Namespace Google.Apis.NetworkServices.v1.Data
Classes
AuditConfig
Specifies the audit configuration for a service. The configuration determines which permission types are logged,
and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If
there are AuditConfigs for both allServices
and a specific service, the union of the two AuditConfigs is used
for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each
AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service":
"allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ]
}, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com",
"audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [
"user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
logging. It also exempts jose@example.com
from DATA_READ logging, and aliya@example.com
from DATA_WRITE
logging.
AuditLogConfig
Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
AuthzExtension
AuthzExtension
is a resource that allows traffic forwarding to a callout backend service to make an
authorization decision.
Binding
Associates members
, or principals, with a role
.
CancelOperationRequest
The request message for Operations.CancelOperation.
Empty
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
EndpointMatcher
A definition of a matcher that selects endpoints to which the policies should be applied.
EndpointMatcherMetadataLabelMatcher
The matcher that is based on node metadata presented by xDS clients.
EndpointMatcherMetadataLabelMatcherMetadataLabels
Defines a name-pair value for a single label.
EndpointPolicy
EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
Expr
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
ExtensionChain
A single extension chain wrapper that contains the match conditions and extensions to execute.
ExtensionChainExtension
A single extension in the chain to execute for the matching request.
ExtensionChainMatchCondition
Conditions under which this chain is invoked for a request.
Gateway
Gateway represents the configuration for a proxy, typically a load balancer. It captures the ip:port over which the services are exposed by the proxy, along with any policy configurations. Routes have reference to to Gateways to dictate how requests should be routed by this Gateway. Next id: 33
GatewayRouteView
GatewayRouteView defines view-only resource for Routes to a Gateway
GrpcRoute
GrpcRoute is the resource defining how gRPC traffic routed by a Mesh or Gateway resource is routed.
GrpcRouteDestination
The destination to which traffic will be routed.
GrpcRouteFaultInjectionPolicy
The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced on a percentage of requests before sending those requests to the destination service. Similarly requests from clients can be aborted by for a percentage of requests.
GrpcRouteFaultInjectionPolicyAbort
Specification of how client requests are aborted as part of fault injection before being sent to a destination.
GrpcRouteFaultInjectionPolicyDelay
Specification of how client requests are delayed as part of fault injection before being sent to a destination.
GrpcRouteHeaderMatch
A match against a collection of headers.
GrpcRouteMethodMatch
Specifies a match against a method.
GrpcRouteRetryPolicy
The specifications for retries. Specifies one or more conditions for which this retry rule applies. Valid values are:
GrpcRouteRouteAction
Specifies how to route matched traffic.
GrpcRouteRouteMatch
Criteria for matching traffic. A RouteMatch will be considered to match when all supplied fields match.
GrpcRouteRouteRule
Describes how to route traffic.
GrpcRouteStatefulSessionAffinityPolicy
The specification for cookie-based stateful session affinity where the date plane supplies a “session cookie” with the name "GSSA" which encodes a specific destination host and each request containing that cookie will be directed to that host as long as the destination host remains up and healthy. The gRPC proxyless mesh library or sidecar proxy will manage the session cookie but the client application code is responsible for copying the cookie from each RPC in the session to the next.
HttpRoute
HttpRoute is the resource defining how HTTP traffic should be routed by a Mesh or Gateway resource.
HttpRouteCorsPolicy
The Specification for allowing client side cross-origin requests.
HttpRouteDestination
Specifications of a destination to which the request should be routed to.
HttpRouteFaultInjectionPolicy
The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced by client proxy on a percentage of requests before sending those requests to the destination service. Similarly requests can be aborted by client proxy for a percentage of requests.
HttpRouteFaultInjectionPolicyAbort
Specification of how client requests are aborted as part of fault injection before being sent to a destination.
HttpRouteFaultInjectionPolicyDelay
Specification of how client requests are delayed as part of fault injection before being sent to a destination.
HttpRouteHeaderMatch
Specifies how to select a route rule based on HTTP request headers.
HttpRouteHeaderMatchIntegerRange
Represents an integer value range.
HttpRouteHeaderModifier
The specification for modifying HTTP header in HTTP request and HTTP response.
HttpRouteHttpDirectResponse
Static HTTP response object to be returned.
HttpRouteQueryParameterMatch
Specifications to match a query parameter in the request.
HttpRouteRedirect
The specification for redirecting traffic.
HttpRouteRequestMirrorPolicy
Specifies the policy on how requests are shadowed to a separate mirrored destination service. The proxy does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host/authority header is suffixed with -shadow.
HttpRouteRetryPolicy
The specifications for retries.
HttpRouteRouteAction
The specifications for routing traffic and applying associated policies.
HttpRouteRouteMatch
RouteMatch defines specifications used to match requests. If multiple match types are set, this RouteMatch will match if ALL type of matches are matched.
HttpRouteRouteRule
Specifies how to match traffic and how to route traffic when traffic is matched.
HttpRouteStatefulSessionAffinityPolicy
The specification for cookie-based stateful session affinity where the date plane supplies a “session cookie” with the name "GSSA" which encodes a specific destination host and each request containing that cookie will be directed to that host as long as the destination host remains up and healthy. The gRPC proxyless mesh library or sidecar proxy will manage the session cookie but the client application code is responsible for copying the cookie from each RPC in the session to the next.
HttpRouteURLRewrite
The specification for modifying the URL of the request, prior to forwarding the request to the destination.
LbRouteExtension
LbRouteExtension
is a resource that lets you control where traffic is routed to for a given request.
LbTrafficExtension
LbTrafficExtension
is a resource that lets the extension service modify the headers and payloads of both
requests and responses without impacting the choice of backend services or any other security policies
associated with the backend service.
ListAuthzExtensionsResponse
Message for response to listing AuthzExtension
resources.
ListEndpointPoliciesResponse
Response returned by the ListEndpointPolicies method.
ListGatewayRouteViewsResponse
Response returned by the ListGatewayRouteViews method.
ListGatewaysResponse
Response returned by the ListGateways method.
ListGrpcRoutesResponse
Response returned by the ListGrpcRoutes method.
ListHttpRoutesResponse
Response returned by the ListHttpRoutes method.
ListLbRouteExtensionsResponse
Message for response to listing LbRouteExtension
resources.
ListLbTrafficExtensionsResponse
Message for response to listing LbTrafficExtension
resources.
ListLocationsResponse
The response message for Locations.ListLocations.
ListMeshRouteViewsResponse
Response returned by the ListMeshRouteViews method.
ListMeshesResponse
Response returned by the ListMeshes method.
ListOperationsResponse
The response message for Operations.ListOperations.
ListServiceBindingsResponse
Response returned by the ListServiceBindings method.
ListServiceLbPoliciesResponse
Response returned by the ListServiceLbPolicies method.
ListTcpRoutesResponse
Response returned by the ListTcpRoutes method.
ListTlsRoutesResponse
Response returned by the ListTlsRoutes method.
ListWasmPluginVersionsResponse
Response returned by the ListWasmPluginVersions
method.
ListWasmPluginsResponse
Response returned by the ListWasmPlugins
method.
Location
A resource that represents a Google Cloud location.
LoggingConfig
The configuration for Platform Telemetry logging for Eventarc Avdvanced resources.
Mesh
Mesh represents a logical configuration grouping for workload to workload communication within a service mesh. Routes that point to mesh dictate how requests are routed within this logical mesh boundary.
MeshRouteView
MeshRouteView defines view-only resource for Routes to a Mesh
Operation
This resource represents a long-running operation that is the result of a network API call.
OperationMetadata
Represents the metadata of the long-running operation.
Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A
Policy
is a collection of bindings
. A binding
binds one or more members
, or principals, to a single
role
. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A
role
is a named list of permissions; each role
can be an IAM predefined role or a user-created custom role.
For some types of Google Cloud resources, a binding
can also specify a condition
, which is a logical
expression that allows access to a resource only if the expression evaluates to true
. A condition can add
constraints based on attributes of the request, the resource, or both. To learn which resources support
conditions in their IAM policies, see the IAM
documentation. JSON example:
{
"bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com",
"group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] },
{ "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": {
"title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time
< timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
YAML example:
bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com -
serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin -
members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable
access description: Does not grant access after Sep 2020 expression: request.time <
timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3
For a description of IAM and its features, see the IAM documentation.
RetryFilterPerRouteConfig
ServiceBinding
ServiceBinding is the resource that defines a Service Directory Service to be used in a BackendService resource.
ServiceLbPolicy
ServiceLbPolicy holds global load balancing and traffic distribution configuration that can be applied to a BackendService.
ServiceLbPolicyAutoCapacityDrain
Option to specify if an unhealthy IG/NEG should be considered for global load balancing and traffic routing.
ServiceLbPolicyFailoverConfig
Option to specify health based failover behavior. This is not related to Network load balancer FailoverPolicy.
SetIamPolicyRequest
Request message for SetIamPolicy
method.
Status
The Status
type defines a logical error model that is suitable for different programming environments,
including REST APIs and RPC APIs. It is used by gRPC. Each Status
message contains
three pieces of data: error code, error message, and error details. You can find out more about this error model
and how to work with it in the API Design Guide.
TcpRoute
TcpRoute is the resource defining how TCP traffic should be routed by a Mesh/Gateway resource.
TcpRouteRouteAction
The specifications for routing traffic and applying associated policies.
TcpRouteRouteDestination
Describe the destination for traffic to be routed to.
TcpRouteRouteMatch
RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. If no routeMatch field is specified, this rule will unconditionally match traffic.
TcpRouteRouteRule
Specifies how to match traffic and how to route traffic when traffic is matched.
TestIamPermissionsRequest
Request message for TestIamPermissions
method.
TestIamPermissionsResponse
Response message for TestIamPermissions
method.
TlsRoute
TlsRoute defines how traffic should be routed based on SNI and other matching L3 attributes.
TlsRouteRouteAction
The specifications for routing traffic and applying associated policies.
TlsRouteRouteDestination
Describe the destination for traffic to be routed to.
TlsRouteRouteMatch
RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "AND"ed for evaluation. If no routeMatch field is specified, this rule will unconditionally match traffic.
TlsRouteRouteRule
Specifies how to match traffic and how to route traffic when traffic is matched.
TrafficPortSelector
Specification of a port-based selector.
WasmPlugin
WasmPlugin
is a resource representing a service executing a customer-provided Wasm module.
WasmPluginLogConfig
Specifies the logging options for the activity performed by this plugin. If logging is enabled, plugin logs are exported to Cloud Logging.
WasmPluginUsedBy
Defines a resource that uses the WasmPlugin
resource.
WasmPluginVersion
A single immutable version of a WasmPlugin
resource. Defines the Wasm module used and optionally its runtime
config.
WasmPluginVersionDetails
Details of a WasmPluginVersion
resource to be inlined in the WasmPlugin
resource.