googleapis

import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosResponseWithHTTP2, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace networkconnectivity_v1 { export interface Options extends GlobalOptions { version: 'v1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * Network Connectivity API * * This API enables connectivity with and between Google Cloud resources. * * @example * ```js * const {google} = require('googleapis'); * const networkconnectivity = google.networkconnectivity('v1'); * ``` */ export class Networkconnectivity { context: APIRequestContext; projects: Resource$Projects; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * The request for HubService.AcceptHubSpoke. */ export interface Schema$AcceptHubSpokeRequest { /** * Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check to see whether the original operation was received. If it was, the server ignores the second request. This behavior prevents clients from mistakenly creating duplicate commitments. The request ID must be a valid UUID, with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). */ requestId?: string | null; /** * Required. The URI of the spoke to accept into the hub. */ spokeUri?: string | null; } /** * The response for HubService.AcceptHubSpoke. */ export interface Schema$AcceptHubSpokeResponse { /** * The spoke that was operated on. */ spoke?: Schema$Spoke; } /** * The request for HubService.AcceptSpokeUpdate. */ export interface Schema$AcceptSpokeUpdateRequest { /** * Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check to see whether the original operation was received. If it was, the server ignores the second request. This behavior prevents clients from mistakenly creating duplicate commitments. The request ID must be a valid UUID, with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). */ requestId?: string | null; /** * Required. The etag of the spoke to accept update. */ spokeEtag?: string | null; /** * Required. The URI of the spoke to accept update. */ spokeUri?: string | null; } /** * Range auto-allocation options, to be optionally used when CIDR block is not explicitly set. */ export interface Schema$AllocationOptions { /** * Optional. Allocation strategy Not setting this field when the allocation is requested means an implementation defined strategy is used. */ allocationStrategy?: string | null; /** * Optional. This field must be set only when allocation_strategy is set to RANDOM_FIRST_N_AVAILABLE. The value should be the maximum expected parallelism of range creation requests issued to the same space of peered netwroks. */ firstAvailableRangesLookupSize?: number | null; } /** * Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \}, { "log_type": "ADMIN_READ" \} ] \}, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" \}, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] \} ] \} ] \} For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. */ export interface Schema$AuditConfig { /** * The configuration for logging of each type of permission. */ auditLogConfigs?: Schema$AuditLogConfig[]; /** * Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. */ service?: string | null; } /** * Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] \}, { "log_type": "DATA_WRITE" \} ] \} This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging. */ export interface Schema$AuditLogConfig { /** * Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. */ exemptedMembers?: string[] | null; /** * The log type that this config enables. */ logType?: string | null; } /** * The auto-accept setting for a group controls whether proposed spokes are automatically attached to the hub. If auto-accept is enabled, the spoke immediately is attached to the hub and becomes part of the group. In this case, the new spoke is in the ACTIVE state. If auto-accept is disabled, the spoke goes to the INACTIVE state, and it must be reviewed and accepted by a hub administrator. */ export interface Schema$AutoAccept { /** * Optional. A list of project ids or project numbers for which you want to enable auto-accept. The auto-accept setting is applied to spokes being created or updated in these projects. */ autoAcceptProjects?: string[] | null; } /** * Information for the automatically created subnetwork and its associated IR. */ export interface Schema$AutoCreatedSubnetworkInfo { /** * Output only. Indicates whether the subnetwork is delinked from the Service Connection Policy. Only set if the subnetwork mode is AUTO_CREATED during creation. */ delinked?: boolean | null; /** * Output only. URI of the automatically created Internal Range. Only set if the subnetwork mode is AUTO_CREATED during creation. */ internalRange?: string | null; /** * Output only. URI of the automatically created Internal Range reference. Only set if the subnetwork mode is AUTO_CREATED during creation. */ internalRangeRef?: string | null; /** * Output only. URI of the automatically created subnetwork. Only set if the subnetwork mode is AUTO_CREATED during creation. */ subnetwork?: string | null; /** * Output only. URI of the automatically created subnetwork reference. Only set if the subnetwork mode is AUTO_CREATED during creation. */ subnetworkRef?: string | null; } /** * The specification for automatically creating a DNS record. */ export interface Schema$AutomatedDnsCreationSpec { /** * Required. The DNS suffix to use for the DNS record. Must end with a dot. This should be a valid DNS domain name as per RFC 1035. Each label (between dots) can contain letters, digits, and hyphens, and must not start or end with a hyphen. Example: "my-service.example.com.", "internal." */ dnsSuffix?: string | null; /** * Required. The hostname (the first label of the FQDN) to use for the DNS record. This should be a valid DNS label as per RFC 1035. Generally, this means the hostname can contain letters, digits, and hyphens, and must not start or end with a hyphen. Example: "my-instance", "db-1" */ hostname?: string | null; /** * Optional. The Time To Live for the DNS record, in seconds. If not provided, a default of 30 seconds will be used. */ ttl?: string | null; } /** * Represents a DNS record managed by the AutomatedDnsRecord API. */ export interface Schema$AutomatedDnsRecord { /** * Required. Immutable. The full resource path of the consumer network this AutomatedDnsRecord is visible to. Example: "projects/{projectNumOrId\}/global/networks/{networkName\}". */ consumerNetwork?: string | null; /** * Output only. The timestamp of when the record was created. */ createTime?: string | null; /** * Required. Immutable. The creation mode of the AutomatedDnsRecord. This field is immutable. */ creationMode?: string | null; /** * Output only. The current settings for this record as identified by (`hostname`, `dns_suffix`, `type`) in Cloud DNS. The `current_config` field reflects the actual settings of the DNS record in Cloud DNS based on the `hostname`, `dns_suffix`, and `type`. * **Absence:** If `current_config` is unset, it means a DNS record with the specified `hostname`, `dns_suffix`, and `type` does not currently exist in Cloud DNS. This could be because the `AutomatedDnsRecord` has never been successfully programmed, has been deleted, or there was an error during provisioning. * **Presence:** If `current_config` is present: * It can be different from the `original_config`. This can happen due to several reasons: * Out-of-band changes: A consumer might have directly modified the DNS record in Cloud DNS. * `OVERWRITE` operations from other `AutomatedDnsRecord` resources: Another `AutomatedDnsRecord` with the same identifying attributes (`hostname`, `dns_suffix`, `type`) but a different configuration might have overwritten the record using `insert_mode: OVERWRITE`. Therefore, the presence of `current_config` indicates that a corresponding DNS record exists, but its values (TTL and RRData) might not always align with the `original_config` of the AutomatedDnsRecord. */ currentConfig?: Schema$Config; /** * A human-readable description of the record. */ description?: string | null; /** * Required. Immutable. The dns suffix for this record to use in longest-suffix matching. Requires a trailing dot. Example: "example.com." */ dnsSuffix?: string | null; /** * Output only. DnsZone is the DNS zone managed by automation. Format: projects/{project\}/managedZones/{managedZone\} */ dnsZone?: string | null; /** * Optional. The etag is computed by the server, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. */ etag?: string | null; /** * Output only. The FQDN created by combining the hostname and dns suffix. Should include a trailing dot. */ fqdn?: string | null; /** * Required. Immutable. The hostname for the DNS record. This value will be prepended to the `dns_suffix` to create the full domain name (FQDN) for the record. For example, if `hostname` is "corp.db" and `dns_suffix` is "example.com.", the resulting record will be "corp.db.example.com.". Should not include a trailing dot. */ hostname?: string | null; /** * Optional. User-defined labels. */ labels?: { [key: string]: string; } | null; /** * Immutable. Identifier. The name of an AutomatedDnsRecord. Format: projects/{project\}/locations/{location\}/automatedDnsRecords/{automated_dns_record\} See: https://google.aip.dev/122#fields-representing-resource-names */ name?: string | null; /** * Required. Immutable. The configuration settings used to create this DNS record. These settings define the desired state of the record as specified by the producer. */ originalConfig?: Schema$Config; /** * Required. Immutable. The identifier of a supported record type. */ recordType?: string | null; /** * Required. Immutable. The service class identifier which authorizes this AutomatedDnsRecord. Any API calls targeting this AutomatedDnsRecord must have `networkconnectivity.serviceclasses.use` IAM permission for the provided service class. */ serviceClass?: string | null; /** * Output only. The current operational state of this AutomatedDnsRecord as managed by Service Connectivity Automation. */ state?: string | null; /** * Output only. A human-readable message providing more context about the current state, such as an error description if the state is `FAILED_DEPROGRAMMING`. */ stateDetails?: string | null; /** * Output only. The timestamp of when the record was updated. */ updateTime?: string | null; } /** * Associates `members`, or principals, with a `role`. */ export interface Schema$Binding { /** * The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ condition?: Schema$Expr; /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid\}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid\}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid\}.svc.id.goog[{namespace\}/{kubernetes-sa\}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid\}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain\}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/subject/{subject_attribute_value\}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/group/{group_id\}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/attribute.{attribute_name\}/{attribute_value\}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/x`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/subject/{subject_attribute_value\}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/group/{group_id\}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/attribute.{attribute_name\}/{attribute_value\}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number\}/locations/global/workloadIdentityPools/{pool_id\}/x`: All identities in a workload identity pool. * `deleted:user:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid\}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid\}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid\}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id\}/subject/{subject_attribute_value\}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. */ members?: string[] | null; /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). */ role?: string | null; } /** * Request for CheckConsumerConfig. */ export interface Schema$CheckConsumerConfigRequest { /** * Required. Full resource name of the consumer network. Example: - projects/{project\}/global/networks/{network\}. */ consumerNetwork?: string | null; /** * The project number or ID where the PSC endpoint is to be created. */ endpointProject?: string | null; /** * The requested IP Version */ requestedIpVersion?: string | null; /** * Required. The service class identifier of the producer. */ serviceClass?: string | null; } /** * Response for CheckConsumerConfig. */ export interface Schema$CheckConsumerConfigResponse { /** * List of validation errors. If the list is empty, the consumer config is valid. */ errors?: string[] | null; } /** * Defines the configuration of a DNS record. */ export interface Schema$Config { /** * Required. The list of resource record data strings. The content and format of these strings depend on the AutomatedDnsRecord.type. For many common record types, this list may contain multiple strings. As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- see examples. Examples: A record: ["192.0.2.1"] or ["192.0.2.1", "192.0.2.2"] TXT record: ["This is a text record"] CNAME record: ["target.example.com."] AAAA record: ["::1"] or ["2001:0db8:85a3:0000:0000:8a2e:0370:7334", "2001:0db8:85a3:0000:0000:8a2e:0370:7335"] */ rrdatas?: string[] | null; /** * Required. Number of seconds that this DNS record can be cached by resolvers. */ ttl?: string | null; } /** * Allow the producer to specify which consumers can connect to it. */ export interface Schema$ConsumerPscConfig { /** * Required. The project ID or project number of the consumer project. This project is the one that the consumer uses to interact with the producer instance. From the perspective of a consumer who's created a producer instance, this is the project of the producer instance. Format: 'projects/' Eg. 'projects/consumer-project' or 'projects/1234' */ consumerInstanceProject?: string | null; /** * This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. */ disableGlobalAccess?: boolean | null; /** * The requested IP version for the PSC connection. */ ipVersion?: string | null; /** * The resource path of the consumer network where PSC connections are allowed to be created in. Note, this network does not need be in the ConsumerPscConfig.project in the case of SharedVPC. Example: projects/{projectNumOrId\}/global/networks/{networkId\}. */ network?: string | null; /** * Immutable. Deprecated. Use producer_instance_metadata instead. An immutable identifier for the producer instance. */ producerInstanceId?: string | null; /** * Immutable. An immutable map for the producer instance metadata. */ producerInstanceMetadata?: { [key: string]: string; } | null; /** * The consumer project where PSC connections are allowed to be created in. */ project?: string | null; /** * Optional. A map to store mapping between customer vip and target service attachment. This field can be used to specify a static IP address for a PSC connection. */ serviceAttachmentIpAddressMap?: { [key: string]: string; } | null; /** * Output only. Overall state of PSC Connections management for this consumer psc config. */ state?: string | null; } /** * PSC connection details on consumer side. */ export interface Schema$ConsumerPscConnection { /** * Output only. The status of DNS automation for this PSC connection. */ dnsAutomationStatus?: Schema$DnsAutomationStatus; /** * The most recent error during operating this connection. */ error?: Schema$GoogleRpcStatus; /** * Output only. The error info for the latest error during operating this connection. */ errorInfo?: Schema$GoogleRpcErrorInfo; /** * The error type indicates whether the error is consumer facing, producer facing or system internal. */ errorType?: string | null; /** * The URI of the consumer forwarding rule created. Example: projects/{projectNumOrId\}/regions/us-east1/networks/{resourceId\}. */ forwardingRule?: string | null; /** * The last Compute Engine operation to setup PSC connection. */ gceOperation?: string | null; /** * The IP literal allocated on the consumer network for the PSC forwarding rule that is created to connect to the producer service attachment in this service connection map. */ ip?: string | null; /** * The requested IP version for the PSC connection. */ ipVersion?: string | null; /** * The consumer network whose PSC forwarding rule is connected to the service attachments in this service connection map. Note that the network could be on a different project (shared VPC). */ network?: string | null; /** * Immutable. Deprecated. Use producer_instance_metadata instead. An immutable identifier for the producer instance. */ producerInstanceId?: string | null; /** * Immutable. An immutable map for the producer instance metadata. */ producerInstanceMetadata?: { [key: string]: string; } | null; /** * The consumer project whose PSC forwarding rule is connected to the service attachments in this service connection map. */ project?: string | null; /** * The PSC connection id of the PSC forwarding rule connected to the service attachments in this service connection map. */ pscConnectionId?: string | null; /** * Output only. The URI of the selected subnetwork selected to allocate IP address for this connection. */ selectedSubnetwork?: string | null; /** * The URI of a service attachment which is the target of the PSC connection. */ serviceAttachmentUri?: string | null; /** * The state of the PSC connection. */ state?: string | null; } /** * The `Destination` resource. It specifies the IP prefix and the associated autonomous system numbers (ASN) that you want to include in a `MulticloudDataTransferConfig` resource. */ export interface Schema$Destination { /** * Output only. Time when the `Destination` resource was created. */ createTime?: string | null; /** * Optional. A description of this resource. */ description?: string | null; /** * Required. Unordered list. The list of `DestinationEndpoint` resources configured for the IP prefix. */ endpoints?: Schema$DestinationEndpoint[]; /** * The etag is computed by the server, and might be sent with update and delete requests so that the client has an up-to-date value before proceeding. */ etag?: string | null; /** * Required. Immutable. The IP prefix that represents your workload on another CSP. */ ipPrefix?: string | null; /** * Optional. User-defined labels. */ labels?: { [key: string]: string; } | null; /** * Identifier. The name of the `Destination` resource. Format: `projects/{project\}/locations/{location\}/multicloudDataTransferConfigs/{multicloud_data_transfer_config\}/destinations/{destination\}`. */ name?: string | null; /** * Output only. The timeline of the expected `Destination` states or the current rest state. If a state change is expected, the value is `ADDING`, `DELETING` or `SUSPENDING`, depending on the action specified. Example: "state_timeline": { "states": [ { // The time when the `Destination` resource will be activated. "effectiveTime": "2024-12-01T08:00:00Z", "state": "ADDING" \}, { // The time when the `Destination` resource will be suspended. "effectiveTime": "2024-12-01T20:00:00Z", "state": "SUSPENDING" \} ] \} */ stateTimeline?: Schema$StateTimeline; /** * Output only. The Google-generated unique ID for the `Destination` resource. This value is unique across all `Destination` resources. If a resource is deleted and another with the same name is created, the new resource is assigned a different and unique ID. */ uid?: string | null; /** * Output only. Time when the `Destination` resource was updated. */ updateTime?: string | null; } /** * The metadata for a `DestinationEndpoint` resource. */ export interface Schema$DestinationEndpoint { /** * Required. The ASN of the remote IP prefix. */ asn?: string | null; /** * Required. The CSP of the remote IP prefix. */ csp?: string | null; /** * Output only. The state of the `DestinationEndpoint` resource. */ state?: string | null; /** * Output only. Time when the `DestinationEndpoint` resource was updated. */ updateTime?: string | null; } /** * The status of DNS automation for a PSC connection. */ export interface Schema$DnsAutomationStatus { /** * Output only. The error details if the state is CREATE_FAILED or DELETE_FAILED. */ error?: Schema$GoogleRpcStatus; /** * Output only. The fully qualified domain name of the DNS record. */ fqdn?: string | null; /** * Output only. The current state of DNS automation. */ state?: string | null; } /** * A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); \} */ export interface Schema$Empty { } /** * Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. */ export interface Schema$Expr { /** * Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */ description?: string | null; /** * Textual representation of an expression in Common Expression Language syntax. */ expression?: string | null; /** * Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. */ location?: string | null; /** * Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */ title?: string | null; } /** * Filter matches L4 traffic. */ export interface Schema$Filter { /** * Optional. The destination IP range of outgoing packets that this policy-based route applies to. Default is "0.0.0.0/0" if protocol version is IPv4 and "::/0" if protocol version is IPv6. */ destRange?: string | null; /** * Optional. The IP protocol that this policy-based route applies to. Valid values are 'TCP', 'UDP', and 'ALL'. Default is 'ALL'. */ ipProtocol?: string | null; /** * Required. Internet protocol versions this policy-based route applies to. IPV4 and IPV6 is supported. */ protocolVersion?: string | null; /** * Optional. The source IP range of outgoing packets that this policy-based route applies to. Default is "0.0.0.0/0" if protocol version is IPv4 and "::/0" if protocol version is IPv6. */ srcRange?: string | null; } /** * The request message for Operations.CancelOperation. */ export interface Schema$GoogleLongrunningCancelOperationRequest { } /** * The response message for Operations.ListOperations. */ export interface Schema$GoogleLongrunningListOperationsResponse { /** * The standard List next-page token. */ nextPageToken?: string | null; /** * A list of operations that matches the specified filter in the request. */ operations?: Schema$GoogleLongrunningOperation[]; /** * Unordered list. Unreachable resources. Populated when the request sets `ListOperationsRequest.return_partial_success` and reads across collections. For example, when attempting to list all resources across all supported locations. */ unreachable?: string[] | null; } /** * This resource represents a long-running operation that is the result of a network API call. */ export interface Schema$GoogleLongrunningOperation { /** * If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. */ done?: boolean | null; /** * The error result of the operation in case of failure or cancellation. */ error?: Schema$GoogleRpcStatus; /** * Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. */ metadata?: { [key: string]: any; } | null; /** * The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id\}`. */ name?: string | null; /** * The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. */ response?: { [key: string]: any; } | null; } /** * Describes the cause of the error with structured details. Example of an error when contacting the "pubsub.googleapis.com" API when it is not enabled: { "reason": "API_DISABLED" "domain": "googleapis.com" "metadata": { "resource": "projects/123", "service": "pubsub.googleapis.com" \} \} This response indicates that the pubsub.googleapis.com API is not enabled. Example of an error that is returned when attempting to create a Spanner instance in a region that is out of stock: { "reason": "STOCKOUT" "domain": "spanner.googleapis.com", "metadata": { "availableRegions": "us-central1,us-east2" \} \} */ export interface Schema$GoogleRpcErrorInfo { /** * The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com". */ domain?: string | null; /** * Additional structured details about this error. Keys must match a regular expression of `a-z+` but should ideally be lowerCamelCase. Also, they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than `{"instanceLimit": "100/request"\}`, should be returned as, `{"instanceLimitPerRequest": "100"\}`, if the client exceeds the number of instances that can be created in a single (batch) request. */ metadata?: { [key: string]: string; } | null; /** * The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of `A-Z+[A-Z0-9]`, which represents UPPER_SNAKE_CASE. */ reason?: string | null; } /** * The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). */ export interface Schema$GoogleRpcStatus { /** * The status code, which should be an enum value of google.rpc.Code. */ code?: number | null; /** * A list of messages that carry the error details. There is a common set of message types for APIs to use. */ details?: Array<{ [key: string]: any; }> | null; /** * A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. */ message?: string | null; } /** * A group represents a subset of spokes attached to a hub. */ export interface Schema$Group { /** * Optional. The auto-accept setting for this group. */ autoAccept?: Schema$AutoAccept; /** * Output only. The time the group was created. */ createTime?: string | null; /** * Optional. The description of the group. */ description?: string | null; /** * Optional. Labels in key-value pair format. For more information about labels, see [Requirements for labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). */ labels?: { [key: string]: string; } | null; /** * Immutable. The name of the group. Group names must be unique. They use the following form: `projects/{project_number\}/locations/global/hubs/{hub\}/groups/{group_id\}` */ name?: string | null; /** * Output only. The name of the route table that corresponds to this group. They use the following form: `projects/{project_number\}/locations/global/hubs/{hub_id\}/routeTables/{route_table_id\}` */ routeTable?: string | null; /** * Output only. The current lifecycle state of this group. */ state?: string | null; /** * Output only. The Google-generated UUID for the group. This value is unique across all group resources. If a group is deleted and another with the same name is created, the new route table is assigned a different unique_id. */ uid?: string | null; /** * Output only. The time the group was last updated. */ updateTime?: string | null; } /** * A Network Connectivity Center hub is a global management resource to which you attach spokes. A single hub can contain spokes from multiple regions. However, if any of a hub's spokes use the site-to-site data transfer feature, the resources associated with those spokes must all be in the same VPC network. Spokes that do not use site-to-site data transfer can be associated with any VPC network in your project. */ export interface Schema$Hub { /** * Output only. The time the hub was created. */ createTime?: string | null; /** * Optional. An optional description of the hub. */ description?: string | null; /** * Optional. Whether Private Service Connect connection propagation is enabled for the hub. If true, Private Service Connect endpoints in VPC spokes attached to the hub are made accessible to other VPC spokes attached to the hub. The default value is false. */ exportPsc?: boolean | null; /** * Optional labels in key-value pair format. For more information about labels, see [Requirements for labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). */ labels?: { [key: string]: string; } | null; /** * Immutable. The name of the hub. Hub names must be unique. They use the following form: `projects/{project_number\}/locations/global/hubs/{hub_id\}` */ name?: string | null; /** * Optional. The policy mode of this hub. This field can be either PRESET or CUSTOM. If unspecified, the policy_mode defaults to PRESET. */ policyMode?: string | null; /** * Optional. The topology implemented in this hub. Currently, this field is only used when policy_mode = PRESET. The available preset topologies are MESH and STAR. If preset_topology is unspecified and policy_mode = PRESET, the preset_topology defaults to MESH. When policy_mode = CUSTOM, the preset_topology is set to PRESET_TOPOLOGY_UNSPECIFIED. */ presetTopology?: string | null; /** * Output only. The route tables that belong to this hub. They use the following form: `projects/{project_number\}/locations/global/hubs/{hub_id\}/routeTables/{route_table_id\}` This field is read-only. Network Connectivity Center automatically populates it based on the route tables nested under the hub. */ routeTables?: string[] | null; /** * Output only. The VPC networks associated with this hub's spokes. This field is read-only. Network Connectivity Center automatically populates it based on the set of spokes attached to the hub. */ routingVpcs?: Schema$RoutingVPC[]; /** * Output only. A summary of the spokes associated with a hub. The summary includes a count of spokes according to type and according to state. If any spokes are inactive, the summary also lists the reasons they are inactive, including a count for each reason. */ spokeSummary?: Schema$SpokeSummary; /** * Output only. The current lifecycle state of this hub. */ state?: string | null; /** * Output only. The Google-generated UUID for the hub. This value is unique across all hub resources. If a hub is deleted and another with the same name is created, the new hub is assigned a different unique_id. */ uniqueId?: string | null; /** * Output only. The time the hub was last updated. */ updateTime?: string | null; } /** * A hub status entry represents the status of a set of propagated Private Service Connect connections grouped by certain fields. */ export interface Schema$HubStatusEntry { /** * The number of propagated Private Service Connect connections with this status. If the `group_by` field was not set in the request message, the value of this field is 1. */ count?: number | null; /** * The fields that this entry is grouped by. This has the same value as the `group_by` field in the request message. */ groupBy?: string | null; /** * The Private Service Connect propagation status. */ pscPropagationStatus?: Schema$PscPropagationStatus; } /** * InterconnectAttachment that this route applies to. */ export interface Schema$InterconnectAttachment { /** * Optional. Cloud region to install this policy-based route on interconnect attachment. Use `all` to install it on all interconnect attachments. */ region?: string | null; } /** * The internal range resource for IPAM operations within a VPC network. Used to represent a private address range along with behavioral characteristics of that range (its usage and peering behavior). Networking resources can link to this range if they are created as belonging to it. */ export interface Schema$InternalRange { /** * Optional. Range auto-allocation options, may be set only when auto-allocation is selected by not setting ip_cidr_range (and setting prefix_length). */ allocationOptions?: Schema$AllocationOptions; /** * Output only. Time when the internal range was created. */ createTime?: string | null; /** * Optional. A description of this resource. */ description?: string | null; /** * Optional. ExcludeCidrRanges flag. Specifies a set of CIDR blocks that allows exclusion of particular CIDR ranges from the auto-allocation process, without having to reserve these blocks */ excludeCidrRanges?: string[] | null; /** * Optional. Immutable ranges cannot have their fields modified, except for labels and description. */ immutable?: boolean | null; /** * Optional. The IP range that this internal range defines. NOTE: IPv6 ranges are limited to usage=EXTERNAL_TO_VPC and peering=FOR_SELF. NOTE: For IPv6 Ranges this field is compulsory, i.e. the address range must be specified explicitly. */ ipCidrRange?: string | null; /** * User-defined labels. */ labels?: { [key: string]: string; } | null; /** * Optional. Must be present if usage is set to FOR_MIGRATION. */ migration?: Schema$Migration; /** * Identifier. The name of an internal range. Format: projects/{project\}/locations/{location\}/internalRanges/{internal_range\} See: https://google.aip.dev/122#fields-representing-resource-names */ name?: string | null; /** * Immutable. The URL or resource ID of the network in which to reserve the internal range. The network cannot be deleted if there are any reserved internal ranges referring to it. Legacy networks are not supported. For example: https://www.googleapis.com/compute/v1/projects/{project\}/locations/global/networks/{network\} projects/{project\}/locations/global/networks/{network\} {network\} */ network?: string | null; /** * Optional. Types of resources that are allowed to overlap with the current internal range.