diff --git a/temporal/api/cloud/cloudservice/v1/request_response.proto b/temporal/api/cloud/cloudservice/v1/request_response.proto index 6abe5be..3cb31d3 100644 --- a/temporal/api/cloud/cloudservice/v1/request_response.proto +++ b/temporal/api/cloud/cloudservice/v1/request_response.proto @@ -6,14 +6,19 @@ option go_package = "go.temporal.io/api/cloud/cloudservice/v1;cloudservice"; import "temporal/api/cloud/operation/v1/message.proto"; import "temporal/api/cloud/identity/v1/message.proto"; +import "temporal/api/cloud/namespace/v1/message.proto"; +import "temporal/api/cloud/region/v1/message.proto"; message GetUsersRequest { - // The requested size of the page to retrieve + // The requested size of the page to retrieve - optional. + // Cannot exceed 1000. Defaults to 100. int32 page_size = 1; - // The page token + // The page token if this is continuing from another response - optional. string page_token = 2; - // Optional field to filter users by email address + // Filter users by email address - optional. string email = 3; + // Filter users by the namespace they have access to - optional. + string namespace = 4; } message GetUsersResponse { @@ -94,7 +99,7 @@ message SetUserNamespaceAccessRequest { } message SetUserNamespaceAccessResponse { - // The request status of the update operation + // The async operation temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; } @@ -107,3 +112,120 @@ message GetAsyncOperationResponse { // The async operation temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; } + +message CreateNamespaceRequest { + // The namespace specification. + temporal.api.cloud.namespace.v1.NamespaceSpec spec = 2; + // The id to use for this async operation. + // Optional, if not provided a random id will be generated. + string async_operation_id = 3; +} + +message CreateNamespaceResponse { + // The namespace that was created. + string namespace = 1; + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 2; +} + +message GetNamespacesRequest { + // The requested size of the page to retrieve. + // Cannot exceed 1000. + // Optional, defaults to 100. + int32 page_size = 1; + // The page token if this is continuing from another response. + // Optional, defaults to empty. + string page_token = 2; + // Filter namespaces by their name. + // Optional, defaults to empty. + string name = 3; +} + +message GetNamespacesResponse { + // The list of namespaces in ascending name order. + repeated temporal.api.cloud.namespace.v1.Namespace namespaces = 1; + // The next page's token. + string next_page_token = 2; +} + +message GetNamespaceRequest { + // The namespace to get. + string namespace = 1; +} + +message GetNamespaceResponse { + // The namespace. + temporal.api.cloud.namespace.v1.Namespace namespace = 1; +} + +message UpdateNamespaceRequest { + // The namespace to update. + string namespace = 1; + // The new namespace specification. + temporal.api.cloud.namespace.v1.NamespaceSpec spec = 2; + // The version of the namespace for which this update is intended for. + // The latest version can be found in the namespace status. + string resource_version = 3; + // The id to use for this async operation. + // Optional, if not provided a random id will be generated. + string async_operation_id = 4; +} + +message UpdateNamespaceResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message RenameCustomSearchAttributeRequest { + // The namespace to rename the custom search attribute for. + string namespace = 1; + // The existing name of the custom search attribute to be renamed. + string existing_custom_search_attribute_name = 2; + // The new name of the custom search attribute. + string new_custom_search_attribute_name = 3; + // The version of the namespace for which this update is intended for. + // The latest version can be found in the namespace status. + string resource_version = 4; + // The id to use for this async operation. + // Optional, if not provided a random id will be generated. + string async_operation_id = 5; +} + +message RenameCustomSearchAttributeResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message DeleteNamespaceRequest { + // The namespace to delete. + string namespace = 1; + // The version of the namespace for which this delete is intended for. + // The latest version can be found in the namespace status. + string resource_version = 2; + // The id to use for this async operation. + // Optional, if not provided a random id will be generated. + string async_operation_id = 3; +} + +message DeleteNamespaceResponse { + // The async operation. + temporal.api.cloud.operation.v1.AsyncOperation async_operation = 1; +} + +message GetRegionsRequest { +} + +message GetRegionsResponse { + // The temporal cloud regions. + repeated temporal.api.cloud.region.v1.Region regions = 1; +} + +message GetRegionRequest { + // The id of the region to get. + string region = 1; +} + +message GetRegionResponse { + // The temporal cloud region. + temporal.api.cloud.region.v1.Region region = 1; +} diff --git a/temporal/api/cloud/cloudservice/v1/service.proto b/temporal/api/cloud/cloudservice/v1/service.proto index 49b2969..00f1815 100644 --- a/temporal/api/cloud/cloudservice/v1/service.proto +++ b/temporal/api/cloud/cloudservice/v1/service.proto @@ -59,4 +59,63 @@ service CloudService { get: "/api/v1/operations/{async_operation_id}", }; } + + // Create a new namespace + rpc CreateNamespace (CreateNamespaceRequest) returns (CreateNamespaceResponse) { + option (google.api.http) = { + post: "/api/v1/namespaces", + body: "*" + }; + } + + // Get all namespaces + rpc GetNamespaces (GetNamespacesRequest) returns (GetNamespacesResponse) { + option (google.api.http) = { + get: "/api/v1/namespaces", + }; + } + + // Get a namespace + rpc GetNamespace (GetNamespaceRequest) returns (GetNamespaceResponse) { + option (google.api.http) = { + get: "/api/v1/namespaces/{namespace}", + }; + } + + // Update a namespace + rpc UpdateNamespace (UpdateNamespaceRequest) returns (UpdateNamespaceResponse) { + option (google.api.http) = { + post: "/api/v1/namespaces/{namespace}", + body: "*" + }; + } + + // Rename an existing customer search attribute + rpc RenameCustomSearchAttribute (RenameCustomSearchAttributeRequest) returns (RenameCustomSearchAttributeResponse) { + option (google.api.http) = { + post: "/api/v1/namespaces/{namespace}/rename-custom-search-attribute", + body: "*" + }; + } + + // Delete a namespace + rpc DeleteNamespace (DeleteNamespaceRequest) returns (DeleteNamespaceResponse) { + option (google.api.http) = { + delete: "/api/v1/namespaces/{namespace}", + }; + } + + // Get all regions + rpc GetRegions (GetRegionsRequest) returns (GetRegionsResponse) { + option (google.api.http) = { + get: "/api/v1/regions", + }; + } + + // Get a region + rpc GetRegion (GetRegionRequest) returns (GetRegionResponse) { + option (google.api.http) = { + get: "/api/v1/regions/{region}", + }; + } } diff --git a/temporal/api/cloud/identity/v1/message.proto b/temporal/api/cloud/identity/v1/message.proto index ce8da60..3009f7e 100644 --- a/temporal/api/cloud/identity/v1/message.proto +++ b/temporal/api/cloud/identity/v1/message.proto @@ -61,6 +61,7 @@ message User { // The date and time when the user was created google.protobuf.Timestamp created_time = 7; // The date and time when the user was last modified + // Will not be set if the user has never been modified. google.protobuf.Timestamp last_modified_time = 8; } diff --git a/temporal/api/cloud/namespace/v1/message.proto b/temporal/api/cloud/namespace/v1/message.proto new file mode 100644 index 0000000..9c8db23 --- /dev/null +++ b/temporal/api/cloud/namespace/v1/message.proto @@ -0,0 +1,126 @@ +syntax = "proto3"; + +package temporal.api.cloud.namespace.v1; + +option go_package = "go.temporal.io/api/cloud/namespace/v1;namespace"; + +import "google/protobuf/timestamp.proto"; + +message CertificateFilterSpec { + // The common_name in the certificate. + // Optional, default is empty. + string common_name = 1; + // The organization in the certificate. + // Optional, default is empty. + string organization = 2; + // The organizational_unit in the certificate. + // Optional, default is empty. + string organizational_unit = 3; + // The subject_alternative_name in the certificate. + // Optional, default is empty. + string subject_alternative_name = 4; +} + +message MtlsAuthSpec { + // The base64 encoded ca cert(s) in PEM format that the clients can use for authentication and authorization. + // This must only be one value, but the CA can have a chain. + string accepted_client_ca = 1; + // Certificate filters which, if specified, only allow connections from client certificates whose distinguished name properties match at least one of the filters. + // This allows limiting access to specific end-entity certificates. + // Optional, default is empty. + repeated CertificateFilterSpec certificate_filters = 2; +} + +message CodecServerSpec { + // The codec server endpoint. + string endpoint = 1; + // Whether to pass the user access token with your endpoint. + bool pass_access_token = 2; + // Whether to include cross-origin credentials. + bool include_cross_origin_credentials = 3; +} + +message NamespaceSpec { + // The name to use for the namespace. + // This will create a namespace that's available at '..tmprl.cloud:7233'. + // The name is immutable. Once set, it cannot be changed. + string name = 1; + // The ids of the regions where the namespace should be available. + // Specifying more than one region makes the namespace "global", which is currently a preview only feature with restricted access. + // Please reach out to Temporal support for more information on global namespaces. + // When provisioned the global namespace will be active on the first region in the list and passive on the rest. + // Number of supported regions is 2. + // The regions is immutable. Once set, it cannot be changed. + repeated string regions = 2; + // The number of days the workflows data will be retained for. + // Changes to the retention period may impact your storage costs. + // Any changes to the retention period will be applied to all new running workflows. + int32 retention_days = 3; + // The mtls authentication and authorization to enforce on the namespace. + MtlsAuthSpec mtls_auth = 4; + // The custom search attributes to use for the namespace. + // The name of the attribute is the key and the type is the value. + // Supported attribute types: text, keyword, int, double, bool, datetime, keyword_list. + // NOTE: currently deleting a search attribute is not supported. + // Optional, default is empty. + map custom_search_attributes = 5; + // Codec server spec used by UI to decode payloads for all users interacting with this namespace. + // Optional, default is unset. + CodecServerSpec codec_server = 6; +} + +message Endpoints { + // The web ui address. + string web_address = 1; + // The grpc hostport address that the temporal workers, clients and tctl connect to. + string grpc_address = 2; +} + +message Limits { + // The number of actions per second (APS) that is currently allowed for the namespace. + // The namespace may be throttled if its APS exceeds the limit. + int32 actions_per_second_limit = 1; +} + +message AWSPrivateLinkInfo { + // The list of principal arns that are allowed to access the namespace on the private link. + repeated string allowed_principal_arns = 1; + // The list of vpc endpoint service names that are associated with the namespace. + repeated string vpc_endpoint_service_names = 2; +} + + +message PrivateConnectivity { + // The id of the region where the private connectivity applies. + string region = 1; + // The AWS PrivateLink info. + // This will only be set for an aws region. + AWSPrivateLinkInfo aws_private_link = 2; +} + +message Namespace { + // The namespace identifier. + string namespace = 1; + // The current version of the namespace specification. + // The next update operation will have to include this version. + string resource_version = 2; + // The namespace specification. + NamespaceSpec spec = 3; + // The current state of the namespace. + string state = 4; + // The id of the async operation that is creating/updating/deleting the namespace, if any. + string async_operation_id = 5; + // The endpoints for the namespace. + Endpoints endpoints = 6; + // The currently active region for the namespace. + string active_region = 7; + // The limits set on the namespace currently. + Limits limits = 8; + // The private connectivities for the namespace, if any. + repeated PrivateConnectivity private_connectivities = 9; + // The date and time when the namespace was created. + google.protobuf.Timestamp created_time = 10; + // The date and time when the namespace was last modified. + // Will not be set if the namespace has never been modified. + google.protobuf.Timestamp last_modified_time = 11; +} diff --git a/temporal/api/cloud/region/v1/message.proto b/temporal/api/cloud/region/v1/message.proto new file mode 100644 index 0000000..92bc943 --- /dev/null +++ b/temporal/api/cloud/region/v1/message.proto @@ -0,0 +1,18 @@ +syntax = "proto3"; + +package temporal.api.cloud.region.v1; + +option go_package = "go.temporal.io/api/cloud/region/v1;region"; + +message Region { + // The id of the temporal cloud region. + string id = 1; + // The name of the cloud provider that's hosting the region. + // Currently only "aws" is supported. + string cloud_provider = 2; + // The region identifier as defined by the cloud provider. + string cloud_provider_region = 3; + // The human readable location of the region. + string location = 4; +} +