From 1ef9dd2a968eec0ad0e5ace4f19d07009d014ce3 Mon Sep 17 00:00:00 2001 From: Yoshi Automation Bot Date: Sat, 14 Oct 2023 00:22:14 -0700 Subject: [PATCH] feat(all): auto-regenerate discovery clients (#2218) --- alloydb/v1/alloydb-api.json | 120 ++++++++++++- alloydb/v1/alloydb-gen.go | 156 +++++++++++++++-- alloydb/v1alpha/alloydb-api.json | 129 ++++++++++++-- alloydb/v1alpha/alloydb-gen.go | 162 ++++++++++++++++-- alloydb/v1beta/alloydb-api.json | 120 ++++++++++++- alloydb/v1beta/alloydb-gen.go | 156 +++++++++++++++-- appengine/v1/appengine-api.json | 118 ++++++------- appengine/v1/appengine-gen.go | 244 ++++++++++++++------------- appengine/v1alpha/appengine-api.json | 118 ++++++------- appengine/v1alpha/appengine-gen.go | 244 ++++++++++++++------------- bigquery/v2/bigquery-api.json | 80 ++++++++- bigquery/v2/bigquery-gen.go | 143 +++++++++++++++- gkebackup/v1/gkebackup-api.json | 6 +- gkebackup/v1/gkebackup-gen.go | 5 +- gkeonprem/v1/gkeonprem-api.json | 21 ++- gkeonprem/v1/gkeonprem-gen.go | 38 ++++- logging/v2/logging-api.json | 20 +-- logging/v2/logging-gen.go | 90 +++++----- 18 files changed, 1471 insertions(+), 499 deletions(-) diff --git a/alloydb/v1/alloydb-api.json b/alloydb/v1/alloydb-api.json index 7e586bb845e..ae21553fd23 100644 --- a/alloydb/v1/alloydb-api.json +++ b/alloydb/v1/alloydb-api.json @@ -1489,7 +1489,7 @@ } } }, - "revision": "20230918", + "revision": "20231006", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AutomatedBackupPolicy": { @@ -2369,7 +2369,7 @@ }, "readPoolConfig": { "$ref": "ReadPoolConfig", - "description": "Read pool specific config." + "description": "Read pool instance configuration. This is required if the value of instanceType is READ_POOL." }, "reconciling": { "description": "Output only. Reconciling (https://google.aip.dev/128#reconciliation). Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance.", @@ -2622,7 +2622,7 @@ "id": "NetworkConfig", "properties": { "allocatedIpRange": { - "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. Field name is intended to be consistent with CloudSQL.", + "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL.", "type": "string" }, "network": { @@ -3129,7 +3129,7 @@ "type": "string" }, "eventTime": { - "description": "The last time at which the event described by this signal took place", + "description": "Required. The last time at which the event described by this signal took place", "format": "google-datetime", "type": "string" }, @@ -3138,7 +3138,7 @@ "type": "string" }, "name": { - "description": "The name of the signal, ex: PUBLIC_SQL_INSTANCE, SQL_LOG_ERROR_VERBOSITY etc.", + "description": "Required. The name of the signal, ex: PUBLIC_SQL_INSTANCE, SQL_LOG_ERROR_VERBOSITY etc.", "type": "string" }, "provider": { @@ -3168,11 +3168,11 @@ "type": "string" }, "resourceName": { - "description": "Database resource name associated with the signal. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", + "description": "Required. Database resource name associated with the signal. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", "type": "string" }, "signalClass": { - "description": "The class of the signal, such as if it's a THREAT or VULNERABILITY.", + "description": "Required. The class of the signal, such as if it's a THREAT or VULNERABILITY.", "enum": [ "CLASS_UNSPECIFIED", "THREAT", @@ -3192,7 +3192,109 @@ "type": "string" }, "signalId": { - "description": "Unique identifier for the signal. This is an unique id which would be mainatined by partner to identify a signal.", + "description": "Required. Unique identifier for the signal. This is an unique id which would be mainatined by partner to identify a signal.", + "type": "string" + }, + "signalType": { + "description": "Required. Type of signal, for example, `AVAILABLE_IN_MULTIPLE_ZONES`, `LOGGING_MOST_ERRORS`, etc.", + "enum": [ + "SIGNAL_TYPE_UNSPECIFIED", + "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_ZONES", + "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_REGIONS", + "SIGNAL_TYPE_NO_PROMOTABLE_REPLICA", + "SIGNAL_TYPE_NO_AUTOMATED_BACKUP_POLICY", + "SIGNAL_TYPE_SHORT_BACKUP_RETENTION", + "SIGNAL_TYPE_LAST_BACKUP_FAILED", + "SIGNAL_TYPE_LAST_BACKUP_OLD", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_2_0", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_3", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_2", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_1", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_0", + "SIGNAL_TYPE_VIOLATES_NIST_800_53", + "SIGNAL_TYPE_VIOLATES_ISO_27001", + "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1", + "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING", + "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED", + "SIGNAL_TYPE_VERBOSE_ERROR_LOGGING", + "SIGNAL_TYPE_QUERY_LOCK_WAITS_NOT_LOGGED", + "SIGNAL_TYPE_LOGGING_MOST_ERRORS", + "SIGNAL_TYPE_LOGGING_ONLY_CRITICAL_ERRORS", + "SIGNAL_TYPE_MINIMAL_ERROR_LOGGING", + "SIGNAL_TYPE_QUERY_STATISTICS_LOGGED", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_CLIENT_HOSTNAME", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PARSER_STATISTICS", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PLANNER_STATISTICS", + "SIGNAL_TYPE_NOT_LOGGING_ONLY_DDL_STATEMENTS", + "SIGNAL_TYPE_LOGGING_QUERY_STATISTICS", + "SIGNAL_TYPE_NOT_LOGGING_TEMPORARY_FILES", + "SIGNAL_TYPE_CONNECTION_MAX_NOT_CONFIGURED", + "SIGNAL_TYPE_USER_OPTIONS_CONFIGURED", + "SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS", + "SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS", + "SIGNAL_TYPE_NO_ROOT_PASSWORD", + "SIGNAL_TYPE_WEAK_ROOT_PASSWORD", + "SIGNAL_TYPE_ENCRYPTION_KEY_NOT_CUSTOMER_MANAGED", + "SIGNAL_TYPE_SERVER_AUTHENTICATION_NOT_REQUIRED", + "SIGNAL_TYPE_EXPOSED_BY_OWNERSHIP_CHAINING", + "SIGNAL_TYPE_EXPOSED_TO_EXTERNAL_SCRIPTS", + "SIGNAL_TYPE_EXPOSED_TO_LOCAL_DATA_LOADS", + "SIGNAL_TYPE_CONNECTION_ATTEMPTS_NOT_LOGGED", + "SIGNAL_TYPE_DISCONNECTIONS_NOT_LOGGED", + "SIGNAL_TYPE_LOGGING_EXCESSIVE_STATEMENT_INFO", + "SIGNAL_TYPE_EXPOSED_TO_REMOTE_ACCESS", + "SIGNAL_TYPE_DATABASE_NAMES_EXPOSED", + "SIGNAL_TYPE_SENSITIVE_TRACE_INFO_NOT_MASKED" + ], + "enumDescriptions": [ + "Unspecified.", + "Represents if the resource is available in multiple zones or not.", + "Represents if a resource is available in multiple regions.", + "Represents if a resource has a promotable replica.", + "Represents if a resource has an automated backup policy.", + "Represents if a resources has a short backup retention period.", + "Represents if the last backup of a resource failed.", + "Represents if the last backup of a resource is older than some threshold value.", + "Represents if a resource violates CIS GCP Foundation 2.0.", + "Represents if a resource violates CIS GCP Foundation 1.3.", + "Represents if a resource violates CIS GCP Foundation 1.2.", + "Represents if a resource violates CIS GCP Foundation 1.1.", + "Represents if a resource violates CIS GCP Foundation 1.0.", + "Represents if a resource violates NIST 800-53.", + "Represents if a resource violates ISO-27001.", + "Represents if a resource violates PCI-DSS v3.2.1.", + "LINT.IfChange(scc_signals) Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_duration database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_error_verbosity database flag for a Cloud SQL for PostgreSQL instance is not set to default or stricter (default or terse).", + "Represents if the log_lock_waits database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_min_error_statement database flag for a Cloud SQL for PostgreSQL instance is not set appropriately.", + "Represents if the log_min_error_statement database flag for a Cloud SQL for PostgreSQL instance does not have an appropriate severity level.", + "Represents if the log_min_messages database flag for a Cloud SQL for PostgreSQL instance is not set to warning or another recommended value.", + "Represents if the databaseFlags property of instance metadata for the log_executor_status field is set to on.", + "Represents if the log_hostname database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_parser_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_planner_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_statement database flag for a Cloud SQL for PostgreSQL instance is not set to DDL (all data definition statements).", + "Represents if the log_statement_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_temp_files database flag for a Cloud SQL for PostgreSQL instance is not set to \"0\". (NOTE: 0 = ON)", + "Represents if the user connections database flag for a Cloud SQL for SQL Server instance is configured.", + "Represents if the user options database flag for Cloud SQL SQL Server instance is configured or not.", + "Represents if a resource is exposed to public access.", + "Represents if a resources requires all incoming connections to use SSL or not.", + "Represents if a Cloud SQL database has a password configured for the root account or not.", + "Represents if a Cloud SQL database has a weak password configured for the root account.", + "Represents if a SQL database instance is not encrypted with customer-managed encryption keys (CMEK).", + "Represents if The contained database authentication database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the cross_db_ownership_chaining database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if he external scripts enabled database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the local_infile database flag for a Cloud SQL for MySQL instance is not set to off.", + "Represents if the log_connections database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_disconnections database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_min_duration_statement database flag for a Cloud SQL for PostgreSQL instance is not set to -1.", + "Represents if the remote access database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the skip_show_database database flag for a Cloud SQL for MySQL instance is not set to on.", + "Represents if the 3625 (trace flag) database flag for a Cloud SQL for SQL Server instance is not set to on. LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgjob/message_adapter/health_signal_feed/health_signal_mapping.h)" + ], "type": "string" }, "state": { @@ -3332,12 +3434,14 @@ "enum": [ "INSTANCE_TYPE_UNSPECIFIED", "PRIMARY", + "SECONDARY", "READ_REPLICA", "OTHER" ], "enumDescriptions": [ "", "A regular primary database instance.", + "A cluster or an instance acting as a secondary.", "An instance acting as a read-replica.", "For rest of the other categories." ], diff --git a/alloydb/v1/alloydb-gen.go b/alloydb/v1/alloydb-gen.go index 06794d2601b..d5c78ef0901 100644 --- a/alloydb/v1/alloydb-gen.go +++ b/alloydb/v1/alloydb-gen.go @@ -1431,7 +1431,8 @@ type Instance struct { // QueryInsightsConfig: Configuration for query insights. QueryInsightsConfig *QueryInsightsInstanceConfig `json:"queryInsightsConfig,omitempty"` - // ReadPoolConfig: Read pool specific config. + // ReadPoolConfig: Read pool instance configuration. This is required if + // the value of instanceType is READ_POOL. ReadPoolConfig *ReadPoolConfig `json:"readPoolConfig,omitempty"` // Reconciling: Output only. Reconciling @@ -1841,8 +1842,8 @@ type NetworkConfig struct { // "google-managed-services-default". If set, the instance IPs for this // cluster will be created in the allocated range. The range name must // comply with RFC 1035. Specifically, the name must be 1-63 characters - // long and match the regular expression a-z ([-a-z0-9]*[a-z0-9])?. - // Field name is intended to be consistent with CloudSQL. + // long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. + // Field name is intended to be consistent with Cloud SQL. AllocatedIpRange string `json:"allocatedIpRange,omitempty"` // Network: Required. The resource link for the VPC network in which @@ -2724,8 +2725,8 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // Description: Description associated with signal Description string `json:"description,omitempty"` - // EventTime: The last time at which the event described by this signal - // took place + // EventTime: Required. The last time at which the event described by + // this signal took place EventTime string `json:"eventTime,omitempty"` // ExternalUri: The external-uri of the signal, using which more @@ -2733,7 +2734,7 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // user to SCC page to get more details about signals. ExternalUri string `json:"externalUri,omitempty"` - // Name: The name of the signal, ex: PUBLIC_SQL_INSTANCE, + // Name: Required. The name of the signal, ex: PUBLIC_SQL_INSTANCE, // SQL_LOG_ERROR_VERBOSITY etc. Name string `json:"name,omitempty"` @@ -2760,13 +2761,13 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "provider//", such as "gcp/projects/123". ResourceContainer string `json:"resourceContainer,omitempty"` - // ResourceName: Database resource name associated with the signal. - // Resource name to follow CAIS resource_name format as noted here - // go/condor-common-datamodel + // ResourceName: Required. Database resource name associated with the + // signal. Resource name to follow CAIS resource_name format as noted + // here go/condor-common-datamodel ResourceName string `json:"resourceName,omitempty"` - // SignalClass: The class of the signal, such as if it's a THREAT or - // VULNERABILITY. + // SignalClass: Required. The class of the signal, such as if it's a + // THREAT or VULNERABILITY. // // Possible values: // "CLASS_UNSPECIFIED" - Unspecified signal class. @@ -2780,10 +2781,138 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "ERROR" - Describes an error that prevents some SCC functionality. SignalClass string `json:"signalClass,omitempty"` - // SignalId: Unique identifier for the signal. This is an unique id - // which would be mainatined by partner to identify a signal. + // SignalId: Required. Unique identifier for the signal. This is an + // unique id which would be mainatined by partner to identify a signal. SignalId string `json:"signalId,omitempty"` + // SignalType: Required. Type of signal, for example, + // `AVAILABLE_IN_MULTIPLE_ZONES`, `LOGGING_MOST_ERRORS`, etc. + // + // Possible values: + // "SIGNAL_TYPE_UNSPECIFIED" - Unspecified. + // "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_ZONES" - Represents if the + // resource is available in multiple zones or not. + // "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_REGIONS" - Represents if a + // resource is available in multiple regions. + // "SIGNAL_TYPE_NO_PROMOTABLE_REPLICA" - Represents if a resource has + // a promotable replica. + // "SIGNAL_TYPE_NO_AUTOMATED_BACKUP_POLICY" - Represents if a resource + // has an automated backup policy. + // "SIGNAL_TYPE_SHORT_BACKUP_RETENTION" - Represents if a resources + // has a short backup retention period. + // "SIGNAL_TYPE_LAST_BACKUP_FAILED" - Represents if the last backup of + // a resource failed. + // "SIGNAL_TYPE_LAST_BACKUP_OLD" - Represents if the last backup of a + // resource is older than some threshold value. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_2_0" - Represents if a + // resource violates CIS GCP Foundation 2.0. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_3" - Represents if a + // resource violates CIS GCP Foundation 1.3. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_2" - Represents if a + // resource violates CIS GCP Foundation 1.2. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_1" - Represents if a + // resource violates CIS GCP Foundation 1.1. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_0" - Represents if a + // resource violates CIS GCP Foundation 1.0. + // "SIGNAL_TYPE_VIOLATES_NIST_800_53" - Represents if a resource + // violates NIST 800-53. + // "SIGNAL_TYPE_VIOLATES_ISO_27001" - Represents if a resource + // violates ISO-27001. + // "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1" - Represents if a resource + // violates PCI-DSS v3.2.1. + // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - + // LINT.IfChange(scc_signals) Represents if log_checkpoints database + // flag for a Cloud SQL for PostgreSQL instance is not set to on. + // "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED" - Represents if the + // log_duration database flag for a Cloud SQL for PostgreSQL instance is + // not set to on. + // "SIGNAL_TYPE_VERBOSE_ERROR_LOGGING" - Represents if the + // log_error_verbosity database flag for a Cloud SQL for PostgreSQL + // instance is not set to default or stricter (default or terse). + // "SIGNAL_TYPE_QUERY_LOCK_WAITS_NOT_LOGGED" - Represents if the + // log_lock_waits database flag for a Cloud SQL for PostgreSQL instance + // is not set to on. + // "SIGNAL_TYPE_LOGGING_MOST_ERRORS" - Represents if the + // log_min_error_statement database flag for a Cloud SQL for PostgreSQL + // instance is not set appropriately. + // "SIGNAL_TYPE_LOGGING_ONLY_CRITICAL_ERRORS" - Represents if the + // log_min_error_statement database flag for a Cloud SQL for PostgreSQL + // instance does not have an appropriate severity level. + // "SIGNAL_TYPE_MINIMAL_ERROR_LOGGING" - Represents if the + // log_min_messages database flag for a Cloud SQL for PostgreSQL + // instance is not set to warning or another recommended value. + // "SIGNAL_TYPE_QUERY_STATISTICS_LOGGED" - Represents if the + // databaseFlags property of instance metadata for the + // log_executor_status field is set to on. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_CLIENT_HOSTNAME" - Represents if + // the log_hostname database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PARSER_STATISTICS" - Represents + // if the log_parser_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PLANNER_STATISTICS" - Represents + // if the log_planner_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_NOT_LOGGING_ONLY_DDL_STATEMENTS" - Represents if the + // log_statement database flag for a Cloud SQL for PostgreSQL instance + // is not set to DDL (all data definition statements). + // "SIGNAL_TYPE_LOGGING_QUERY_STATISTICS" - Represents if the + // log_statement_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_NOT_LOGGING_TEMPORARY_FILES" - Represents if the + // log_temp_files database flag for a Cloud SQL for PostgreSQL instance + // is not set to "0". (NOTE: 0 = ON) + // "SIGNAL_TYPE_CONNECTION_MAX_NOT_CONFIGURED" - Represents if the + // user connections database flag for a Cloud SQL for SQL Server + // instance is configured. + // "SIGNAL_TYPE_USER_OPTIONS_CONFIGURED" - Represents if the user + // options database flag for Cloud SQL SQL Server instance is configured + // or not. + // "SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS" - Represents if a resource + // is exposed to public access. + // "SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS" - Represents if a resources + // requires all incoming connections to use SSL or not. + // "SIGNAL_TYPE_NO_ROOT_PASSWORD" - Represents if a Cloud SQL database + // has a password configured for the root account or not. + // "SIGNAL_TYPE_WEAK_ROOT_PASSWORD" - Represents if a Cloud SQL + // database has a weak password configured for the root account. + // "SIGNAL_TYPE_ENCRYPTION_KEY_NOT_CUSTOMER_MANAGED" - Represents if a + // SQL database instance is not encrypted with customer-managed + // encryption keys (CMEK). + // "SIGNAL_TYPE_SERVER_AUTHENTICATION_NOT_REQUIRED" - Represents if + // The contained database authentication database flag for a Cloud SQL + // for SQL Server instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_BY_OWNERSHIP_CHAINING" - Represents if the + // cross_db_ownership_chaining database flag for a Cloud SQL for SQL + // Server instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_TO_EXTERNAL_SCRIPTS" - Represents if he + // external scripts enabled database flag for a Cloud SQL for SQL Server + // instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_TO_LOCAL_DATA_LOADS" - Represents if the + // local_infile database flag for a Cloud SQL for MySQL instance is not + // set to off. + // "SIGNAL_TYPE_CONNECTION_ATTEMPTS_NOT_LOGGED" - Represents if the + // log_connections database flag for a Cloud SQL for PostgreSQL instance + // is not set to on. + // "SIGNAL_TYPE_DISCONNECTIONS_NOT_LOGGED" - Represents if the + // log_disconnections database flag for a Cloud SQL for PostgreSQL + // instance is not set to on. + // "SIGNAL_TYPE_LOGGING_EXCESSIVE_STATEMENT_INFO" - Represents if the + // log_min_duration_statement database flag for a Cloud SQL for + // PostgreSQL instance is not set to -1. + // "SIGNAL_TYPE_EXPOSED_TO_REMOTE_ACCESS" - Represents if the remote + // access database flag for a Cloud SQL for SQL Server instance is not + // set to off. + // "SIGNAL_TYPE_DATABASE_NAMES_EXPOSED" - Represents if the + // skip_show_database database flag for a Cloud SQL for MySQL instance + // is not set to on. + // "SIGNAL_TYPE_SENSITIVE_TRACE_INFO_NOT_MASKED" - Represents if the + // 3625 (trace flag) database flag for a Cloud SQL for SQL Server + // instance is not set to on. + // LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgj + // ob/message_adapter/health_signal_feed/health_signal_mapping.h) + SignalType string `json:"signalType,omitempty"` + // Possible values: // "STATE_UNSPECIFIED" - Unspecified state. // "ACTIVE" - The signal requires attention and has not been addressed @@ -2931,6 +3060,7 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata struct { // Possible values: // "INSTANCE_TYPE_UNSPECIFIED" // "PRIMARY" - A regular primary database instance. + // "SECONDARY" - A cluster or an instance acting as a secondary. // "READ_REPLICA" - An instance acting as a read-replica. // "OTHER" - For rest of the other categories. InstanceType string `json:"instanceType,omitempty"` diff --git a/alloydb/v1alpha/alloydb-api.json b/alloydb/v1alpha/alloydb-api.json index 51b6fcf91f9..dcc283b7b9c 100644 --- a/alloydb/v1alpha/alloydb-api.json +++ b/alloydb/v1alpha/alloydb-api.json @@ -1489,7 +1489,7 @@ } } }, - "revision": "20230918", + "revision": "20231006", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AutomatedBackupPolicy": { @@ -1640,7 +1640,8 @@ "type": "boolean" }, "satisfiesPzs": { - "description": "Reserved for future use.", + "description": "Output only. Reserved for future use.", + "readOnly": true, "type": "boolean" }, "sizeBytes": { @@ -1901,7 +1902,8 @@ "type": "boolean" }, "satisfiesPzs": { - "description": "Reserved for future use.", + "description": "Output only. Reserved for future use.", + "readOnly": true, "type": "boolean" }, "secondaryConfig": { @@ -2407,7 +2409,7 @@ }, "readPoolConfig": { "$ref": "ReadPoolConfig", - "description": "Read pool specific config." + "description": "Read pool instance configuration. This is required if the value of instanceType is READ_POOL." }, "reconciling": { "description": "Output only. Reconciling (https://google.aip.dev/128#reconciliation). Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance.", @@ -2415,7 +2417,8 @@ "type": "boolean" }, "satisfiesPzs": { - "description": "Reserved for future use.", + "description": "Output only. Reserved for future use.", + "readOnly": true, "type": "boolean" }, "state": { @@ -2668,7 +2671,7 @@ "id": "NetworkConfig", "properties": { "allocatedIpRange": { - "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. Field name is intended to be consistent with CloudSQL.", + "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL.", "type": "string" }, "network": { @@ -3175,7 +3178,7 @@ "type": "string" }, "eventTime": { - "description": "The last time at which the event described by this signal took place", + "description": "Required. The last time at which the event described by this signal took place", "format": "google-datetime", "type": "string" }, @@ -3184,7 +3187,7 @@ "type": "string" }, "name": { - "description": "The name of the signal, ex: PUBLIC_SQL_INSTANCE, SQL_LOG_ERROR_VERBOSITY etc.", + "description": "Required. The name of the signal, ex: PUBLIC_SQL_INSTANCE, SQL_LOG_ERROR_VERBOSITY etc.", "type": "string" }, "provider": { @@ -3214,11 +3217,11 @@ "type": "string" }, "resourceName": { - "description": "Database resource name associated with the signal. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", + "description": "Required. Database resource name associated with the signal. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", "type": "string" }, "signalClass": { - "description": "The class of the signal, such as if it's a THREAT or VULNERABILITY.", + "description": "Required. The class of the signal, such as if it's a THREAT or VULNERABILITY.", "enum": [ "CLASS_UNSPECIFIED", "THREAT", @@ -3238,7 +3241,109 @@ "type": "string" }, "signalId": { - "description": "Unique identifier for the signal. This is an unique id which would be mainatined by partner to identify a signal.", + "description": "Required. Unique identifier for the signal. This is an unique id which would be mainatined by partner to identify a signal.", + "type": "string" + }, + "signalType": { + "description": "Required. Type of signal, for example, `AVAILABLE_IN_MULTIPLE_ZONES`, `LOGGING_MOST_ERRORS`, etc.", + "enum": [ + "SIGNAL_TYPE_UNSPECIFIED", + "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_ZONES", + "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_REGIONS", + "SIGNAL_TYPE_NO_PROMOTABLE_REPLICA", + "SIGNAL_TYPE_NO_AUTOMATED_BACKUP_POLICY", + "SIGNAL_TYPE_SHORT_BACKUP_RETENTION", + "SIGNAL_TYPE_LAST_BACKUP_FAILED", + "SIGNAL_TYPE_LAST_BACKUP_OLD", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_2_0", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_3", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_2", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_1", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_0", + "SIGNAL_TYPE_VIOLATES_NIST_800_53", + "SIGNAL_TYPE_VIOLATES_ISO_27001", + "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1", + "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING", + "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED", + "SIGNAL_TYPE_VERBOSE_ERROR_LOGGING", + "SIGNAL_TYPE_QUERY_LOCK_WAITS_NOT_LOGGED", + "SIGNAL_TYPE_LOGGING_MOST_ERRORS", + "SIGNAL_TYPE_LOGGING_ONLY_CRITICAL_ERRORS", + "SIGNAL_TYPE_MINIMAL_ERROR_LOGGING", + "SIGNAL_TYPE_QUERY_STATISTICS_LOGGED", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_CLIENT_HOSTNAME", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PARSER_STATISTICS", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PLANNER_STATISTICS", + "SIGNAL_TYPE_NOT_LOGGING_ONLY_DDL_STATEMENTS", + "SIGNAL_TYPE_LOGGING_QUERY_STATISTICS", + "SIGNAL_TYPE_NOT_LOGGING_TEMPORARY_FILES", + "SIGNAL_TYPE_CONNECTION_MAX_NOT_CONFIGURED", + "SIGNAL_TYPE_USER_OPTIONS_CONFIGURED", + "SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS", + "SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS", + "SIGNAL_TYPE_NO_ROOT_PASSWORD", + "SIGNAL_TYPE_WEAK_ROOT_PASSWORD", + "SIGNAL_TYPE_ENCRYPTION_KEY_NOT_CUSTOMER_MANAGED", + "SIGNAL_TYPE_SERVER_AUTHENTICATION_NOT_REQUIRED", + "SIGNAL_TYPE_EXPOSED_BY_OWNERSHIP_CHAINING", + "SIGNAL_TYPE_EXPOSED_TO_EXTERNAL_SCRIPTS", + "SIGNAL_TYPE_EXPOSED_TO_LOCAL_DATA_LOADS", + "SIGNAL_TYPE_CONNECTION_ATTEMPTS_NOT_LOGGED", + "SIGNAL_TYPE_DISCONNECTIONS_NOT_LOGGED", + "SIGNAL_TYPE_LOGGING_EXCESSIVE_STATEMENT_INFO", + "SIGNAL_TYPE_EXPOSED_TO_REMOTE_ACCESS", + "SIGNAL_TYPE_DATABASE_NAMES_EXPOSED", + "SIGNAL_TYPE_SENSITIVE_TRACE_INFO_NOT_MASKED" + ], + "enumDescriptions": [ + "Unspecified.", + "Represents if the resource is available in multiple zones or not.", + "Represents if a resource is available in multiple regions.", + "Represents if a resource has a promotable replica.", + "Represents if a resource has an automated backup policy.", + "Represents if a resources has a short backup retention period.", + "Represents if the last backup of a resource failed.", + "Represents if the last backup of a resource is older than some threshold value.", + "Represents if a resource violates CIS GCP Foundation 2.0.", + "Represents if a resource violates CIS GCP Foundation 1.3.", + "Represents if a resource violates CIS GCP Foundation 1.2.", + "Represents if a resource violates CIS GCP Foundation 1.1.", + "Represents if a resource violates CIS GCP Foundation 1.0.", + "Represents if a resource violates NIST 800-53.", + "Represents if a resource violates ISO-27001.", + "Represents if a resource violates PCI-DSS v3.2.1.", + "LINT.IfChange(scc_signals) Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_duration database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_error_verbosity database flag for a Cloud SQL for PostgreSQL instance is not set to default or stricter (default or terse).", + "Represents if the log_lock_waits database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_min_error_statement database flag for a Cloud SQL for PostgreSQL instance is not set appropriately.", + "Represents if the log_min_error_statement database flag for a Cloud SQL for PostgreSQL instance does not have an appropriate severity level.", + "Represents if the log_min_messages database flag for a Cloud SQL for PostgreSQL instance is not set to warning or another recommended value.", + "Represents if the databaseFlags property of instance metadata for the log_executor_status field is set to on.", + "Represents if the log_hostname database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_parser_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_planner_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_statement database flag for a Cloud SQL for PostgreSQL instance is not set to DDL (all data definition statements).", + "Represents if the log_statement_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_temp_files database flag for a Cloud SQL for PostgreSQL instance is not set to \"0\". (NOTE: 0 = ON)", + "Represents if the user connections database flag for a Cloud SQL for SQL Server instance is configured.", + "Represents if the user options database flag for Cloud SQL SQL Server instance is configured or not.", + "Represents if a resource is exposed to public access.", + "Represents if a resources requires all incoming connections to use SSL or not.", + "Represents if a Cloud SQL database has a password configured for the root account or not.", + "Represents if a Cloud SQL database has a weak password configured for the root account.", + "Represents if a SQL database instance is not encrypted with customer-managed encryption keys (CMEK).", + "Represents if The contained database authentication database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the cross_db_ownership_chaining database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if he external scripts enabled database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the local_infile database flag for a Cloud SQL for MySQL instance is not set to off.", + "Represents if the log_connections database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_disconnections database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_min_duration_statement database flag for a Cloud SQL for PostgreSQL instance is not set to -1.", + "Represents if the remote access database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the skip_show_database database flag for a Cloud SQL for MySQL instance is not set to on.", + "Represents if the 3625 (trace flag) database flag for a Cloud SQL for SQL Server instance is not set to on. LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgjob/message_adapter/health_signal_feed/health_signal_mapping.h)" + ], "type": "string" }, "state": { @@ -3378,12 +3483,14 @@ "enum": [ "INSTANCE_TYPE_UNSPECIFIED", "PRIMARY", + "SECONDARY", "READ_REPLICA", "OTHER" ], "enumDescriptions": [ "", "A regular primary database instance.", + "A cluster or an instance acting as a secondary.", "An instance acting as a read-replica.", "For rest of the other categories." ], diff --git a/alloydb/v1alpha/alloydb-gen.go b/alloydb/v1alpha/alloydb-gen.go index d6b2d8566cd..4c10c18c9ba 100644 --- a/alloydb/v1alpha/alloydb-gen.go +++ b/alloydb/v1alpha/alloydb-gen.go @@ -391,7 +391,7 @@ type Backup struct { // maintenance. Reconciling bool `json:"reconciling,omitempty"` - // SatisfiesPzs: Reserved for future use. + // SatisfiesPzs: Output only. Reserved for future use. SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // SizeBytes: Output only. The size of the backup in bytes. @@ -688,7 +688,7 @@ type Cluster struct { // failover or maintenance. Reconciling bool `json:"reconciling,omitempty"` - // SatisfiesPzs: Reserved for future use. + // SatisfiesPzs: Output only. Reserved for future use. SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // SecondaryConfig: Cross Region replication config specific to @@ -1457,7 +1457,8 @@ type Instance struct { // QueryInsightsConfig: Configuration for query insights. QueryInsightsConfig *QueryInsightsInstanceConfig `json:"queryInsightsConfig,omitempty"` - // ReadPoolConfig: Read pool specific config. + // ReadPoolConfig: Read pool instance configuration. This is required if + // the value of instanceType is READ_POOL. ReadPoolConfig *ReadPoolConfig `json:"readPoolConfig,omitempty"` // Reconciling: Output only. Reconciling @@ -1468,7 +1469,7 @@ type Instance struct { // failover or maintenance. Reconciling bool `json:"reconciling,omitempty"` - // SatisfiesPzs: Reserved for future use. + // SatisfiesPzs: Output only. Reserved for future use. SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // State: Output only. The current serving state of the instance. @@ -1876,8 +1877,8 @@ type NetworkConfig struct { // "google-managed-services-default". If set, the instance IPs for this // cluster will be created in the allocated range. The range name must // comply with RFC 1035. Specifically, the name must be 1-63 characters - // long and match the regular expression a-z ([-a-z0-9]*[a-z0-9])?. - // Field name is intended to be consistent with CloudSQL. + // long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. + // Field name is intended to be consistent with Cloud SQL. AllocatedIpRange string `json:"allocatedIpRange,omitempty"` // Network: Required. The resource link for the VPC network in which @@ -2759,8 +2760,8 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // Description: Description associated with signal Description string `json:"description,omitempty"` - // EventTime: The last time at which the event described by this signal - // took place + // EventTime: Required. The last time at which the event described by + // this signal took place EventTime string `json:"eventTime,omitempty"` // ExternalUri: The external-uri of the signal, using which more @@ -2768,7 +2769,7 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // user to SCC page to get more details about signals. ExternalUri string `json:"externalUri,omitempty"` - // Name: The name of the signal, ex: PUBLIC_SQL_INSTANCE, + // Name: Required. The name of the signal, ex: PUBLIC_SQL_INSTANCE, // SQL_LOG_ERROR_VERBOSITY etc. Name string `json:"name,omitempty"` @@ -2795,13 +2796,13 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "provider//", such as "gcp/projects/123". ResourceContainer string `json:"resourceContainer,omitempty"` - // ResourceName: Database resource name associated with the signal. - // Resource name to follow CAIS resource_name format as noted here - // go/condor-common-datamodel + // ResourceName: Required. Database resource name associated with the + // signal. Resource name to follow CAIS resource_name format as noted + // here go/condor-common-datamodel ResourceName string `json:"resourceName,omitempty"` - // SignalClass: The class of the signal, such as if it's a THREAT or - // VULNERABILITY. + // SignalClass: Required. The class of the signal, such as if it's a + // THREAT or VULNERABILITY. // // Possible values: // "CLASS_UNSPECIFIED" - Unspecified signal class. @@ -2815,10 +2816,138 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "ERROR" - Describes an error that prevents some SCC functionality. SignalClass string `json:"signalClass,omitempty"` - // SignalId: Unique identifier for the signal. This is an unique id - // which would be mainatined by partner to identify a signal. + // SignalId: Required. Unique identifier for the signal. This is an + // unique id which would be mainatined by partner to identify a signal. SignalId string `json:"signalId,omitempty"` + // SignalType: Required. Type of signal, for example, + // `AVAILABLE_IN_MULTIPLE_ZONES`, `LOGGING_MOST_ERRORS`, etc. + // + // Possible values: + // "SIGNAL_TYPE_UNSPECIFIED" - Unspecified. + // "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_ZONES" - Represents if the + // resource is available in multiple zones or not. + // "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_REGIONS" - Represents if a + // resource is available in multiple regions. + // "SIGNAL_TYPE_NO_PROMOTABLE_REPLICA" - Represents if a resource has + // a promotable replica. + // "SIGNAL_TYPE_NO_AUTOMATED_BACKUP_POLICY" - Represents if a resource + // has an automated backup policy. + // "SIGNAL_TYPE_SHORT_BACKUP_RETENTION" - Represents if a resources + // has a short backup retention period. + // "SIGNAL_TYPE_LAST_BACKUP_FAILED" - Represents if the last backup of + // a resource failed. + // "SIGNAL_TYPE_LAST_BACKUP_OLD" - Represents if the last backup of a + // resource is older than some threshold value. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_2_0" - Represents if a + // resource violates CIS GCP Foundation 2.0. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_3" - Represents if a + // resource violates CIS GCP Foundation 1.3. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_2" - Represents if a + // resource violates CIS GCP Foundation 1.2. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_1" - Represents if a + // resource violates CIS GCP Foundation 1.1. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_0" - Represents if a + // resource violates CIS GCP Foundation 1.0. + // "SIGNAL_TYPE_VIOLATES_NIST_800_53" - Represents if a resource + // violates NIST 800-53. + // "SIGNAL_TYPE_VIOLATES_ISO_27001" - Represents if a resource + // violates ISO-27001. + // "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1" - Represents if a resource + // violates PCI-DSS v3.2.1. + // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - + // LINT.IfChange(scc_signals) Represents if log_checkpoints database + // flag for a Cloud SQL for PostgreSQL instance is not set to on. + // "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED" - Represents if the + // log_duration database flag for a Cloud SQL for PostgreSQL instance is + // not set to on. + // "SIGNAL_TYPE_VERBOSE_ERROR_LOGGING" - Represents if the + // log_error_verbosity database flag for a Cloud SQL for PostgreSQL + // instance is not set to default or stricter (default or terse). + // "SIGNAL_TYPE_QUERY_LOCK_WAITS_NOT_LOGGED" - Represents if the + // log_lock_waits database flag for a Cloud SQL for PostgreSQL instance + // is not set to on. + // "SIGNAL_TYPE_LOGGING_MOST_ERRORS" - Represents if the + // log_min_error_statement database flag for a Cloud SQL for PostgreSQL + // instance is not set appropriately. + // "SIGNAL_TYPE_LOGGING_ONLY_CRITICAL_ERRORS" - Represents if the + // log_min_error_statement database flag for a Cloud SQL for PostgreSQL + // instance does not have an appropriate severity level. + // "SIGNAL_TYPE_MINIMAL_ERROR_LOGGING" - Represents if the + // log_min_messages database flag for a Cloud SQL for PostgreSQL + // instance is not set to warning or another recommended value. + // "SIGNAL_TYPE_QUERY_STATISTICS_LOGGED" - Represents if the + // databaseFlags property of instance metadata for the + // log_executor_status field is set to on. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_CLIENT_HOSTNAME" - Represents if + // the log_hostname database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PARSER_STATISTICS" - Represents + // if the log_parser_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PLANNER_STATISTICS" - Represents + // if the log_planner_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_NOT_LOGGING_ONLY_DDL_STATEMENTS" - Represents if the + // log_statement database flag for a Cloud SQL for PostgreSQL instance + // is not set to DDL (all data definition statements). + // "SIGNAL_TYPE_LOGGING_QUERY_STATISTICS" - Represents if the + // log_statement_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_NOT_LOGGING_TEMPORARY_FILES" - Represents if the + // log_temp_files database flag for a Cloud SQL for PostgreSQL instance + // is not set to "0". (NOTE: 0 = ON) + // "SIGNAL_TYPE_CONNECTION_MAX_NOT_CONFIGURED" - Represents if the + // user connections database flag for a Cloud SQL for SQL Server + // instance is configured. + // "SIGNAL_TYPE_USER_OPTIONS_CONFIGURED" - Represents if the user + // options database flag for Cloud SQL SQL Server instance is configured + // or not. + // "SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS" - Represents if a resource + // is exposed to public access. + // "SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS" - Represents if a resources + // requires all incoming connections to use SSL or not. + // "SIGNAL_TYPE_NO_ROOT_PASSWORD" - Represents if a Cloud SQL database + // has a password configured for the root account or not. + // "SIGNAL_TYPE_WEAK_ROOT_PASSWORD" - Represents if a Cloud SQL + // database has a weak password configured for the root account. + // "SIGNAL_TYPE_ENCRYPTION_KEY_NOT_CUSTOMER_MANAGED" - Represents if a + // SQL database instance is not encrypted with customer-managed + // encryption keys (CMEK). + // "SIGNAL_TYPE_SERVER_AUTHENTICATION_NOT_REQUIRED" - Represents if + // The contained database authentication database flag for a Cloud SQL + // for SQL Server instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_BY_OWNERSHIP_CHAINING" - Represents if the + // cross_db_ownership_chaining database flag for a Cloud SQL for SQL + // Server instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_TO_EXTERNAL_SCRIPTS" - Represents if he + // external scripts enabled database flag for a Cloud SQL for SQL Server + // instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_TO_LOCAL_DATA_LOADS" - Represents if the + // local_infile database flag for a Cloud SQL for MySQL instance is not + // set to off. + // "SIGNAL_TYPE_CONNECTION_ATTEMPTS_NOT_LOGGED" - Represents if the + // log_connections database flag for a Cloud SQL for PostgreSQL instance + // is not set to on. + // "SIGNAL_TYPE_DISCONNECTIONS_NOT_LOGGED" - Represents if the + // log_disconnections database flag for a Cloud SQL for PostgreSQL + // instance is not set to on. + // "SIGNAL_TYPE_LOGGING_EXCESSIVE_STATEMENT_INFO" - Represents if the + // log_min_duration_statement database flag for a Cloud SQL for + // PostgreSQL instance is not set to -1. + // "SIGNAL_TYPE_EXPOSED_TO_REMOTE_ACCESS" - Represents if the remote + // access database flag for a Cloud SQL for SQL Server instance is not + // set to off. + // "SIGNAL_TYPE_DATABASE_NAMES_EXPOSED" - Represents if the + // skip_show_database database flag for a Cloud SQL for MySQL instance + // is not set to on. + // "SIGNAL_TYPE_SENSITIVE_TRACE_INFO_NOT_MASKED" - Represents if the + // 3625 (trace flag) database flag for a Cloud SQL for SQL Server + // instance is not set to on. + // LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgj + // ob/message_adapter/health_signal_feed/health_signal_mapping.h) + SignalType string `json:"signalType,omitempty"` + // Possible values: // "STATE_UNSPECIFIED" - Unspecified state. // "ACTIVE" - The signal requires attention and has not been addressed @@ -2966,6 +3095,7 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata struct { // Possible values: // "INSTANCE_TYPE_UNSPECIFIED" // "PRIMARY" - A regular primary database instance. + // "SECONDARY" - A cluster or an instance acting as a secondary. // "READ_REPLICA" - An instance acting as a read-replica. // "OTHER" - For rest of the other categories. InstanceType string `json:"instanceType,omitempty"` diff --git a/alloydb/v1beta/alloydb-api.json b/alloydb/v1beta/alloydb-api.json index eb7f5ede7b5..69f2e7d8c04 100644 --- a/alloydb/v1beta/alloydb-api.json +++ b/alloydb/v1beta/alloydb-api.json @@ -1486,7 +1486,7 @@ } } }, - "revision": "20230918", + "revision": "20231006", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AutomatedBackupPolicy": { @@ -2390,7 +2390,7 @@ }, "readPoolConfig": { "$ref": "ReadPoolConfig", - "description": "Read pool specific config." + "description": "Read pool instance configuration. This is required if the value of instanceType is READ_POOL." }, "reconciling": { "description": "Output only. Reconciling (https://google.aip.dev/128#reconciliation). Set to true if the current state of Instance does not match the user's intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance.", @@ -2647,7 +2647,7 @@ "id": "NetworkConfig", "properties": { "allocatedIpRange": { - "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. Field name is intended to be consistent with CloudSQL.", + "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL.", "type": "string" }, "network": { @@ -3154,7 +3154,7 @@ "type": "string" }, "eventTime": { - "description": "The last time at which the event described by this signal took place", + "description": "Required. The last time at which the event described by this signal took place", "format": "google-datetime", "type": "string" }, @@ -3163,7 +3163,7 @@ "type": "string" }, "name": { - "description": "The name of the signal, ex: PUBLIC_SQL_INSTANCE, SQL_LOG_ERROR_VERBOSITY etc.", + "description": "Required. The name of the signal, ex: PUBLIC_SQL_INSTANCE, SQL_LOG_ERROR_VERBOSITY etc.", "type": "string" }, "provider": { @@ -3193,11 +3193,11 @@ "type": "string" }, "resourceName": { - "description": "Database resource name associated with the signal. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", + "description": "Required. Database resource name associated with the signal. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", "type": "string" }, "signalClass": { - "description": "The class of the signal, such as if it's a THREAT or VULNERABILITY.", + "description": "Required. The class of the signal, such as if it's a THREAT or VULNERABILITY.", "enum": [ "CLASS_UNSPECIFIED", "THREAT", @@ -3217,7 +3217,109 @@ "type": "string" }, "signalId": { - "description": "Unique identifier for the signal. This is an unique id which would be mainatined by partner to identify a signal.", + "description": "Required. Unique identifier for the signal. This is an unique id which would be mainatined by partner to identify a signal.", + "type": "string" + }, + "signalType": { + "description": "Required. Type of signal, for example, `AVAILABLE_IN_MULTIPLE_ZONES`, `LOGGING_MOST_ERRORS`, etc.", + "enum": [ + "SIGNAL_TYPE_UNSPECIFIED", + "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_ZONES", + "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_REGIONS", + "SIGNAL_TYPE_NO_PROMOTABLE_REPLICA", + "SIGNAL_TYPE_NO_AUTOMATED_BACKUP_POLICY", + "SIGNAL_TYPE_SHORT_BACKUP_RETENTION", + "SIGNAL_TYPE_LAST_BACKUP_FAILED", + "SIGNAL_TYPE_LAST_BACKUP_OLD", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_2_0", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_3", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_2", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_1", + "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_0", + "SIGNAL_TYPE_VIOLATES_NIST_800_53", + "SIGNAL_TYPE_VIOLATES_ISO_27001", + "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1", + "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING", + "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED", + "SIGNAL_TYPE_VERBOSE_ERROR_LOGGING", + "SIGNAL_TYPE_QUERY_LOCK_WAITS_NOT_LOGGED", + "SIGNAL_TYPE_LOGGING_MOST_ERRORS", + "SIGNAL_TYPE_LOGGING_ONLY_CRITICAL_ERRORS", + "SIGNAL_TYPE_MINIMAL_ERROR_LOGGING", + "SIGNAL_TYPE_QUERY_STATISTICS_LOGGED", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_CLIENT_HOSTNAME", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PARSER_STATISTICS", + "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PLANNER_STATISTICS", + "SIGNAL_TYPE_NOT_LOGGING_ONLY_DDL_STATEMENTS", + "SIGNAL_TYPE_LOGGING_QUERY_STATISTICS", + "SIGNAL_TYPE_NOT_LOGGING_TEMPORARY_FILES", + "SIGNAL_TYPE_CONNECTION_MAX_NOT_CONFIGURED", + "SIGNAL_TYPE_USER_OPTIONS_CONFIGURED", + "SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS", + "SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS", + "SIGNAL_TYPE_NO_ROOT_PASSWORD", + "SIGNAL_TYPE_WEAK_ROOT_PASSWORD", + "SIGNAL_TYPE_ENCRYPTION_KEY_NOT_CUSTOMER_MANAGED", + "SIGNAL_TYPE_SERVER_AUTHENTICATION_NOT_REQUIRED", + "SIGNAL_TYPE_EXPOSED_BY_OWNERSHIP_CHAINING", + "SIGNAL_TYPE_EXPOSED_TO_EXTERNAL_SCRIPTS", + "SIGNAL_TYPE_EXPOSED_TO_LOCAL_DATA_LOADS", + "SIGNAL_TYPE_CONNECTION_ATTEMPTS_NOT_LOGGED", + "SIGNAL_TYPE_DISCONNECTIONS_NOT_LOGGED", + "SIGNAL_TYPE_LOGGING_EXCESSIVE_STATEMENT_INFO", + "SIGNAL_TYPE_EXPOSED_TO_REMOTE_ACCESS", + "SIGNAL_TYPE_DATABASE_NAMES_EXPOSED", + "SIGNAL_TYPE_SENSITIVE_TRACE_INFO_NOT_MASKED" + ], + "enumDescriptions": [ + "Unspecified.", + "Represents if the resource is available in multiple zones or not.", + "Represents if a resource is available in multiple regions.", + "Represents if a resource has a promotable replica.", + "Represents if a resource has an automated backup policy.", + "Represents if a resources has a short backup retention period.", + "Represents if the last backup of a resource failed.", + "Represents if the last backup of a resource is older than some threshold value.", + "Represents if a resource violates CIS GCP Foundation 2.0.", + "Represents if a resource violates CIS GCP Foundation 1.3.", + "Represents if a resource violates CIS GCP Foundation 1.2.", + "Represents if a resource violates CIS GCP Foundation 1.1.", + "Represents if a resource violates CIS GCP Foundation 1.0.", + "Represents if a resource violates NIST 800-53.", + "Represents if a resource violates ISO-27001.", + "Represents if a resource violates PCI-DSS v3.2.1.", + "LINT.IfChange(scc_signals) Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_duration database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_error_verbosity database flag for a Cloud SQL for PostgreSQL instance is not set to default or stricter (default or terse).", + "Represents if the log_lock_waits database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_min_error_statement database flag for a Cloud SQL for PostgreSQL instance is not set appropriately.", + "Represents if the log_min_error_statement database flag for a Cloud SQL for PostgreSQL instance does not have an appropriate severity level.", + "Represents if the log_min_messages database flag for a Cloud SQL for PostgreSQL instance is not set to warning or another recommended value.", + "Represents if the databaseFlags property of instance metadata for the log_executor_status field is set to on.", + "Represents if the log_hostname database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_parser_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_planner_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_statement database flag for a Cloud SQL for PostgreSQL instance is not set to DDL (all data definition statements).", + "Represents if the log_statement_stats database flag for a Cloud SQL for PostgreSQL instance is not set to off.", + "Represents if the log_temp_files database flag for a Cloud SQL for PostgreSQL instance is not set to \"0\". (NOTE: 0 = ON)", + "Represents if the user connections database flag for a Cloud SQL for SQL Server instance is configured.", + "Represents if the user options database flag for Cloud SQL SQL Server instance is configured or not.", + "Represents if a resource is exposed to public access.", + "Represents if a resources requires all incoming connections to use SSL or not.", + "Represents if a Cloud SQL database has a password configured for the root account or not.", + "Represents if a Cloud SQL database has a weak password configured for the root account.", + "Represents if a SQL database instance is not encrypted with customer-managed encryption keys (CMEK).", + "Represents if The contained database authentication database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the cross_db_ownership_chaining database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if he external scripts enabled database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the local_infile database flag for a Cloud SQL for MySQL instance is not set to off.", + "Represents if the log_connections database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_disconnections database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if the log_min_duration_statement database flag for a Cloud SQL for PostgreSQL instance is not set to -1.", + "Represents if the remote access database flag for a Cloud SQL for SQL Server instance is not set to off.", + "Represents if the skip_show_database database flag for a Cloud SQL for MySQL instance is not set to on.", + "Represents if the 3625 (trace flag) database flag for a Cloud SQL for SQL Server instance is not set to on. LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgjob/message_adapter/health_signal_feed/health_signal_mapping.h)" + ], "type": "string" }, "state": { @@ -3357,12 +3459,14 @@ "enum": [ "INSTANCE_TYPE_UNSPECIFIED", "PRIMARY", + "SECONDARY", "READ_REPLICA", "OTHER" ], "enumDescriptions": [ "", "A regular primary database instance.", + "A cluster or an instance acting as a secondary.", "An instance acting as a read-replica.", "For rest of the other categories." ], diff --git a/alloydb/v1beta/alloydb-gen.go b/alloydb/v1beta/alloydb-gen.go index 0d535bae99a..f7c0ee0a0a9 100644 --- a/alloydb/v1beta/alloydb-gen.go +++ b/alloydb/v1beta/alloydb-gen.go @@ -1446,7 +1446,8 @@ type Instance struct { // QueryInsightsConfig: Configuration for query insights. QueryInsightsConfig *QueryInsightsInstanceConfig `json:"queryInsightsConfig,omitempty"` - // ReadPoolConfig: Read pool specific config. + // ReadPoolConfig: Read pool instance configuration. This is required if + // the value of instanceType is READ_POOL. ReadPoolConfig *ReadPoolConfig `json:"readPoolConfig,omitempty"` // Reconciling: Output only. Reconciling @@ -1862,8 +1863,8 @@ type NetworkConfig struct { // "google-managed-services-default". If set, the instance IPs for this // cluster will be created in the allocated range. The range name must // comply with RFC 1035. Specifically, the name must be 1-63 characters - // long and match the regular expression a-z ([-a-z0-9]*[a-z0-9])?. - // Field name is intended to be consistent with CloudSQL. + // long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. + // Field name is intended to be consistent with Cloud SQL. AllocatedIpRange string `json:"allocatedIpRange,omitempty"` // Network: Required. The resource link for the VPC network in which @@ -2745,8 +2746,8 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // Description: Description associated with signal Description string `json:"description,omitempty"` - // EventTime: The last time at which the event described by this signal - // took place + // EventTime: Required. The last time at which the event described by + // this signal took place EventTime string `json:"eventTime,omitempty"` // ExternalUri: The external-uri of the signal, using which more @@ -2754,7 +2755,7 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // user to SCC page to get more details about signals. ExternalUri string `json:"externalUri,omitempty"` - // Name: The name of the signal, ex: PUBLIC_SQL_INSTANCE, + // Name: Required. The name of the signal, ex: PUBLIC_SQL_INSTANCE, // SQL_LOG_ERROR_VERBOSITY etc. Name string `json:"name,omitempty"` @@ -2781,13 +2782,13 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "provider//", such as "gcp/projects/123". ResourceContainer string `json:"resourceContainer,omitempty"` - // ResourceName: Database resource name associated with the signal. - // Resource name to follow CAIS resource_name format as noted here - // go/condor-common-datamodel + // ResourceName: Required. Database resource name associated with the + // signal. Resource name to follow CAIS resource_name format as noted + // here go/condor-common-datamodel ResourceName string `json:"resourceName,omitempty"` - // SignalClass: The class of the signal, such as if it's a THREAT or - // VULNERABILITY. + // SignalClass: Required. The class of the signal, such as if it's a + // THREAT or VULNERABILITY. // // Possible values: // "CLASS_UNSPECIFIED" - Unspecified signal class. @@ -2801,10 +2802,138 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "ERROR" - Describes an error that prevents some SCC functionality. SignalClass string `json:"signalClass,omitempty"` - // SignalId: Unique identifier for the signal. This is an unique id - // which would be mainatined by partner to identify a signal. + // SignalId: Required. Unique identifier for the signal. This is an + // unique id which would be mainatined by partner to identify a signal. SignalId string `json:"signalId,omitempty"` + // SignalType: Required. Type of signal, for example, + // `AVAILABLE_IN_MULTIPLE_ZONES`, `LOGGING_MOST_ERRORS`, etc. + // + // Possible values: + // "SIGNAL_TYPE_UNSPECIFIED" - Unspecified. + // "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_ZONES" - Represents if the + // resource is available in multiple zones or not. + // "SIGNAL_TYPE_NOT_AVAILABLE_IN_MULTIPLE_REGIONS" - Represents if a + // resource is available in multiple regions. + // "SIGNAL_TYPE_NO_PROMOTABLE_REPLICA" - Represents if a resource has + // a promotable replica. + // "SIGNAL_TYPE_NO_AUTOMATED_BACKUP_POLICY" - Represents if a resource + // has an automated backup policy. + // "SIGNAL_TYPE_SHORT_BACKUP_RETENTION" - Represents if a resources + // has a short backup retention period. + // "SIGNAL_TYPE_LAST_BACKUP_FAILED" - Represents if the last backup of + // a resource failed. + // "SIGNAL_TYPE_LAST_BACKUP_OLD" - Represents if the last backup of a + // resource is older than some threshold value. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_2_0" - Represents if a + // resource violates CIS GCP Foundation 2.0. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_3" - Represents if a + // resource violates CIS GCP Foundation 1.3. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_2" - Represents if a + // resource violates CIS GCP Foundation 1.2. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_1" - Represents if a + // resource violates CIS GCP Foundation 1.1. + // "SIGNAL_TYPE_VIOLATES_CIS_GCP_FOUNDATION_1_0" - Represents if a + // resource violates CIS GCP Foundation 1.0. + // "SIGNAL_TYPE_VIOLATES_NIST_800_53" - Represents if a resource + // violates NIST 800-53. + // "SIGNAL_TYPE_VIOLATES_ISO_27001" - Represents if a resource + // violates ISO-27001. + // "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1" - Represents if a resource + // violates PCI-DSS v3.2.1. + // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - + // LINT.IfChange(scc_signals) Represents if log_checkpoints database + // flag for a Cloud SQL for PostgreSQL instance is not set to on. + // "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED" - Represents if the + // log_duration database flag for a Cloud SQL for PostgreSQL instance is + // not set to on. + // "SIGNAL_TYPE_VERBOSE_ERROR_LOGGING" - Represents if the + // log_error_verbosity database flag for a Cloud SQL for PostgreSQL + // instance is not set to default or stricter (default or terse). + // "SIGNAL_TYPE_QUERY_LOCK_WAITS_NOT_LOGGED" - Represents if the + // log_lock_waits database flag for a Cloud SQL for PostgreSQL instance + // is not set to on. + // "SIGNAL_TYPE_LOGGING_MOST_ERRORS" - Represents if the + // log_min_error_statement database flag for a Cloud SQL for PostgreSQL + // instance is not set appropriately. + // "SIGNAL_TYPE_LOGGING_ONLY_CRITICAL_ERRORS" - Represents if the + // log_min_error_statement database flag for a Cloud SQL for PostgreSQL + // instance does not have an appropriate severity level. + // "SIGNAL_TYPE_MINIMAL_ERROR_LOGGING" - Represents if the + // log_min_messages database flag for a Cloud SQL for PostgreSQL + // instance is not set to warning or another recommended value. + // "SIGNAL_TYPE_QUERY_STATISTICS_LOGGED" - Represents if the + // databaseFlags property of instance metadata for the + // log_executor_status field is set to on. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_CLIENT_HOSTNAME" - Represents if + // the log_hostname database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PARSER_STATISTICS" - Represents + // if the log_parser_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_EXCESSIVE_LOGGING_OF_PLANNER_STATISTICS" - Represents + // if the log_planner_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_NOT_LOGGING_ONLY_DDL_STATEMENTS" - Represents if the + // log_statement database flag for a Cloud SQL for PostgreSQL instance + // is not set to DDL (all data definition statements). + // "SIGNAL_TYPE_LOGGING_QUERY_STATISTICS" - Represents if the + // log_statement_stats database flag for a Cloud SQL for PostgreSQL + // instance is not set to off. + // "SIGNAL_TYPE_NOT_LOGGING_TEMPORARY_FILES" - Represents if the + // log_temp_files database flag for a Cloud SQL for PostgreSQL instance + // is not set to "0". (NOTE: 0 = ON) + // "SIGNAL_TYPE_CONNECTION_MAX_NOT_CONFIGURED" - Represents if the + // user connections database flag for a Cloud SQL for SQL Server + // instance is configured. + // "SIGNAL_TYPE_USER_OPTIONS_CONFIGURED" - Represents if the user + // options database flag for Cloud SQL SQL Server instance is configured + // or not. + // "SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS" - Represents if a resource + // is exposed to public access. + // "SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS" - Represents if a resources + // requires all incoming connections to use SSL or not. + // "SIGNAL_TYPE_NO_ROOT_PASSWORD" - Represents if a Cloud SQL database + // has a password configured for the root account or not. + // "SIGNAL_TYPE_WEAK_ROOT_PASSWORD" - Represents if a Cloud SQL + // database has a weak password configured for the root account. + // "SIGNAL_TYPE_ENCRYPTION_KEY_NOT_CUSTOMER_MANAGED" - Represents if a + // SQL database instance is not encrypted with customer-managed + // encryption keys (CMEK). + // "SIGNAL_TYPE_SERVER_AUTHENTICATION_NOT_REQUIRED" - Represents if + // The contained database authentication database flag for a Cloud SQL + // for SQL Server instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_BY_OWNERSHIP_CHAINING" - Represents if the + // cross_db_ownership_chaining database flag for a Cloud SQL for SQL + // Server instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_TO_EXTERNAL_SCRIPTS" - Represents if he + // external scripts enabled database flag for a Cloud SQL for SQL Server + // instance is not set to off. + // "SIGNAL_TYPE_EXPOSED_TO_LOCAL_DATA_LOADS" - Represents if the + // local_infile database flag for a Cloud SQL for MySQL instance is not + // set to off. + // "SIGNAL_TYPE_CONNECTION_ATTEMPTS_NOT_LOGGED" - Represents if the + // log_connections database flag for a Cloud SQL for PostgreSQL instance + // is not set to on. + // "SIGNAL_TYPE_DISCONNECTIONS_NOT_LOGGED" - Represents if the + // log_disconnections database flag for a Cloud SQL for PostgreSQL + // instance is not set to on. + // "SIGNAL_TYPE_LOGGING_EXCESSIVE_STATEMENT_INFO" - Represents if the + // log_min_duration_statement database flag for a Cloud SQL for + // PostgreSQL instance is not set to -1. + // "SIGNAL_TYPE_EXPOSED_TO_REMOTE_ACCESS" - Represents if the remote + // access database flag for a Cloud SQL for SQL Server instance is not + // set to off. + // "SIGNAL_TYPE_DATABASE_NAMES_EXPOSED" - Represents if the + // skip_show_database database flag for a Cloud SQL for MySQL instance + // is not set to on. + // "SIGNAL_TYPE_SENSITIVE_TRACE_INFO_NOT_MASKED" - Represents if the + // 3625 (trace flag) database flag for a Cloud SQL for SQL Server + // instance is not set to on. + // LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgj + // ob/message_adapter/health_signal_feed/health_signal_mapping.h) + SignalType string `json:"signalType,omitempty"` + // Possible values: // "STATE_UNSPECIFIED" - Unspecified state. // "ACTIVE" - The signal requires attention and has not been addressed @@ -2952,6 +3081,7 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata struct { // Possible values: // "INSTANCE_TYPE_UNSPECIFIED" // "PRIMARY" - A regular primary database instance. + // "SECONDARY" - A cluster or an instance acting as a secondary. // "READ_REPLICA" - An instance acting as a read-replica. // "OTHER" - For rest of the other categories. InstanceType string `json:"instanceType,omitempty"` diff --git a/appengine/v1/appengine-api.json b/appengine/v1/appengine-api.json index 1161e5933ed..a29ed7f9adf 100644 --- a/appengine/v1/appengine-api.json +++ b/appengine/v1/appengine-api.json @@ -1610,7 +1610,7 @@ } } }, - "revision": "20230909", + "revision": "20231004", "rootUrl": "https://appengine.googleapis.com/", "schemas": { "ApiConfigHandler": { @@ -2014,6 +2014,38 @@ }, "type": "object" }, + "ContainerState": { + "description": "ContainerState contains the externally-visible container state that is used to communicate the state and reasoning for that state to the CLH. This data is not persisted by CCFE, but is instead derived from CCFE's internal representation of the container state.", + "id": "ContainerState", + "properties": { + "currentReasons": { + "$ref": "Reasons", + "deprecated": true + }, + "previousReasons": { + "$ref": "Reasons", + "deprecated": true, + "description": "The previous and current reasons for a container state will be sent for a container event. CLHs that need to know the signal that caused the container event to trigger (edges) as opposed to just knowing the state can act upon differences in the previous and current reasons.Reasons will be provided for every system: service management, data governance, abuse, and billing.If this is a CCFE-triggered event used for reconciliation then the current reasons will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons will contain the last known set of non-unknown non-control_plane_sync reasons for the state.Reasons fields are deprecated. New tenants should only use the state field. If you must know the reason(s) behind a specific state, please consult with CCFE team first (cloud-ccfe-discuss@google.com)." + }, + "state": { + "description": "The current state of the container. This state is the culmination of all of the opinions from external systems that CCFE knows about of the container.", + "enum": [ + "UNKNOWN_STATE", + "ON", + "OFF", + "DELETED" + ], + "enumDescriptions": [ + "A container should never be in an unknown state. Receipt of a container with this state is an error.", + "CCFE considers the container to be serving or transitioning into serving.", + "CCFE considers the container to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a container to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the container is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", + "This state indicates that the container has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." + ], + "type": "string" + } + }, + "type": "object" + }, "CpuUtilization": { "description": "Target scaling by CPU usage.", "id": "CpuUtilization", @@ -3129,44 +3161,12 @@ "description": "The projects metadata for this project. required" }, "state": { - "$ref": "ProjectState", + "$ref": "ContainerState", "description": "The state of the project that led to this event." } }, "type": "object" }, - "ProjectState": { - "description": "ProjectState contains the externally-visible project state that is used to communicate the state and reasoning for that state to the CLH. This data is not persisted by CCFE, but is instead derived from CCFE's internal representation of the project state.", - "id": "ProjectState", - "properties": { - "currentReasons": { - "$ref": "Reasons", - "deprecated": true - }, - "previousReasons": { - "$ref": "Reasons", - "deprecated": true, - "description": "The previous and current reasons for a project state will be sent for a project event. CLHs that need to know the signal that caused the project event to trigger (edges) as opposed to just knowing the state can act upon differences in the previous and current reasons.Reasons will be provided for every system: service management, data governance, abuse, and billing.If this is a CCFE-triggered event used for reconciliation then the current reasons will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons will contain the last known set of non-unknown non-control_plane_sync reasons for the state.Reasons fields are deprecated. New tenants should only use the state field. If you must know the reason(s) behind a specific state, please consult with CCFE team first (cloud-ccfe-discuss@google.com)." - }, - "state": { - "description": "The current state of the project. This state is the culmination of all of the opinions from external systems that CCFE knows about of the project.", - "enum": [ - "UNKNOWN_STATE", - "ON", - "OFF", - "DELETED" - ], - "enumDescriptions": [ - "A project should never be in an unknown state. Receipt of a project with this state is an error.", - "CCFE considers the project to be serving or transitioning into serving.", - "CCFE considers the project to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a project to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the project is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", - "This state indicates that the project has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." - ], - "type": "string" - } - }, - "type": "object" - }, "ProjectsMetadata": { "description": "ProjectsMetadata is the metadata CCFE stores about the all the relevant projects (tenant, consumer, producer).", "id": "ProjectsMetadata", @@ -3189,10 +3189,10 @@ "DELETED" ], "enumDescriptions": [ - "A project should never be in an unknown state. Receipt of a project with this state is an error.", - "CCFE considers the project to be serving or transitioning into serving.", - "CCFE considers the project to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a project to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the project is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", - "This state indicates that the project has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." + "A container should never be in an unknown state. Receipt of a container with this state is an error.", + "CCFE considers the container to be serving or transitioning into serving.", + "CCFE considers the container to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a container to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the container is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", + "This state indicates that the container has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." ], "type": "string" }, @@ -3262,7 +3262,7 @@ "type": "object" }, "Reasons": { - "description": "Projects transition between and within states based on reasons sent from various systems. CCFE will provide the CLH with reasons for the current state per system.The current systems that CCFE supports are: Service Management (Inception) Data Governance (Wipeout) Abuse (Ares) Billing (Internal Cloud Billing API)", + "description": "Containers transition between and within states based on reasons sent from various systems. CCFE will provide the CLH with reasons for the current state per system.The current systems that CCFE supports are: Service Management (Inception) Data Governance (Wipeout) Abuse (Ares) Billing (Internal Cloud Billing API)", "id": "Reasons", "properties": { "abuse": { @@ -3273,10 +3273,10 @@ "REINSTATE" ], "enumDescriptions": [ - "An unknown reason indicates that the abuse system has not sent a signal for this project.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "If a project is deemed abusive we receive a suspend signal. Suspend is a reason to put the project into an INTERNAL_OFF state.", - "Projects that were once considered abusive can later be deemed non-abusive. When this happens we must reinstate the project. Reinstate is a reason to put the project into an ON state." + "An unknown reason indicates that the abuse system has not sent a signal for this container.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "If a container is deemed abusive we receive a suspend signal. Suspend is a reason to put the container into an INTERNAL_OFF state.", + "Containers that were once considered abusive can later be deemed non-abusive. When this happens we must reinstate the container. Reinstate is a reason to put the container into an ON state." ], "type": "string" }, @@ -3289,11 +3289,11 @@ "OPEN" ], "enumDescriptions": [ - "An unknown reason indicates that the billing system has not sent a signal for this project.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "Minor infractions cause a probation signal to be sent. Probation is a reason to put the project into a ON state even though it is a negative signal. CCFE will block mutations for this project while it is on billing probation, but the CLH is expected to serve non-mutation requests.", - "When a billing account is closed, it is a stronger signal about non-payment. Close is a reason to put the project into an INTERNAL_OFF state.", - "Consumers can re-open billing accounts and update accounts to pull them out of probation. When this happens, we get a signal that the account is open. Open is a reason to put the project into an ON state." + "An unknown reason indicates that the billing system has not sent a signal for this container.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "Minor infractions cause a probation signal to be sent. Probation is a reason to put the container into a ON state even though it is a negative signal. CCFE will block mutations for this container while it is on billing probation, but the CLH is expected to serve non-mutation requests.", + "When a billing account is closed, it is a stronger signal about non-payment. Close is a reason to put the container into an INTERNAL_OFF state.", + "Consumers can re-open billing accounts and update accounts to pull them out of probation. When this happens, we get a signal that the account is open. Open is a reason to put the container into an ON state." ], "type": "string" }, @@ -3306,11 +3306,11 @@ "PURGE" ], "enumDescriptions": [ - "An unknown reason indicates that data governance has not sent a signal for this project.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "When a project is deleted we retain some data for a period of time to allow the consumer to change their mind. Data governance sends a signal to hide the data when this occurs. Hide is a reason to put the project in an INTERNAL_OFF state.", - "The decision to un-delete a project can be made. When this happens data governance tells us to unhide any hidden data. Unhide is a reason to put the project in an ON state.", - "After a period of time data must be completely removed from our systems. When data governance sends a purge signal we need to remove data. Purge is a reason to put the project in a DELETED state. Purge is the only event that triggers a delete mutation. All other events have update semantics." + "An unknown reason indicates that data governance has not sent a signal for this container.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "When a container is deleted we retain some data for a period of time to allow the consumer to change their mind. Data governance sends a signal to hide the data when this occurs. Hide is a reason to put the container in an INTERNAL_OFF state.", + "The decision to un-delete a container can be made. When this happens data governance tells us to unhide any hidden data. Unhide is a reason to put the container in an ON state.", + "After a period of time data must be completely removed from our systems. When data governance sends a purge signal we need to remove data. Purge is a reason to put the container in a DELETED state. Purge is the only event that triggers a delete mutation. All other events have update semantics." ], "type": "string" }, @@ -3332,12 +3332,12 @@ true ], "enumDescriptions": [ - "An unknown reason indicates that we have not received a signal from service management about this project. Since projects are created by request of service management, this reason should never be set.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "When a customer activates an API CCFE notifies the CLH and sets the project to the ON state.", - "When a customer deactivates and API service management starts a two-step process to perform the deactivation. The first step is to prepare. Prepare is a reason to put the project in a EXTERNAL_OFF state.", - "If the deactivation is cancelled, service managed needs to abort the deactivation. Abort is a reason to put the project in an ON state.", - "If the deactivation is followed through with, service management needs to finish deactivation. Commit is a reason to put the project in a DELETED state." + "An unknown reason indicates that we have not received a signal from service management about this container. Since containers are created by request of service management, this reason should never be set.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "When a customer activates an API CCFE notifies the CLH and sets the container to the ON state.", + "When a customer deactivates and API service management starts a two-step process to perform the deactivation. The first step is to prepare. Prepare is a reason to put the container in a EXTERNAL_OFF state.", + "If the deactivation is cancelled, service managed needs to abort the deactivation. Abort is a reason to put the container in an ON state.", + "If the deactivation is followed through with, service management needs to finish deactivation. Commit is a reason to put the container in a DELETED state." ], "type": "string" } diff --git a/appengine/v1/appengine-gen.go b/appengine/v1/appengine-gen.go index 69d969b2d9d..ccbef315cac 100644 --- a/appengine/v1/appengine-gen.go +++ b/appengine/v1/appengine-gen.go @@ -927,6 +927,81 @@ func (s *ContainerInfo) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// ContainerState: ContainerState contains the externally-visible +// container state that is used to communicate the state and reasoning +// for that state to the CLH. This data is not persisted by CCFE, but is +// instead derived from CCFE's internal representation of the container +// state. +type ContainerState struct { + CurrentReasons *Reasons `json:"currentReasons,omitempty"` + + // PreviousReasons: The previous and current reasons for a container + // state will be sent for a container event. CLHs that need to know the + // signal that caused the container event to trigger (edges) as opposed + // to just knowing the state can act upon differences in the previous + // and current reasons.Reasons will be provided for every system: + // service management, data governance, abuse, and billing.If this is a + // CCFE-triggered event used for reconciliation then the current reasons + // will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons + // will contain the last known set of non-unknown non-control_plane_sync + // reasons for the state.Reasons fields are deprecated. New tenants + // should only use the state field. If you must know the reason(s) + // behind a specific state, please consult with CCFE team first + // (cloud-ccfe-discuss@google.com). + PreviousReasons *Reasons `json:"previousReasons,omitempty"` + + // State: The current state of the container. This state is the + // culmination of all of the opinions from external systems that CCFE + // knows about of the container. + // + // Possible values: + // "UNKNOWN_STATE" - A container should never be in an unknown state. + // Receipt of a container with this state is an error. + // "ON" - CCFE considers the container to be serving or transitioning + // into serving. + // "OFF" - CCFE considers the container to be in an OFF state. This + // could occur due to various factors. The state could be triggered by + // Google-internal audits (ex. abuse suspension, billing closed) or + // cleanups trigged by compliance systems (ex. data governance hide). + // User-initiated events such as service management deactivation trigger + // a container to an OFF state.CLHs might choose to do nothing in this + // case or to turn off costly resources. CLHs need to consider the + // customer experience if an ON/OFF/ON sequence of state transitions + // occurs vs. the cost of deleting resources, keeping metadata about + // resources, or even keeping resources live for a period of time.CCFE + // will not send any new customer requests to the CLH when the container + // is in an OFF state. However, CCFE will allow all previous customer + // requests relayed to CLH to complete. + // "DELETED" - This state indicates that the container has been (or is + // being) completely removed. This is often due to a data governance + // purge request and therefore resources should be deleted when this + // state is reached. + State string `json:"state,omitempty"` + + // ForceSendFields is a list of field names (e.g. "CurrentReasons") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CurrentReasons") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *ContainerState) MarshalJSON() ([]byte, error) { + type NoMethod ContainerState + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // CpuUtilization: Target scaling by CPU usage. type CpuUtilization struct { // AggregationWindowLength: Period of time over which CPU utilization is @@ -2827,7 +2902,7 @@ type ProjectEvent struct { ProjectMetadata *ProjectsMetadata `json:"projectMetadata,omitempty"` // State: The state of the project that led to this event. - State *ProjectState `json:"state,omitempty"` + State *ContainerState `json:"state,omitempty"` // ForceSendFields is a list of field names (e.g. "EventId") to // unconditionally include in API requests. By default, fields with @@ -2852,80 +2927,6 @@ func (s *ProjectEvent) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// ProjectState: ProjectState contains the externally-visible project -// state that is used to communicate the state and reasoning for that -// state to the CLH. This data is not persisted by CCFE, but is instead -// derived from CCFE's internal representation of the project state. -type ProjectState struct { - CurrentReasons *Reasons `json:"currentReasons,omitempty"` - - // PreviousReasons: The previous and current reasons for a project state - // will be sent for a project event. CLHs that need to know the signal - // that caused the project event to trigger (edges) as opposed to just - // knowing the state can act upon differences in the previous and - // current reasons.Reasons will be provided for every system: service - // management, data governance, abuse, and billing.If this is a - // CCFE-triggered event used for reconciliation then the current reasons - // will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons - // will contain the last known set of non-unknown non-control_plane_sync - // reasons for the state.Reasons fields are deprecated. New tenants - // should only use the state field. If you must know the reason(s) - // behind a specific state, please consult with CCFE team first - // (cloud-ccfe-discuss@google.com). - PreviousReasons *Reasons `json:"previousReasons,omitempty"` - - // State: The current state of the project. This state is the - // culmination of all of the opinions from external systems that CCFE - // knows about of the project. - // - // Possible values: - // "UNKNOWN_STATE" - A project should never be in an unknown state. - // Receipt of a project with this state is an error. - // "ON" - CCFE considers the project to be serving or transitioning - // into serving. - // "OFF" - CCFE considers the project to be in an OFF state. This - // could occur due to various factors. The state could be triggered by - // Google-internal audits (ex. abuse suspension, billing closed) or - // cleanups trigged by compliance systems (ex. data governance hide). - // User-initiated events such as service management deactivation trigger - // a project to an OFF state.CLHs might choose to do nothing in this - // case or to turn off costly resources. CLHs need to consider the - // customer experience if an ON/OFF/ON sequence of state transitions - // occurs vs. the cost of deleting resources, keeping metadata about - // resources, or even keeping resources live for a period of time.CCFE - // will not send any new customer requests to the CLH when the project - // is in an OFF state. However, CCFE will allow all previous customer - // requests relayed to CLH to complete. - // "DELETED" - This state indicates that the project has been (or is - // being) completely removed. This is often due to a data governance - // purge request and therefore resources should be deleted when this - // state is reached. - State string `json:"state,omitempty"` - - // ForceSendFields is a list of field names (e.g. "CurrentReasons") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. - ForceSendFields []string `json:"-"` - - // NullFields is a list of field names (e.g. "CurrentReasons") to - // include in API requests with the JSON null value. By default, fields - // with empty values are omitted from API requests. However, any field - // with an empty value appearing in NullFields will be sent to the - // server as null. It is an error if a field in this list has a - // non-empty value. This may be used to include null fields in Patch - // requests. - NullFields []string `json:"-"` -} - -func (s *ProjectState) MarshalJSON() ([]byte, error) { - type NoMethod ProjectState - raw := NoMethod(*s) - return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) -} - // ProjectsMetadata: ProjectsMetadata is the metadata CCFE stores about // the all the relevant projects (tenant, consumer, producer). type ProjectsMetadata struct { @@ -2941,24 +2942,24 @@ type ProjectsMetadata struct { // proto when communicated to CLH in the side channel. // // Possible values: - // "UNKNOWN_STATE" - A project should never be in an unknown state. - // Receipt of a project with this state is an error. - // "ON" - CCFE considers the project to be serving or transitioning + // "UNKNOWN_STATE" - A container should never be in an unknown state. + // Receipt of a container with this state is an error. + // "ON" - CCFE considers the container to be serving or transitioning // into serving. - // "OFF" - CCFE considers the project to be in an OFF state. This + // "OFF" - CCFE considers the container to be in an OFF state. This // could occur due to various factors. The state could be triggered by // Google-internal audits (ex. abuse suspension, billing closed) or // cleanups trigged by compliance systems (ex. data governance hide). // User-initiated events such as service management deactivation trigger - // a project to an OFF state.CLHs might choose to do nothing in this + // a container to an OFF state.CLHs might choose to do nothing in this // case or to turn off costly resources. CLHs need to consider the // customer experience if an ON/OFF/ON sequence of state transitions // occurs vs. the cost of deleting resources, keeping metadata about // resources, or even keeping resources live for a period of time.CCFE - // will not send any new customer requests to the CLH when the project + // will not send any new customer requests to the CLH when the container // is in an OFF state. However, CCFE will allow all previous customer // requests relayed to CLH to complete. - // "DELETED" - This state indicates that the project has been (or is + // "DELETED" - This state indicates that the container has been (or is // being) completely removed. This is often due to a data governance // purge request and therefore resources should be deleted when this // state is reached. @@ -3058,7 +3059,7 @@ func (s *ReadinessCheck) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// Reasons: Projects transition between and within states based on +// Reasons: Containers transition between and within states based on // reasons sent from various systems. CCFE will provide the CLH with // reasons for the current state per system.The current systems that // CCFE supports are: Service Management (Inception) Data Governance @@ -3066,57 +3067,58 @@ func (s *ReadinessCheck) MarshalJSON() ([]byte, error) { type Reasons struct { // Possible values: // "ABUSE_UNKNOWN_REASON" - An unknown reason indicates that the abuse - // system has not sent a signal for this project. + // system has not sent a signal for this container. // "ABUSE_CONTROL_PLANE_SYNC" - Due to various reasons CCFE might - // proactively restate a project state to a CLH to ensure that the CLH - // and CCFE are both aware of the project state. This reason can be tied - // to any of the states. - // "SUSPEND" - If a project is deemed abusive we receive a suspend - // signal. Suspend is a reason to put the project into an INTERNAL_OFF + // proactively restate a container state to a CLH to ensure that the CLH + // and CCFE are both aware of the container state. This reason can be + // tied to any of the states. + // "SUSPEND" - If a container is deemed abusive we receive a suspend + // signal. Suspend is a reason to put the container into an INTERNAL_OFF + // state. + // "REINSTATE" - Containers that were once considered abusive can + // later be deemed non-abusive. When this happens we must reinstate the + // container. Reinstate is a reason to put the container into an ON // state. - // "REINSTATE" - Projects that were once considered abusive can later - // be deemed non-abusive. When this happens we must reinstate the - // project. Reinstate is a reason to put the project into an ON state. Abuse string `json:"abuse,omitempty"` // Possible values: // "BILLING_UNKNOWN_REASON" - An unknown reason indicates that the - // billing system has not sent a signal for this project. + // billing system has not sent a signal for this container. // "BILLING_CONTROL_PLANE_SYNC" - Due to various reasons CCFE might - // proactively restate a project state to a CLH to ensure that the CLH - // and CCFE are both aware of the project state. This reason can be tied - // to any of the states. + // proactively restate a container state to a CLH to ensure that the CLH + // and CCFE are both aware of the container state. This reason can be + // tied to any of the states. // "PROBATION" - Minor infractions cause a probation signal to be - // sent. Probation is a reason to put the project into a ON state even + // sent. Probation is a reason to put the container into a ON state even // though it is a negative signal. CCFE will block mutations for this - // project while it is on billing probation, but the CLH is expected to - // serve non-mutation requests. + // container while it is on billing probation, but the CLH is expected + // to serve non-mutation requests. // "CLOSE" - When a billing account is closed, it is a stronger signal - // about non-payment. Close is a reason to put the project into an + // about non-payment. Close is a reason to put the container into an // INTERNAL_OFF state. // "OPEN" - Consumers can re-open billing accounts and update accounts // to pull them out of probation. When this happens, we get a signal - // that the account is open. Open is a reason to put the project into an - // ON state. + // that the account is open. Open is a reason to put the container into + // an ON state. Billing string `json:"billing,omitempty"` // Possible values: // "DATA_GOVERNANCE_UNKNOWN_REASON" - An unknown reason indicates that - // data governance has not sent a signal for this project. + // data governance has not sent a signal for this container. // "DATA_GOVERNANCE_CONTROL_PLANE_SYNC" - Due to various reasons CCFE - // might proactively restate a project state to a CLH to ensure that the - // CLH and CCFE are both aware of the project state. This reason can be - // tied to any of the states. - // "HIDE" - When a project is deleted we retain some data for a period - // of time to allow the consumer to change their mind. Data governance - // sends a signal to hide the data when this occurs. Hide is a reason to - // put the project in an INTERNAL_OFF state. - // "UNHIDE" - The decision to un-delete a project can be made. When + // might proactively restate a container state to a CLH to ensure that + // the CLH and CCFE are both aware of the container state. This reason + // can be tied to any of the states. + // "HIDE" - When a container is deleted we retain some data for a + // period of time to allow the consumer to change their mind. Data + // governance sends a signal to hide the data when this occurs. Hide is + // a reason to put the container in an INTERNAL_OFF state. + // "UNHIDE" - The decision to un-delete a container can be made. When // this happens data governance tells us to unhide any hidden data. - // Unhide is a reason to put the project in an ON state. + // Unhide is a reason to put the container in an ON state. // "PURGE" - After a period of time data must be completely removed // from our systems. When data governance sends a purge signal we need - // to remove data. Purge is a reason to put the project in a DELETED + // to remove data. Purge is a reason to put the container in a DELETED // state. Purge is the only event that triggers a delete mutation. All // other events have update semantics. DataGovernance string `json:"dataGovernance,omitempty"` @@ -3124,24 +3126,24 @@ type Reasons struct { // Possible values: // "SERVICE_MANAGEMENT_UNKNOWN_REASON" - An unknown reason indicates // that we have not received a signal from service management about this - // project. Since projects are created by request of service management, - // this reason should never be set. + // container. Since containers are created by request of service + // management, this reason should never be set. // "SERVICE_MANAGEMENT_CONTROL_PLANE_SYNC" - Due to various reasons - // CCFE might proactively restate a project state to a CLH to ensure - // that the CLH and CCFE are both aware of the project state. This + // CCFE might proactively restate a container state to a CLH to ensure + // that the CLH and CCFE are both aware of the container state. This // reason can be tied to any of the states. // "ACTIVATION" - When a customer activates an API CCFE notifies the - // CLH and sets the project to the ON state. + // CLH and sets the container to the ON state. // "PREPARE_DEACTIVATION" - When a customer deactivates and API // service management starts a two-step process to perform the // deactivation. The first step is to prepare. Prepare is a reason to - // put the project in a EXTERNAL_OFF state. + // put the container in a EXTERNAL_OFF state. // "ABORT_DEACTIVATION" - If the deactivation is cancelled, service // managed needs to abort the deactivation. Abort is a reason to put the - // project in an ON state. + // container in an ON state. // "COMMIT_DEACTIVATION" - If the deactivation is followed through // with, service management needs to finish deactivation. Commit is a - // reason to put the project in a DELETED state. + // reason to put the container in a DELETED state. ServiceManagement string `json:"serviceManagement,omitempty"` // ForceSendFields is a list of field names (e.g. "Abuse") to diff --git a/appengine/v1alpha/appengine-api.json b/appengine/v1alpha/appengine-api.json index ee9bf0e5caa..d1d8a036d09 100644 --- a/appengine/v1alpha/appengine-api.json +++ b/appengine/v1alpha/appengine-api.json @@ -887,7 +887,7 @@ } } }, - "revision": "20230807", + "revision": "20231004", "rootUrl": "https://appengine.googleapis.com/", "schemas": { "AuthorizedCertificate": { @@ -971,6 +971,38 @@ }, "type": "object" }, + "ContainerState": { + "description": "ContainerState contains the externally-visible container state that is used to communicate the state and reasoning for that state to the CLH. This data is not persisted by CCFE, but is instead derived from CCFE's internal representation of the container state.", + "id": "ContainerState", + "properties": { + "currentReasons": { + "$ref": "Reasons", + "deprecated": true + }, + "previousReasons": { + "$ref": "Reasons", + "deprecated": true, + "description": "The previous and current reasons for a container state will be sent for a container event. CLHs that need to know the signal that caused the container event to trigger (edges) as opposed to just knowing the state can act upon differences in the previous and current reasons.Reasons will be provided for every system: service management, data governance, abuse, and billing.If this is a CCFE-triggered event used for reconciliation then the current reasons will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons will contain the last known set of non-unknown non-control_plane_sync reasons for the state.Reasons fields are deprecated. New tenants should only use the state field. If you must know the reason(s) behind a specific state, please consult with CCFE team first (cloud-ccfe-discuss@google.com)." + }, + "state": { + "description": "The current state of the container. This state is the culmination of all of the opinions from external systems that CCFE knows about of the container.", + "enum": [ + "UNKNOWN_STATE", + "ON", + "OFF", + "DELETED" + ], + "enumDescriptions": [ + "A container should never be in an unknown state. Receipt of a container with this state is an error.", + "CCFE considers the container to be serving or transitioning into serving.", + "CCFE considers the container to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a container to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the container is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", + "This state indicates that the container has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." + ], + "type": "string" + } + }, + "type": "object" + }, "CreateVersionMetadataV1": { "description": "Metadata for the given google.longrunning.Operation during a google.appengine.v1.CreateVersionRequest.", "id": "CreateVersionMetadataV1", @@ -1426,44 +1458,12 @@ "description": "The projects metadata for this project. required" }, "state": { - "$ref": "ProjectState", + "$ref": "ContainerState", "description": "The state of the project that led to this event." } }, "type": "object" }, - "ProjectState": { - "description": "ProjectState contains the externally-visible project state that is used to communicate the state and reasoning for that state to the CLH. This data is not persisted by CCFE, but is instead derived from CCFE's internal representation of the project state.", - "id": "ProjectState", - "properties": { - "currentReasons": { - "$ref": "Reasons", - "deprecated": true - }, - "previousReasons": { - "$ref": "Reasons", - "deprecated": true, - "description": "The previous and current reasons for a project state will be sent for a project event. CLHs that need to know the signal that caused the project event to trigger (edges) as opposed to just knowing the state can act upon differences in the previous and current reasons.Reasons will be provided for every system: service management, data governance, abuse, and billing.If this is a CCFE-triggered event used for reconciliation then the current reasons will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons will contain the last known set of non-unknown non-control_plane_sync reasons for the state.Reasons fields are deprecated. New tenants should only use the state field. If you must know the reason(s) behind a specific state, please consult with CCFE team first (cloud-ccfe-discuss@google.com)." - }, - "state": { - "description": "The current state of the project. This state is the culmination of all of the opinions from external systems that CCFE knows about of the project.", - "enum": [ - "UNKNOWN_STATE", - "ON", - "OFF", - "DELETED" - ], - "enumDescriptions": [ - "A project should never be in an unknown state. Receipt of a project with this state is an error.", - "CCFE considers the project to be serving or transitioning into serving.", - "CCFE considers the project to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a project to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the project is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", - "This state indicates that the project has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." - ], - "type": "string" - } - }, - "type": "object" - }, "ProjectsMetadata": { "description": "ProjectsMetadata is the metadata CCFE stores about the all the relevant projects (tenant, consumer, producer).", "id": "ProjectsMetadata", @@ -1486,10 +1486,10 @@ "DELETED" ], "enumDescriptions": [ - "A project should never be in an unknown state. Receipt of a project with this state is an error.", - "CCFE considers the project to be serving or transitioning into serving.", - "CCFE considers the project to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a project to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the project is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", - "This state indicates that the project has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." + "A container should never be in an unknown state. Receipt of a container with this state is an error.", + "CCFE considers the container to be serving or transitioning into serving.", + "CCFE considers the container to be in an OFF state. This could occur due to various factors. The state could be triggered by Google-internal audits (ex. abuse suspension, billing closed) or cleanups trigged by compliance systems (ex. data governance hide). User-initiated events such as service management deactivation trigger a container to an OFF state.CLHs might choose to do nothing in this case or to turn off costly resources. CLHs need to consider the customer experience if an ON/OFF/ON sequence of state transitions occurs vs. the cost of deleting resources, keeping metadata about resources, or even keeping resources live for a period of time.CCFE will not send any new customer requests to the CLH when the container is in an OFF state. However, CCFE will allow all previous customer requests relayed to CLH to complete.", + "This state indicates that the container has been (or is being) completely removed. This is often due to a data governance purge request and therefore resources should be deleted when this state is reached." ], "type": "string" }, @@ -1519,7 +1519,7 @@ "type": "object" }, "Reasons": { - "description": "Projects transition between and within states based on reasons sent from various systems. CCFE will provide the CLH with reasons for the current state per system.The current systems that CCFE supports are: Service Management (Inception) Data Governance (Wipeout) Abuse (Ares) Billing (Internal Cloud Billing API)", + "description": "Containers transition between and within states based on reasons sent from various systems. CCFE will provide the CLH with reasons for the current state per system.The current systems that CCFE supports are: Service Management (Inception) Data Governance (Wipeout) Abuse (Ares) Billing (Internal Cloud Billing API)", "id": "Reasons", "properties": { "abuse": { @@ -1530,10 +1530,10 @@ "REINSTATE" ], "enumDescriptions": [ - "An unknown reason indicates that the abuse system has not sent a signal for this project.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "If a project is deemed abusive we receive a suspend signal. Suspend is a reason to put the project into an INTERNAL_OFF state.", - "Projects that were once considered abusive can later be deemed non-abusive. When this happens we must reinstate the project. Reinstate is a reason to put the project into an ON state." + "An unknown reason indicates that the abuse system has not sent a signal for this container.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "If a container is deemed abusive we receive a suspend signal. Suspend is a reason to put the container into an INTERNAL_OFF state.", + "Containers that were once considered abusive can later be deemed non-abusive. When this happens we must reinstate the container. Reinstate is a reason to put the container into an ON state." ], "type": "string" }, @@ -1546,11 +1546,11 @@ "OPEN" ], "enumDescriptions": [ - "An unknown reason indicates that the billing system has not sent a signal for this project.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "Minor infractions cause a probation signal to be sent. Probation is a reason to put the project into a ON state even though it is a negative signal. CCFE will block mutations for this project while it is on billing probation, but the CLH is expected to serve non-mutation requests.", - "When a billing account is closed, it is a stronger signal about non-payment. Close is a reason to put the project into an INTERNAL_OFF state.", - "Consumers can re-open billing accounts and update accounts to pull them out of probation. When this happens, we get a signal that the account is open. Open is a reason to put the project into an ON state." + "An unknown reason indicates that the billing system has not sent a signal for this container.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "Minor infractions cause a probation signal to be sent. Probation is a reason to put the container into a ON state even though it is a negative signal. CCFE will block mutations for this container while it is on billing probation, but the CLH is expected to serve non-mutation requests.", + "When a billing account is closed, it is a stronger signal about non-payment. Close is a reason to put the container into an INTERNAL_OFF state.", + "Consumers can re-open billing accounts and update accounts to pull them out of probation. When this happens, we get a signal that the account is open. Open is a reason to put the container into an ON state." ], "type": "string" }, @@ -1563,11 +1563,11 @@ "PURGE" ], "enumDescriptions": [ - "An unknown reason indicates that data governance has not sent a signal for this project.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "When a project is deleted we retain some data for a period of time to allow the consumer to change their mind. Data governance sends a signal to hide the data when this occurs. Hide is a reason to put the project in an INTERNAL_OFF state.", - "The decision to un-delete a project can be made. When this happens data governance tells us to unhide any hidden data. Unhide is a reason to put the project in an ON state.", - "After a period of time data must be completely removed from our systems. When data governance sends a purge signal we need to remove data. Purge is a reason to put the project in a DELETED state. Purge is the only event that triggers a delete mutation. All other events have update semantics." + "An unknown reason indicates that data governance has not sent a signal for this container.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "When a container is deleted we retain some data for a period of time to allow the consumer to change their mind. Data governance sends a signal to hide the data when this occurs. Hide is a reason to put the container in an INTERNAL_OFF state.", + "The decision to un-delete a container can be made. When this happens data governance tells us to unhide any hidden data. Unhide is a reason to put the container in an ON state.", + "After a period of time data must be completely removed from our systems. When data governance sends a purge signal we need to remove data. Purge is a reason to put the container in a DELETED state. Purge is the only event that triggers a delete mutation. All other events have update semantics." ], "type": "string" }, @@ -1589,12 +1589,12 @@ true ], "enumDescriptions": [ - "An unknown reason indicates that we have not received a signal from service management about this project. Since projects are created by request of service management, this reason should never be set.", - "Due to various reasons CCFE might proactively restate a project state to a CLH to ensure that the CLH and CCFE are both aware of the project state. This reason can be tied to any of the states.", - "When a customer activates an API CCFE notifies the CLH and sets the project to the ON state.", - "When a customer deactivates and API service management starts a two-step process to perform the deactivation. The first step is to prepare. Prepare is a reason to put the project in a EXTERNAL_OFF state.", - "If the deactivation is cancelled, service managed needs to abort the deactivation. Abort is a reason to put the project in an ON state.", - "If the deactivation is followed through with, service management needs to finish deactivation. Commit is a reason to put the project in a DELETED state." + "An unknown reason indicates that we have not received a signal from service management about this container. Since containers are created by request of service management, this reason should never be set.", + "Due to various reasons CCFE might proactively restate a container state to a CLH to ensure that the CLH and CCFE are both aware of the container state. This reason can be tied to any of the states.", + "When a customer activates an API CCFE notifies the CLH and sets the container to the ON state.", + "When a customer deactivates and API service management starts a two-step process to perform the deactivation. The first step is to prepare. Prepare is a reason to put the container in a EXTERNAL_OFF state.", + "If the deactivation is cancelled, service managed needs to abort the deactivation. Abort is a reason to put the container in an ON state.", + "If the deactivation is followed through with, service management needs to finish deactivation. Commit is a reason to put the container in a DELETED state." ], "type": "string" } diff --git a/appengine/v1alpha/appengine-gen.go b/appengine/v1alpha/appengine-gen.go index fa6e43320c2..cbeca2cceb1 100644 --- a/appengine/v1alpha/appengine-gen.go +++ b/appengine/v1alpha/appengine-gen.go @@ -429,6 +429,81 @@ func (s *CertificateRawData) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// ContainerState: ContainerState contains the externally-visible +// container state that is used to communicate the state and reasoning +// for that state to the CLH. This data is not persisted by CCFE, but is +// instead derived from CCFE's internal representation of the container +// state. +type ContainerState struct { + CurrentReasons *Reasons `json:"currentReasons,omitempty"` + + // PreviousReasons: The previous and current reasons for a container + // state will be sent for a container event. CLHs that need to know the + // signal that caused the container event to trigger (edges) as opposed + // to just knowing the state can act upon differences in the previous + // and current reasons.Reasons will be provided for every system: + // service management, data governance, abuse, and billing.If this is a + // CCFE-triggered event used for reconciliation then the current reasons + // will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons + // will contain the last known set of non-unknown non-control_plane_sync + // reasons for the state.Reasons fields are deprecated. New tenants + // should only use the state field. If you must know the reason(s) + // behind a specific state, please consult with CCFE team first + // (cloud-ccfe-discuss@google.com). + PreviousReasons *Reasons `json:"previousReasons,omitempty"` + + // State: The current state of the container. This state is the + // culmination of all of the opinions from external systems that CCFE + // knows about of the container. + // + // Possible values: + // "UNKNOWN_STATE" - A container should never be in an unknown state. + // Receipt of a container with this state is an error. + // "ON" - CCFE considers the container to be serving or transitioning + // into serving. + // "OFF" - CCFE considers the container to be in an OFF state. This + // could occur due to various factors. The state could be triggered by + // Google-internal audits (ex. abuse suspension, billing closed) or + // cleanups trigged by compliance systems (ex. data governance hide). + // User-initiated events such as service management deactivation trigger + // a container to an OFF state.CLHs might choose to do nothing in this + // case or to turn off costly resources. CLHs need to consider the + // customer experience if an ON/OFF/ON sequence of state transitions + // occurs vs. the cost of deleting resources, keeping metadata about + // resources, or even keeping resources live for a period of time.CCFE + // will not send any new customer requests to the CLH when the container + // is in an OFF state. However, CCFE will allow all previous customer + // requests relayed to CLH to complete. + // "DELETED" - This state indicates that the container has been (or is + // being) completely removed. This is often due to a data governance + // purge request and therefore resources should be deleted when this + // state is reached. + State string `json:"state,omitempty"` + + // ForceSendFields is a list of field names (e.g. "CurrentReasons") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CurrentReasons") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *ContainerState) MarshalJSON() ([]byte, error) { + type NoMethod ContainerState + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // CreateVersionMetadataV1: Metadata for the given // google.longrunning.Operation during a // google.appengine.v1.CreateVersionRequest. @@ -1209,7 +1284,7 @@ type ProjectEvent struct { ProjectMetadata *ProjectsMetadata `json:"projectMetadata,omitempty"` // State: The state of the project that led to this event. - State *ProjectState `json:"state,omitempty"` + State *ContainerState `json:"state,omitempty"` // ForceSendFields is a list of field names (e.g. "EventId") to // unconditionally include in API requests. By default, fields with @@ -1234,80 +1309,6 @@ func (s *ProjectEvent) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// ProjectState: ProjectState contains the externally-visible project -// state that is used to communicate the state and reasoning for that -// state to the CLH. This data is not persisted by CCFE, but is instead -// derived from CCFE's internal representation of the project state. -type ProjectState struct { - CurrentReasons *Reasons `json:"currentReasons,omitempty"` - - // PreviousReasons: The previous and current reasons for a project state - // will be sent for a project event. CLHs that need to know the signal - // that caused the project event to trigger (edges) as opposed to just - // knowing the state can act upon differences in the previous and - // current reasons.Reasons will be provided for every system: service - // management, data governance, abuse, and billing.If this is a - // CCFE-triggered event used for reconciliation then the current reasons - // will be set to their *_CONTROL_PLANE_SYNC state. The previous reasons - // will contain the last known set of non-unknown non-control_plane_sync - // reasons for the state.Reasons fields are deprecated. New tenants - // should only use the state field. If you must know the reason(s) - // behind a specific state, please consult with CCFE team first - // (cloud-ccfe-discuss@google.com). - PreviousReasons *Reasons `json:"previousReasons,omitempty"` - - // State: The current state of the project. This state is the - // culmination of all of the opinions from external systems that CCFE - // knows about of the project. - // - // Possible values: - // "UNKNOWN_STATE" - A project should never be in an unknown state. - // Receipt of a project with this state is an error. - // "ON" - CCFE considers the project to be serving or transitioning - // into serving. - // "OFF" - CCFE considers the project to be in an OFF state. This - // could occur due to various factors. The state could be triggered by - // Google-internal audits (ex. abuse suspension, billing closed) or - // cleanups trigged by compliance systems (ex. data governance hide). - // User-initiated events such as service management deactivation trigger - // a project to an OFF state.CLHs might choose to do nothing in this - // case or to turn off costly resources. CLHs need to consider the - // customer experience if an ON/OFF/ON sequence of state transitions - // occurs vs. the cost of deleting resources, keeping metadata about - // resources, or even keeping resources live for a period of time.CCFE - // will not send any new customer requests to the CLH when the project - // is in an OFF state. However, CCFE will allow all previous customer - // requests relayed to CLH to complete. - // "DELETED" - This state indicates that the project has been (or is - // being) completely removed. This is often due to a data governance - // purge request and therefore resources should be deleted when this - // state is reached. - State string `json:"state,omitempty"` - - // ForceSendFields is a list of field names (e.g. "CurrentReasons") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. - ForceSendFields []string `json:"-"` - - // NullFields is a list of field names (e.g. "CurrentReasons") to - // include in API requests with the JSON null value. By default, fields - // with empty values are omitted from API requests. However, any field - // with an empty value appearing in NullFields will be sent to the - // server as null. It is an error if a field in this list has a - // non-empty value. This may be used to include null fields in Patch - // requests. - NullFields []string `json:"-"` -} - -func (s *ProjectState) MarshalJSON() ([]byte, error) { - type NoMethod ProjectState - raw := NoMethod(*s) - return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) -} - // ProjectsMetadata: ProjectsMetadata is the metadata CCFE stores about // the all the relevant projects (tenant, consumer, producer). type ProjectsMetadata struct { @@ -1323,24 +1324,24 @@ type ProjectsMetadata struct { // proto when communicated to CLH in the side channel. // // Possible values: - // "UNKNOWN_STATE" - A project should never be in an unknown state. - // Receipt of a project with this state is an error. - // "ON" - CCFE considers the project to be serving or transitioning + // "UNKNOWN_STATE" - A container should never be in an unknown state. + // Receipt of a container with this state is an error. + // "ON" - CCFE considers the container to be serving or transitioning // into serving. - // "OFF" - CCFE considers the project to be in an OFF state. This + // "OFF" - CCFE considers the container to be in an OFF state. This // could occur due to various factors. The state could be triggered by // Google-internal audits (ex. abuse suspension, billing closed) or // cleanups trigged by compliance systems (ex. data governance hide). // User-initiated events such as service management deactivation trigger - // a project to an OFF state.CLHs might choose to do nothing in this + // a container to an OFF state.CLHs might choose to do nothing in this // case or to turn off costly resources. CLHs need to consider the // customer experience if an ON/OFF/ON sequence of state transitions // occurs vs. the cost of deleting resources, keeping metadata about // resources, or even keeping resources live for a period of time.CCFE - // will not send any new customer requests to the CLH when the project + // will not send any new customer requests to the CLH when the container // is in an OFF state. However, CCFE will allow all previous customer // requests relayed to CLH to complete. - // "DELETED" - This state indicates that the project has been (or is + // "DELETED" - This state indicates that the container has been (or is // being) completely removed. This is often due to a data governance // purge request and therefore resources should be deleted when this // state is reached. @@ -1387,7 +1388,7 @@ func (s *ProjectsMetadata) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// Reasons: Projects transition between and within states based on +// Reasons: Containers transition between and within states based on // reasons sent from various systems. CCFE will provide the CLH with // reasons for the current state per system.The current systems that // CCFE supports are: Service Management (Inception) Data Governance @@ -1395,57 +1396,58 @@ func (s *ProjectsMetadata) MarshalJSON() ([]byte, error) { type Reasons struct { // Possible values: // "ABUSE_UNKNOWN_REASON" - An unknown reason indicates that the abuse - // system has not sent a signal for this project. + // system has not sent a signal for this container. // "ABUSE_CONTROL_PLANE_SYNC" - Due to various reasons CCFE might - // proactively restate a project state to a CLH to ensure that the CLH - // and CCFE are both aware of the project state. This reason can be tied - // to any of the states. - // "SUSPEND" - If a project is deemed abusive we receive a suspend - // signal. Suspend is a reason to put the project into an INTERNAL_OFF + // proactively restate a container state to a CLH to ensure that the CLH + // and CCFE are both aware of the container state. This reason can be + // tied to any of the states. + // "SUSPEND" - If a container is deemed abusive we receive a suspend + // signal. Suspend is a reason to put the container into an INTERNAL_OFF + // state. + // "REINSTATE" - Containers that were once considered abusive can + // later be deemed non-abusive. When this happens we must reinstate the + // container. Reinstate is a reason to put the container into an ON // state. - // "REINSTATE" - Projects that were once considered abusive can later - // be deemed non-abusive. When this happens we must reinstate the - // project. Reinstate is a reason to put the project into an ON state. Abuse string `json:"abuse,omitempty"` // Possible values: // "BILLING_UNKNOWN_REASON" - An unknown reason indicates that the - // billing system has not sent a signal for this project. + // billing system has not sent a signal for this container. // "BILLING_CONTROL_PLANE_SYNC" - Due to various reasons CCFE might - // proactively restate a project state to a CLH to ensure that the CLH - // and CCFE are both aware of the project state. This reason can be tied - // to any of the states. + // proactively restate a container state to a CLH to ensure that the CLH + // and CCFE are both aware of the container state. This reason can be + // tied to any of the states. // "PROBATION" - Minor infractions cause a probation signal to be - // sent. Probation is a reason to put the project into a ON state even + // sent. Probation is a reason to put the container into a ON state even // though it is a negative signal. CCFE will block mutations for this - // project while it is on billing probation, but the CLH is expected to - // serve non-mutation requests. + // container while it is on billing probation, but the CLH is expected + // to serve non-mutation requests. // "CLOSE" - When a billing account is closed, it is a stronger signal - // about non-payment. Close is a reason to put the project into an + // about non-payment. Close is a reason to put the container into an // INTERNAL_OFF state. // "OPEN" - Consumers can re-open billing accounts and update accounts // to pull them out of probation. When this happens, we get a signal - // that the account is open. Open is a reason to put the project into an - // ON state. + // that the account is open. Open is a reason to put the container into + // an ON state. Billing string `json:"billing,omitempty"` // Possible values: // "DATA_GOVERNANCE_UNKNOWN_REASON" - An unknown reason indicates that - // data governance has not sent a signal for this project. + // data governance has not sent a signal for this container. // "DATA_GOVERNANCE_CONTROL_PLANE_SYNC" - Due to various reasons CCFE - // might proactively restate a project state to a CLH to ensure that the - // CLH and CCFE are both aware of the project state. This reason can be - // tied to any of the states. - // "HIDE" - When a project is deleted we retain some data for a period - // of time to allow the consumer to change their mind. Data governance - // sends a signal to hide the data when this occurs. Hide is a reason to - // put the project in an INTERNAL_OFF state. - // "UNHIDE" - The decision to un-delete a project can be made. When + // might proactively restate a container state to a CLH to ensure that + // the CLH and CCFE are both aware of the container state. This reason + // can be tied to any of the states. + // "HIDE" - When a container is deleted we retain some data for a + // period of time to allow the consumer to change their mind. Data + // governance sends a signal to hide the data when this occurs. Hide is + // a reason to put the container in an INTERNAL_OFF state. + // "UNHIDE" - The decision to un-delete a container can be made. When // this happens data governance tells us to unhide any hidden data. - // Unhide is a reason to put the project in an ON state. + // Unhide is a reason to put the container in an ON state. // "PURGE" - After a period of time data must be completely removed // from our systems. When data governance sends a purge signal we need - // to remove data. Purge is a reason to put the project in a DELETED + // to remove data. Purge is a reason to put the container in a DELETED // state. Purge is the only event that triggers a delete mutation. All // other events have update semantics. DataGovernance string `json:"dataGovernance,omitempty"` @@ -1453,24 +1455,24 @@ type Reasons struct { // Possible values: // "SERVICE_MANAGEMENT_UNKNOWN_REASON" - An unknown reason indicates // that we have not received a signal from service management about this - // project. Since projects are created by request of service management, - // this reason should never be set. + // container. Since containers are created by request of service + // management, this reason should never be set. // "SERVICE_MANAGEMENT_CONTROL_PLANE_SYNC" - Due to various reasons - // CCFE might proactively restate a project state to a CLH to ensure - // that the CLH and CCFE are both aware of the project state. This + // CCFE might proactively restate a container state to a CLH to ensure + // that the CLH and CCFE are both aware of the container state. This // reason can be tied to any of the states. // "ACTIVATION" - When a customer activates an API CCFE notifies the - // CLH and sets the project to the ON state. + // CLH and sets the container to the ON state. // "PREPARE_DEACTIVATION" - When a customer deactivates and API // service management starts a two-step process to perform the // deactivation. The first step is to prepare. Prepare is a reason to - // put the project in a EXTERNAL_OFF state. + // put the container in a EXTERNAL_OFF state. // "ABORT_DEACTIVATION" - If the deactivation is cancelled, service // managed needs to abort the deactivation. Abort is a reason to put the - // project in an ON state. + // container in an ON state. // "COMMIT_DEACTIVATION" - If the deactivation is followed through // with, service management needs to finish deactivation. Commit is a - // reason to put the project in a DELETED state. + // reason to put the container in a DELETED state. ServiceManagement string `json:"serviceManagement,omitempty"` // ForceSendFields is a list of field names (e.g. "Abuse") to diff --git a/bigquery/v2/bigquery-api.json b/bigquery/v2/bigquery-api.json index b104093f081..3e46870dc8c 100644 --- a/bigquery/v2/bigquery-api.json +++ b/bigquery/v2/bigquery-api.json @@ -1686,7 +1686,7 @@ } } }, - "revision": "20230925", + "revision": "20231008", "rootUrl": "https://bigquery.googleapis.com/", "schemas": { "AggregateClassificationMetrics": { @@ -1731,6 +1731,25 @@ }, "type": "object" }, + "AggregationThresholdPolicy": { + "description": "Represents privacy policy associated with \"aggregation threshold\" method.", + "id": "AggregationThresholdPolicy", + "properties": { + "privacyUnitColumns": { + "description": "Optional. The privacy unit column(s) associated with this policy. For now, only one column per data source object (table, view) is allowed as a privacy unit column. Representing as a repeated field in metadata for extensibility to multiple columns in future. Duplicates and Repeated struct fields are not allowed. For nested fields, use dot notation (\"outer.inner\")", + "items": { + "type": "string" + }, + "type": "array" + }, + "threshold": { + "description": "Optional. The threshold for the \"aggregation threshold\" policy.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, "Argument": { "description": "Input/output argument of a function or a stored procedure.", "id": "Argument", @@ -4478,6 +4497,32 @@ }, "type": "object" }, + "JobCreationReason": { + "description": "Reason about why a Job was created from a [`jobs.query`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query) method when used with `JOB_CREATION_OPTIONAL` Job creation mode. For [`jobs.insert`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/insert) method calls it will always be `REQUESTED`. This feature is not yet available. Jobs will always be created.", + "id": "JobCreationReason", + "properties": { + "code": { + "description": "Output only. Specifies the high level reason why a Job was created.", + "enum": [ + "CODE_UNSPECIFIED", + "REQUESTED", + "LONG_RUNNING", + "LARGE_RESULTS", + "OTHER" + ], + "enumDescriptions": [ + "Reason is not specified.", + "Job creation was requested.", + "The query request ran beyond a system defined timeout specified by the [timeoutMs field in the QueryRequest](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest). As a result it was considered a long running operation for which a job was created.", + "The results from the query cannot fit in the response.", + "BigQuery has determined that the query needs to be executed as a Job." + ], + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, "JobList": { "id": "JobList", "properties": { @@ -5406,6 +5451,17 @@ }, "type": "object" }, + "PrivacyPolicy": { + "description": "Represents privacy policy that contains the privacy requirements specified by the data owner. Currently, this is only supported on views.", + "id": "PrivacyPolicy", + "properties": { + "aggregationThresholdPolicy": { + "$ref": "AggregationThresholdPolicy", + "description": "Optional. Policy used for aggregation thresholds." + } + }, + "type": "object" + }, "ProjectList": { "id": "ProjectList", "properties": { @@ -5694,6 +5750,10 @@ "description": "A token used for paging results.", "type": "string" }, + "queryId": { + "description": "Query ID for the completed query. This ID will be auto-generated. This field is not yet available and it is currently not guaranteed to be populated.", + "type": "string" + }, "rows": { "description": "An object with as many results as can be contained within the maximum permitted reply size. To get any additional rows, you can call GetQueryResults and specify the jobReference returned above.", "items": { @@ -6043,6 +6103,20 @@ ], "type": "string" }, + "securityMode": { + "description": "Optional. The security mode of the routine, if defined. If not defined, the security mode is automatically determined from the routine's configuration.", + "enum": [ + "SECURITY_MODE_UNSPECIFIED", + "DEFINER", + "INVOKER" + ], + "enumDescriptions": [ + "The security mode of the routine is unspecified.", + "The routine is to be executed with the privileges of the user who defines it.", + "The routine is to be executed with the privileges of the user who invokes it." + ], + "type": "string" + }, "sparkOptions": { "$ref": "SparkOptions", "description": "Optional. Spark specific options." @@ -6266,11 +6340,11 @@ "SparkLoggingInfo": { "id": "SparkLoggingInfo", "properties": { - "project_id": { + "projectId": { "description": "[Output-only] Project ID used for logging", "type": "string" }, - "resource_type": { + "resourceType": { "description": "[Output-only] Resource type used for logging", "type": "string" } diff --git a/bigquery/v2/bigquery-gen.go b/bigquery/v2/bigquery-gen.go index 5cc3b3f30ad..9b4629cb642 100644 --- a/bigquery/v2/bigquery-gen.go +++ b/bigquery/v2/bigquery-gen.go @@ -367,6 +367,45 @@ func (s *AggregateClassificationMetrics) UnmarshalJSON(data []byte) error { return nil } +// AggregationThresholdPolicy: Represents privacy policy associated with +// "aggregation threshold" method. +type AggregationThresholdPolicy struct { + // PrivacyUnitColumns: Optional. The privacy unit column(s) associated + // with this policy. For now, only one column per data source object + // (table, view) is allowed as a privacy unit column. Representing as a + // repeated field in metadata for extensibility to multiple columns in + // future. Duplicates and Repeated struct fields are not allowed. For + // nested fields, use dot notation ("outer.inner") + PrivacyUnitColumns []string `json:"privacyUnitColumns,omitempty"` + + // Threshold: Optional. The threshold for the "aggregation threshold" + // policy. + Threshold int64 `json:"threshold,omitempty,string"` + + // ForceSendFields is a list of field names (e.g. "PrivacyUnitColumns") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "PrivacyUnitColumns") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *AggregationThresholdPolicy) MarshalJSON() ([]byte, error) { + type NoMethod AggregationThresholdPolicy + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Argument: Input/output argument of a function or a stored procedure. type Argument struct { // ArgumentKind: Optional. Defaults to FIXED_TYPE. @@ -5025,6 +5064,55 @@ func (s *JobConfigurationTableCopy) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// JobCreationReason: Reason about why a Job was created from a +// `jobs.query` +// (https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query) +// method when used with `JOB_CREATION_OPTIONAL` Job creation mode. For +// `jobs.insert` +// (https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/insert) +// method calls it will always be `REQUESTED`. This feature is not yet +// available. Jobs will always be created. +type JobCreationReason struct { + // Code: Output only. Specifies the high level reason why a Job was + // created. + // + // Possible values: + // "CODE_UNSPECIFIED" - Reason is not specified. + // "REQUESTED" - Job creation was requested. + // "LONG_RUNNING" - The query request ran beyond a system defined + // timeout specified by the [timeoutMs field in the + // QueryRequest](https://cloud.google.com/bigquery/docs/reference/rest/v2 + // /jobs/query#queryrequest). As a result it was considered a long + // running operation for which a job was created. + // "LARGE_RESULTS" - The results from the query cannot fit in the + // response. + // "OTHER" - BigQuery has determined that the query needs to be + // executed as a Job. + Code string `json:"code,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Code") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Code") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *JobCreationReason) MarshalJSON() ([]byte, error) { + type NoMethod JobCreationReason + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + type JobList struct { // Etag: A hash of this page of results. Etag string `json:"etag,omitempty"` @@ -6442,6 +6530,39 @@ func (s *PrincipalComponentInfo) UnmarshalJSON(data []byte) error { return nil } +// PrivacyPolicy: Represents privacy policy that contains the privacy +// requirements specified by the data owner. Currently, this is only +// supported on views. +type PrivacyPolicy struct { + // AggregationThresholdPolicy: Optional. Policy used for aggregation + // thresholds. + AggregationThresholdPolicy *AggregationThresholdPolicy `json:"aggregationThresholdPolicy,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "AggregationThresholdPolicy") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. + // "AggregationThresholdPolicy") to include in API requests with the + // JSON null value. By default, fields with empty values are omitted + // from API requests. However, any field with an empty value appearing + // in NullFields will be sent to the server as null. It is an error if a + // field in this list has a non-empty value. This may be used to include + // null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *PrivacyPolicy) MarshalJSON() ([]byte, error) { + type NoMethod PrivacyPolicy + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + type ProjectList struct { // Etag: A hash of the page of results Etag string `json:"etag,omitempty"` @@ -6887,6 +7008,11 @@ type QueryResponse struct { // PageToken: A token used for paging results. PageToken string `json:"pageToken,omitempty"` + // QueryId: Query ID for the completed query. This ID will be + // auto-generated. This field is not yet available and it is currently + // not guaranteed to be populated. + QueryId string `json:"queryId,omitempty"` + // Rows: An object with as many results as can be contained within the // maximum permitted reply size. To get any additional rows, you can // call GetQueryResults and specify the jobReference returned above. @@ -7408,6 +7534,19 @@ type Routine struct { // "AGGREGATE_FUNCTION" - Non-built-in persistent aggregate function. RoutineType string `json:"routineType,omitempty"` + // SecurityMode: Optional. The security mode of the routine, if defined. + // If not defined, the security mode is automatically determined from + // the routine's configuration. + // + // Possible values: + // "SECURITY_MODE_UNSPECIFIED" - The security mode of the routine is + // unspecified. + // "DEFINER" - The routine is to be executed with the privileges of + // the user who defines it. + // "INVOKER" - The routine is to be executed with the privileges of + // the user who invokes it. + SecurityMode string `json:"securityMode,omitempty"` + // SparkOptions: Optional. Spark specific options. SparkOptions *SparkOptions `json:"sparkOptions,omitempty"` @@ -7845,10 +7984,10 @@ func (s *SnapshotDefinition) MarshalJSON() ([]byte, error) { type SparkLoggingInfo struct { // ProjectId: [Output-only] Project ID used for logging - ProjectId string `json:"project_id,omitempty"` + ProjectId string `json:"projectId,omitempty"` // ResourceType: [Output-only] Resource type used for logging - ResourceType string `json:"resource_type,omitempty"` + ResourceType string `json:"resourceType,omitempty"` // ForceSendFields is a list of field names (e.g. "ProjectId") to // unconditionally include in API requests. By default, fields with diff --git a/gkebackup/v1/gkebackup-api.json b/gkebackup/v1/gkebackup-api.json index 54b83fe56b3..4f03df37cb1 100644 --- a/gkebackup/v1/gkebackup-api.json +++ b/gkebackup/v1/gkebackup-api.json @@ -1688,7 +1688,7 @@ } } }, - "revision": "20230925", + "revision": "20231004", "rootUrl": "https://gkebackup.googleapis.com/", "schemas": { "AuditConfig": { @@ -2259,7 +2259,7 @@ "type": "string" }, "resourceKind": { - "description": "Optional. Kind of a Kubernetes resource, e.g. \"CustomResourceDefinition\", \"StorageClass\", etc.", + "description": "Optional. Kind of a Kubernetes resource, must be in UpperCamelCase (PascalCase) and singular form. E.g. \"CustomResourceDefinition\", \"StorageClass\", etc.", "type": "string" } }, @@ -2590,7 +2590,7 @@ "type": "object" }, "Restore": { - "description": "Represents both a request to Restore some portion of a Backup into a target GKE cluster and a record of the restore operation itself. Next id: 18", + "description": "Represents both a request to Restore some portion of a Backup into a target GKE cluster and a record of the restore operation itself. Next id: 19", "id": "Restore", "properties": { "backup": { diff --git a/gkebackup/v1/gkebackup-gen.go b/gkebackup/v1/gkebackup-gen.go index 7191f8b900c..f304d97c9e3 100644 --- a/gkebackup/v1/gkebackup-gen.go +++ b/gkebackup/v1/gkebackup-gen.go @@ -1133,7 +1133,8 @@ type GroupKind struct { // string for core API group ResourceGroup string `json:"resourceGroup,omitempty"` - // ResourceKind: Optional. Kind of a Kubernetes resource, e.g. + // ResourceKind: Optional. Kind of a Kubernetes resource, must be in + // UpperCamelCase (PascalCase) and singular form. E.g. // "CustomResourceDefinition", "StorageClass", etc. ResourceKind string `json:"resourceKind,omitempty"` @@ -1786,7 +1787,7 @@ func (s *ResourceFilter) MarshalJSON() ([]byte, error) { // Restore: Represents both a request to Restore some portion of a // Backup into a target GKE cluster and a record of the restore -// operation itself. Next id: 18 +// operation itself. Next id: 19 type Restore struct { // Backup: Required. Immutable. A reference to the Backup used as the // source from which this Restore will restore. Note that this Backup diff --git a/gkeonprem/v1/gkeonprem-api.json b/gkeonprem/v1/gkeonprem-api.json index b5ef12d878b..e5a590b292b 100644 --- a/gkeonprem/v1/gkeonprem-api.json +++ b/gkeonprem/v1/gkeonprem-api.json @@ -2996,7 +2996,7 @@ } } }, - "revision": "20230925", + "revision": "20231004", "rootUrl": "https://gkeonprem.googleapis.com/", "schemas": { "Authorization": { @@ -3029,7 +3029,7 @@ "type": "object" }, "BareMetalAdminCluster": { - "description": "## Resource that represents a bare metal admin cluster.", + "description": "Resource that represents a bare metal admin cluster. LINT.IfChange", "id": "BareMetalAdminCluster", "properties": { "annotations": { @@ -3532,7 +3532,7 @@ "type": "object" }, "BareMetalCluster": { - "description": "Resource that represents a bare metal user cluster.", + "description": "Resource that represents a bare metal user cluster. LINT.IfChange", "id": "BareMetalCluster", "properties": { "adminClusterMembership": { @@ -5503,6 +5503,10 @@ "$ref": "VmwarePlatformConfig", "description": "The VMware platform configuration." }, + "preparedSecrets": { + "$ref": "VmwareAdminPreparedSecretsConfig", + "description": "The VMware admin cluster prepared secrets configuration." + }, "reconciling": { "description": "Output only. If set, there are currently changes in flight to the VMware admin cluster.", "readOnly": true, @@ -5712,6 +5716,17 @@ }, "type": "object" }, + "VmwareAdminPreparedSecretsConfig": { + "description": "VmwareAdminPreparedSecretsConfig represents configuration for admin cluster prepared secrets.", + "id": "VmwareAdminPreparedSecretsConfig", + "properties": { + "enabled": { + "description": "Whether prepared secrets is enabled.", + "type": "boolean" + } + }, + "type": "object" + }, "VmwareAdminSeesawConfig": { "description": "VmwareSeesawConfig represents configuration parameters for an already existing Seesaw load balancer. IMPORTANT: Please note that the Anthos On-Prem API will not generate or update Seesaw configurations it can only bind a pre-existing configuration to a new user cluster. IMPORTANT: When attempting to create a user cluster with a pre-existing Seesaw load balancer you will need to follow some preparation steps before calling the 'CreateVmwareCluster' API method. First you will need to create the user cluster's namespace via kubectl. The namespace will need to use the following naming convention : -gke-onprem-mgmt or -gke-onprem-mgmt depending on whether you used the 'VmwareCluster.local_name' to disambiguate collisions; for more context see the documentation of 'VmwareCluster.local_name'. Once the namespace is created you will need to create a secret resource via kubectl. This secret will contain copies of your Seesaw credentials. The Secret must be called 'user-cluster-creds' and contain Seesaw's SSH and Cert credentials. The credentials must be keyed with the following names: 'seesaw-ssh-private-key', 'seesaw-ssh-public-key', 'seesaw-ssh-ca-key', 'seesaw-ssh-ca-cert'.", "id": "VmwareAdminSeesawConfig", diff --git a/gkeonprem/v1/gkeonprem-gen.go b/gkeonprem/v1/gkeonprem-gen.go index 83c04fdcc17..68791fde8f7 100644 --- a/gkeonprem/v1/gkeonprem-gen.go +++ b/gkeonprem/v1/gkeonprem-gen.go @@ -398,8 +398,8 @@ func (s *BareMetalAdminApiServerArgument) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// BareMetalAdminCluster: ## Resource that represents a bare metal admin -// cluster. +// BareMetalAdminCluster: Resource that represents a bare metal admin +// cluster. LINT.IfChange type BareMetalAdminCluster struct { // Annotations: Annotations on the bare metal admin cluster. This field // has the same restrictions as Kubernetes annotations. The total size @@ -1354,6 +1354,7 @@ func (s *BareMetalBgpPeerConfig) MarshalJSON() ([]byte, error) { } // BareMetalCluster: Resource that represents a bare metal user cluster. +// LINT.IfChange type BareMetalCluster struct { // AdminClusterMembership: Required. The admin cluster this bare metal // user cluster belongs to. This is the full resource name of the admin @@ -4834,6 +4835,10 @@ type VmwareAdminCluster struct { // PlatformConfig: The VMware platform configuration. PlatformConfig *VmwarePlatformConfig `json:"platformConfig,omitempty"` + // PreparedSecrets: The VMware admin cluster prepared secrets + // configuration. + PreparedSecrets *VmwareAdminPreparedSecretsConfig `json:"preparedSecrets,omitempty"` + // Reconciling: Output only. If set, there are currently changes in // flight to the VMware admin cluster. Reconciling bool `json:"reconciling,omitempty"` @@ -5152,6 +5157,35 @@ func (s *VmwareAdminNetworkConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// VmwareAdminPreparedSecretsConfig: VmwareAdminPreparedSecretsConfig +// represents configuration for admin cluster prepared secrets. +type VmwareAdminPreparedSecretsConfig struct { + // Enabled: Whether prepared secrets is enabled. + Enabled bool `json:"enabled,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Enabled") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Enabled") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *VmwareAdminPreparedSecretsConfig) MarshalJSON() ([]byte, error) { + type NoMethod VmwareAdminPreparedSecretsConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // VmwareAdminSeesawConfig: VmwareSeesawConfig represents configuration // parameters for an already existing Seesaw load balancer. IMPORTANT: // Please note that the Anthos On-Prem API will not generate or update diff --git a/logging/v2/logging-api.json b/logging/v2/logging-api.json index d5a9acb4b6e..ba33ed2b092 100644 --- a/logging/v2/logging-api.json +++ b/logging/v2/logging-api.json @@ -1361,7 +1361,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -1406,7 +1406,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -2963,7 +2963,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -3008,7 +3008,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -5209,7 +5209,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -5254,7 +5254,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -6688,7 +6688,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -6733,7 +6733,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -6916,7 +6916,7 @@ ], "parameters": { "customWriterIdentity": { - "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", "location": "query", "type": "string" }, @@ -7084,7 +7084,7 @@ } } }, - "revision": "20230915", + "revision": "20231006", "rootUrl": "https://logging.googleapis.com/", "schemas": { "BigQueryDataset": { diff --git a/logging/v2/logging-gen.go b/logging/v2/logging-gen.go index 302dcc70ecf..5d8c29163ad 100644 --- a/logging/v2/logging-gen.go +++ b/logging/v2/logging-gen.go @@ -10542,10 +10542,10 @@ func (r *BillingAccountsSinksService) Patch(sinkNameid string, logsink *LogSink) // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *BillingAccountsSinksPatchCall) CustomWriterIdentity(customWriterIdentity string) *BillingAccountsSinksPatchCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -10682,7 +10682,7 @@ func (c *BillingAccountsSinksPatchCall) Do(opts ...googleapi.CallOption) (*LogSi // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -10752,10 +10752,10 @@ func (r *BillingAccountsSinksService) Update(sinkNameid string, logsink *LogSink // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *BillingAccountsSinksUpdateCall) CustomWriterIdentity(customWriterIdentity string) *BillingAccountsSinksUpdateCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -10892,7 +10892,7 @@ func (c *BillingAccountsSinksUpdateCall) Do(opts ...googleapi.CallOption) (*LogS // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -18597,10 +18597,10 @@ func (r *FoldersSinksService) Patch(sinkNameid string, logsink *LogSink) *Folder // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *FoldersSinksPatchCall) CustomWriterIdentity(customWriterIdentity string) *FoldersSinksPatchCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -18737,7 +18737,7 @@ func (c *FoldersSinksPatchCall) Do(opts ...googleapi.CallOption) (*LogSink, erro // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -18807,10 +18807,10 @@ func (r *FoldersSinksService) Update(sinkNameid string, logsink *LogSink) *Folde // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *FoldersSinksUpdateCall) CustomWriterIdentity(customWriterIdentity string) *FoldersSinksUpdateCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -18947,7 +18947,7 @@ func (c *FoldersSinksUpdateCall) Do(opts ...googleapi.CallOption) (*LogSink, err // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -29722,10 +29722,10 @@ func (r *OrganizationsSinksService) Patch(sinkNameid string, logsink *LogSink) * // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *OrganizationsSinksPatchCall) CustomWriterIdentity(customWriterIdentity string) *OrganizationsSinksPatchCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -29862,7 +29862,7 @@ func (c *OrganizationsSinksPatchCall) Do(opts ...googleapi.CallOption) (*LogSink // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -29932,10 +29932,10 @@ func (r *OrganizationsSinksService) Update(sinkNameid string, logsink *LogSink) // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *OrganizationsSinksUpdateCall) CustomWriterIdentity(customWriterIdentity string) *OrganizationsSinksUpdateCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -30072,7 +30072,7 @@ func (c *OrganizationsSinksUpdateCall) Do(opts ...googleapi.CallOption) (*LogSin // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -37031,10 +37031,10 @@ func (r *ProjectsSinksService) Patch(sinkNameid string, logsink *LogSink) *Proje // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *ProjectsSinksPatchCall) CustomWriterIdentity(customWriterIdentity string) *ProjectsSinksPatchCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -37171,7 +37171,7 @@ func (c *ProjectsSinksPatchCall) Do(opts ...googleapi.CallOption) (*LogSink, err // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -37241,10 +37241,10 @@ func (r *ProjectsSinksService) Update(sinkNameid string, logsink *LogSink) *Proj // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *ProjectsSinksUpdateCall) CustomWriterIdentity(customWriterIdentity string) *ProjectsSinksUpdateCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -37381,7 +37381,7 @@ func (c *ProjectsSinksUpdateCall) Do(opts ...googleapi.CallOption) (*LogSink, er // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // }, @@ -38135,10 +38135,10 @@ func (r *SinksService) Update(sinkNameid string, logsink *LogSink) *SinksUpdateC // CustomWriterIdentity sets the optional parameter // "customWriterIdentity": A service account provided by the caller that -// will be used to write the log entries. Must be of format -// serviceAccount:some@email. This can only be specified if writing to a -// destination outside the sink's project. If not specified, a p4 -// service account will automatically be generated. +// will be used to write the log entries. The format must be +// serviceAccount:some@email. This field can only be specified if you +// are routing logs to a destination outside this sink's project. If not +// specified, a Logging service account will automatically be generated. func (c *SinksUpdateCall) CustomWriterIdentity(customWriterIdentity string) *SinksUpdateCall { c.urlParams_.Set("customWriterIdentity", customWriterIdentity) return c @@ -38275,7 +38275,7 @@ func (c *SinksUpdateCall) Do(opts ...googleapi.CallOption) (*LogSink, error) { // ], // "parameters": { // "customWriterIdentity": { - // "description": "Optional. A service account provided by the caller that will be used to write the log entries. Must be of format serviceAccount:some@email. This can only be specified if writing to a destination outside the sink's project. If not specified, a p4 service account will automatically be generated.", + // "description": "Optional. A service account provided by the caller that will be used to write the log entries. The format must be serviceAccount:some@email. This field can only be specified if you are routing logs to a destination outside this sink's project. If not specified, a Logging service account will automatically be generated.", // "location": "query", // "type": "string" // },