alpha

package
v1.76.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 14, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Copyright 2024 Google LLC. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Package assuredworkloads contains support code for the assuredworkload service.

Copyright 2024 Google LLC. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Package alpha defines operations in the declarative SDK.

Copyright 2024 Google LLC. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2024 Google LLC. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2024 Google LLC. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const WorkloadMaxPage = -1

Variables

View Source
var YAML_workload = []byte("info:\n  title: AssuredWorkloads/Workload\n  description: The AssuredWorkloads Workload resource\n  x-dcl-struct-name: Workload\n  x-dcl-has-iam: false\npaths:\n  get:\n    description: The function used to get information about a Workload\n    parameters:\n    - name: workload\n      required: true\n      description: A full instance of a Workload\n  apply:\n    description: The function used to apply information about a Workload\n    parameters:\n    - name: workload\n      required: true\n      description: A full instance of a Workload\n  delete:\n    description: The function used to delete a Workload\n    parameters:\n    - name: workload\n      required: true\n      description: A full instance of a Workload\n  deleteAll:\n    description: The function used to delete all Workload\n    parameters:\n    - name: organization\n      required: true\n      schema:\n        type: string\n    - name: location\n      required: true\n      schema:\n        type: string\n  list:\n    description: The function used to list information about many Workload\n    parameters:\n    - name: organization\n      required: true\n      schema:\n        type: string\n    - name: location\n      required: true\n      schema:\n        type: string\ncomponents:\n  schemas:\n    Workload:\n      title: Workload\n      x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n      x-dcl-uses-state-hint: true\n      x-dcl-parent-container: organization\n      x-dcl-labels: labels\n      x-dcl-has-create: true\n      x-dcl-has-iam: false\n      x-dcl-read-timeout: 0\n      x-dcl-apply-timeout: 0\n      x-dcl-delete-timeout: 0\n      type: object\n      required:\n      - displayName\n      - complianceRegime\n      - organization\n      - location\n      properties:\n        billingAccount:\n          type: string\n          x-dcl-go-name: BillingAccount\n          description: Optional. Input only. The billing account used for the resources\n            which are direct children of workload. This billing account is initially\n            associated with the resources created as part of Workload creation. After\n            the initial creation of these resources, the customer can change the assigned\n            billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n            For example, `billingAccounts/012345-567890-ABCDEF`.\n          x-kubernetes-immutable: true\n          x-dcl-references:\n          - resource: Cloudresourcemanager/BillingAccount\n            field: name\n          x-dcl-mutable-unreadable: true\n        complianceRegime:\n          type: string\n          x-dcl-go-name: ComplianceRegime\n          x-dcl-go-type: WorkloadComplianceRegimeEnum\n          description: 'Required. Immutable. Compliance Regime associated with this\n            workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n            FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n            CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n            ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n            KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS,\n            HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT,\n            IRS_1075'\n          x-kubernetes-immutable: true\n          enum:\n          - COMPLIANCE_REGIME_UNSPECIFIED\n          - IL4\n          - CJIS\n          - FEDRAMP_HIGH\n          - FEDRAMP_MODERATE\n          - US_REGIONAL_ACCESS\n          - HIPAA\n          - HITRUST\n          - EU_REGIONS_AND_SUPPORT\n          - CA_REGIONS_AND_SUPPORT\n          - ITAR\n          - AU_REGIONS_AND_US_SUPPORT\n          - ASSURED_WORKLOADS_FOR_PARTNERS\n          - ISR_REGIONS\n          - ISR_REGIONS_AND_SUPPORT\n          - CA_PROTECTED_B\n          - IL5\n          - IL2\n          - JP_REGIONS_AND_SUPPORT\n          - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n          - REGIONAL_CONTROLS\n          - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS\n          - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT\n          - IRS_1075\n        complianceStatus:\n          type: object\n          x-dcl-go-name: ComplianceStatus\n          x-dcl-go-type: WorkloadComplianceStatus\n          readOnly: true\n          description: Output only. Count of active Violations in the Workload.\n          x-kubernetes-immutable: true\n          properties:\n            acknowledgedViolationCount:\n              type: array\n              x-dcl-go-name: AcknowledgedViolationCount\n              description: Number of current orgPolicy violations which are acknowledged.\n              x-kubernetes-immutable: true\n              x-dcl-send-empty: true\n              x-dcl-list-type: list\n              items:\n                type: integer\n                format: int64\n                x-dcl-go-type: int64\n            activeViolationCount:\n              type: array\n              x-dcl-go-name: ActiveViolationCount\n              description: Number of current orgPolicy violations which are not acknowledged.\n              x-kubernetes-immutable: true\n              x-dcl-send-empty: true\n              x-dcl-list-type: list\n              items:\n                type: integer\n                format: int64\n                x-dcl-go-type: int64\n        compliantButDisallowedServices:\n          type: array\n          x-dcl-go-name: CompliantButDisallowedServices\n          readOnly: true\n          description: Output only. Urls for services which are compliant for this\n            Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n            org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n            your project developers to use these services in their environment.\n          x-kubernetes-immutable: true\n          x-dcl-list-type: list\n          items:\n            type: string\n            x-dcl-go-type: string\n        createTime:\n          type: string\n          format: date-time\n          x-dcl-go-name: CreateTime\n          readOnly: true\n          description: Output only. Immutable. The Workload creation timestamp.\n          x-kubernetes-immutable: true\n        displayName:\n          type: string\n          x-dcl-go-name: DisplayName\n          description: 'Required. The user-assigned display name of the Workload.\n            When present it must be between 4 to 30 characters. Allowed characters\n            are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n            My Workload'\n        ekmProvisioningResponse:\n          type: object\n          x-dcl-go-name: EkmProvisioningResponse\n          x-dcl-go-type: WorkloadEkmProvisioningResponse\n          readOnly: true\n          description: Optional. Represents the Ekm Provisioning State of the given\n            workload.\n          x-kubernetes-immutable: true\n          properties:\n            ekmProvisioningErrorDomain:\n              type: string\n              x-dcl-go-name: EkmProvisioningErrorDomain\n              x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n              description: 'Indicates Ekm provisioning error if any. Possible values:\n                EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n                EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n              x-kubernetes-immutable: true\n              enum:\n              - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n              - UNSPECIFIED_ERROR\n              - GOOGLE_SERVER_ERROR\n              - EXTERNAL_USER_ERROR\n              - EXTERNAL_PARTNER_ERROR\n              - TIMEOUT_ERROR\n            ekmProvisioningErrorMapping:\n              type: string\n              x-dcl-go-name: EkmProvisioningErrorMapping\n              x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n              description: 'Detailed error message if Ekm provisioning fails Possible\n                values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n                MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n              x-kubernetes-immutable: true\n              enum:\n              - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n              - INVALID_SERVICE_ACCOUNT\n              - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n              - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n            ekmProvisioningState:\n              type: string\n              x-dcl-go-name: EkmProvisioningState\n              x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n              description: 'Indicates Ekm enrollment Provisioning of a given workload.\n                Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n                EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n              x-kubernetes-immutable: true\n              enum:\n              - EKM_PROVISIONING_STATE_UNSPECIFIED\n              - EKM_PROVISIONING_STATE_PENDING\n              - EKM_PROVISIONING_STATE_FAILED\n              - EKM_PROVISIONING_STATE_COMPLETED\n        enableSovereignControls:\n          type: boolean\n          x-dcl-go-name: EnableSovereignControls\n          description: Optional. Indicates the sovereignty status of the given workload.\n            Currently meant to be used by Europe/Canada customers.\n          x-kubernetes-immutable: true\n        kajEnrollmentState:\n          type: string\n          x-dcl-go-name: KajEnrollmentState\n          x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n          readOnly: true\n          description: 'Output only. Represents the KAJ enrollment state of the given\n            workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n            KAJ_ENROLLMENT_STATE_COMPLETE'\n          x-kubernetes-immutable: true\n          enum:\n          - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n          - KAJ_ENROLLMENT_STATE_PENDING\n          - KAJ_ENROLLMENT_STATE_COMPLETE\n        kmsSettings:\n          type: object\n          x-dcl-go-name: KmsSettings\n          x-dcl-go-type: WorkloadKmsSettings\n          description: '**DEPRECATED** Input only. Settings used to create a CMEK\n            crypto key. When set, a project with a KMS CMEK key is provisioned. This\n            field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n            callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n            field.'\n          x-kubernetes-immutable: true\n          x-dcl-mutable-unreadable: true\n          required:\n          - nextRotationTime\n          - rotationPeriod\n          properties:\n            nextRotationTime:\n              type: string\n              format: date-time\n              x-dcl-go-name: NextRotationTime\n              description: Required. Input only. Immutable. The time at which the\n                Key Management Service will automatically create a new version of\n                the crypto key and mark it as the primary.\n              x-kubernetes-immutable: true\n            rotationPeriod:\n              type: string\n              x-dcl-go-name: RotationPeriod\n              description: Required. Input only. Immutable. will be advanced by this\n                period when the Key Management Service automatically rotates a key.\n                Must be at least 24 hours and at most 876,000 hours.\n              x-kubernetes-immutable: true\n        labels:\n          type: object\n          additionalProperties:\n            type: string\n          x-dcl-go-name: Labels\n          description: Optional. Labels applied to the workload.\n        location:\n          type: string\n          x-dcl-go-name: Location\n          description: The location for the resource\n          x-kubernetes-immutable: true\n          x-dcl-parameter: true\n        name:\n          type: string\n          x-dcl-go-name: Name\n          description: Output only. The resource name of the workload.\n          x-kubernetes-immutable: true\n          x-dcl-server-generated-parameter: true\n          x-dcl-has-long-form: true\n        organization:\n          type: string\n          x-dcl-go-name: Organization\n          description: The organization for the resource\n          x-kubernetes-immutable: true\n          x-dcl-references:\n          - resource: Cloudresourcemanager/Organization\n            field: name\n            parent: true\n          x-dcl-parameter: true\n        partner:\n          type: string\n          x-dcl-go-name: Partner\n          x-dcl-go-type: WorkloadPartnerEnum\n          description: 'Optional. Partner regime associated with this workload. Possible\n            values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n            SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n            SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n          x-kubernetes-immutable: true\n          enum:\n          - PARTNER_UNSPECIFIED\n          - LOCAL_CONTROLS_BY_S3NS\n          - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n          - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n          - SOVEREIGN_CONTROLS_BY_PSN\n          - SOVEREIGN_CONTROLS_BY_CNTXT\n          - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n        partnerPermissions:\n          type: object\n          x-dcl-go-name: PartnerPermissions\n          x-dcl-go-type: WorkloadPartnerPermissions\n          description: Optional. Permissions granted to the AW Partner SA account\n            for the customer workload\n          x-kubernetes-immutable: true\n          properties:\n            assuredWorkloadsMonitoring:\n              type: boolean\n              x-dcl-go-name: AssuredWorkloadsMonitoring\n              description: Optional. Allow partner to view violation alerts.\n              x-kubernetes-immutable: true\n            dataLogsViewer:\n              type: boolean\n              x-dcl-go-name: DataLogsViewer\n              description: Allow the partner to view inspectability logs and monitoring\n                violations.\n              x-kubernetes-immutable: true\n            serviceAccessApprover:\n              type: boolean\n              x-dcl-go-name: ServiceAccessApprover\n              description: Optional. Allow partner to view access approval logs.\n              x-kubernetes-immutable: true\n        partnerServicesBillingAccount:\n          type: string\n          x-dcl-go-name: PartnerServicesBillingAccount\n          description: Optional. Input only. Billing account necessary for purchasing\n            services from Sovereign Partners. This field is required for creating\n            SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n            IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n          x-kubernetes-immutable: true\n          x-dcl-mutable-unreadable: true\n        provisionedResourcesParent:\n          type: string\n          x-dcl-go-name: ProvisionedResourcesParent\n          description: 'Input only. The parent resource for the resources managed\n            by this Assured Workload. May be either empty or a folder resource which\n            is a child of the Workload parent. If not specified all resources are\n            created under the parent organization. Format: folders/{folder_id}'\n          x-kubernetes-immutable: true\n          x-dcl-mutable-unreadable: true\n        resourceSettings:\n          type: array\n          x-dcl-go-name: ResourceSettings\n          description: Input only. Resource properties that are used to customize\n            workload resources. These properties (such as custom project id) will\n            be used to create workload resources if possible. This field is optional.\n          x-kubernetes-immutable: true\n          x-dcl-send-empty: true\n          x-dcl-list-type: list\n          items:\n            type: object\n            x-dcl-go-type: WorkloadResourceSettings\n            properties:\n              displayName:\n                type: string\n                x-dcl-go-name: DisplayName\n                description: User-assigned resource display name. If not empty it\n                  will be used to create a resource with the specified name.\n                x-kubernetes-immutable: true\n              resourceId:\n                type: string\n                x-dcl-go-name: ResourceId\n                description: Resource identifier. For a project this represents projectId.\n                  If the project is already taken, the workload creation will fail.\n                  For KeyRing, this represents the keyring_id. For a folder, don't\n                  set this value as folder_id is assigned by Google.\n                x-kubernetes-immutable: true\n              resourceType:\n                type: string\n                x-dcl-go-name: ResourceType\n                x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n                description: 'Indicates the type of resource. This field should be\n                  specified to correspond the id to the right project type (CONSUMER_PROJECT\n                  or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n                  CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n                x-kubernetes-immutable: true\n                enum:\n                - RESOURCE_TYPE_UNSPECIFIED\n                - CONSUMER_PROJECT\n                - ENCRYPTION_KEYS_PROJECT\n                - KEYRING\n                - CONSUMER_FOLDER\n          x-dcl-mutable-unreadable: true\n        resources:\n          type: array\n          x-dcl-go-name: Resources\n          readOnly: true\n          description: Output only. The resources associated with this workload. These\n            resources will be created when creating the workload. If any of the projects\n            already exist, the workload creation will fail. Always read only.\n          x-kubernetes-immutable: true\n          x-dcl-list-type: list\n          items:\n            type: object\n            x-dcl-go-type: WorkloadResources\n            properties:\n              resourceId:\n                type: integer\n                format: int64\n                x-dcl-go-name: ResourceId\n                description: Resource identifier. For a project this represents project_number.\n                x-kubernetes-immutable: true\n              resourceType:\n                type: string\n                x-dcl-go-name: ResourceType\n                x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n                description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n                  CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n                x-kubernetes-immutable: true\n                enum:\n                - RESOURCE_TYPE_UNSPECIFIED\n                - CONSUMER_PROJECT\n                - ENCRYPTION_KEYS_PROJECT\n                - KEYRING\n                - CONSUMER_FOLDER\n        saaEnrollmentResponse:\n          type: object\n          x-dcl-go-name: SaaEnrollmentResponse\n          x-dcl-go-type: WorkloadSaaEnrollmentResponse\n          readOnly: true\n          description: Output only. Represents the SAA enrollment response of the\n            given workload. SAA enrollment response is queried during workloads.get\n            call. In failure cases, user friendly error message is shown in SAA details\n            page.\n          x-kubernetes-immutable: true\n          properties:\n            setupErrors:\n              type: array\n              x-dcl-go-name: SetupErrors\n              description: Indicates SAA enrollment setup error if any.\n              x-kubernetes-immutable: true\n              x-dcl-send-empty: true\n              x-dcl-list-type: list\n              items:\n                type: string\n                x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n                enum:\n                - SETUP_ERROR_UNSPECIFIED\n                - ERROR_INVALID_BASE_SETUP\n                - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n                - ERROR_NOT_ALL_SERVICES_ENROLLED\n                - ERROR_SETUP_CHECK_FAILED\n            setupStatus:\n              type: string\n              x-dcl-go-name: SetupStatus\n              x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n              description: 'Indicates SAA enrollment status of a given workload. Possible\n                values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n              x-kubernetes-immutable: true\n              enum:\n              - SETUP_STATE_UNSPECIFIED\n              - STATUS_PENDING\n              - STATUS_COMPLETE\n        violationNotificationsEnabled:\n          type: boolean\n          x-dcl-go-name: ViolationNotificationsEnabled\n          description: Optional. Indicates whether the e-mail notification for a violation\n            is enabled for a workload. This value will be by default True, and if\n            not present will be considered as true. This should only be updated via\n            updateWorkload call. Any Changes to this field during the createWorkload\n            call will not be honored. This will always be true while creating the\n            workload.\n          x-kubernetes-immutable: true\n        workloadOptions:\n          type: object\n          x-dcl-go-name: WorkloadOptions\n          x-dcl-go-type: WorkloadWorkloadOptions\n          description: Optional. Used to specify certain options for a workload during\n            workload creation - currently only supporting KAT Optionality for Regional\n            Controls workloads.\n          x-kubernetes-immutable: true\n          x-dcl-mutable-unreadable: true\n          properties:\n            kajEnrollmentType:\n              type: string\n              x-dcl-go-name: KajEnrollmentType\n              x-dcl-go-type: WorkloadWorkloadOptionsKajEnrollmentTypeEnum\n              description: 'Indicates type of KAJ enrollment for the workload. Currently,\n                only specifiying KEY_ACCESS_TRANSPARENCY_OFF is implemented to not\n                enroll in KAT-level KAJ enrollment for Regional Controls workloads.\n                Possible values: KAJ_ENROLLMENT_TYPE_UNSPECIFIED, FULL_KAJ, EKM_ONLY,\n                KEY_ACCESS_TRANSPARENCY_OFF'\n              x-kubernetes-immutable: true\n              enum:\n              - KAJ_ENROLLMENT_TYPE_UNSPECIFIED\n              - FULL_KAJ\n              - EKM_ONLY\n              - KEY_ACCESS_TRANSPARENCY_OFF\n")

blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/assuredworkloads/alpha/workload.yaml

Functions

func DCLWorkloadSchema added in v1.10.3

func DCLWorkloadSchema() *dcl.Schema

Types

type Client

type Client struct {
	Config *dcl.Config
}

The Client is the base struct of all operations. This will receive the Get, Delete, List, and Apply operations on all resources.

func NewClient

func NewClient(c *dcl.Config) *Client

NewClient creates a client that retries all operations a few times each.

func (*Client) ApplyWorkload

func (c *Client) ApplyWorkload(ctx context.Context, rawDesired *Workload, opts ...dcl.ApplyOption) (*Workload, error)

func (*Client) DeleteAllWorkload

func (c *Client) DeleteAllWorkload(ctx context.Context, organization, location string, filter func(*Workload) bool) error

DeleteAllWorkload deletes all resources that the filter functions returns true on.

func (*Client) DeleteWorkload

func (c *Client) DeleteWorkload(ctx context.Context, r *Workload) error

func (*Client) GetWorkload

func (c *Client) GetWorkload(ctx context.Context, r *Workload) (*Workload, error)

func (*Client) ListWorkload

func (c *Client) ListWorkload(ctx context.Context, organization, location string) (*WorkloadList, error)

func (*Client) ListWorkloadWithMaxResults

func (c *Client) ListWorkloadWithMaxResults(ctx context.Context, organization, location string, pageSize int32) (*WorkloadList, error)

type Workload

type Workload struct {
	Name                           *string                          `json:"name"`
	DisplayName                    *string                          `json:"displayName"`
	Resources                      []WorkloadResources              `json:"resources"`
	ComplianceRegime               *WorkloadComplianceRegimeEnum    `json:"complianceRegime"`
	CreateTime                     *string                          `json:"createTime"`
	BillingAccount                 *string                          `json:"billingAccount"`
	PartnerServicesBillingAccount  *string                          `json:"partnerServicesBillingAccount"`
	Labels                         map[string]string                `json:"labels"`
	ProvisionedResourcesParent     *string                          `json:"provisionedResourcesParent"`
	KmsSettings                    *WorkloadKmsSettings             `json:"kmsSettings"`
	ResourceSettings               []WorkloadResourceSettings       `json:"resourceSettings"`
	KajEnrollmentState             *WorkloadKajEnrollmentStateEnum  `json:"kajEnrollmentState"`
	EnableSovereignControls        *bool                            `json:"enableSovereignControls"`
	SaaEnrollmentResponse          *WorkloadSaaEnrollmentResponse   `json:"saaEnrollmentResponse"`
	ComplianceStatus               *WorkloadComplianceStatus        `json:"complianceStatus"`
	CompliantButDisallowedServices []string                         `json:"compliantButDisallowedServices"`
	Partner                        *WorkloadPartnerEnum             `json:"partner"`
	PartnerPermissions             *WorkloadPartnerPermissions      `json:"partnerPermissions"`
	WorkloadOptions                *WorkloadWorkloadOptions         `json:"workloadOptions"`
	EkmProvisioningResponse        *WorkloadEkmProvisioningResponse `json:"ekmProvisioningResponse"`
	ViolationNotificationsEnabled  *bool                            `json:"violationNotificationsEnabled"`
	Organization                   *string                          `json:"organization"`
	Location                       *string                          `json:"location"`
}

func (*Workload) Describe

func (r *Workload) Describe() dcl.ServiceTypeVersion

Describe returns a simple description of this resource to ensure that automated tools can identify it.

func (*Workload) ID

func (r *Workload) ID() (string, error)

func (*Workload) String

func (r *Workload) String() string

type WorkloadComplianceRegimeEnum

type WorkloadComplianceRegimeEnum string

The enum WorkloadComplianceRegimeEnum.

func WorkloadComplianceRegimeEnumRef

func WorkloadComplianceRegimeEnumRef(s string) *WorkloadComplianceRegimeEnum

WorkloadComplianceRegimeEnumRef returns a *WorkloadComplianceRegimeEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadComplianceRegimeEnum) Validate

func (v WorkloadComplianceRegimeEnum) Validate() error

type WorkloadComplianceStatus added in v1.55.0

type WorkloadComplianceStatus struct {
	ActiveViolationCount       []int64 `json:"activeViolationCount"`
	AcknowledgedViolationCount []int64 `json:"acknowledgedViolationCount"`
	// contains filtered or unexported fields
}
var EmptyWorkloadComplianceStatus *WorkloadComplianceStatus = &WorkloadComplianceStatus{empty: true}

This object is used to assert a desired state where this WorkloadComplianceStatus is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadComplianceStatus) Empty added in v1.55.0

func (r *WorkloadComplianceStatus) Empty() bool

func (*WorkloadComplianceStatus) HashCode added in v1.55.0

func (r *WorkloadComplianceStatus) HashCode() string

func (*WorkloadComplianceStatus) String added in v1.55.0

func (r *WorkloadComplianceStatus) String() string

func (*WorkloadComplianceStatus) UnmarshalJSON added in v1.55.0

func (r *WorkloadComplianceStatus) UnmarshalJSON(data []byte) error

type WorkloadEkmProvisioningResponse added in v1.55.0

type WorkloadEkmProvisioningResponse struct {
	EkmProvisioningState        *WorkloadEkmProvisioningResponseEkmProvisioningStateEnum        `json:"ekmProvisioningState"`
	EkmProvisioningErrorDomain  *WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum  `json:"ekmProvisioningErrorDomain"`
	EkmProvisioningErrorMapping *WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum `json:"ekmProvisioningErrorMapping"`
	// contains filtered or unexported fields
}
var EmptyWorkloadEkmProvisioningResponse *WorkloadEkmProvisioningResponse = &WorkloadEkmProvisioningResponse{empty: true}

This object is used to assert a desired state where this WorkloadEkmProvisioningResponse is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadEkmProvisioningResponse) Empty added in v1.55.0

func (*WorkloadEkmProvisioningResponse) HashCode added in v1.55.0

func (*WorkloadEkmProvisioningResponse) String added in v1.55.0

func (*WorkloadEkmProvisioningResponse) UnmarshalJSON added in v1.55.0

func (r *WorkloadEkmProvisioningResponse) UnmarshalJSON(data []byte) error

type WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum added in v1.55.0

type WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum string

The enum WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum.

func WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnumRef added in v1.55.0

func WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnumRef(s string) *WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum

WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnumRef returns a *WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum) Validate added in v1.55.0

type WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum added in v1.55.0

type WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum string

The enum WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum.

func WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnumRef added in v1.55.0

func WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnumRef(s string) *WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum

WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnumRef returns a *WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum) Validate added in v1.55.0

type WorkloadEkmProvisioningResponseEkmProvisioningStateEnum added in v1.55.0

type WorkloadEkmProvisioningResponseEkmProvisioningStateEnum string

The enum WorkloadEkmProvisioningResponseEkmProvisioningStateEnum.

func WorkloadEkmProvisioningResponseEkmProvisioningStateEnumRef added in v1.55.0

func WorkloadEkmProvisioningResponseEkmProvisioningStateEnumRef(s string) *WorkloadEkmProvisioningResponseEkmProvisioningStateEnum

WorkloadEkmProvisioningResponseEkmProvisioningStateEnumRef returns a *WorkloadEkmProvisioningResponseEkmProvisioningStateEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadEkmProvisioningResponseEkmProvisioningStateEnum) Validate added in v1.55.0

type WorkloadKajEnrollmentStateEnum added in v1.55.0

type WorkloadKajEnrollmentStateEnum string

The enum WorkloadKajEnrollmentStateEnum.

func WorkloadKajEnrollmentStateEnumRef added in v1.55.0

func WorkloadKajEnrollmentStateEnumRef(s string) *WorkloadKajEnrollmentStateEnum

WorkloadKajEnrollmentStateEnumRef returns a *WorkloadKajEnrollmentStateEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadKajEnrollmentStateEnum) Validate added in v1.55.0

type WorkloadKmsSettings

type WorkloadKmsSettings struct {
	NextRotationTime *string `json:"nextRotationTime"`
	RotationPeriod   *string `json:"rotationPeriod"`
	// contains filtered or unexported fields
}
var EmptyWorkloadKmsSettings *WorkloadKmsSettings = &WorkloadKmsSettings{empty: true}

This object is used to assert a desired state where this WorkloadKmsSettings is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadKmsSettings) Empty

func (r *WorkloadKmsSettings) Empty() bool

func (*WorkloadKmsSettings) HashCode

func (r *WorkloadKmsSettings) HashCode() string

func (*WorkloadKmsSettings) String

func (r *WorkloadKmsSettings) String() string

func (*WorkloadKmsSettings) UnmarshalJSON

func (r *WorkloadKmsSettings) UnmarshalJSON(data []byte) error

type WorkloadList

type WorkloadList struct {
	Items []*Workload
	// contains filtered or unexported fields
}

func (*WorkloadList) HasNext

func (l *WorkloadList) HasNext() bool

func (*WorkloadList) Next

func (l *WorkloadList) Next(ctx context.Context, c *Client) error

type WorkloadPartnerEnum added in v1.55.0

type WorkloadPartnerEnum string

The enum WorkloadPartnerEnum.

func WorkloadPartnerEnumRef added in v1.55.0

func WorkloadPartnerEnumRef(s string) *WorkloadPartnerEnum

WorkloadPartnerEnumRef returns a *WorkloadPartnerEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadPartnerEnum) Validate added in v1.55.0

func (v WorkloadPartnerEnum) Validate() error

type WorkloadPartnerPermissions added in v1.55.0

type WorkloadPartnerPermissions struct {
	DataLogsViewer             *bool `json:"dataLogsViewer"`
	ServiceAccessApprover      *bool `json:"serviceAccessApprover"`
	AssuredWorkloadsMonitoring *bool `json:"assuredWorkloadsMonitoring"`
	// contains filtered or unexported fields
}
var EmptyWorkloadPartnerPermissions *WorkloadPartnerPermissions = &WorkloadPartnerPermissions{empty: true}

This object is used to assert a desired state where this WorkloadPartnerPermissions is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadPartnerPermissions) Empty added in v1.55.0

func (r *WorkloadPartnerPermissions) Empty() bool

func (*WorkloadPartnerPermissions) HashCode added in v1.55.0

func (r *WorkloadPartnerPermissions) HashCode() string

func (*WorkloadPartnerPermissions) String added in v1.55.0

func (r *WorkloadPartnerPermissions) String() string

func (*WorkloadPartnerPermissions) UnmarshalJSON added in v1.55.0

func (r *WorkloadPartnerPermissions) UnmarshalJSON(data []byte) error

type WorkloadResourceSettings

type WorkloadResourceSettings struct {
	ResourceId   *string                                   `json:"resourceId"`
	ResourceType *WorkloadResourceSettingsResourceTypeEnum `json:"resourceType"`
	DisplayName  *string                                   `json:"displayName"`
	// contains filtered or unexported fields
}
var EmptyWorkloadResourceSettings *WorkloadResourceSettings = &WorkloadResourceSettings{empty: true}

This object is used to assert a desired state where this WorkloadResourceSettings is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadResourceSettings) Empty

func (r *WorkloadResourceSettings) Empty() bool

func (*WorkloadResourceSettings) HashCode

func (r *WorkloadResourceSettings) HashCode() string

func (*WorkloadResourceSettings) String

func (r *WorkloadResourceSettings) String() string

func (*WorkloadResourceSettings) UnmarshalJSON

func (r *WorkloadResourceSettings) UnmarshalJSON(data []byte) error

type WorkloadResourceSettingsResourceTypeEnum

type WorkloadResourceSettingsResourceTypeEnum string

The enum WorkloadResourceSettingsResourceTypeEnum.

func WorkloadResourceSettingsResourceTypeEnumRef

func WorkloadResourceSettingsResourceTypeEnumRef(s string) *WorkloadResourceSettingsResourceTypeEnum

WorkloadResourceSettingsResourceTypeEnumRef returns a *WorkloadResourceSettingsResourceTypeEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadResourceSettingsResourceTypeEnum) Validate

type WorkloadResources

type WorkloadResources struct {
	ResourceId   *int64                             `json:"resourceId"`
	ResourceType *WorkloadResourcesResourceTypeEnum `json:"resourceType"`
	// contains filtered or unexported fields
}
var EmptyWorkloadResources *WorkloadResources = &WorkloadResources{empty: true}

This object is used to assert a desired state where this WorkloadResources is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadResources) Empty

func (r *WorkloadResources) Empty() bool

func (*WorkloadResources) HashCode

func (r *WorkloadResources) HashCode() string

func (*WorkloadResources) String

func (r *WorkloadResources) String() string

func (*WorkloadResources) UnmarshalJSON

func (r *WorkloadResources) UnmarshalJSON(data []byte) error

type WorkloadResourcesResourceTypeEnum

type WorkloadResourcesResourceTypeEnum string

The enum WorkloadResourcesResourceTypeEnum.

func WorkloadResourcesResourceTypeEnumRef

func WorkloadResourcesResourceTypeEnumRef(s string) *WorkloadResourcesResourceTypeEnum

WorkloadResourcesResourceTypeEnumRef returns a *WorkloadResourcesResourceTypeEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadResourcesResourceTypeEnum) Validate

type WorkloadSaaEnrollmentResponse added in v1.55.0

type WorkloadSaaEnrollmentResponse struct {
	SetupErrors []WorkloadSaaEnrollmentResponseSetupErrorsEnum `json:"setupErrors"`
	SetupStatus *WorkloadSaaEnrollmentResponseSetupStatusEnum  `json:"setupStatus"`
	// contains filtered or unexported fields
}
var EmptyWorkloadSaaEnrollmentResponse *WorkloadSaaEnrollmentResponse = &WorkloadSaaEnrollmentResponse{empty: true}

This object is used to assert a desired state where this WorkloadSaaEnrollmentResponse is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadSaaEnrollmentResponse) Empty added in v1.55.0

func (*WorkloadSaaEnrollmentResponse) HashCode added in v1.55.0

func (r *WorkloadSaaEnrollmentResponse) HashCode() string

func (*WorkloadSaaEnrollmentResponse) String added in v1.55.0

func (*WorkloadSaaEnrollmentResponse) UnmarshalJSON added in v1.55.0

func (r *WorkloadSaaEnrollmentResponse) UnmarshalJSON(data []byte) error

type WorkloadSaaEnrollmentResponseSetupErrorsEnum added in v1.55.0

type WorkloadSaaEnrollmentResponseSetupErrorsEnum string

The enum WorkloadSaaEnrollmentResponseSetupErrorsEnum.

func WorkloadSaaEnrollmentResponseSetupErrorsEnumRef added in v1.55.0

func WorkloadSaaEnrollmentResponseSetupErrorsEnumRef(s string) *WorkloadSaaEnrollmentResponseSetupErrorsEnum

WorkloadSaaEnrollmentResponseSetupErrorsEnumRef returns a *WorkloadSaaEnrollmentResponseSetupErrorsEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadSaaEnrollmentResponseSetupErrorsEnum) Validate added in v1.55.0

type WorkloadSaaEnrollmentResponseSetupStatusEnum added in v1.55.0

type WorkloadSaaEnrollmentResponseSetupStatusEnum string

The enum WorkloadSaaEnrollmentResponseSetupStatusEnum.

func WorkloadSaaEnrollmentResponseSetupStatusEnumRef added in v1.55.0

func WorkloadSaaEnrollmentResponseSetupStatusEnumRef(s string) *WorkloadSaaEnrollmentResponseSetupStatusEnum

WorkloadSaaEnrollmentResponseSetupStatusEnumRef returns a *WorkloadSaaEnrollmentResponseSetupStatusEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadSaaEnrollmentResponseSetupStatusEnum) Validate added in v1.55.0

type WorkloadWorkloadOptions added in v1.75.0

type WorkloadWorkloadOptions struct {
	KajEnrollmentType *WorkloadWorkloadOptionsKajEnrollmentTypeEnum `json:"kajEnrollmentType"`
	// contains filtered or unexported fields
}
var EmptyWorkloadWorkloadOptions *WorkloadWorkloadOptions = &WorkloadWorkloadOptions{empty: true}

This object is used to assert a desired state where this WorkloadWorkloadOptions is empty. Go lacks global const objects, but this object should be treated as one. Modifying this object will have undesirable results.

func (*WorkloadWorkloadOptions) Empty added in v1.75.0

func (r *WorkloadWorkloadOptions) Empty() bool

func (*WorkloadWorkloadOptions) HashCode added in v1.75.0

func (r *WorkloadWorkloadOptions) HashCode() string

func (*WorkloadWorkloadOptions) String added in v1.75.0

func (r *WorkloadWorkloadOptions) String() string

func (*WorkloadWorkloadOptions) UnmarshalJSON added in v1.75.0

func (r *WorkloadWorkloadOptions) UnmarshalJSON(data []byte) error

type WorkloadWorkloadOptionsKajEnrollmentTypeEnum added in v1.75.0

type WorkloadWorkloadOptionsKajEnrollmentTypeEnum string

The enum WorkloadWorkloadOptionsKajEnrollmentTypeEnum.

func WorkloadWorkloadOptionsKajEnrollmentTypeEnumRef added in v1.75.0

func WorkloadWorkloadOptionsKajEnrollmentTypeEnumRef(s string) *WorkloadWorkloadOptionsKajEnrollmentTypeEnum

WorkloadWorkloadOptionsKajEnrollmentTypeEnumRef returns a *WorkloadWorkloadOptionsKajEnrollmentTypeEnum with the value of string s If the empty string is provided, nil is returned.

func (WorkloadWorkloadOptionsKajEnrollmentTypeEnum) Validate added in v1.75.0

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL