) -\> message - Sets the field of the message with the given key to the given value. - If the field is not present it will be added. - If the field is present it will be overwritten. - The key can be a dot separated path to set a field in a nested message. - Key must be of type string. - Value may be any valid type. - removeFields: map.removeFields([key1, key2, ...]) -\> message - Removes the fields of the map with the given keys. - The keys can be a dot separated path to remove a field in a nested message. - If a key is not found it will be ignored. - Keys must be of type string. - toMap: [map1, map2, ...].toMap() -\> map - Converts a CEL list of CEL maps to a single CEL map - toCloudEventJsonWithPayloadFormat: message.toCloudEventJsonWithPayloadFormat() -\> map - Converts a message to the corresponding structure of JSON format for CloudEvents. - It converts `data` to destination payload format specified in `output_payload_format`. If `output_payload_format` is not set, the data will remain unchanged. - It also sets the corresponding datacontenttype of the CloudEvent, as indicated by `output_payload_format`. If no `output_payload_format` is set it will use the value of the "datacontenttype" attribute on the CloudEvent if present, else remove "datacontenttype" attribute. - This function expects that the content of the message will adhere to the standard CloudEvent format. If it doesn't then this function will fail. - The result is a CEL map that corresponds to the JSON representation of the CloudEvent. To convert that data to a JSON string it can be chained with the toJsonString function. The Pipeline expects that the message it receives adheres to the standard CloudEvent format. If it doesn't then the outgoing message request may fail with a persistent error. */ messageBindingTemplate?: string | null; /** * Required. The URI of the HTTP endpoint. The value must be a RFC2396 URI string. Examples: `https://svc.us-central1.p.local:8080/route`. Only the HTTPS protocol is supported. */ uri?: string | null; } /** * Represents a network config to be used for destination resolution and connectivity. */ export interface Schema$GoogleCloudEventarcV1PipelineDestinationNetworkConfig { /** * Required. Name of the NetworkAttachment that allows access to the consumer VPC. Format: `projects/{PROJECT_ID\}/regions/{REGION\}/networkAttachments/{NETWORK_ATTACHMENT_NAME\}` */ networkAttachment?: string | null; } /** * Mediation defines different ways to modify the Pipeline. */ export interface Schema$GoogleCloudEventarcV1PipelineMediation { /** * Optional. How the Pipeline is to transform messages */ transformation?: Schema$GoogleCloudEventarcV1PipelineMediationTransformation; } /** * Transformation defines the way to transform an incoming message. */ export interface Schema$GoogleCloudEventarcV1PipelineMediationTransformation { /** * Optional. The CEL expression template to apply to transform messages. The following CEL extension functions are provided for use in this CEL expression: - merge: map1.merge(map2) -\> map3 - Merges the passed CEL map with the existing CEL map the function is applied to. - If the same key exists in both maps, if the key's value is type map both maps are merged else the value from the passed map is used. - denormalize: map.denormalize() -\> map - Denormalizes a CEL map such that every value of type map or key in the map is expanded to return a single level map. - The resulting keys are "." separated indices of the map keys. - For example: { "a": 1, "b": { "c": 2, "d": 3 \} "e": [4, 5] \} .denormalize() -\> { "a": 1, "b.c": 2, "b.d": 3, "e.0": 4, "e.1": 5 \} - setField: map.setField(key, value) -\> message - Sets the field of the message with the given key to the given value. - If the field is not present it will be added. - If the field is present it will be overwritten. - The key can be a dot separated path to set a field in a nested message. - Key must be of type string. - Value may be any valid type. - removeFields: map.removeFields([key1, key2, ...]) -\> message - Removes the fields of the map with the given keys. - The keys can be a dot separated path to remove a field in a nested message. - If a key is not found it will be ignored. - Keys must be of type string. - toMap: [map1, map2, ...].toMap() -\> map - Converts a CEL list of CEL maps to a single CEL map - toDestinationPayloadFormat(): message.data.toDestinationPayloadFormat() -\> string or bytes - Converts the message data to the destination payload format specified in Pipeline.Destination.output_payload_format - This function is meant to be applied to the message.data field. - If the destination payload format is not set, the function will return the message data unchanged. - toCloudEventJsonWithPayloadFormat: message.toCloudEventJsonWithPayloadFormat() -\> map - Converts a message to the corresponding structure of JSON format for CloudEvents - This function applies toDestinationPayloadFormat() to the message data. It also sets the corresponding datacontenttype of the CloudEvent, as indicated by Pipeline.Destination.output_payload_format. If no output_payload_format is set it will use the existing datacontenttype on the CloudEvent if present, else leave datacontenttype absent. - This function expects that the content of the message will adhere to the standard CloudEvent format. If it doesn't then this function will fail. - The result is a CEL map that corresponds to the JSON representation of the CloudEvent. To convert that data to a JSON string it can be chained with the toJsonString function. */ transformationTemplate?: string | null; } /** * Represents the format of message data. */ export interface Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormat { /** * Optional. Avro format. */ avro?: Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormatAvroFormat; /** * Optional. JSON format. */ json?: Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormatJsonFormat; /** * Optional. Protobuf format. */ protobuf?: Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormatProtobufFormat; } /** * The format of an AVRO message payload. */ export interface Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormatAvroFormat { /** * Optional. The entire schema definition is stored in this field. */ schemaDefinition?: string | null; } /** * The format of a JSON message payload. */ export interface Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormatJsonFormat { } /** * The format of a Protobuf message payload. */ export interface Schema$GoogleCloudEventarcV1PipelineMessagePayloadFormatProtobufFormat { /** * Optional. The entire schema definition is stored in this field. */ schemaDefinition?: string | null; } /** * The retry policy configuration for the Pipeline. The pipeline exponentially backs off in case the destination is non responsive or returns a retryable error code. The default semantics are as follows: The backoff starts with a 5 second delay and doubles the delay after each failed attempt (10 seconds, 20 seconds, 40 seconds, etc.). The delay is capped at 60 seconds by default. Please note that if you set the min_retry_delay and max_retry_delay fields to the same value this will make the duration between retries constant. */ export interface Schema$GoogleCloudEventarcV1PipelineRetryPolicy { /** * Optional. The maximum number of delivery attempts for any message. The value must be between 1 and 100. The default value for this field is 5. */ maxAttempts?: number | null; /** * Optional. The maximum amount of seconds to wait between retry attempts. The value must be between 1 and 600. The default value for this field is 60. */ maxRetryDelay?: string | null; /** * Optional. The minimum amount of seconds to wait between retry attempts. The value must be between 1 and 600. The default value for this field is 5. */ minRetryDelay?: string | null; } /** * The request message for Operations.CancelOperation. */ export interface Schema$GoogleLongrunningCancelOperationRequest { } /** * The response message for Operations.ListOperations. */ export interface Schema$GoogleLongrunningListOperationsResponse { /** * The standard List next-page token. */ nextPageToken?: string | null; /** * A list of operations that matches the specified filter in the request. */ operations?: Schema$GoogleLongrunningOperation[]; /** * Unordered list. Unreachable resources. Populated when the request sets `ListOperationsRequest.return_partial_success` and reads across collections. For example, when attempting to list all resources across all supported locations. */ unreachable?: string[] | null; } /** * This resource represents a long-running operation that is the result of a network API call. */ export interface Schema$GoogleLongrunningOperation { /** * If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. */ done?: boolean | null; /** * The error result of the operation in case of failure or cancellation. */ error?: Schema$GoogleRpcStatus; /** * Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. */ met