googleapis

/// <reference types="node" /> import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosPromise, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace managedidentities_v1beta1 { export interface Options extends GlobalOptions { version: 'v1beta1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * Managed Service for Microsoft Active Directory API * * The Managed Service for Microsoft Active Directory API is used for managing a highly available, hardened service running Microsoft Active Directory (AD). * * @example * ```js * const {google} = require('googleapis'); * const managedidentities = google.managedidentities('v1beta1'); * ``` */ export class Managedidentities { context: APIRequestContext; projects: Resource$Projects; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * Request message for AttachTrust */ export interface Schema$AttachTrustRequest { /** * Required. The domain trust resource. */ trust?: Schema$Trust; } /** * Associates `members` with a `role`. */ export interface Schema$Binding { /** * The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ condition?: Schema$Expr; /** * Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid\}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid\}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid\}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid\}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid\}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid\}?uid={uniqueid\}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid\}` and the recovered group retains the role in the binding. * `domain:{domain\}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. */ members?: string[] | null; /** * Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. */ role?: string | null; } /** * The request message for Operations.CancelOperation. */ export interface Schema$CancelOperationRequest { } /** * Time window specified for daily operations. */ export interface Schema$DailyCycle { /** * Output only. Duration of the time window, set by service producer. */ duration?: string | null; /** * Time within the day to start the operations. */ startTime?: Schema$TimeOfDay; } /** * Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values * A month and day value, with a zero year, such as an anniversary * A year on its own, with zero month and day values * A year and month value, with a zero day, such as a credit card expiration date Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. */ export interface Schema$Date { /** * Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant. */ day?: number | null; /** * Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day. */ month?: number | null; /** * Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year. */ year?: number | null; } /** * DenyMaintenancePeriod definition. Maintenance is forbidden within the deny period. The start_date must be less than the end_date. */ export interface Schema$DenyMaintenancePeriod { /** * Deny period end date. This can be: * A full date, with non-zero year, month and day values. * A month and day value, with a zero year. Allows recurring deny periods each year. Date matching this period will have to be before the end. */ endDate?: Schema$Date; /** * Deny period start date. This can be: * A full date, with non-zero year, month and day values. * A month and day value, with a zero year. Allows recurring deny periods each year. Date matching this period will have to be the same or after the start. */ startDate?: Schema$Date; /** * Time in UTC when the Blackout period starts on start_date and ends on end_date. This can be: * Full time. * All zeros for 00:00:00 UTC */ time?: Schema$TimeOfDay; } /** * Request message for DetachTrust */ export interface Schema$DetachTrustRequest { /** * Required. The domain trust resource to removed. */ trust?: Schema$Trust; } /** * If the domain is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state. Represents a managed Microsoft Active Directory domain. */ export interface Schema$Domain { /** * Optional. The name of delegated administrator account used to perform Active Directory operations. If not specified, `setupadmin` will be used. */ admin?: string | null; /** * Optional. Configuration for audit logs. True if audit logs are enabled, else false. Default is audit logs disabled. */ auditLogsEnabled?: boolean | null; /** * Optional. The full names of the Google Compute Engine [networks](/compute/docs/networks-and-firewalls#networks) the domain instance is connected to. Networks can be added using UpdateDomain. The domain is only available on networks listed in `authorized_networks`. If CIDR subnets overlap between networks, domain creation will fail. */ authorizedNetworks?: string[] | null; /** * Output only. The time the instance was created. */ createTime?: string | null; /** * Output only. The fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory set up on an internal network. */ fqdn?: string | null; /** * Optional. Resource labels that can contain user-provided metadata. */ labels?: { [key: string]: string; } | null; /** * Required. Locations where domain needs to be provisioned. regions e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block. */ locations?: string[] | null; /** * Output only. The unique name of the domain using the form: `projects/{project_id\}/locations/global/domains/{domain_name\}`. */ name?: string | null; /** * Required. The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in [Domain].[authorized_networks]. */ reservedIpRange?: string | null; /** * Output only. The current state of this domain. */ state?: string | null; /** * Output only. Additional information about the current status of this domain, if available. */ statusMessage?: string | null; /** * Output only. The current trusts associated with the domain. */ trusts?: Schema$Trust[]; /** * Output only. The last update time. */ updateTime?: string | null; } /** * A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); \} The JSON representation for `Empty` is empty JSON object `{\}`. */ export interface Schema$Empty { } /** * Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. */ export interface Schema$Expr { /** * Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */ description?: string | null; /** * Textual representation of an expression in Common Expression Language syntax. */ expression?: string | null; /** * Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. */ location?: string | null; /** * Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */ title?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudManagedidentitiesV1alpha1OpMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudManagedidentitiesV1beta1OpMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$GoogleCloudManagedidentitiesV1OpMetadata { /** * Output only. API version used to start the operation. */ apiVersion?: string | null; /** * Output only. The time the operation was created. */ createTime?: string | null; /** * Output only. The time the operation finished running. */ endTime?: string | null; /** * Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ requestedCancellation?: boolean | null; /** * Output only. Server-defined resource path for the target of the operation. */ target?: string | null; /** * Output only. Name of the verb executed by the operation. */ verb?: string | null; } export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1Instance { /** * consumer_defined_name is the name that is set by the consumer. On the other hand Name field represents system-assigned id of an instance so consumers are not necessarily aware of it. consumer_defined_name is used for notification/UI purposes for consumer to recognize their instances. */ consumerDefinedName?: string | null; /** * Output only. Timestamp when the resource was created. */ createTime?: string | null; /** * Optional. Resource labels to represent user provided metadata. Each label is a key-value pair, where both the key and the value are arbitrary strings provided by the user. */ labels?: { [key: string]: string; } | null; /** * Deprecated. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the referenced policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. */ maintenancePolicyNames?: { [key: string]: string; } | null; /** * The MaintenanceSchedule contains the scheduling information of published maintenance schedule with same key as software_versions. */ maintenanceSchedules?: { [key: string]: Schema$GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule; } | null; /** * Optional. The MaintenanceSettings associated with instance. */ maintenanceSettings?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings; /** * Unique name of the resource. It uses the form: `projects/{project_id\}/locations/{location_id\}/instances/{instance_id\}` */ name?: string | null; /** * Output only. Custom string attributes used primarily to expose producer-specific information in monitoring dashboards. See go/get-instance-metadata. */ producerMetadata?: { [key: string]: string; } | null; /** * Output only. The list of data plane resources provisioned for this instance, e.g. compute VMs. See go/get-instance-metadata. */ provisionedResources?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource[]; /** * Link to the SLM instance template. Only populated when updating SLM instances via SSA's Actuation service adaptor. Service producers with custom control plane (e.g. Cloud SQL) doesn't need to populate this field. Instead they should use software_versions. */ slmInstanceTemplate?: string | null; /** * Output only. SLO metadata for instance classification in the Standardized dataplane SLO platform. See go/cloud-ssa-standard-slo for feature description. */ sloMetadata?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata; /** * Software versions that are used to deploy this instance. This can be mutated by rollout services. */ softwareVersions?: { [key: string]: string; } | null; /** * Output only. Current lifecycle state of the resource (e.g. if it's being created or ready to use). */ state?: string | null; /** * Output only. ID of the associated GCP tenant project. See go/get-instance-metadata. */ tenantProjectId?: string | null; /** * Output only. Timestamp when the resource was last modified. */ updateTime?: string | null; } /** * Maintenance schedule which is exposed to customer and potentially end user, indicating published upcoming future maintenance schedule */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule { /** * This field will be deprecated, and will be always set to true since reschedule can happen multiple times now. */ canReschedule?: boolean | null; /** * The scheduled end time for the maintenance. */ endTime?: string | null; /** * The rollout management policy this maintenance schedule is associated with. When doing reschedule update request, the reschedule should be against this given policy. */ rolloutManagementPolicy?: string | null; /** * schedule_deadline_time is the time deadline any schedule start time cannot go beyond, including reschedule. It's normally the initial schedule start time plus maintenance window length (1 day or 1 week). Maintenance cannot be scheduled to start beyond this deadline. */ scheduleDeadlineTime?: string | null; /** * The scheduled start time for the maintenance. */ startTime?: string | null; } /** * Maintenance settings associated with instance. Allows service producers and end users to assign settings that controls maintenance on this instance. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings { /** * Optional. Exclude instance from maintenance. When true, rollout service will not attempt maintenance on the instance. Rollout service will include the instance in reported rollout progress as not attempted. */ exclude?: boolean | null; /** * Optional. If the update call is triggered from rollback, set the value as true. */ isRollback?: boolean | null; /** * Optional. The MaintenancePolicies that have been attached to the instance. The key must be of the type name of the oneof policy name defined in MaintenancePolicy, and the embedded policy must define the same policy type. For complete details of MaintenancePolicy, please refer to go/cloud-saas-mw-ug. If only the name is needed (like in the deprecated Instance.maintenance_policy_names field) then only populate MaintenancePolicy.name. */ maintenancePolicies?: { [key: string]: Schema$MaintenancePolicy; } | null; } /** * Node information for custom per-node SLO implementations. SSA does not support per-node SLO, but producers can populate per-node information in SloMetadata for custom precomputations. SSA Eligibility Exporter will emit per-node metric based on this information. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata { /** * By default node is eligible if instance is eligible. But individual node might be excluded from SLO by adding entry here. For semantic see SloMetadata.exclusions. If both instance and node level exclusions are present for time period, the node level's reason will be reported by Eligibility Exporter. */ exclusions?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloExclusion[]; /** * The location of the node, if different from instance location. */ location?: string | null; /** * The id of the node. This should be equal to SaasInstanceNode.node_id. */ nodeId?: string | null; } /** * PerSliSloEligibility is a mapping from an SLI name to eligibility. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility { /** * An entry in the eligibilities map specifies an eligibility for a particular SLI for the given instance. The SLI key in the name must be a valid SLI name specified in the Eligibility Exporter binary flags otherwise an error will be emitted by Eligibility Exporter and the oncaller will be alerted. If an SLI has been defined in the binary flags but the eligibilities map does not contain it, the corresponding SLI time series will not be emitted by the Eligibility Exporter. This ensures a smooth rollout and compatibility between the data produced by different versions of the Eligibility Exporters. If eligibilities map contains a key for an SLI which has not been declared in the binary flags, there will be an error message emitted in the Eligibility Exporter log and the metric for the SLI in question will not be emitted. */ eligibilities?: { [key: string]: Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility; } | null; } /** * Describes provisioned dataplane resources. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource { /** * Type of the resource. This can be either a GCP resource or a custom one (e.g. another cloud provider's VM). For GCP compute resources use singular form of the names listed in GCP compute API documentation (https://cloud.google.com/compute/docs/reference/rest/v1/), prefixed with 'compute-', for example: 'compute-instance', 'compute-disk', 'compute-autoscaler'. */ resourceType?: string | null; /** * URL identifying the resource, e.g. "https://www.googleapis.com/compute/v1/projects/...)". */ resourceUrl?: string | null; } /** * SloEligibility is a tuple containing eligibility value: true if an instance is eligible for SLO calculation or false if it should be excluded from all SLO-related calculations along with a user-defined reason. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility { /** * Whether an instance is eligible or ineligible. */ eligible?: boolean | null; /** * User-defined reason for the current value of instance eligibility. Usually, this can be directly mapped to the internal state. An empty reason is allowed. */ reason?: string | null; } /** * SloExclusion represents an exclusion in SLI calculation applies to all SLOs. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloExclusion { /** * Exclusion duration. No restrictions on the possible values. When an ongoing operation is taking longer than initially expected, an existing entry in the exclusion list can be updated by extending the duration. This is supported by the subsystem exporting eligibility data as long as such extension is committed at least 10 minutes before the original exclusion expiration - otherwise it is possible that there will be "gaps" in the exclusion application in the exported timeseries. */ duration?: string | null; /** * Human-readable reason for the exclusion. This should be a static string (e.g. "Disruptive update in progress") and should not contain dynamically generated data (e.g. instance name). Can be left empty. */ reason?: string | null; /** * Name of an SLI that this exclusion applies to. Can be left empty, signaling that the instance should be excluded from all SLIs. */ sliName?: string | null; /** * Start time of the exclusion. No alignment (e.g. to a full minute) needed. */ startTime?: string | null; } /** * SloMetadata contains resources required for proper SLO classification of the instance. */ export interface Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata { /** * Optional. Global per-instance SLI eligibility which applies to all defined SLIs. Exactly one of 'eligibility' and 'per_sli_eligibility' fields must be used. */ eligibility?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility; /** * List of SLO exclusion windows. When multiple entries in the list match (matching the exclusion time-window against current time point) the exclusion reason used in the first matching entry will be published. It is not needed to include expired exclusion in this list, as only the currently applicable exclusions are taken into account by the eligibility exporting subsystem (the historical state of exclusions will be reflected in the historically produced timeseries regardless of the current state). This field can be used to mark the instance as temporary ineligible for the purpose of SLO calculation. For permanent instance SLO exclusion, use of custom instance eligibility is recommended. See 'eligibility' field below. */ exclusions?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1SloExclusion[]; /** * Optional. List of nodes. Some producers need to use per-node metadata to calculate SLO. This field allows such producers to publish per-node SLO meta data, which will be consumed by SSA Eligibility Exporter and published in the form of per node metric to Monarch. */ nodes?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata[]; /** * Optional. Multiple per-instance SLI eligibilities which apply for individual SLIs. Exactly one of 'eligibility' and 'per_sli_eligibility' fields must be used. */ perSliEligibility?: Schema$GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility; /** * Name of the SLO tier the Instance belongs to. This name will be expected to match the tiers specified in the service SLO configuration. Field is mandatory and must not be empty. */ tier?: string | null; } /** * Response message for ListDomains */ export interface Schema$ListDomainsResponse { /** * A list of Managed Identities Service domains in the project. */ domains?: Schema$Domain[]; /** * A token to retrieve the next page of results, or empty if there are no more results in the list. */ nextPageToken?: string | null; /** * A list of locations that could not be reached. */ unreachable?: string[] | null; } /** * The response message for Locations.ListLocations. */ export interface Schema$ListLocationsResponse { /** * A list of locations that matches the specified filter in the request. */ locations?: Schema$Location[]; /** * The standard List next-page token. */ nextPageToken?: string | null; } /** * The response message for Operations.ListOperations. */ export interface Schema$ListOperationsResponse { /** * The standard List next-page token. */ nextPageToken?: string | null; /** * A list of operations that matches the specified filter in the request. */ operations?: Schema$Operation[]; } /** * ListSqlIntegrationsResponse is the response message for ListSqlIntegrations method. */ export interface Schema$ListSqlIntegrationsResponse { /** * Token to retrieve the next page of results, or empty if there are no more results in the list. */ nextPageToken?: string | null; /** * A list of SqlIntegrations of a domain. */ sqlIntegrations?: Schema$SqlIntegration[]; /** * A list of locations that could not be reached. */ unreachable?: string[] | null; } /** * A resource that represents Google Cloud Platform location. */ export interface Schema$Location { /** * The friendly name for this location, typically a nearby city name. For example, "Tokyo". */ displayName?: string | null; /** * Cross-service attributes for the location. For example {"cloud.googleapis.com/region": "us-east1"\} */ labels?: { [key: string]: string; } | null; /** * The canonical id for this location. For example: `"us-east1"`. */ locationId?: string | null; /** * Service-specific metadata. For example the available capacity at the given location. */ metadata?: { [key: string]: any; } | null; /** * Resource name for the location, which may vary between implementations. For example: `"projects/example-project/locations/us-east1"` */ name?: string | null; } /** * Defines policies to service maintenance events. */ export interface Schema$MaintenancePolicy { /** * Output only. The time when the resource was created. */ createTime?: string | null; /** * Optional. Description of what this policy is for. Create/Update methods return INVALID_ARGUMENT if the length is greater than 512. */ description?: string | null; /** * Optional. Resource labels to represent user provided metadata. Each label is a key-value pair, where both the key and the value are arbitrary strings provided by the user. */ labels?: { [key: string]: string; } | null; /** * Required. MaintenancePolicy name using the form: `projects/{project_id\}/locations/{location_id\}/maintenancePolicies/{maintenance_policy_id\}` where {project_id\} refers to a GCP consumer project ID, {location_id\} refers to a GCP region/zone, {maintenance_policy_id\} must be 1-63 characters long and match the regular expression `[a-z0-9]([-a-z0-9]*[a-z0-9])?`. */ name?: string | null; /** * Optional. The state of the policy. */ state?: string | null; /** * Maintenance policy applicable to instance update. */ updatePolicy?: Schema$UpdatePolicy; /** * Output only. The time when the resource was updated. */ updateTime?: string | null; } /** * MaintenanceWindow definition. */ export interface Schema$MaintenanceWindow { /** * Daily cycle. */ dailyCycle?: Schema$DailyCycle; /** * Weekly cycle. */ weeklyCycle?: Schema$WeeklyCycle; } /** * This resource represents a long-running operation that is the result of a network API call. */ export interface Schema$Operation { /** * If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. */ done?: boolean | null; /** * The error result of the operation in case of failure or cancellation. */ error?: Schema$Status; /** * Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. */ metadata?: { [key: string]: any; } | null; /** * The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id\}`. */ name?: string | null; /** * The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. */ response?: { [key: string]: any; } | null; } /** * Represents the metadata of the long-running operation. */ export interface Schema$OperationMetadata { /** * [Output only] API version used to start the operation. */ apiVersion?: string | null; /** * [Output only] Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. */ cancelRequested?: boolean | null; /** * [Output only] The time the operation was created. */ createTime?: string | null; /** * [Output only] The time the operation finished running. */ endTime?: string | null; /** * [Output only] Human-readable status of the operation, if any. */ statusDetail?: string | null; /** * [Output only] Server-defined resource path for the target of the operation. */ target?: string | null; /** * [Output only] Name of the verb executed by the operation. */ verb?: string | null; } /** * An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] \}, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", \} \} ], "etag": "BwWWja0YfJA=", "version": 3 \} **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). */ export interface Schema$Policy { /** * Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. */ bindings?: Schema$Binding[]; /** * `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. */ etag?: string | null; /** * Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ version?: number | null; } /** * Request message for ReconfigureTrust */ export interface Schema$ReconfigureTrustRequest { /** * Required. The target DNS server IP addresses to resolve the remote domain involved in the trust. */ targetDnsIpAddresses?: string[] | null; /** * Required. The fully-qualified target domain name which will be in trust with current domain. */ targetDomainName?: string | null; } /** * Request message for ResetAdminPassword */ export interface Schema$ResetAdminPasswordRequest { } /** * Response message for ResetAdminPassword */ export interface Schema$ResetAdminPasswordResponse { /** * A random password. See admin for more information. */ password?: string | null; } /** * Configure the schedule. */ export interface Schema$Schedule { /** * Allows to define schedule that runs specified day of the week. */ day?: string | null; /** * Output only. Duration of the time window, set by service producer. */ duration?: string | null; /** * Time within the window to start the operations. */ startTime?: Schema$TimeOfDay; } /** * Request message for `SetIamPolicy` method. */ export interface Schema$SetIamPolicyRequest { /** * REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them. */ policy?: Schema$Policy; } /** * Represents the Sql instance integrated with AD. */ export interface Schema$SqlIntegration { /** * Output only. The time sql integration was created. Synthetic field is populated automatically by CCFE. */ createTime?: string | null; /** * The unique name of the sql integration in the form of `projects/{project_id\}/locations/global/domains/{domain_name\}/sqlIntegrations/{sql_integration\}` */ name?: string | null; /** * The full resource name of an integrated sql instance */ sqlInstance?: string | null; /** * Output only. The current state of the sql integration. */ state?: string | null; /** * Output only. The time sql integration was updated. Synthetic field is populated automatically by CCFE. */ updateTime?: string | null; } /** * The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). */ export interface Schema$Status { /** * The status code, which should be an enum value of google.rpc.Code. */ code?: number | null; /** * A list of messages that carry the error details. There is a common set of message types for APIs to use. */ details?: Array<{ [key: string]: any; }> | null; /** * A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. */ message?: string | null; } /** * Request message for `TestIamPermissions` method. */ export interface Schema$TestIamPermissionsRequest { /** * The set of permissions to check for the `resource`. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). */ permissions?: string[] | null; } /** * Response message for `TestIamPermissions` method. */ export interface Schema$TestIamPermissionsResponse { /** * A subset of `TestPermissionsRequest.permissions` that the caller is allowed. */ permissions?: string[] | null; } /** * Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`. */ export interface Schema$TimeOfDay { /** * Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value "24:00:00" for scenarios like business closing time. */ hours?: number | null; /** * Minutes of hour of day. Must be from 0 to 59. */ minutes?: number | null; /** * Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. */ nanos?: number | null; /** * Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds. */ seconds?: number | null; } /** * Represents a relationship between two domains. This allows a controller in one domain to authenticate a user in another domain. */ export interface Schema$Trust { /** * Output only. The time the instance was created. */ createTime?: string | null; /** * Output only. The last heartbeat time when the trust was known to be connected. */ lastTrustHeartbeatTime?: string | null; /** * The trust authentication type, which decides whether the trusted side has forest/domain wide access or selective access to an approved set of resources. */ selectiveAuthentication?: boolean | null; /** * Output only. The current state of the trust. */ state?: string | null; /** * Output only. Additional information about the current state of the trust, if available. */ stateDescription?: string | null; /** * The target DNS server IP addresses which can resolve the remote domain involved in the trust. */ targetDnsIpAddresses?: string[] | null; /** * The fully qualified target domain name which will be in trust with the current domain. */ targetDomainName?: string | null; /** * The trust direction, which decides if the current domain is trusted, trusting, or both. */ trustDirection?: string | null; /** * Input only. The trust secret used for the handshake with the target domain. It will not be stored. */ trustHandshakeSecret?: string | null; /** * The type of trust represented by the trust resour