# frozen_string_literal: true # Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Auto-generated by gapic-generator-ruby. DO NOT EDIT! module Google module Cloud module AssuredWorkloads module V1beta1 # Request for creating a workload. # @!attribute [rw] parent # @return [::String] # Required. The resource name of the new Workload's parent. # Must be of the form `organizations/{org_id}/locations/{location_id}`. # @!attribute [rw] workload # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload] # Required. Assured Workload to create # @!attribute [rw] external_id # @return [::String] # Optional. A identifier associated with the workload and underlying projects which # allows for the break down of billing costs for a workload. The value # provided for the identifier will add a label to the workload and contained # projects with the identifier as the value. class CreateWorkloadRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Request for Updating a workload. # @!attribute [rw] workload # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload] # Required. The workload to update. # The workload’s `name` field is used to identify the workload to be updated. # Format: # organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id} # @!attribute [rw] update_mask # @return [::Google::Protobuf::FieldMask] # Required. The list of fields to be updated. class UpdateWorkloadRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Request for deleting a Workload. # @!attribute [rw] name # @return [::String] # Required. The `name` field is used to identify the workload. # Format: # organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id} # @!attribute [rw] etag # @return [::String] # Optional. The etag of the workload. # If this is provided, it must match the server's etag. class DeleteWorkloadRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Request for fetching a workload. # @!attribute [rw] name # @return [::String] # Required. The resource name of the Workload to fetch. This is the workloads's # relative path in the API, formatted as # "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}". # For example, # "organizations/123/locations/us-east1/workloads/assured-workload-1". class GetWorkloadRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Request for fetching workloads in an organization. # @!attribute [rw] parent # @return [::String] # Required. Parent Resource to list workloads from. # Must be of the form `organizations/{org_id}/locations/{location}`. # @!attribute [rw] page_size # @return [::Integer] # Page size. # @!attribute [rw] page_token # @return [::String] # Page token returned from previous request. Page token contains context from # previous request. Page token needs to be passed in the second and following # requests. # @!attribute [rw] filter # @return [::String] # A custom filter for filtering by properties of a workload. At this time, # only filtering by labels is supported. class ListWorkloadsRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Response of ListWorkloads endpoint. # @!attribute [rw] workloads # @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload>] # List of Workloads under a given parent. # @!attribute [rw] next_page_token # @return [::String] # The next page token. Return empty if reached the last page. class ListWorkloadsResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # An Workload object for managing highly regulated workloads of cloud # customers. # @!attribute [rw] name # @return [::String] # Optional. The resource name of the workload. # Format: # organizations/\\{organization}/locations/\\{location}/workloads/\\{workload} # # Read-only. # @!attribute [rw] display_name # @return [::String] # Required. The user-assigned display name of the Workload. # When present it must be between 4 to 30 characters. # Allowed characters are: lowercase and uppercase letters, numbers, # hyphen, and spaces. # # Example: My Workload # @!attribute [r] resources # @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo>] # Output only. The resources associated with this workload. # These resources will be created when creating the workload. # If any of the projects already exist, the workload creation will fail. # Always read only. # @!attribute [rw] compliance_regime # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime] # Required. Immutable. Compliance Regime associated with this workload. # @!attribute [r] create_time # @return [::Google::Protobuf::Timestamp] # Output only. Immutable. The Workload creation timestamp. # @!attribute [rw] billing_account # @return [::String] # Required. Input only. The billing account used for the resources which are # direct children of workload. This billing account is initially associated # with the resources created as part of Workload creation. # After the initial creation of these resources, the customer can change # the assigned billing account. # The resource name has the form # `billingAccounts/{billing_account_id}`. For example, # `billingAccounts/012345-567890-ABCDEF`. # @!attribute [rw] il4_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings] # Required. Input only. Immutable. Settings specific to resources needed for IL4. # @!attribute [rw] cjis_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings] # Required. Input only. Immutable. Settings specific to resources needed for CJIS. # @!attribute [rw] fedramp_high_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings] # Required. Input only. Immutable. Settings specific to resources needed for FedRAMP High. # @!attribute [rw] fedramp_moderate_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings] # Required. Input only. Immutable. Settings specific to resources needed for FedRAMP Moderate. # @!attribute [rw] etag # @return [::String] # Optional. ETag of the workload, it is calculated on the basis # of the Workload contents. It will be used in Update & Delete operations. # @!attribute [rw] labels # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Labels applied to the workload. # @!attribute [rw] provisioned_resources_parent # @return [::String] # Input only. The parent resource for the resources managed by this Assured Workload. May # be either an organization or a folder. Must be the same or a child of the # Workload parent. If not specified all resources are created under the # Workload parent. # Formats: # folders/\\{folder_id} # organizations/\\{organization_id} # @!attribute [rw] kms_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings] # Input only. Settings used to create a CMEK crypto key. When set a project with a KMS # CMEK key is provisioned. This field is mandatory for a subset of Compliance # Regimes. # @!attribute [rw] resource_settings # @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>] # Input only. Resource properties that are used to customize workload resources. # These properties (such as custom project id) will be used to create # workload resources if possible. This field is optional. class Workload include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Represent the resources that are children of this Workload. # @!attribute [rw] resource_id # @return [::Integer] # Resource identifier. # For a project this represents project_number. # @!attribute [rw] resource_type # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType] # Indicates the type of resource. class ResourceInfo include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The type of resource. module ResourceType # Unknown resource type. RESOURCE_TYPE_UNSPECIFIED = 0 # Consumer project. CONSUMER_PROJECT = 1 # Consumer project containing encryption keys. ENCRYPTION_KEYS_PROJECT = 2 end end # Settings specific to the Key Management Service. # @!attribute [rw] next_rotation_time # @return [::Google::Protobuf::Timestamp] # Required. Input only. Immutable. The time at which the Key Management Service will automatically create a # new version of the crypto key and mark it as the primary. # @!attribute [rw] rotation_period # @return [::Google::Protobuf::Duration] # Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key # Management Service automatically rotates a key. Must be at least 24 hours # and at most 876,000 hours. class KMSSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Settings specific to resources needed for IL4. # @!attribute [rw] kms_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings] # Required. Input only. Immutable. Settings used to create a CMEK crypto key. class IL4Settings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Settings specific to resources needed for CJIS. # @!attribute [rw] kms_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings] # Required. Input only. Immutable. Settings used to create a CMEK crypto key. class CJISSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Settings specific to resources needed for FedRAMP High. # @!attribute [rw] kms_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings] # Required. Input only. Immutable. Settings used to create a CMEK crypto key. class FedrampHighSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Settings specific to resources needed for FedRAMP Moderate. # @!attribute [rw] kms_settings # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings] # Required. Input only. Immutable. Settings used to create a CMEK crypto key. class FedrampModerateSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Represent the custom settings for the resources to be created. # @!attribute [rw] resource_id # @return [::String] # Resource identifier. # For a project this represents project_id. If the project is already # taken, the workload creation will fail. # @!attribute [rw] resource_type # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType] # Indicates the type of resource. This field should be specified to # correspond the id to the right project type (CONSUMER_PROJECT or # ENCRYPTION_KEYS_PROJECT) class ResourceSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Supported Compliance Regimes. module ComplianceRegime # Unknown compliance regime. COMPLIANCE_REGIME_UNSPECIFIED = 0 # Information protection as per DoD IL4 requirements. IL4 = 1 # Criminal Justice Information Services (CJIS) Security policies. CJIS = 2 # FedRAMP High data protection controls FEDRAMP_HIGH = 3 # FedRAMP Moderate data protection controls FEDRAMP_MODERATE = 4 # Assured Workloads For US Regions data protection controls US_REGIONAL_ACCESS = 5 # Health Insurance Portability and Accountability Act controls HIPAA = 6 # Health Information Trust Alliance controls HITRUST = 7 end end # Operation metadata to give request details of CreateWorkload. # @!attribute [rw] create_time # @return [::Google::Protobuf::Timestamp] # Optional. Time when the operation was created. # @!attribute [rw] display_name # @return [::String] # Optional. The display name of the workload. # @!attribute [rw] parent # @return [::String] # Optional. The parent of the workload. # @!attribute [rw] compliance_regime # @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime] # Optional. Compliance controls that should be applied to the resources managed by # the workload. class CreateWorkloadOperationMetadata include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end end end