Namespace Google.Apis.NetworkServices.v1beta1.Data

Classes

AuditConfig

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

AuditLogConfig

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

Binding

Associates members, or principals, with a role.

CancelOperationRequest

The request message for Operations.CancelOperation.

Empty

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

EndpointMatcher

A definition of a matcher that selects endpoints to which the policies should be applied.

EndpointPolicy

EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.

Expr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

Gateway

Gateway represents the configuration for a proxy, typically a load balancer. It captures the ip:port over which the services are exposed by the proxy, along with any policy configurations. Routes have reference to to Gateways to dictate how requests should be routed by this Gateway.

GrpcRoute

GrpcRoute is the resource defining how gRPC traffic routed by a Mesh or Gateway resource is routed.

GrpcRouteDestination

The destination to which traffic will be routed.

GrpcRouteFaultInjectionPolicy

The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced on a percentage of requests before sending those requests to the destination service. Similarly requests from clients can be aborted by for a percentage of requests.

GrpcRouteFaultInjectionPolicyAbort

Specification of how client requests are aborted as part of fault injection before being sent to a destination.

GrpcRouteFaultInjectionPolicyDelay

Specification of how client requests are delayed as part of fault injection before being sent to a destination.

GrpcRouteHeaderMatch

A match against a collection of headers.

GrpcRouteMethodMatch

Specifies a match against a method.

GrpcRouteRetryPolicy

The specifications for retries.

GrpcRouteRouteAction

Specifies how to route matched traffic.

GrpcRouteRouteMatch

Criteria for matching traffic. A RouteMatch will be considered to match when all supplied fields match.

GrpcRouteRouteRule

Describes how to route traffic.

HttpRoute

HttpRoute is the resource defining how HTTP traffic should be routed by a Mesh or Gateway resource.

HttpRouteCorsPolicy

The Specification for allowing client side cross-origin requests.

HttpRouteDestination

Specifications of a destination to which the request should be routed to.

HttpRouteFaultInjectionPolicy

The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced by client proxy on a percentage of requests before sending those requests to the destination service. Similarly requests can be aborted by client proxy for a percentage of requests.

HttpRouteFaultInjectionPolicyAbort

Specification of how client requests are aborted as part of fault injection before being sent to a destination.

HttpRouteFaultInjectionPolicyDelay

Specification of how client requests are delayed as part of fault injection before being sent to a destination.

HttpRouteHeaderMatch

Specifies how to select a route rule based on HTTP request headers.

HttpRouteHeaderMatchIntegerRange

Represents an integer value range.

HttpRouteHeaderModifier

The specification for modifying HTTP header in HTTP request and HTTP response.

HttpRouteQueryParameterMatch

Specifications to match a query parameter in the request.

HttpRouteRedirect

The specification for redirecting traffic.

HttpRouteRequestMirrorPolicy

Specifies the policy on how requests are shadowed to a separate mirrored destination service. The proxy does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host/authority header is suffixed with -shadow.

HttpRouteRetryPolicy

The specifications for retries.

HttpRouteRouteAction

The specifications for routing traffic and applying associated policies.

HttpRouteRouteMatch

RouteMatch defines specifications used to match requests. If multiple match types are set, this RouteMatch will match if ALL type of matches are matched.

HttpRouteRouteRule

Specifies how to match traffic and how to route traffic when traffic is matched.

HttpRouteURLRewrite

The specification for modifying the URL of the request, prior to forwarding the request to the destination.

ListEndpointPoliciesResponse

Response returned by the ListEndpointPolicies method.

ListGatewaysResponse

Response returned by the ListGateways method.

ListGrpcRoutesResponse

Response returned by the ListGrpcRoutes method.

ListHttpRoutesResponse

Response returned by the ListHttpRoutes method.

ListLocationsResponse

The response message for Locations.ListLocations.

ListMeshesResponse

Response returned by the ListMeshes method.

ListOperationsResponse

The response message for Operations.ListOperations.

ListServiceBindingsResponse

Response returned by the ListServiceBindings method.

ListServiceLbPoliciesResponse

Response returned by the ListServiceLbPolicies method.

ListTcpRoutesResponse

Response returned by the ListTcpRoutes method.

ListTlsRoutesResponse

Response returned by the ListTlsRoutes method.

Location

A resource that represents a Google Cloud location.

Mesh

Mesh represents a logical configuration grouping for workload to workload communication within a service mesh. Routes that point to mesh dictate how requests are routed within this logical mesh boundary.

MetadataLabelMatcher

The matcher that is based on node metadata presented by xDS clients.

MetadataLabels

Defines a name-pair value for a single label.

Operation

This resource represents a long-running operation that is the result of a network API call.

OperationMetadata

Represents the metadata of the long-running operation.

Policy

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example:

{
"bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com",
"group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] },
{ "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": {
"title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time
&lt; timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }

YAML example:

bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com -
serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin -
members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable
access description: Does not grant access after Sep 2020 expression: request.time &lt;
timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3

For a description of IAM and its features, see the IAM documentation.

ServiceBinding

ServiceBinding is the resource that defines a Service Directory Service to be used in a BackendService resource.

ServiceLbPolicy

ServiceLbPolicy holds global load balancing and traffic distribution configuration that can be applied to a BackendService.

ServiceLbPolicyAutoCapacityDrain

Option to specify if an unhealthy IG/NEG should be considered for global load balancing and traffic routing.

ServiceLbPolicyFailoverConfig

Option to specify health based failover behavior. This is not related to Network load balancer FailoverPolicy.

SetIamPolicyRequest

Request message for SetIamPolicy method.

Status

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.