{ "version": "v1", "name": "beyondcorp", "ownerDomain": "google.com", "parameters": { "oauth_token": { "description": "OAuth 2.0 token for the current user.", "type": "string", "location": "query" }, "fields": { "type": "string", "location": "query", "description": "Selector specifying which fields to include in a partial response." }, "upload_protocol": { "type": "string", "location": "query", "description": "Upload protocol for media (e.g. \"raw\", \"multipart\")." }, "alt": { "enum": [ "json", "media", "proto" ], "description": "Data format for response.", "enumDescriptions": [ "Responses with Content-Type of application/json", "Media download with context-dependent Content-Type", "Responses with Content-Type of application/x-protobuf" ], "type": "string", "location": "query", "default": "json" }, "prettyPrint": { "type": "boolean", "location": "query", "description": "Returns response with indentations and line breaks.", "default": "true" }, "$.xgafv": { "type": "string", "location": "query", "enum": [ "1", "2" ], "description": "V1 error format.", "enumDescriptions": [ "v1 error format", "v2 error format" ] }, "key": { "type": "string", "location": "query", "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token." }, "quotaUser": { "type": "string", "location": "query", "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters." }, "uploadType": { "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").", "type": "string", "location": "query" }, "access_token": { "type": "string", "location": "query", "description": "OAuth access token." }, "callback": { "type": "string", "location": "query", "description": "JSONP" } }, "resources": { "organizations": { "resources": { "locations": { "resources": { "operations": { "methods": { "list": { "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/operations", "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.", "id": "beyondcorp.organizations.locations.operations.list", "httpMethod": "GET", "response": { "$ref": "GoogleLongrunningListOperationsResponse" }, "path": "v1/{+name}/operations", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "filter": { "location": "query", "type": "string", "description": "The standard list filter." }, "pageToken": { "description": "The standard list page token.", "location": "query", "type": "string" }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "The standard list page size." }, "returnPartialSuccess": { "location": "query", "type": "boolean", "description": "When set to `true`, operations that are reachable are returned as normal, and those that are unreachable are returned in the ListOperationsResponse.unreachable field. This can only be `true` when reading across collections. For example, when `parent` is set to `\"projects/example/locations/-\"`. This field is not supported by default and will result in an `UNIMPLEMENTED` error if set unless explicitly documented otherwise in service or product specific documentation." }, "name": { "required": true, "description": "The name of the operation's parent resource.", "pattern": "^organizations/[^/]+/locations/[^/]+$", "location": "path", "type": "string" } } }, "get": { "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}", "httpMethod": "GET", "id": "beyondcorp.organizations.locations.operations.get", "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "name": { "required": true, "description": "The name of the operation resource.", "pattern": "^organizations/[^/]+/locations/[^/]+/operations/[^/]+$", "location": "path", "type": "string" } }, "parameterOrder": [ "name" ] }, "cancel": { "response": { "$ref": "Empty" }, "path": "v1/{+name}:cancel", "request": { "$ref": "GoogleLongrunningCancelOperationRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "description": "The name of the operation resource to be cancelled.", "pattern": "^organizations/[^/]+/locations/[^/]+/operations/[^/]+$", "location": "path", "type": "string" } }, "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel", "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "id": "beyondcorp.organizations.locations.operations.cancel", "httpMethod": "POST" }, "delete": { "id": "beyondcorp.organizations.locations.operations.delete", "httpMethod": "DELETE", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}", "description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.", "path": "v1/{+name}", "response": { "$ref": "Empty" }, "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "location": "path", "type": "string", "description": "The name of the operation resource to be deleted.", "pattern": "^organizations/[^/]+/locations/[^/]+/operations/[^/]+$" } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] } } } } } } }, "projects": { "resources": { "locations": { "resources": { "securityGateways": { "resources": { "applications": { "methods": { "get": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}", "description": "Gets details of a single Application.", "id": "beyondcorp.projects.locations.securityGateways.applications.get", "httpMethod": "GET", "response": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Application" }, "path": "v1/{+name}", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "name": { "description": "Required. The resource name of the Application using the form: `projects/{project_id}/locations/global/securityGateway/{security_gateway_id}/applications/{application_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+/applications/[^/]+$", "location": "path", "type": "string", "required": true } } }, "create": { "description": "Creates a new Application in a given project and location.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications", "httpMethod": "POST", "id": "beyondcorp.projects.locations.securityGateways.applications.create", "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+parent}/applications", "request": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Application" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "applicationId": { "description": "Optional. User-settable Application resource ID. * Must start with a letter. * Must contain between 4-63 characters from `/a-z-/`. * Must end with a number or letter.", "location": "query", "type": "string" }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request.", "location": "query", "type": "string" }, "parent": { "required": true, "location": "path", "type": "string", "description": "Required. The resource name of the parent SecurityGateway using the form: `projects/{project_id}/locations/global/securityGateways/{security_gateway_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$" } }, "parameterOrder": [ "parent" ] }, "list": { "description": "Lists Applications in a given project and location.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications", "httpMethod": "GET", "id": "beyondcorp.projects.locations.securityGateways.applications.list", "response": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse" }, "path": "v1/{+parent}/applications", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "parent": { "required": true, "description": "Required. The parent location to which the resources belong. `projects/{project_id}/locations/global/securityGateways/{security_gateway_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$", "location": "path", "type": "string" }, "pageToken": { "description": "Optional. The next_page_token value returned from a previous ListApplicationsRequest, if any.", "location": "query", "type": "string" }, "filter": { "description": "Optional. A filter specifying constraints of a list operation. All fields in the Application message are supported. For example, the following query will return the Application with displayName \"test-application\" For more information, please refer to https://google.aip.dev/160.", "location": "query", "type": "string" }, "pageSize": { "description": "Optional. The maximum number of items to return. If not specified, a default value of 50 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried.", "location": "query", "type": "integer", "format": "int32" }, "orderBy": { "description": "Optional. Specifies the ordering of results. See [Sorting order](https://cloud.google.com/apis/design/design_patterns#sorting_order) for more information.", "location": "query", "type": "string" } }, "parameterOrder": [ "parent" ] }, "patch": { "description": "Updates the parameters of a single Application.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}", "httpMethod": "PATCH", "id": "beyondcorp.projects.locations.securityGateways.applications.patch", "request": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Application" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "updateMask": { "description": "Optional. Mutable fields include: display_name.", "location": "query", "type": "string", "format": "google-fieldmask" }, "name": { "required": true, "description": "Identifier. Name of the resource.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+/applications/[^/]+$", "location": "path", "type": "string" }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request timed out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" } }, "parameterOrder": [ "name" ], "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}" }, "getIamPolicy": { "id": "beyondcorp.projects.locations.securityGateways.applications.getIamPolicy", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:getIamPolicy", "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "parameterOrder": [ "resource" ], "parameters": { "resource": { "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+/applications/[^/]+$", "required": true }, "options.requestedPolicyVersion": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+resource}:getIamPolicy", "response": { "$ref": "GoogleIamV1Policy" } }, "testIamPermissions": { "response": { "$ref": "GoogleIamV1TestIamPermissionsResponse" }, "path": "v1/{+resource}:testIamPermissions", "request": { "$ref": "GoogleIamV1TestIamPermissionsRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "resource" ], "parameters": { "resource": { "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+/applications/[^/]+$", "location": "path", "type": "string", "required": true } }, "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:testIamPermissions", "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", "id": "beyondcorp.projects.locations.securityGateways.applications.testIamPermissions", "httpMethod": "POST" }, "delete": { "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "description": "Required. Name of the resource.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+/applications/[^/]+$", "location": "path", "type": "string" }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" } }, "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}", "description": "Deletes a single application.", "id": "beyondcorp.projects.locations.securityGateways.applications.delete", "httpMethod": "DELETE" }, "setIamPolicy": { "id": "beyondcorp.projects.locations.securityGateways.applications.setIamPolicy", "httpMethod": "POST", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:setIamPolicy", "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "path": "v1/{+resource}:setIamPolicy", "response": { "$ref": "GoogleIamV1Policy" }, "parameterOrder": [ "resource" ], "parameters": { "resource": { "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+/applications/[^/]+$", "required": true } }, "request": { "$ref": "GoogleIamV1SetIamPolicyRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] } } } }, "methods": { "testIamPermissions": { "parameterOrder": [ "resource" ], "parameters": { "resource": { "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$", "location": "path", "type": "string", "required": true } }, "request": { "$ref": "GoogleIamV1TestIamPermissionsRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+resource}:testIamPermissions", "response": { "$ref": "GoogleIamV1TestIamPermissionsResponse" }, "id": "beyondcorp.projects.locations.securityGateways.testIamPermissions", "httpMethod": "POST", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:testIamPermissions", "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning." }, "delete": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}", "description": "Deletes a single SecurityGateway.", "id": "beyondcorp.projects.locations.securityGateways.delete", "httpMethod": "DELETE", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "location": "path", "type": "string", "description": "Required. BeyondCorp SecurityGateway name using the form: `projects/{project_id}/locations/{location_id}/securityGateways/{security_gateway_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$" }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "requestId": { "location": "query", "type": "string", "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000)." } }, "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}" }, "setIamPolicy": { "httpMethod": "POST", "id": "beyondcorp.projects.locations.securityGateways.setIamPolicy", "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:setIamPolicy", "parameters": { "resource": { "required": true, "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$", "location": "path", "type": "string" } }, "parameterOrder": [ "resource" ], "request": { "$ref": "GoogleIamV1SetIamPolicyRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+resource}:setIamPolicy", "response": { "$ref": "GoogleIamV1Policy" } }, "get": { "id": "beyondcorp.projects.locations.securityGateways.get", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}", "description": "Gets details of a single SecurityGateway.", "path": "v1/{+name}", "response": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway" }, "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "description": "Required. The resource name of the PartnerTenant using the form: `projects/{project_id}/locations/{location_id}/securityGateway/{security_gateway_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$", "location": "path", "type": "string" } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] }, "create": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways", "description": "Creates a new Security Gateway in a given project and location.", "id": "beyondcorp.projects.locations.securityGateways.create", "httpMethod": "POST", "request": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "parent" ], "parameters": { "securityGatewayId": { "description": "Optional. User-settable SecurityGateway resource ID. * Must start with a letter. * Must contain between 4-63 characters from `/a-z-/`. * Must end with a number or letter.", "location": "query", "type": "string" }, "requestId": { "location": "query", "type": "string", "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request." }, "parent": { "description": "Required. The resource project name of the SecurityGateway location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$", "location": "path", "type": "string", "required": true } }, "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+parent}/securityGateways" }, "list": { "response": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse" }, "path": "v1/{+parent}/securityGateways", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "parent" ], "parameters": { "orderBy": { "description": "Optional. Specifies the ordering of results. See [Sorting order](https://cloud.google.com/apis/design/design_patterns#sorting_order) for more information.", "location": "query", "type": "string" }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum number of items to return. If not specified, a default value of 50 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried." }, "parent": { "required": true, "description": "Required. The parent location to which the resources belong. `projects/{project_id}/locations/{location_id}/`", "pattern": "^projects/[^/]+/locations/[^/]+$", "location": "path", "type": "string" }, "pageToken": { "description": "Optional. The next_page_token value returned from a previous ListSecurityGatewayRequest, if any.", "location": "query", "type": "string" }, "filter": { "location": "query", "type": "string", "description": "Optional. A filter specifying constraints of a list operation. All fields in the SecurityGateway message are supported. For example, the following query will return the SecurityGateway with displayName \"test-security-gateway\" For more information, please refer to https://google.aip.dev/160." } }, "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways", "description": "Lists SecurityGateways in a given project and location.", "id": "beyondcorp.projects.locations.securityGateways.list", "httpMethod": "GET" }, "patch": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}", "description": "Updates the parameters of a single SecurityGateway.", "id": "beyondcorp.projects.locations.securityGateways.patch", "httpMethod": "PATCH", "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}", "request": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "updateMask": { "description": "Optional. Mutable fields include: display_name, hubs.", "location": "query", "type": "string", "format": "google-fieldmask" }, "name": { "description": "Identifier. Name of the resource.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$", "location": "path", "type": "string", "required": true }, "requestId": { "location": "query", "type": "string", "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request timed out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000)." } } }, "getIamPolicy": { "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "options.requestedPolicyVersion": { "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", "location": "query", "type": "integer", "format": "int32" }, "resource": { "required": true, "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/securityGateways/[^/]+$" } }, "parameterOrder": [ "resource" ], "response": { "$ref": "GoogleIamV1Policy" }, "path": "v1/{+resource}:getIamPolicy", "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:getIamPolicy", "httpMethod": "GET", "id": "beyondcorp.projects.locations.securityGateways.getIamPolicy" } } }, "operations": { "methods": { "delete": { "path": "v1/{+name}", "response": { "$ref": "Empty" }, "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "description": "The name of the operation resource to be deleted.", "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$", "location": "path", "type": "string" } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "id": "beyondcorp.projects.locations.operations.delete", "httpMethod": "DELETE", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}", "description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`." }, "cancel": { "path": "v1/{+name}:cancel", "response": { "$ref": "Empty" }, "parameterOrder": [ "name" ], "parameters": { "name": { "location": "path", "type": "string", "description": "The name of the operation resource to be cancelled.", "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$", "required": true } }, "request": { "$ref": "GoogleLongrunningCancelOperationRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "id": "beyondcorp.projects.locations.operations.cancel", "httpMethod": "POST", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel", "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`." }, "get": { "path": "v1/{+name}", "response": { "$ref": "GoogleLongrunningOperation" }, "parameters": { "name": { "required": true, "description": "The name of the operation resource.", "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$", "location": "path", "type": "string" } }, "parameterOrder": [ "name" ], "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "httpMethod": "GET", "id": "beyondcorp.projects.locations.operations.get", "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}" }, "list": { "path": "v1/{+name}/operations", "response": { "$ref": "GoogleLongrunningListOperationsResponse" }, "parameterOrder": [ "name" ], "parameters": { "filter": { "description": "The standard list filter.", "location": "query", "type": "string" }, "pageToken": { "location": "query", "type": "string", "description": "The standard list page token." }, "name": { "description": "The name of the operation's parent resource.", "pattern": "^projects/[^/]+/locations/[^/]+$", "location": "path", "type": "string", "required": true }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "The standard list page size." }, "returnPartialSuccess": { "location": "query", "type": "boolean", "description": "When set to `true`, operations that are reachable are returned as normal, and those that are unreachable are returned in the ListOperationsResponse.unreachable field. This can only be `true` when reading across collections. For example, when `parent` is set to `\"projects/example/locations/-\"`. This field is not supported by default and will result in an `UNIMPLEMENTED` error if set unless explicitly documented otherwise in service or product specific documentation." } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "id": "beyondcorp.projects.locations.operations.list", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations", "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`." } } }, "appConnectors": { "methods": { "delete": { "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "name": { "location": "path", "type": "string", "description": "Required. BeyondCorp AppConnector name using the form: `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$", "required": true }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" } }, "parameterOrder": [ "name" ], "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}", "description": "Deletes a single AppConnector.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}", "httpMethod": "DELETE", "id": "beyondcorp.projects.locations.appConnectors.delete" }, "testIamPermissions": { "id": "beyondcorp.projects.locations.appConnectors.testIamPermissions", "httpMethod": "POST", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:testIamPermissions", "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", "path": "v1/{+resource}:testIamPermissions", "response": { "$ref": "GoogleIamV1TestIamPermissionsResponse" }, "parameterOrder": [ "resource" ], "parameters": { "resource": { "required": true, "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$" } }, "request": { "$ref": "GoogleIamV1TestIamPermissionsRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] }, "get": { "parameterOrder": [ "name" ], "parameters": { "name": { "required": true, "description": "Required. BeyondCorp AppConnector name using the form: `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$", "location": "path", "type": "string" } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+name}", "response": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnector" }, "id": "beyondcorp.projects.locations.appConnectors.get", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}", "description": "Gets details of a single AppConnector." }, "create": { "description": "Creates a new AppConnector in a given project and location.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors", "httpMethod": "POST", "id": "beyondcorp.projects.locations.appConnectors.create", "request": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnector" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "appConnectorId": { "location": "query", "type": "string", "description": "Optional. User-settable AppConnector resource ID. * Must start with a letter. * Must contain between 4-63 characters from `/a-z-/`. * Must end with a number or a letter." }, "requestId": { "location": "query", "type": "string", "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000)." }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "parent": { "required": true, "description": "Required. The resource project name of the AppConnector location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$", "location": "path", "type": "string" } }, "parameterOrder": [ "parent" ], "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+parent}/appConnectors" }, "list": { "parameterOrder": [ "parent" ], "parameters": { "orderBy": { "description": "Optional. Specifies the ordering of results. See [Sorting order](https://cloud.google.com/apis/design/design_patterns#sorting_order) for more information.", "location": "query", "type": "string" }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum number of items to return. If not specified, a default value of 50 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried." }, "parent": { "required": true, "location": "path", "type": "string", "description": "Required. The resource name of the AppConnector location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$" }, "pageToken": { "location": "query", "type": "string", "description": "Optional. The next_page_token value returned from a previous ListAppConnectorsRequest, if any." }, "filter": { "location": "query", "type": "string", "description": "Optional. A filter specifying constraints of a list operation." } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+parent}/appConnectors", "response": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse" }, "id": "beyondcorp.projects.locations.appConnectors.list", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors", "description": "Lists AppConnectors in a given project and location." }, "setIamPolicy": { "path": "v1/{+resource}:setIamPolicy", "response": { "$ref": "GoogleIamV1Policy" }, "parameters": { "resource": { "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$", "location": "path", "type": "string", "required": true } }, "parameterOrder": [ "resource" ], "request": { "$ref": "GoogleIamV1SetIamPolicyRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "httpMethod": "POST", "id": "beyondcorp.projects.locations.appConnectors.setIamPolicy", "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:setIamPolicy" }, "resolveInstanceConfig": { "response": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse" }, "path": "v1/{+appConnector}:resolveInstanceConfig", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "appConnector" ], "parameters": { "appConnector": { "required": true, "description": "Required. BeyondCorp AppConnector name using the form: `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector}`", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$", "location": "path", "type": "string" } }, "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:resolveInstanceConfig", "description": "Gets instance configuration for a given AppConnector. An internal method called by a AppConnector to get its container config.", "id": "beyondcorp.projects.locations.appConnectors.resolveInstanceConfig", "httpMethod": "GET" }, "getIamPolicy": { "response": { "$ref": "GoogleIamV1Policy" }, "path": "v1/{+resource}:getIamPolicy", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "options.requestedPolicyVersion": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "resource": { "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$", "required": true } }, "parameterOrder": [ "resource" ], "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:getIamPolicy", "httpMethod": "GET", "id": "beyondcorp.projects.locations.appConnectors.getIamPolicy" }, "patch": { "path": "v1/{+name}", "response": { "$ref": "GoogleLongrunningOperation" }, "parameters": { "updateMask": { "description": "Required. Mask of fields to update. At least one path must be supplied in this field. The elements of the repeated paths field may only include these fields from [BeyondCorp.AppConnector]: * `labels` * `display_name`", "location": "query", "type": "string", "format": "google-fieldmask" }, "name": { "location": "path", "type": "string", "description": "Required. Unique resource name of the AppConnector. The name is ignored when creating a AppConnector.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$", "required": true }, "validateOnly": { "location": "query", "type": "boolean", "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way." }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" } }, "parameterOrder": [ "name" ], "request": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnector" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "httpMethod": "PATCH", "id": "beyondcorp.projects.locations.appConnectors.patch", "description": "Updates the parameters of a single AppConnector.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}" }, "reportStatus": { "httpMethod": "POST", "id": "beyondcorp.projects.locations.appConnectors.reportStatus", "description": "Report status for a given connector.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:reportStatus", "path": "v1/{+appConnector}:reportStatus", "response": { "$ref": "GoogleLongrunningOperation" }, "parameters": { "appConnector": { "required": true, "location": "path", "type": "string", "description": "Required. BeyondCorp Connector name using the form: `projects/{project_id}/locations/{location_id}/connectors/{connector}`", "pattern": "^projects/[^/]+/locations/[^/]+/appConnectors/[^/]+$" } }, "parameterOrder": [ "appConnector" ], "request": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] } } }, "appConnections": { "methods": { "list": { "description": "Lists AppConnections in a given project and location.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections", "httpMethod": "GET", "id": "beyondcorp.projects.locations.appConnections.list", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "parent": { "required": true, "location": "path", "type": "string", "description": "Required. The resource name of the AppConnection location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$" }, "pageToken": { "description": "Optional. The next_page_token value returned from a previous ListAppConnectionsRequest, if any.", "location": "query", "type": "string" }, "filter": { "location": "query", "type": "string", "description": "Optional. A filter specifying constraints of a list operation." }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum number of items to return. If not specified, a default value of 50 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried." }, "orderBy": { "location": "query", "type": "string", "description": "Optional. Specifies the ordering of results. See [Sorting order](https://cloud.google.com/apis/design/design_patterns#sorting_order) for more information." } }, "parameterOrder": [ "parent" ], "response": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse" }, "path": "v1/{+parent}/appConnections" }, "get": { "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "name": { "description": "Required. BeyondCorp AppConnection name using the form: `projects/{project_id}/locations/{location_id}/appConnections/{app_connection_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/appConnections/[^/]+$", "location": "path", "type": "string", "required": true } }, "response": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnection" }, "path": "v1/{+name}", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}", "description": "Gets details of a single AppConnection.", "id": "beyondcorp.projects.locations.appConnections.get", "httpMethod": "GET" }, "create": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections", "description": "Creates a new AppConnection in a given project and location.", "id": "beyondcorp.projects.locations.appConnections.create", "httpMethod": "POST", "request": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnection" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "parent" ], "parameters": { "appConnectionId": { "location": "query", "type": "string", "description": "Optional. User-settable AppConnection resource ID. * Must start with a letter. * Must contain between 4-63 characters from `/a-z-/`. * Must end with a number or a letter." }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "parent": { "location": "path", "type": "string", "description": "Required. The resource project name of the AppConnection location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$", "required": true } }, "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+parent}/appConnections" }, "delete": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}", "description": "Deletes a single AppConnection.", "id": "beyondcorp.projects.locations.appConnections.delete", "httpMethod": "DELETE", "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "name": { "required": true, "description": "Required. BeyondCorp Connector name using the form: `projects/{project_id}/locations/{location_id}/appConnections/{app_connection_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/appConnections/[^/]+$", "location": "path", "type": "string" }, "validateOnly": { "location": "query", "type": "boolean", "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way." } } }, "testIamPermissions": { "path": "v1/{+resource}:testIamPermissions", "response": { "$ref": "GoogleIamV1TestIamPermissionsResponse" }, "parameterOrder": [ "resource" ], "parameters": { "resource": { "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnections/[^/]+$", "required": true } }, "request": { "$ref": "GoogleIamV1TestIamPermissionsRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "id": "beyondcorp.projects.locations.appConnections.testIamPermissions", "httpMethod": "POST", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:testIamPermissions", "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning." }, "getIamPolicy": { "parameterOrder": [ "resource" ], "parameters": { "options.requestedPolicyVersion": { "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", "location": "query", "type": "integer", "format": "int32" }, "resource": { "required": true, "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnections/[^/]+$" } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+resource}:getIamPolicy", "response": { "$ref": "GoogleIamV1Policy" }, "id": "beyondcorp.projects.locations.appConnections.getIamPolicy", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:getIamPolicy", "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set." }, "patch": { "description": "Updates the parameters of a single AppConnection.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}", "httpMethod": "PATCH", "id": "beyondcorp.projects.locations.appConnections.patch", "request": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnection" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "name": { "required": true, "description": "Required. Unique resource name of the AppConnection. The name is ignored when creating a AppConnection.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnections/[^/]+$", "location": "path", "type": "string" }, "allowMissing": { "description": "Optional. If set as true, will create the resource if it is not found.", "location": "query", "type": "boolean" }, "requestId": { "location": "query", "type": "string", "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000)." }, "updateMask": { "description": "Required. Mask of fields to update. At least one path must be supplied in this field. The elements of the repeated paths field may only include these fields from [BeyondCorp.AppConnection]: * `labels` * `display_name` * `application_endpoint` * `connectors`", "location": "query", "type": "string", "format": "google-fieldmask" } }, "parameterOrder": [ "name" ], "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}" }, "setIamPolicy": { "response": { "$ref": "GoogleIamV1Policy" }, "path": "v1/{+resource}:setIamPolicy", "request": { "$ref": "GoogleIamV1SetIamPolicyRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "resource": { "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appConnections/[^/]+$", "location": "path", "type": "string", "required": true } }, "parameterOrder": [ "resource" ], "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:setIamPolicy", "httpMethod": "POST", "id": "beyondcorp.projects.locations.appConnections.setIamPolicy" }, "resolve": { "parameterOrder": [ "parent" ], "parameters": { "parent": { "required": true, "location": "path", "type": "string", "description": "Required. The resource name of the AppConnection location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$" }, "pageToken": { "location": "query", "type": "string", "description": "Optional. The next_page_token value returned from a previous ResolveAppConnectionsResponse, if any." }, "appConnectorId": { "location": "query", "type": "string", "description": "Required. BeyondCorp Connector name of the connector associated with those AppConnections using the form: `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector_id}`" }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum number of items to return. If not specified, a default value of 50 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried." } }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "path": "v1/{+parent}/appConnections:resolve", "response": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse" }, "id": "beyondcorp.projects.locations.appConnections.resolve", "httpMethod": "GET", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appConnections:resolve", "description": "Resolves AppConnections details for a given AppConnector. An internal method called by a connector to find AppConnections to connect to." } } }, "appGateways": { "methods": { "testIamPermissions": { "path": "v1/{+resource}:testIamPermissions", "response": { "$ref": "GoogleIamV1TestIamPermissionsResponse" }, "parameters": { "resource": { "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appGateways/[^/]+$", "location": "path", "type": "string", "required": true } }, "parameterOrder": [ "resource" ], "request": { "$ref": "GoogleIamV1TestIamPermissionsRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "httpMethod": "POST", "id": "beyondcorp.projects.locations.appGateways.testIamPermissions", "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:testIamPermissions" }, "delete": { "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "name": { "description": "Required. BeyondCorp AppGateway name using the form: `projects/{project_id}/locations/{location_id}/appGateways/{app_gateway_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/appGateways/[^/]+$", "location": "path", "type": "string", "required": true }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "requestId": { "location": "query", "type": "string", "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000)." } }, "parameterOrder": [ "name" ], "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+name}", "description": "Deletes a single AppGateway.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}", "httpMethod": "DELETE", "id": "beyondcorp.projects.locations.appGateways.delete" }, "setIamPolicy": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:setIamPolicy", "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "id": "beyondcorp.projects.locations.appGateways.setIamPolicy", "httpMethod": "POST", "response": { "$ref": "GoogleIamV1Policy" }, "path": "v1/{+resource}:setIamPolicy", "request": { "$ref": "GoogleIamV1SetIamPolicyRequest" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "resource" ], "parameters": { "resource": { "required": true, "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appGateways/[^/]+$" } } }, "get": { "httpMethod": "GET", "id": "beyondcorp.projects.locations.appGateways.get", "description": "Gets details of a single AppGateway.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}", "path": "v1/{+name}", "response": { "$ref": "AppGateway" }, "parameters": { "name": { "description": "Required. BeyondCorp AppGateway name using the form: `projects/{project_id}/locations/{location_id}/appGateways/{app_gateway_id}`", "pattern": "^projects/[^/]+/locations/[^/]+/appGateways/[^/]+$", "location": "path", "type": "string", "required": true } }, "parameterOrder": [ "name" ], "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] }, "create": { "request": { "$ref": "AppGateway" }, "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "parent" ], "parameters": { "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "appGatewayId": { "description": "Optional. User-settable AppGateway resource ID. * Must start with a letter. * Must contain between 4-63 characters from `/a-z-/`. * Must end with a number or a letter.", "location": "query", "type": "string" }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "location": "query", "type": "boolean" }, "parent": { "location": "path", "type": "string", "description": "Required. The resource project name of the AppGateway location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$", "required": true } }, "response": { "$ref": "GoogleLongrunningOperation" }, "path": "v1/{+parent}/appGateways", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways", "description": "Creates a new AppGateway in a given project and location.", "id": "beyondcorp.projects.locations.appGateways.create", "httpMethod": "POST" }, "list": { "description": "Lists AppGateways in a given project and location.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways", "httpMethod": "GET", "id": "beyondcorp.projects.locations.appGateways.list", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "orderBy": { "description": "Optional. Specifies the ordering of results. See [Sorting order](https://cloud.google.com/apis/design/design_patterns#sorting_order) for more information.", "location": "query", "type": "string" }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "Optional. The maximum number of items to return. If not specified, a default value of 50 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried." }, "parent": { "required": true, "location": "path", "type": "string", "description": "Required. The resource name of the AppGateway location using the form: `projects/{project_id}/locations/{location_id}`", "pattern": "^projects/[^/]+/locations/[^/]+$" }, "pageToken": { "location": "query", "type": "string", "description": "Optional. The next_page_token value returned from a previous ListAppGatewaysRequest, if any." }, "filter": { "description": "Optional. A filter specifying constraints of a list operation.", "location": "query", "type": "string" } }, "parameterOrder": [ "parent" ], "response": { "$ref": "ListAppGatewaysResponse" }, "path": "v1/{+parent}/appGateways" }, "getIamPolicy": { "response": { "$ref": "GoogleIamV1Policy" }, "path": "v1/{+resource}:getIamPolicy", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameters": { "options.requestedPolicyVersion": { "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", "location": "query", "type": "integer", "format": "int32" }, "resource": { "required": true, "location": "path", "type": "string", "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", "pattern": "^projects/[^/]+/locations/[^/]+/appGateways/[^/]+$" } }, "parameterOrder": [ "resource" ], "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:getIamPolicy", "httpMethod": "GET", "id": "beyondcorp.projects.locations.appGateways.getIamPolicy" } } } }, "methods": { "list": { "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "extraLocationTypes": { "description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.", "location": "query", "repeated": true, "type": "string" }, "filter": { "description": "A filter to narrow down results to a preferred subset. The filtering language accepts strings like `\"displayName=tokyo\"`, and is documented in more detail in [AIP-160](https://google.aip.dev/160).", "location": "query", "type": "string" }, "pageToken": { "description": "A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page.", "location": "query", "type": "string" }, "name": { "required": true, "description": "The resource that owns the locations collection, if applicable.", "pattern": "^projects/[^/]+$", "location": "path", "type": "string" }, "pageSize": { "location": "query", "type": "integer", "format": "int32", "description": "The maximum number of results to return. If not set, the service selects a default." } }, "response": { "$ref": "GoogleCloudLocationListLocationsResponse" }, "path": "v1/{+name}/locations", "flatPath": "v1/projects/{projectsId}/locations", "description": "Lists information about the supported locations for this service. This method lists locations based on the resource scope provided in the [ListLocationsRequest.name] field: * **Global locations**: If `name` is empty, the method lists the public locations available to all projects. * **Project-specific locations**: If `name` follows the format `projects/{project}`, the method lists locations visible to that specific project. This includes public, private, or other project-specific locations enabled for the project. For gRPC and client library implementations, the resource name is passed as the `name` field. For direct service calls, the resource name is incorporated into the request path based on the specific service implementation and version.", "id": "beyondcorp.projects.locations.list", "httpMethod": "GET" }, "get": { "flatPath": "v1/projects/{projectsId}/locations/{locationsId}", "description": "Gets information about a location.", "id": "beyondcorp.projects.locations.get", "httpMethod": "GET", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "parameterOrder": [ "name" ], "parameters": { "name": { "location": "path", "type": "string", "description": "Resource name for the location.", "pattern": "^projects/[^/]+/locations/[^/]+$", "required": true } }, "response": { "$ref": "GoogleCloudLocationLocation" }, "path": "v1/{+name}" } } } } } }, "auth": { "oauth2": { "scopes": { "https://www.googleapis.com/auth/cloud-platform": { "description": "See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account." } } } }, "kind": "discovery#restDescription", "servicePath": "", "documentationLink": "https://cloud.google.com/", "ownerName": "Google", "version_module": true, "id": "beyondcorp:v1", "basePath": "", "discoveryVersion": "v1", "fullyEncodeReservedExpansion": true, "rootUrl": "https://beyondcorp.googleapis.com/", "baseUrl": "https://beyondcorp.googleapis.com/", "canonicalName": "BeyondCorp", "icons": { "x16": "http://www.google.com/images/icons/product/search-16.gif", "x32": "http://www.google.com/images/icons/product/search-32.gif" }, "title": "BeyondCorp API", "batchPath": "batch", "revision": "20260401", "protocol": "rest", "description": "Chrome Enterprise Premium is a secure enterprise browsing solution that provides secure access to applications and resources, and offers integrated threat and data protection. It adds an extra layer of security to safeguard your Chrome browser environment, including Data Loss Prevention (DLP), real-time URL and file scanning, and Context-Aware Access for SaaS and web apps.", "mtlsRootUrl": "https://beyondcorp.mtls.googleapis.com/", "schemas": { "GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig": { "type": "object", "properties": { "pubsubNotification": { "description": "Cloud Pub/Sub Configuration to receive notifications.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig", "description": "NotificationConfig defines the mechanisms to notify instance agent." }, "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint": { "description": "ApplicationEndpoint represents a remote application endpoint.", "id": "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint", "type": "object", "properties": { "host": { "description": "Required. Hostname or IP address of the remote application endpoint.", "type": "string" }, "port": { "description": "Required. Port of the remote application endpoint.", "type": "integer", "format": "int32" } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1Endpoint": { "id": "GoogleCloudBeyondcorpSecuritygatewaysV1Endpoint", "type": "object", "properties": { "port": { "description": "Required. Port of the endpoint.", "type": "integer", "format": "int32" }, "hostname": { "description": "Required. Hostname of the endpoint.", "type": "string" } }, "description": "Internet Gateway endpoint to forward traffic to." }, "GoogleTypeExpr": { "type": "object", "properties": { "location": { "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.", "type": "string" }, "expression": { "description": "Textual representation of an expression in Common Expression Language syntax.", "type": "string" }, "title": { "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.", "type": "string" }, "description": { "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.", "type": "string" } }, "id": "GoogleTypeExpr", "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() \u003c 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information." }, "GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse": { "id": "GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse", "type": "object", "properties": { "instanceConfig": { "description": "AppConnectorInstanceConfig.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig" } }, "description": "Response message for BeyondCorp.ResolveInstanceConfig." }, "GoogleIamV1AuditConfig": { "id": "GoogleIamV1AuditConfig", "type": "object", "properties": { "service": { "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.", "type": "string" }, "auditLogConfigs": { "description": "The configuration for logging of each type of permission.", "type": "array", "items": { "$ref": "GoogleIamV1AuditLogConfig" } } }, "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging." }, "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig": { "description": "AppConnectorInstanceConfig defines the instance config of a AppConnector.", "type": "object", "properties": { "sequenceNumber": { "type": "string", "format": "int64", "description": "Required. A monotonically increasing number generated and maintained by the API provider. Every time a config changes in the backend, the sequenceNumber should be bumped up to reflect the change." }, "instanceConfig": { "description": "The SLM instance agent configuration.", "additionalProperties": { "type": "any", "description": "Properties of the object. Contains field @type with type URL." }, "type": "object" }, "notificationConfig": { "description": "NotificationConfig defines the notification mechanism that the remote instance should subscribe to in order to receive notification.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig" }, "imageConfig": { "description": "ImageConfig defines the GCR images to run for the remote agent's control plane.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ImageConfig" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig" }, "GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata": { "description": "Represents the metadata of the long-running operation.", "type": "object", "properties": { "target": { "type": "string", "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true }, "requestedCancellation": { "type": "boolean", "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`." }, "verb": { "type": "string", "readOnly": true, "description": "Output only. Name of the verb executed by the operation." }, "statusMessage": { "type": "string", "readOnly": true, "description": "Output only. Human-readable status of the operation, if any." }, "apiVersion": { "type": "string", "description": "Output only. API version used to start the operation.", "readOnly": true }, "createTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation was created.", "readOnly": true }, "endTime": { "description": "Output only. The time the operation finished running.", "readOnly": true, "type": "string", "format": "google-datetime" } }, "id": "GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata" }, "GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails": { "id": "GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails", "type": "object", "properties": { "expectedConfigVersion": { "description": "The version of the expected config.", "type": "string" }, "currentConfigVersion": { "description": "The version of the current config.", "type": "string" }, "extendedStatus": { "type": "object", "description": "The extended status. Such as ExitCode, StartedAt, FinishedAt, etc.", "additionalProperties": { "type": "string" } }, "errorMsg": { "description": "The latest error message.", "type": "string" } }, "description": "ContainerHealthDetails reflects the health details of a container." }, "GoogleCloudBeyondcorpAppconnectionsV1AppConnection": { "id": "GoogleCloudBeyondcorpAppconnectionsV1AppConnection", "type": "object", "properties": { "updateTime": { "type": "string", "format": "google-datetime", "description": "Output only. Timestamp when the resource was last modified.", "readOnly": true }, "createTime": { "description": "Output only. Timestamp when the resource was created.", "readOnly": true, "type": "string", "format": "google-datetime" }, "uid": { "readOnly": true, "description": "Output only. A unique identifier for the instance generated by the system.", "type": "string" }, "satisfiesPzs": { "readOnly": true, "description": "Output only. Reserved for future use.", "type": "boolean" }, "displayName": { "description": "Optional. An arbitrary user-provided name for the AppConnection. Cannot exceed 64 characters.", "type": "string" }, "state": { "readOnly": true, "enum": [ "STATE_UNSPECIFIED", "CREATING", "CREATED", "UPDATING", "DELETING", "DOWN" ], "description": "Output only. The current state of the AppConnection.", "enumDescriptions": [ "Default value. This value is unused.", "AppConnection is being created.", "AppConnection has been created.", "AppConnection's configuration is being updated.", "AppConnection is being deleted.", "AppConnection is down and may be restored in the future. This happens when CCFE sends ProjectState = OFF." ], "type": "string" }, "labels": { "description": "Optional. Resource labels to represent user provided metadata.", "additionalProperties": { "type": "string" }, "type": "object" }, "applicationEndpoint": { "description": "Required. Address of the remote application endpoint for the BeyondCorp AppConnection.", "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint" }, "gateway": { "description": "Optional. Gateway used by the AppConnection.", "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway" }, "type": { "description": "Required. The type of network connectivity used by the AppConnection.", "enumDescriptions": [ "Default value. This value is unused.", "TCP Proxy based BeyondCorp AppConnection. API will default to this if unset." ], "enum": [ "TYPE_UNSPECIFIED", "TCP_PROXY" ], "type": "string" }, "name": { "description": "Required. Unique resource name of the AppConnection. The name is ignored when creating a AppConnection.", "type": "string" }, "satisfiesPzi": { "readOnly": true, "description": "Output only. Reserved for future use.", "type": "boolean" }, "connectors": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of [google.cloud.beyondcorp.v1main.Connector.name] that are authorized to be associated with this AppConnection." } }, "description": "A BeyondCorp AppConnection resource represents a BeyondCorp protected AppConnection to a remote application. It creates all the necessary GCP components needed for creating a BeyondCorp protected AppConnection. Multiple connectors can be authorized for a single AppConnection." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedUserInfo": { "description": "The configuration information for the delegated user.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedUserInfo", "type": "object", "properties": { "outputType": { "enum": [ "OUTPUT_TYPE_UNSPECIFIED", "PROTOBUF", "JSON", "NONE" ], "description": "Optional. The delegated user's information.", "enumDescriptions": [ "The unspecified output type.", "Protobuf output type.", "JSON output type.", "Explicitly disable header output." ], "type": "string" } } }, "GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata": { "type": "object", "properties": { "verb": { "description": "Output only. Name of the verb executed by the operation.", "readOnly": true, "type": "string" }, "statusMessage": { "description": "Output only. Human-readable status of the operation, if any.", "readOnly": true, "type": "string" }, "target": { "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true, "type": "string" }, "requestedCancellation": { "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", "type": "boolean" }, "createTime": { "readOnly": true, "description": "Output only. The time the operation was created.", "type": "string", "format": "google-datetime" }, "endTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation finished running." }, "apiVersion": { "type": "string", "readOnly": true, "description": "Output only. API version used to start the operation." } }, "id": "GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata", "description": "Represents the metadata of the long-running operation." }, "GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails": { "id": "GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails", "type": "object", "properties": { "currentConfigVersion": { "description": "The version of the current config.", "type": "string" }, "extendedStatus": { "description": "The extended status. Such as ExitCode, StartedAt, FinishedAt, etc.", "additionalProperties": { "type": "string" }, "type": "object" }, "errorMsg": { "description": "The latest error message.", "type": "string" }, "expectedConfigVersion": { "description": "The version of the expected config.", "type": "string" } }, "description": "ContainerHealthDetails reflects the health details of a container." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedDeviceInfo": { "description": "The delegated device information configuration.", "type": "object", "properties": { "outputType": { "type": "string", "enum": [ "OUTPUT_TYPE_UNSPECIFIED", "PROTOBUF", "JSON", "NONE" ], "description": "Optional. The output type details for the delegated device.", "enumDescriptions": [ "The unspecified output type.", "Protobuf output type.", "JSON output type.", "Explicitly disable header output." ] } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedDeviceInfo" }, "GoogleLongrunningCancelOperationRequest": { "id": "GoogleLongrunningCancelOperationRequest", "type": "object", "properties": {}, "description": "The request message for Operations.CancelOperation." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscovery": { "description": "Settings related to the Service Discovery.", "type": "object", "properties": { "apiGateway": { "description": "Optional. External API configuration.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGateway" } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscovery" }, "GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata": { "type": "object", "properties": { "target": { "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true, "type": "string" }, "requestedCancellation": { "type": "boolean", "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`." }, "verb": { "type": "string", "description": "Output only. Name of the verb executed by the operation.", "readOnly": true }, "statusMessage": { "type": "string", "readOnly": true, "description": "Output only. Human-readable status of the operation, if any." }, "apiVersion": { "type": "string", "description": "Output only. API version used to start the operation.", "readOnly": true }, "createTime": { "description": "Output only. The time the operation was created.", "readOnly": true, "type": "string", "format": "google-datetime" }, "endTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation finished running." } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata", "description": "Represents the metadata of the long-running operation." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream": { "description": "Which upstream resource to forward traffic to.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream", "type": "object", "properties": { "network": { "description": "Network to forward traffic to.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork" }, "egressPolicy": { "description": "Optional. Routing policy information.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy" }, "external": { "description": "List of the external endpoints to forward traffic to.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamExternal" }, "proxyProtocol": { "description": "Optional. Enables proxy protocol configuration for the upstream.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig" } } }, "Tunnelv1ProtoTunnelerInfo": { "type": "object", "properties": { "totalRetryCount": { "description": "total_retry_count stores the total number of times the tunneler has been retried by tunManager.", "type": "integer", "format": "uint32" }, "backoffRetryCount": { "type": "integer", "format": "uint32", "description": "backoff_retry_count stores the number of times the tunneler has been retried by tunManager for current backoff sequence. Gets reset to 0 if time difference between 2 consecutive retries exceeds backoffRetryResetTime." }, "latestErr": { "description": "latest_err stores the Error for the latest tunneler failure. Gets reset everytime the tunneler is retried by tunManager.", "$ref": "Tunnelv1ProtoTunnelerError" }, "id": { "description": "id is the unique id of a tunneler.", "type": "string" }, "latestRetryTime": { "type": "string", "format": "google-datetime", "description": "latest_retry_time stores the time when the tunneler was last restarted." } }, "id": "Tunnelv1ProtoTunnelerInfo", "description": "TunnelerInfo contains metadata about tunneler launched by connection manager." }, "GoogleCloudBeyondcorpAppconnectorsV1AppConnector": { "description": "A BeyondCorp connector resource that represents an application facing component deployed proximal to and with direct access to the application instances. It is used to establish connectivity between the remote enterprise environment and GCP. It initiates connections to the applications and can proxy the data from users over the connection.", "type": "object", "properties": { "labels": { "type": "object", "description": "Optional. Resource labels to represent user provided metadata.", "additionalProperties": { "type": "string" } }, "updateTime": { "type": "string", "format": "google-datetime", "description": "Output only. Timestamp when the resource was last modified.", "readOnly": true }, "uid": { "type": "string", "description": "Output only. A unique identifier for the instance generated by the system.", "readOnly": true }, "resourceInfo": { "description": "Optional. Resource info of the connector.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo" }, "createTime": { "type": "string", "format": "google-datetime", "description": "Output only. Timestamp when the resource was created.", "readOnly": true }, "displayName": { "description": "Optional. An arbitrary user-provided name for the AppConnector. Cannot exceed 64 characters.", "type": "string" }, "name": { "description": "Required. Unique resource name of the AppConnector. The name is ignored when creating a AppConnector.", "type": "string" }, "state": { "type": "string", "description": "Output only. The current state of the AppConnector.", "enumDescriptions": [ "Default value. This value is unused.", "AppConnector is being created.", "AppConnector has been created.", "AppConnector's configuration is being updated.", "AppConnector is being deleted.", "AppConnector is down and may be restored in the future. This happens when CCFE sends ProjectState = OFF." ], "readOnly": true, "enum": [ "STATE_UNSPECIFIED", "CREATING", "CREATED", "UPDATING", "DELETING", "DOWN" ] }, "principalInfo": { "description": "Required. Principal information about the Identity of the AppConnector.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1AppConnector" }, "GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse": { "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse", "type": "object", "properties": { "nextPageToken": { "description": "A token to retrieve the next page of results, or empty if there are no more results in the list.", "type": "string" }, "unreachable": { "description": "A list of locations that could not be reached.", "type": "array", "items": { "type": "string" } }, "applications": { "description": "A list of BeyondCorp Application in the project.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Application" } } }, "description": "Message for response to listing Applications." }, "ListAppGatewaysResponse": { "id": "ListAppGatewaysResponse", "type": "object", "properties": { "unreachable": { "type": "array", "items": { "type": "string" }, "description": "A list of locations that could not be reached." }, "appGateways": { "description": "A list of BeyondCorp AppGateways in the project.", "type": "array", "items": { "$ref": "AppGateway" } }, "nextPageToken": { "description": "A token to retrieve the next page of results, or empty if there are no more results in the list.", "type": "string" } }, "description": "Response message for BeyondCorp.ListAppGateways." }, "GoogleIamV1SetIamPolicyRequest": { "description": "Request message for `SetIamPolicy` method.", "id": "GoogleIamV1SetIamPolicyRequest", "type": "object", "properties": { "updateMask": { "type": "string", "format": "google-fieldmask", "description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: \"bindings, etag\"`" }, "policy": { "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them.", "$ref": "GoogleIamV1Policy" } } }, "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo": { "id": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo", "type": "object", "properties": { "serviceAccount": { "description": "A GCP service account.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount" } }, "description": "PrincipalInfo represents an Identity oneof." }, "Empty": { "type": "object", "properties": {}, "id": "Empty", "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }" }, "GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails": { "description": "RemoteAgentDetails reflects the details of a remote agent.", "type": "object", "properties": {}, "id": "GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails" }, "GoogleLongrunningListOperationsResponse": { "id": "GoogleLongrunningListOperationsResponse", "type": "object", "properties": { "operations": { "description": "A list of operations that matches the specified filter in the request.", "type": "array", "items": { "$ref": "GoogleLongrunningOperation" } }, "unreachable": { "description": "Unordered list. Unreachable resources. Populated when the request sets `ListOperationsRequest.return_partial_success` and reads across collections. For example, when attempting to list all resources across all supported locations.", "type": "array", "items": { "type": "string" } }, "nextPageToken": { "description": "The standard List next-page token.", "type": "string" } }, "description": "The response message for Operations.ListOperations." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGatewayOperationDescriptor": { "description": "API operation descriptor.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGatewayOperationDescriptor", "type": "object", "properties": { "path": { "description": "Optional. Contains the URI path fragment where HTTP request is sent.", "type": "string" } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGateway": { "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGateway", "type": "object", "properties": { "resourceOverride": { "description": "Optional. Enables fetching resource model updates to alter service behavior per Chrome profile.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGatewayOperationDescriptor" } }, "description": "If Service Discovery is done through API, defines its settings." }, "GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails": { "id": "GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails", "type": "object", "properties": {}, "description": "RemoteAgentDetails reflects the details of a remote agent." }, "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata": { "description": "Represents the metadata of the long-running operation.", "id": "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata", "type": "object", "properties": { "verb": { "readOnly": true, "description": "Output only. Name of the verb executed by the operation.", "type": "string" }, "statusMessage": { "description": "Output only. Human-readable status of the operation, if any.", "readOnly": true, "type": "string" }, "target": { "type": "string", "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true }, "requestedCancellation": { "type": "boolean", "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`." }, "createTime": { "readOnly": true, "description": "Output only. The time the operation was created.", "type": "string", "format": "google-datetime" }, "endTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation finished running.", "readOnly": true }, "apiVersion": { "readOnly": true, "description": "Output only. API version used to start the operation.", "type": "string" } } }, "GoogleIamV1TestIamPermissionsRequest": { "description": "Request message for `TestIamPermissions` method.", "id": "GoogleIamV1TestIamPermissionsRequest", "type": "object", "properties": { "permissions": { "description": "The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).", "type": "array", "items": { "type": "string" } } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway": { "description": "The information about a security gateway resource.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway", "type": "object", "properties": { "hubs": { "type": "object", "description": "Optional. Map of Hubs that represents regional data path deployment with GCP region as a key.", "additionalProperties": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Hub" } }, "updateTime": { "description": "Output only. Timestamp when the resource was last modified.", "readOnly": true, "type": "string", "format": "google-datetime" }, "serviceDiscovery": { "description": "Optional. Settings related to the Service Discovery.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscovery" }, "createTime": { "readOnly": true, "description": "Output only. Timestamp when the resource was created.", "type": "string", "format": "google-datetime" }, "name": { "description": "Identifier. Name of the resource.", "type": "string" }, "externalIps": { "readOnly": true, "description": "Output only. IP addresses that will be used for establishing connection to the endpoints.", "type": "array", "items": { "type": "string" } }, "delegatingServiceAccount": { "type": "string", "description": "Output only. Service account used for operations that involve resources in consumer projects.", "readOnly": true }, "proxyProtocolConfig": { "description": "Optional. Shared proxy configuration for all apps.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig" }, "logging": { "description": "Optional. Configuration for Cloud Logging. If this field is present, the logging will be enabled.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1LoggingConfig" }, "displayName": { "description": "Optional. An arbitrary user-provided name for the SecurityGateway. Cannot exceed 64 characters.", "type": "string" }, "state": { "type": "string", "readOnly": true, "enum": [ "STATE_UNSPECIFIED", "CREATING", "UPDATING", "DELETING", "RUNNING", "DOWN", "ERROR" ], "description": "Output only. The operational state of the SecurityGateway.", "enumDescriptions": [ "Default value. This value is unused.", "SecurityGateway is being created.", "SecurityGateway is being updated.", "SecurityGateway is being deleted.", "SecurityGateway is running.", "SecurityGateway is down and may be restored in the future.", "SecurityGateway encountered an error and is in an indeterministic state." ] } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamExternal": { "description": "Endpoints to forward traffic to.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamExternal", "type": "object", "properties": { "endpoints": { "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Endpoint" }, "description": "Required. List of the endpoints to forward traffic to." } } }, "Tunnelv1ProtoTunnelerError": { "id": "Tunnelv1ProtoTunnelerError", "type": "object", "properties": { "retryable": { "description": "retryable isn't used for now, but we may want to reuse it in the future.", "type": "boolean" }, "err": { "description": "Original raw error", "type": "string" } }, "description": "TunnelerError is an error proto for errors returned by the connection manager." }, "GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMetadata": { "type": "object", "properties": { "createTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation was created.", "readOnly": true }, "endTime": { "readOnly": true, "description": "Output only. The time the operation finished running.", "type": "string", "format": "google-datetime" }, "apiVersion": { "type": "string", "readOnly": true, "description": "Output only. API version used to start the operation." }, "verb": { "readOnly": true, "description": "Output only. Name of the verb executed by the operation.", "type": "string" }, "statusMessage": { "type": "string", "readOnly": true, "description": "Output only. Human-readable status of the operation, if any." }, "target": { "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true, "type": "string" }, "requestedCancellation": { "type": "boolean", "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", "readOnly": true } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMetadata", "description": "Represents the metadata of the long-running operation." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig": { "description": "The configuration for the proxy.", "type": "object", "properties": { "contextualHeaders": { "description": "Optional. Configuration for the contextual headers.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeaders" }, "allowedClientHeaders": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of the allowed client header names." }, "metadataHeaders": { "description": "Optional. Custom resource specific headers along with the values. The names should conform to RFC 9110: \u003eField names can contain alphanumeric characters, hyphens, and periods, can contain only ASCII-printable characters and tabs, and must start with a letter.", "additionalProperties": { "type": "string" }, "type": "object" }, "gatewayIdentity": { "type": "string", "enum": [ "GATEWAY_IDENTITY_UNSPECIFIED", "RESOURCE_NAME" ], "description": "Optional. The security gateway identity configuration.", "enumDescriptions": [ "Unspecified gateway identity.", "Resource name for gateway identity, in the format: projects/{project_id}/locations/{location_id}/securityGateways/{security_gateway_id}" ] }, "clientIp": { "description": "Optional. Client IP configuration. The client IP address is included if true.", "type": "boolean" } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig" }, "GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails": { "id": "GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails", "type": "object", "properties": {}, "description": "RemoteAgentDetails reflects the details of a remote agent." }, "GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse": { "description": "Response message for BeyondCorp.ListAppConnections.", "type": "object", "properties": { "unreachable": { "type": "array", "items": { "type": "string" }, "description": "A list of locations that could not be reached." }, "appConnections": { "description": "A list of BeyondCorp AppConnections in the project.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnection" } }, "nextPageToken": { "description": "A token to retrieve the next page of results, or empty if there are no more results in the list.", "type": "string" } }, "id": "GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse" }, "GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata": { "deprecated": true, "description": "Represents the metadata of the long-running operation.", "id": "GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata", "type": "object", "properties": { "verb": { "type": "string", "readOnly": true, "description": "Output only. Name of the verb executed by the operation." }, "statusMessage": { "readOnly": true, "description": "Output only. Human-readable status of the operation, if any.", "type": "string" }, "target": { "type": "string", "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true }, "requestedCancellation": { "type": "boolean", "description": "Output only. Identifies whether the caller has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", "readOnly": true }, "createTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation was created." }, "endTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation finished running." }, "apiVersion": { "type": "string", "readOnly": true, "description": "Output only. API version used to start the operation." } } }, "GoogleCloudLocationListLocationsResponse": { "description": "The response message for Locations.ListLocations.", "type": "object", "properties": { "locations": { "description": "A list of locations that matches the specified filter in the request.", "type": "array", "items": { "$ref": "GoogleCloudLocationLocation" } }, "nextPageToken": { "description": "The standard List next-page token.", "type": "string" } }, "id": "GoogleCloudLocationListLocationsResponse" }, "AppGatewayOperationMetadata": { "description": "Represents the metadata of the long-running operation.", "id": "AppGatewayOperationMetadata", "type": "object", "properties": { "createTime": { "description": "Output only. The time the operation was created.", "readOnly": true, "type": "string", "format": "google-datetime" }, "endTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation finished running.", "readOnly": true }, "apiVersion": { "readOnly": true, "description": "Output only. API version used to start the operation.", "type": "string" }, "verb": { "readOnly": true, "description": "Output only. Name of the verb executed by the operation.", "type": "string" }, "statusMessage": { "description": "Output only. Human-readable status of the operation, if any.", "readOnly": true, "type": "string" }, "target": { "type": "string", "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true }, "requestedCancellation": { "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "readOnly": true, "type": "boolean" } } }, "GoogleLongrunningOperation": { "description": "This resource represents a long-running operation that is the result of a network API call.", "id": "GoogleLongrunningOperation", "type": "object", "properties": { "name": { "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", "type": "string" }, "metadata": { "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", "additionalProperties": { "type": "any", "description": "Properties of the object. Contains field @type with type URL." }, "type": "object" }, "response": { "type": "object", "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", "additionalProperties": { "type": "any", "description": "Properties of the object. Contains field @type with type URL." } }, "done": { "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", "type": "boolean" }, "error": { "description": "The error result of the operation in case of failure or cancellation.", "$ref": "GoogleRpcStatus" } } }, "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount": { "type": "object", "properties": { "email": { "description": "Email address of the service account.", "type": "string" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount", "description": "ServiceAccount represents a GCP service account." }, "GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig": { "description": "The configuration for Pub/Sub messaging for the AppConnector.", "type": "object", "properties": { "pubsubSubscription": { "description": "The Pub/Sub subscription the AppConnector uses to receive notifications.", "type": "string" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig" }, "GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse": { "type": "object", "properties": { "unreachable": { "type": "array", "items": { "type": "string" }, "description": "A list of locations that could not be reached." }, "appConnectors": { "description": "A list of BeyondCorp AppConnectors in the project.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1AppConnector" } }, "nextPageToken": { "description": "A token to retrieve the next page of results, or empty if there are no more results in the list.", "type": "string" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse", "description": "Response message for BeyondCorp.ListAppConnectors." }, "CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails": { "description": "ConnectorDetails reflects the details of a connector.", "id": "CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails", "type": "object", "properties": {} }, "GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata": { "id": "GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata", "type": "object", "properties": { "createTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation was created." }, "endTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation finished running.", "readOnly": true }, "apiVersion": { "type": "string", "readOnly": true, "description": "Output only. API version used to start the operation." }, "verb": { "type": "string", "readOnly": true, "description": "Output only. Name of the verb executed by the operation." }, "statusMessage": { "description": "Output only. Human-readable status of the operation, if any.", "readOnly": true, "type": "string" }, "target": { "readOnly": true, "description": "Output only. Server-defined resource path for the target of the operation.", "type": "string" }, "requestedCancellation": { "type": "boolean", "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`." } }, "description": "Represents the metadata of the long-running operation." }, "GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest": { "type": "object", "properties": { "resourceInfo": { "description": "Required. Resource info of the connector.", "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo" }, "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "type": "boolean" }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "type": "string" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest", "description": "Request report the connector status." }, "GoogleIamV1AuditLogConfig": { "id": "GoogleIamV1AuditLogConfig", "type": "object", "properties": { "logType": { "enum": [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ], "description": "The log type that this config enables.", "enumDescriptions": [ "Default case. Should never be this.", "Admin reads. Example: CloudIAM getIamPolicy", "Data writes. Example: CloudSQL Users create", "Data reads. Example: CloudSQL Users list" ], "type": "string" }, "exemptedMembers": { "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.", "type": "array", "items": { "type": "string" } } }, "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging." }, "GoogleIamV1TestIamPermissionsResponse": { "description": "Response message for `TestIamPermissions` method.", "id": "GoogleIamV1TestIamPermissionsResponse", "type": "object", "properties": { "permissions": { "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.", "type": "array", "items": { "type": "string" } } } }, "GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails": { "description": "Details of the AppConnection.", "id": "GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails", "type": "object", "properties": { "appConnection": { "description": "A BeyondCorp AppConnection in the project.", "$ref": "GoogleCloudBeyondcorpAppconnectionsV1AppConnection" }, "recentMigVms": { "description": "If type=GCP_REGIONAL_MIG, contains most recent VM instances, like `https://www.googleapis.com/compute/v1/projects/{project_id}/zones/{zone_id}/instances/{instance_id}`.", "type": "array", "items": { "type": "string" } } } }, "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway": { "id": "GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway", "type": "object", "properties": { "type": { "type": "string", "description": "Required. The type of hosting used by the gateway.", "enumDescriptions": [ "Default value. This value is unused.", "Gateway hosted in a GCP regional managed instance group." ], "enum": [ "TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ] }, "uri": { "type": "string", "readOnly": true, "description": "Output only. Server-defined URI for this resource." }, "appGateway": { "description": "Required. AppGateway name in following format: `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}`", "type": "string" }, "ingressPort": { "type": "integer", "format": "int32", "description": "Output only. Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443.", "readOnly": true }, "l7psc": { "type": "string", "readOnly": true, "description": "Output only. L7 private service connection for this resource." } }, "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity." }, "CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails": { "id": "CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails", "type": "object", "properties": {}, "description": "LogAgentDetails reflects the details of a log agent." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork": { "type": "object", "properties": { "name": { "description": "Required. Network name is of the format: `projects/{project}/global/networks/{network}", "type": "string" } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork", "description": "Network to forward traffic to." }, "CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig": { "description": "ConnectionConfig represents a Connection Configuration object.", "type": "object", "properties": { "applicationName": { "description": "application_name represents the given name of the application the connection is connecting with.", "type": "string" }, "userPort": { "type": "integer", "format": "int32", "description": "user_port specifies the reserved port on gateways for user connections." }, "project": { "description": "project represents the consumer project the connection belongs to.", "type": "string" }, "name": { "description": "name is the unique ID for each connection. TODO(b/190732451) returns connection name from user-specified name in config. Now, name = ${application_name}:${application_endpoint}", "type": "string" }, "applicationEndpoint": { "description": "application_endpoint is the endpoint of the application the form of host:port. For example, \"localhost:80\".", "type": "string" }, "tunnelsPerGateway": { "type": "integer", "format": "uint32", "description": "tunnels_per_gateway reflects the number of tunnels between a connector and a gateway." }, "gateway": { "description": "gateway lists all instances running a gateway in GCP. They all connect to a connector on the host.", "type": "array", "items": { "$ref": "CloudSecurityZerotrustApplinkAppConnectorProtoGateway" } } }, "id": "CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig" }, "GoogleCloudBeyondcorpSecuritygatewaysV1Hub": { "description": "The Hub message contains information pertaining to the regional data path deployments.", "type": "object", "properties": { "internetGateway": { "description": "Optional. Internet Gateway configuration.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway" } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1Hub" }, "GoogleIamV1Policy": { "type": "object", "properties": { "bindings": { "type": "array", "items": { "$ref": "GoogleIamV1Binding" }, "description": "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`." }, "etag": { "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.", "type": "string", "format": "byte" }, "version": { "description": "Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", "type": "integer", "format": "int32" }, "auditConfigs": { "description": "Specifies cloud audit logging configuration for this policy.", "type": "array", "items": { "$ref": "GoogleIamV1AuditConfig" } } }, "id": "GoogleIamV1Policy", "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time \u003c timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time \u003c timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/)." }, "GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata": { "id": "GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata", "type": "object", "properties": { "apiVersion": { "type": "string", "description": "Output only. API version used to start the operation.", "readOnly": true }, "createTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation was created." }, "endTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation finished running.", "readOnly": true }, "target": { "type": "string", "readOnly": true, "description": "Output only. Server-defined resource path for the target of the operation." }, "requestedCancellation": { "type": "boolean", "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "readOnly": true }, "verb": { "type": "string", "readOnly": true, "description": "Output only. Name of the verb executed by the operation." }, "statusMessage": { "type": "string", "readOnly": true, "description": "Output only. Human-readable status of the operation, if any." } }, "description": "Represents the metadata of the long-running operation." }, "CloudSecurityZerotrustApplinkAppConnectorProtoGateway": { "description": "Gateway represents a GCE VM Instance endpoint for use by IAP TCP.", "id": "CloudSecurityZerotrustApplinkAppConnectorProtoGateway", "type": "object", "properties": { "selfLink": { "description": "self_link is the gateway URL in the form https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance}", "type": "string" }, "project": { "description": "project is the tenant project the gateway belongs to. Different from the project in the connection, it is a BeyondCorpAPI internally created project to manage all the gateways. It is sharing the same network with the consumer project user owned. It is derived from the gateway URL. For example, project=${project} assuming a gateway URL. https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance}", "type": "string" }, "zone": { "description": "zone represents the zone the instance belongs. It is derived from the gateway URL. For example, zone=${zone} assuming a gateway URL. https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance}", "type": "string" }, "port": { "description": "port specifies the port of the gateway for tunnel connections from the connectors.", "type": "integer", "format": "uint32" }, "name": { "description": "name is the name of an instance running a gateway. It is the unique ID for a gateway. All gateways under the same connection have the same prefix. It is derived from the gateway URL. For example, name=${instance} assuming a gateway URL. https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance}", "type": "string" }, "interface": { "description": "interface specifies the network interface of the gateway to connect to.", "type": "string" } } }, "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata": { "description": "Represents the metadata of the long-running operation.", "id": "GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata", "type": "object", "properties": { "verb": { "type": "string", "readOnly": true, "description": "Output only. Name of the verb executed by the operation." }, "statusMessage": { "type": "string", "readOnly": true, "description": "Output only. Human-readable status of the operation, if any." }, "target": { "readOnly": true, "description": "Output only. Server-defined resource path for the target of the operation.", "type": "string" }, "requestedCancellation": { "type": "boolean", "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`.", "readOnly": true }, "createTime": { "description": "Output only. The time the operation was created.", "readOnly": true, "type": "string", "format": "google-datetime" }, "endTime": { "description": "Output only. The time the operation finished running.", "readOnly": true, "type": "string", "format": "google-datetime" }, "apiVersion": { "description": "Output only. API version used to start the operation.", "readOnly": true, "type": "string" } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher": { "id": "GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher", "type": "object", "properties": { "hostname": { "description": "Required. Hostname of the application.", "type": "string" }, "ports": { "description": "Required. The ports of the application.", "type": "array", "items": { "type": "integer", "format": "int32" } } }, "description": "EndpointMatcher contains the information of the endpoint that will match the application." }, "AllocatedConnection": { "description": "Allocated connection of the AppGateway.", "id": "AllocatedConnection", "type": "object", "properties": { "pscUri": { "description": "Required. The PSC uri of an allocated connection", "type": "string" }, "ingressPort": { "description": "Required. The ingress port of an allocated connection", "type": "integer", "format": "int32" } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedGroupInfo": { "type": "object", "properties": { "outputType": { "enum": [ "OUTPUT_TYPE_UNSPECIFIED", "PROTOBUF", "JSON", "NONE" ], "description": "Optional. The output type of the delegated group information.", "enumDescriptions": [ "The unspecified output type.", "Protobuf output type.", "JSON output type.", "Explicitly disable header output." ], "type": "string" } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedGroupInfo", "description": "The delegated group configuration details." }, "GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails": { "type": "object", "properties": { "currentConfigVersion": { "description": "The version of the current config.", "type": "string" }, "extendedStatus": { "type": "object", "description": "The extended status. Such as ExitCode, StartedAt, FinishedAt, etc.", "additionalProperties": { "type": "string" } }, "errorMsg": { "description": "The latest error message.", "type": "string" }, "expectedConfigVersion": { "description": "The version of the expected config.", "type": "string" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails", "description": "ContainerHealthDetails reflects the health details of a container." }, "GoogleCloudBeyondcorpSecuritygatewaysV1LoggingConfig": { "description": "Configuration for Cloud Logging.", "type": "object", "properties": {}, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1LoggingConfig" }, "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeaders": { "description": "Contextual headers configuration.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeaders", "type": "object", "properties": { "userInfo": { "description": "Optional. User details.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedUserInfo" }, "deviceInfo": { "description": "Optional. The device information configuration.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedDeviceInfo" }, "outputType": { "type": "string", "enum": [ "OUTPUT_TYPE_UNSPECIFIED", "PROTOBUF", "JSON", "NONE" ], "description": "Optional. Default output type for all enabled headers.", "enumDescriptions": [ "The unspecified output type.", "Protobuf output type.", "JSON output type.", "Explicitly disable header output." ] }, "groupInfo": { "description": "Optional. Group details.", "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedGroupInfo" } } }, "GoogleCloudBeyondcorpSecuritygatewaysV1Application": { "description": "The information about an application resource.", "type": "object", "properties": { "displayName": { "description": "Optional. An arbitrary user-provided name for the application resource. Cannot exceed 64 characters.", "type": "string" }, "updateTime": { "readOnly": true, "description": "Output only. Timestamp when the resource was last modified.", "type": "string", "format": "google-datetime" }, "name": { "description": "Identifier. Name of the resource.", "type": "string" }, "schema": { "type": "string", "description": "Optional. Type of the external application.", "enumDescriptions": [ "Default value. This value is unused.", "Proxy which routes traffic to actual applications, like Netscaler Gateway.", "Service Discovery API endpoint when Service Discovery is enabled in Gateway." ], "enum": [ "SCHEMA_UNSPECIFIED", "PROXY_GATEWAY", "API_GATEWAY" ] }, "endpointMatchers": { "description": "Optional. An array of conditions to match the application's network endpoint. Each element in the array is an EndpointMatcher object, which defines a specific combination of a hostname pattern and one or more ports. The application is considered matched if at least one of the EndpointMatcher conditions in this array is met (the conditions are combined using OR logic). Each EndpointMatcher must contain a hostname pattern, such as \"example.com\", and one or more port numbers specified as a string, such as \"443\". Hostname and port number examples: \"*.example.com\", \"443\" \"example.com\" and \"22\" \"example.com\" and \"22,33\"", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher" } }, "createTime": { "readOnly": true, "description": "Output only. Timestamp when the resource was created.", "type": "string", "format": "google-datetime" }, "upstreams": { "description": "Optional. Which upstream resources to forward traffic to.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream" } } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1Application" }, "GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse": { "id": "GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse", "type": "object", "properties": { "unreachable": { "type": "array", "items": { "type": "string" }, "description": "A list of locations that could not be reached." }, "appConnectionDetails": { "description": "A list of BeyondCorp AppConnections with details in the project.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails" } }, "nextPageToken": { "description": "A token to retrieve the next page of results, or empty if there are no more results in the list.", "type": "string" } }, "description": "Response message for BeyondCorp.ResolveAppConnections." }, "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata": { "id": "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata", "type": "object", "properties": { "createTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation was created.", "readOnly": true }, "endTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. The time the operation finished running." }, "apiVersion": { "type": "string", "description": "Output only. API version used to start the operation.", "readOnly": true }, "verb": { "type": "string", "readOnly": true, "description": "Output only. Name of the verb executed by the operation." }, "statusMessage": { "type": "string", "readOnly": true, "description": "Output only. Human-readable status of the operation, if any." }, "target": { "type": "string", "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true }, "requestedCancellation": { "type": "boolean", "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`." } }, "description": "Represents the metadata of the long-running operation." }, "AppGateway": { "type": "object", "properties": { "labels": { "description": "Optional. Resource labels to represent user provided metadata.", "additionalProperties": { "type": "string" }, "type": "object" }, "uri": { "type": "string", "description": "Output only. Server-defined URI for this resource.", "readOnly": true }, "hostType": { "type": "string", "enum": [ "HOST_TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ], "description": "Required. The type of hosting used by the AppGateway.", "enumDescriptions": [ "Default value. This value is unused.", "AppGateway hosted in a GCP regional managed instance group." ] }, "satisfiesPzi": { "type": "boolean", "readOnly": true, "description": "Output only. Reserved for future use." }, "type": { "type": "string", "description": "Required. The type of network connectivity used by the AppGateway.", "enumDescriptions": [ "Default value. This value is unused.", "TCP Proxy based BeyondCorp Connection. API will default to this if unset." ], "enum": [ "TYPE_UNSPECIFIED", "TCP_PROXY" ] }, "name": { "description": "Required. Unique resource name of the AppGateway. The name is ignored when creating an AppGateway.", "type": "string" }, "uid": { "description": "Output only. A unique identifier for the instance generated by the system.", "readOnly": true, "type": "string" }, "satisfiesPzs": { "readOnly": true, "description": "Output only. Reserved for future use.", "type": "boolean" }, "createTime": { "readOnly": true, "description": "Output only. Timestamp when the resource was created.", "type": "string", "format": "google-datetime" }, "updateTime": { "type": "string", "format": "google-datetime", "readOnly": true, "description": "Output only. Timestamp when the resource was last modified." }, "state": { "type": "string", "readOnly": true, "enum": [ "STATE_UNSPECIFIED", "CREATING", "CREATED", "UPDATING", "DELETING", "DOWN" ], "description": "Output only. The current state of the AppGateway.", "enumDescriptions": [ "Default value. This value is unused.", "AppGateway is being created.", "AppGateway has been created.", "AppGateway's configuration is being updated.", "AppGateway is being deleted.", "AppGateway is down and may be restored in the future. This happens when CCFE sends ProjectState = OFF." ] }, "displayName": { "description": "Optional. An arbitrary user-provided name for the AppGateway. Cannot exceed 64 characters.", "type": "string" }, "allocatedConnections": { "readOnly": true, "description": "Output only. A list of connections allocated for the Gateway", "type": "array", "items": { "$ref": "AllocatedConnection" } } }, "id": "AppGateway", "description": "A BeyondCorp AppGateway resource represents a BeyondCorp protected AppGateway to a remote application. It creates all the necessary GCP components needed for creating a BeyondCorp protected AppGateway. Multiple connectors can be authorised for a single AppGateway." }, "GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata": { "description": "Represents the metadata of the long-running operation.", "type": "object", "properties": { "apiVersion": { "readOnly": true, "description": "Output only. API version used to start the operation.", "type": "string" }, "createTime": { "type": "string", "format": "google-datetime", "description": "Output only. The time the operation was created.", "readOnly": true }, "endTime": { "description": "Output only. The time the operation finished running.", "readOnly": true, "type": "string", "format": "google-datetime" }, "target": { "type": "string", "description": "Output only. Server-defined resource path for the target of the operation.", "readOnly": true }, "requestedCancellation": { "type": "boolean", "description": "Output only. Identifies whether the caller has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", "readOnly": true }, "verb": { "readOnly": true, "description": "Output only. Name of the verb executed by the operation.", "type": "string" }, "statusMessage": { "readOnly": true, "description": "Output only. Human-readable status of the operation, if any.", "type": "string" } }, "id": "GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata", "deprecated": true }, "GoogleRpcStatus": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "type": "object", "properties": { "message": { "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", "type": "string" }, "code": { "type": "integer", "format": "int32", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "any", "description": "Properties of the object. Contains field @type with type URL." } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." } }, "id": "GoogleRpcStatus" }, "GoogleIamV1Binding": { "id": "GoogleIamV1Binding", "type": "object", "properties": { "condition": { "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", "$ref": "GoogleTypeExpr" }, "role": { "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles).", "type": "string" }, "members": { "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "type": "array", "items": { "type": "string" } } }, "description": "Associates `members`, or principals, with a `role`." }, "GoogleCloudBeyondcorpAppconnectorsV1ImageConfig": { "id": "GoogleCloudBeyondcorpAppconnectorsV1ImageConfig", "type": "object", "properties": { "targetImage": { "description": "The initial image the remote agent will attempt to run for the control plane. Format would be a gcr image path, e.g.: gcr.io/PROJECT-ID/my-image:tag1", "type": "string" }, "stableImage": { "description": "The stable image that the remote agent will fallback to if the target image fails. Format would be a gcr image path, e.g.: gcr.io/PROJECT-ID/my-image:tag1", "type": "string" } }, "description": "ImageConfig defines the control plane images to run." }, "GoogleCloudLocationLocation": { "description": "A resource that represents a Google Cloud location.", "id": "GoogleCloudLocationLocation", "type": "object", "properties": { "locationId": { "description": "The canonical id for this location. For example: `\"us-east1\"`.", "type": "string" }, "displayName": { "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", "type": "string" }, "labels": { "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", "additionalProperties": { "type": "string" }, "type": "object" }, "name": { "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", "type": "string" }, "metadata": { "type": "object", "description": "Service-specific metadata. For example the available capacity at the given location.", "additionalProperties": { "type": "any", "description": "Properties of the object. Contains field @type with type URL." } } } }, "GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo": { "type": "object", "properties": { "resource": { "description": "Specific details for the resource. This is for internal use only.", "additionalProperties": { "type": "any", "description": "Properties of the object. Contains field @type with type URL." }, "type": "object" }, "sub": { "description": "List of Info for the sub level resources.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo" } }, "id": { "description": "Required. Unique Id for the resource.", "type": "string" }, "status": { "type": "string", "description": "Overall health status. Overall status is derived based on the status of each sub level resources.", "enumDescriptions": [ "Health status is unknown: not initialized or failed to retrieve.", "The resource is healthy.", "The resource is unhealthy.", "The resource is unresponsive.", "Some sub-resources are UNHEALTHY." ], "enum": [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ] }, "time": { "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only.", "type": "string", "format": "google-datetime" } }, "id": "GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo", "description": "ResourceInfo represents the information or status of an app connector resource component that's used to report on various parts of the system. For example, ResourceInfo can be used to convey the status of a remote_agent, including the status of an appgateway for an runtime environment in a container instance." }, "GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway": { "description": "Represents the Internet Gateway configuration.", "type": "object", "properties": { "assignedIps": { "type": "array", "items": { "type": "string" }, "description": "Output only. List of IP addresses assigned to the Cloud NAT.", "readOnly": true } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway" }, "GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy": { "type": "object", "properties": { "regions": { "description": "Required. List of the regions where the application sends traffic.", "type": "array", "items": { "type": "string" } } }, "id": "GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy", "description": "Routing policy information." }, "GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse": { "id": "GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse", "type": "object", "properties": { "securityGateways": { "description": "A list of BeyondCorp SecurityGateway in the project.", "type": "array", "items": { "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway" } }, "nextPageToken": { "description": "A token to retrieve the next page of results, or empty if there are no more results in the list.", "type": "string" }, "unreachable": { "description": "A list of locations that could not be reached.", "type": "array", "items": { "type": "string" } } }, "description": "Message for response to listing SecurityGateways." } } }