assuredworkloads

package
v0.196.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 10, 2024 License: BSD-3-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package assuredworkloads provides access to the Assured Workloads API.

For product documentation, see: https://cloud.google.com/learnmoreurl

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example:

import "google.golang.org/api/assuredworkloads/v1"
...
ctx := context.Background()
assuredworkloadsService, err := assuredworkloads.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:

assuredworkloadsService, err := assuredworkloads.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
assuredworkloadsService, err := assuredworkloads.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source
const (
	// See, edit, configure, and delete your Google Cloud data and see the email
	// address for your Google Account.
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest

type GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest struct {
	// AcknowledgeType: Optional. Acknowledge type of specified violation.
	//
	// Possible values:
	//   "ACKNOWLEDGE_TYPE_UNSPECIFIED" - Acknowledge type unspecified.
	//   "SINGLE_VIOLATION" - Acknowledge only the specific violation.
	//   "EXISTING_CHILD_RESOURCE_VIOLATIONS" - Acknowledge specified orgPolicy
	// violation and also associated resource violations.
	AcknowledgeType string `json:"acknowledgeType,omitempty"`
	// Comment: Required. Business justification explaining the need for violation
	// acknowledgement
	Comment string `json:"comment,omitempty"`
	// NonCompliantOrgPolicy: Optional. This field is deprecated and will be
	// removed in future version of the API. Name of the OrgPolicy which was
	// modified with non-compliant change and resulted in this violation. Format:
	// projects/{project_number}/policies/{constraint_name}
	// folders/{folder_id}/policies/{constraint_name}
	// organizations/{organization_id}/policies/{constraint_name}
	NonCompliantOrgPolicy string `json:"nonCompliantOrgPolicy,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AcknowledgeType") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AcknowledgeType") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest: Request for acknowledging the violation

func (GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest) MarshalJSON

type GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse

type GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse struct {
	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
}

GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse: Response for violation acknowledgement

type GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse

type GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse struct {
	// AssetMoveAnalyses: List of analysis results for each asset in scope.
	AssetMoveAnalyses []*GoogleCloudAssuredworkloadsV1AssetMoveAnalysis `json:"assetMoveAnalyses,omitempty"`
	// NextPageToken: The next page token. Is empty if the last page is reached.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "AssetMoveAnalyses") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AssetMoveAnalyses") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse: Response containing the analysis results for the hypothetical resource move.

func (GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse) MarshalJSON

type GoogleCloudAssuredworkloadsV1AssetMoveAnalysis

type GoogleCloudAssuredworkloadsV1AssetMoveAnalysis struct {
	// AnalysisGroups: List of eligible analyses performed for the asset.
	AnalysisGroups []*GoogleCloudAssuredworkloadsV1MoveAnalysisGroup `json:"analysisGroups,omitempty"`
	// Asset: The full resource name of the asset being analyzed. Example:
	// //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instan
	// ce1
	Asset string `json:"asset,omitempty"`
	// AssetType: Type of the asset being analyzed. Possible values will be among
	// the ones listed here
	// (https://cloud.google.com/asset-inventory/docs/supported-asset-types).
	AssetType string `json:"assetType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AnalysisGroups") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AnalysisGroups") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1AssetMoveAnalysis: Represents move analysis results for an asset.

func (GoogleCloudAssuredworkloadsV1AssetMoveAnalysis) MarshalJSON

type GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata

type GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata struct {
	// ComplianceRegime: Optional. Compliance controls that should be applied to
	// the resources managed by the workload.
	//
	// Possible values:
	//   "COMPLIANCE_REGIME_UNSPECIFIED" - Unknown compliance regime.
	//   "IL4" - Information protection as per DoD IL4 requirements.
	//   "CJIS" - Criminal Justice Information Services (CJIS) Security policies.
	//   "FEDRAMP_HIGH" - FedRAMP High data protection controls
	//   "FEDRAMP_MODERATE" - FedRAMP Moderate data protection controls
	//   "US_REGIONAL_ACCESS" - Assured Workloads For US Regions data protection
	// controls
	//   "HIPAA" - Health Insurance Portability and Accountability Act controls
	//   "HITRUST" - Health Information Trust Alliance controls
	//   "EU_REGIONS_AND_SUPPORT" - Assured Workloads For EU Regions and Support
	// controls
	//   "CA_REGIONS_AND_SUPPORT" - Assured Workloads For Canada Regions and
	// Support controls
	//   "ITAR" - International Traffic in Arms Regulations
	//   "AU_REGIONS_AND_US_SUPPORT" - Assured Workloads for Australia Regions and
	// Support controls
	//   "ASSURED_WORKLOADS_FOR_PARTNERS" - Assured Workloads for Partners;
	//   "ISR_REGIONS" - Assured Workloads for Israel Regions
	//   "ISR_REGIONS_AND_SUPPORT" - Assured Workloads for Israel Regions
	//   "CA_PROTECTED_B" - Assured Workloads for Canada Protected B regime
	//   "IL5" - Information protection as per DoD IL5 requirements.
	//   "IL2" - Information protection as per DoD IL2 requirements.
	//   "JP_REGIONS_AND_SUPPORT" - Assured Workloads for Japan Regions
	//   "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS" - Assured Workloads
	// Sovereign Controls KSA
	//   "REGIONAL_CONTROLS" - Assured Workloads for Regional Controls
	//   "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS" - Healthcare and Life Science
	// Controls
	//   "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT" - Healthcare and Life
	// Science Controls with US Support
	ComplianceRegime string `json:"complianceRegime,omitempty"`
	// CreateTime: Optional. Time when the operation was created.
	CreateTime string `json:"createTime,omitempty"`
	// DisplayName: Optional. The display name of the workload.
	DisplayName string `json:"displayName,omitempty"`
	// Parent: Optional. The parent of the workload.
	Parent string `json:"parent,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ComplianceRegime") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ComplianceRegime") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata: Operation metadata to give request details of CreateWorkload.

func (GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata) MarshalJSON

type GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse

type GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse struct {
	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
}

GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse: Response for EnableResourceMonitoring endpoint.

type GoogleCloudAssuredworkloadsV1ListViolationsResponse

type GoogleCloudAssuredworkloadsV1ListViolationsResponse struct {
	// NextPageToken: The next page token. Returns empty if reached the last page.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// Violations: List of Violations under a Workload.
	Violations []*GoogleCloudAssuredworkloadsV1Violation `json:"violations,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ListViolationsResponse: Response of ListViolations endpoint.

func (GoogleCloudAssuredworkloadsV1ListViolationsResponse) MarshalJSON

type GoogleCloudAssuredworkloadsV1ListWorkloadsResponse

type GoogleCloudAssuredworkloadsV1ListWorkloadsResponse struct {
	// NextPageToken: The next page token. Return empty if reached the last page.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// Workloads: List of Workloads under a given parent.
	Workloads []*GoogleCloudAssuredworkloadsV1Workload `json:"workloads,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ListWorkloadsResponse: Response of ListWorkloads endpoint.

func (GoogleCloudAssuredworkloadsV1ListWorkloadsResponse) MarshalJSON

type GoogleCloudAssuredworkloadsV1MoveAnalysisGroup

type GoogleCloudAssuredworkloadsV1MoveAnalysisGroup struct {
	// AnalysisResult: Result of a successful analysis.
	AnalysisResult *GoogleCloudAssuredworkloadsV1MoveAnalysisResult `json:"analysisResult,omitempty"`
	// DisplayName: Name of the analysis group.
	DisplayName string `json:"displayName,omitempty"`
	// Error: Error details for a failed analysis.
	Error *GoogleRpcStatus `json:"error,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AnalysisResult") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AnalysisResult") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1MoveAnalysisGroup: Represents a logical group of checks performed for an asset. If successful, the group contains the analysis result, otherwise it contains an error with the failure reason.

func (GoogleCloudAssuredworkloadsV1MoveAnalysisGroup) MarshalJSON

type GoogleCloudAssuredworkloadsV1MoveAnalysisResult

type GoogleCloudAssuredworkloadsV1MoveAnalysisResult struct {
	// Blockers: List of blockers. If not resolved, these will result in compliance
	// violations in the target.
	Blockers []*GoogleCloudAssuredworkloadsV1MoveImpact `json:"blockers,omitempty"`
	// Warnings: List of warnings. These are risks that may or may not result in
	// compliance violations.
	Warnings []*GoogleCloudAssuredworkloadsV1MoveImpact `json:"warnings,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Blockers") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Blockers") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1MoveAnalysisResult: Represents the successful move analysis results for a group.

func (GoogleCloudAssuredworkloadsV1MoveAnalysisResult) MarshalJSON

type GoogleCloudAssuredworkloadsV1MoveImpact

type GoogleCloudAssuredworkloadsV1MoveImpact struct {
	// Detail: Explanation of the impact.
	Detail string `json:"detail,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Detail") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Detail") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1MoveImpact: Represents the impact of moving the asset to the target.

func (GoogleCloudAssuredworkloadsV1MoveImpact) MarshalJSON

func (s GoogleCloudAssuredworkloadsV1MoveImpact) MarshalJSON() ([]byte, error)

type GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest

type GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest struct {
	// Etag: Optional. The etag of the workload. If this is provided, it must match
	// the server's etag.
	Etag string `json:"etag,omitempty"`
	// PartnerPermissions: Required. The partner permissions to be updated.
	PartnerPermissions *GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions `json:"partnerPermissions,omitempty"`
	// UpdateMask: Required. The list of fields to be updated. E.g. update_mask {
	// paths: "partner_permissions.data_logs_viewer"}
	UpdateMask string `json:"updateMask,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Etag") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Etag") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest: Request for updating permission settings for a partner workload.

func (GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest) MarshalJSON

type GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest

type GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest struct {
	// RestrictionType: Required. The type of restriction for using gcp products in
	// the Workload environment.
	//
	// Possible values:
	//   "RESTRICTION_TYPE_UNSPECIFIED" - Unknown restriction type.
	//   "ALLOW_ALL_GCP_RESOURCES" - Allow the use all of all gcp products,
	// irrespective of the compliance posture. This effectively removes
	// gcp.restrictServiceUsage OrgPolicy on the AssuredWorkloads Folder.
	//   "ALLOW_COMPLIANT_RESOURCES" - Based on Workload's compliance regime,
	// allowed list changes. See -
	// https://cloud.google.com/assured-workloads/docs/supported-products for the
	// list of supported resources.
	//   "APPEND_COMPLIANT_RESOURCES" - Similar to ALLOW_COMPLIANT_RESOURCES but
	// adds the list of compliant resources to the existing list of compliant
	// resources. Effective org-policy of the Folder is considered to ensure there
	// is no disruption to the existing customer workflows.
	RestrictionType string `json:"restrictionType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "RestrictionType") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "RestrictionType") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest: Request for restricting list of available resources in Workload environment.

func (GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest) MarshalJSON

type GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse

type GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse struct {
	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
}

GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse: Response for restricting the list of allowed resources.

type GoogleCloudAssuredworkloadsV1Violation

type GoogleCloudAssuredworkloadsV1Violation struct {
	// Acknowledged: A boolean that indicates if the violation is acknowledged
	Acknowledged bool `json:"acknowledged,omitempty"`
	// AcknowledgementTime: Optional. Timestamp when this violation was
	// acknowledged first. Check exception_contexts to find the last time the
	// violation was acknowledged when there are more than one violations. This
	// field will be absent when acknowledged field is marked as false.
	AcknowledgementTime string `json:"acknowledgementTime,omitempty"`
	// AssociatedOrgPolicyViolationId: Optional. Output only. Violation Id of the
	// org-policy violation due to which the resource violation is caused. Empty
	// for org-policy violations.
	AssociatedOrgPolicyViolationId string `json:"associatedOrgPolicyViolationId,omitempty"`
	// AuditLogLink: Output only. Immutable. Audit Log Link for violated resource
	// Format:
	// https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{timeRange}{folder}
	AuditLogLink string `json:"auditLogLink,omitempty"`
	// BeginTime: Output only. Time of the event which triggered the Violation.
	BeginTime string `json:"beginTime,omitempty"`
	// Category: Output only. Category under which this violation is mapped. e.g.
	// Location, Service Usage, Access, Encryption, etc.
	Category string `json:"category,omitempty"`
	// Description: Output only. Description for the Violation. e.g. OrgPolicy
	// gcp.resourceLocations has non compliant value.
	Description string `json:"description,omitempty"`
	// ExceptionAuditLogLink: Output only. Immutable. Audit Log link to find
	// business justification provided for violation exception. Format:
	// https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{protoPayload.methodName}{timeRange}{organization}
	ExceptionAuditLogLink string `json:"exceptionAuditLogLink,omitempty"`
	// ExceptionContexts: Output only. List of all the exception detail added for
	// the violation.
	ExceptionContexts []*GoogleCloudAssuredworkloadsV1ViolationExceptionContext `json:"exceptionContexts,omitempty"`
	// Name: Output only. Immutable. Name of the Violation. Format:
	// organizations/{organization}/locations/{location}/workloads/{workload_id}/vio
	// lations/{violations_id}
	Name string `json:"name,omitempty"`
	// NonCompliantOrgPolicy: Output only. Immutable. Name of the OrgPolicy which
	// was modified with non-compliant change and resulted this violation. Format:
	// projects/{project_number}/policies/{constraint_name}
	// folders/{folder_id}/policies/{constraint_name}
	// organizations/{organization_id}/policies/{constraint_name}
	NonCompliantOrgPolicy string `json:"nonCompliantOrgPolicy,omitempty"`
	// OrgPolicyConstraint: Output only. Immutable. The org-policy-constraint that
	// was incorrectly changed, which resulted in this violation.
	OrgPolicyConstraint string `json:"orgPolicyConstraint,omitempty"`
	// ParentProjectNumber: Optional. Output only. Parent project number where
	// resource is present. Empty for org-policy violations.
	ParentProjectNumber string `json:"parentProjectNumber,omitempty"`
	// Remediation: Output only. Compliance violation remediation
	Remediation *GoogleCloudAssuredworkloadsV1ViolationRemediation `json:"remediation,omitempty"`
	// ResolveTime: Output only. Time of the event which fixed the Violation. If
	// the violation is ACTIVE this will be empty.
	ResolveTime string `json:"resolveTime,omitempty"`
	// ResourceName: Optional. Output only. Name of the resource like
	// //storage.googleapis.com/myprojectxyz-testbucket. Empty for org-policy
	// violations.
	ResourceName string `json:"resourceName,omitempty"`
	// ResourceType: Optional. Output only. Type of the resource like
	// compute.googleapis.com/Disk, etc. Empty for org-policy violations.
	ResourceType string `json:"resourceType,omitempty"`
	// State: Output only. State of the violation
	//
	// Possible values:
	//   "STATE_UNSPECIFIED" - Unspecified state.
	//   "RESOLVED" - Violation is resolved.
	//   "UNRESOLVED" - Violation is Unresolved
	//   "EXCEPTION" - Violation is Exception
	State string `json:"state,omitempty"`
	// UpdateTime: Output only. The last time when the Violation record was
	// updated.
	UpdateTime string `json:"updateTime,omitempty"`
	// ViolationType: Output only. Type of the violation
	//
	// Possible values:
	//   "VIOLATION_TYPE_UNSPECIFIED" - Unspecified type.
	//   "ORG_POLICY" - Org Policy Violation.
	//   "RESOURCE" - Resource Violation.
	ViolationType string `json:"violationType,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Acknowledged") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Acknowledged") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1Violation: Workload monitoring Violation.

func (GoogleCloudAssuredworkloadsV1Violation) MarshalJSON

func (s GoogleCloudAssuredworkloadsV1Violation) MarshalJSON() ([]byte, error)

type GoogleCloudAssuredworkloadsV1ViolationExceptionContext

type GoogleCloudAssuredworkloadsV1ViolationExceptionContext struct {
	// AcknowledgementTime: Timestamp when the violation was acknowledged.
	AcknowledgementTime string `json:"acknowledgementTime,omitempty"`
	// Comment: Business justification provided towards the acknowledgement of the
	// violation.
	Comment string `json:"comment,omitempty"`
	// UserName: Name of the user (or service account) who acknowledged the
	// violation.
	UserName string `json:"userName,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AcknowledgementTime") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AcknowledgementTime") to include
	// in API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ViolationExceptionContext: Violation exception detail.

func (GoogleCloudAssuredworkloadsV1ViolationExceptionContext) MarshalJSON

type GoogleCloudAssuredworkloadsV1ViolationRemediation

type GoogleCloudAssuredworkloadsV1ViolationRemediation struct {
	// CompliantValues: Values that can resolve the violation For example: for list
	// org policy violations, this will either be the list of allowed or denied
	// values
	CompliantValues []string `json:"compliantValues,omitempty"`
	// Instructions: Required. Remediation instructions to resolve violations
	Instructions *GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions `json:"instructions,omitempty"`
	// RemediationType: Output only. Reemediation type based on the type of org
	// policy values violated
	//
	// Possible values:
	//   "REMEDIATION_TYPE_UNSPECIFIED" - Unspecified remediation type
	//   "REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION" - Remediation type for boolean
	// org policy
	//   "REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION" - Remediation type
	// for list org policy which have allowed values in the monitoring rule
	//   "REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION" - Remediation type
	// for list org policy which have denied values in the monitoring rule
	//   "REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION" -
	// Remediation type for gcp.restrictCmekCryptoKeyProjects
	//   "REMEDIATION_RESOURCE_VIOLATION" - Remediation type for resource
	// violation.
	//   "REMEDIATION_RESOURCE_VIOLATION_NON_CMEK_SERVICES" - Remediation type for
	// resource violation due to gcp.restrictNonCmekServices
	RemediationType string `json:"remediationType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CompliantValues") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CompliantValues") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ViolationRemediation: Represents remediation guidance to resolve compliance violation for AssuredWorkload

func (GoogleCloudAssuredworkloadsV1ViolationRemediation) MarshalJSON

type GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions

type GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions struct {
	// ConsoleInstructions: Remediation instructions to resolve violation via cloud
	// console
	ConsoleInstructions *GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole `json:"consoleInstructions,omitempty"`
	// GcloudInstructions: Remediation instructions to resolve violation via gcloud
	// cli
	GcloudInstructions *GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud `json:"gcloudInstructions,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ConsoleInstructions") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ConsoleInstructions") to include
	// in API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions: Instructions to remediate violation

func (GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions) MarshalJSON

type GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole

type GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole struct {
	// AdditionalLinks: Additional urls for more information about steps
	AdditionalLinks []string `json:"additionalLinks,omitempty"`
	// ConsoleUris: Link to console page where violations can be resolved
	ConsoleUris []string `json:"consoleUris,omitempty"`
	// Steps: Steps to resolve violation via cloud console
	Steps []string `json:"steps,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AdditionalLinks") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AdditionalLinks") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole: Remediation instructions to resolve violation via cloud console

func (GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole) MarshalJSON

type GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud

type GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud struct {
	// AdditionalLinks: Additional urls for more information about steps
	AdditionalLinks []string `json:"additionalLinks,omitempty"`
	// GcloudCommands: Gcloud command to resolve violation
	GcloudCommands []string `json:"gcloudCommands,omitempty"`
	// Steps: Steps to resolve violation via gcloud cli
	Steps []string `json:"steps,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AdditionalLinks") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AdditionalLinks") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud: Remediation instructions to resolve violation via gcloud cli

func (GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud) MarshalJSON

type GoogleCloudAssuredworkloadsV1Workload

type GoogleCloudAssuredworkloadsV1Workload struct {
	// BillingAccount: Optional. The billing account used for the resources which
	// are direct children of workload. This billing account is initially
	// associated with the resources created as part of Workload creation. After
	// the initial creation of these resources, the customer can change the
	// assigned billing account. The resource name has the form
	// `billingAccounts/{billing_account_id}`. For example,
	// `billingAccounts/012345-567890-ABCDEF`.
	BillingAccount string `json:"billingAccount,omitempty"`
	// ComplianceRegime: Required. Immutable. Compliance Regime associated with
	// this workload.
	//
	// Possible values:
	//   "COMPLIANCE_REGIME_UNSPECIFIED" - Unknown compliance regime.
	//   "IL4" - Information protection as per DoD IL4 requirements.
	//   "CJIS" - Criminal Justice Information Services (CJIS) Security policies.
	//   "FEDRAMP_HIGH" - FedRAMP High data protection controls
	//   "FEDRAMP_MODERATE" - FedRAMP Moderate data protection controls
	//   "US_REGIONAL_ACCESS" - Assured Workloads For US Regions data protection
	// controls
	//   "HIPAA" - Health Insurance Portability and Accountability Act controls
	//   "HITRUST" - Health Information Trust Alliance controls
	//   "EU_REGIONS_AND_SUPPORT" - Assured Workloads For EU Regions and Support
	// controls
	//   "CA_REGIONS_AND_SUPPORT" - Assured Workloads For Canada Regions and
	// Support controls
	//   "ITAR" - International Traffic in Arms Regulations
	//   "AU_REGIONS_AND_US_SUPPORT" - Assured Workloads for Australia Regions and
	// Support controls
	//   "ASSURED_WORKLOADS_FOR_PARTNERS" - Assured Workloads for Partners;
	//   "ISR_REGIONS" - Assured Workloads for Israel Regions
	//   "ISR_REGIONS_AND_SUPPORT" - Assured Workloads for Israel Regions
	//   "CA_PROTECTED_B" - Assured Workloads for Canada Protected B regime
	//   "IL5" - Information protection as per DoD IL5 requirements.
	//   "IL2" - Information protection as per DoD IL2 requirements.
	//   "JP_REGIONS_AND_SUPPORT" - Assured Workloads for Japan Regions
	//   "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS" - Assured Workloads
	// Sovereign Controls KSA
	//   "REGIONAL_CONTROLS" - Assured Workloads for Regional Controls
	//   "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS" - Healthcare and Life Science
	// Controls
	//   "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT" - Healthcare and Life
	// Science Controls with US Support
	ComplianceRegime string `json:"complianceRegime,omitempty"`
	// ComplianceStatus: Output only. Count of active Violations in the Workload.
	ComplianceStatus *GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus `json:"complianceStatus,omitempty"`
	// CompliantButDisallowedServices: Output only. Urls for services which are
	// compliant for this Assured Workload, but which are currently disallowed by
	// the ResourceUsageRestriction org policy. Invoke RestrictAllowedResources
	// endpoint to allow your project developers to use these services in their
	// environment.
	CompliantButDisallowedServices []string `json:"compliantButDisallowedServices,omitempty"`
	// CreateTime: Output only. Immutable. The Workload creation timestamp.
	CreateTime string `json:"createTime,omitempty"`
	// DisplayName: Required. The user-assigned display name of the Workload. When
	// present it must be between 4 to 30 characters. Allowed characters are:
	// lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My
	// Workload
	DisplayName string `json:"displayName,omitempty"`
	// EkmProvisioningResponse: Output only. Represents the Ekm Provisioning State
	// of the given workload.
	EkmProvisioningResponse *GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse `json:"ekmProvisioningResponse,omitempty"`
	// EnableSovereignControls: Optional. Indicates the sovereignty status of the
	// given workload. Currently meant to be used by Europe/Canada customers.
	EnableSovereignControls bool `json:"enableSovereignControls,omitempty"`
	// Etag: Optional. ETag of the workload, it is calculated on the basis of the
	// Workload contents. It will be used in Update & Delete operations.
	Etag string `json:"etag,omitempty"`
	// KajEnrollmentState: Output only. Represents the KAJ enrollment state of the
	// given workload.
	//
	// Possible values:
	//   "KAJ_ENROLLMENT_STATE_UNSPECIFIED" - Default State for KAJ Enrollment.
	//   "KAJ_ENROLLMENT_STATE_PENDING" - Pending State for KAJ Enrollment.
	//   "KAJ_ENROLLMENT_STATE_COMPLETE" - Complete State for KAJ Enrollment.
	KajEnrollmentState string `json:"kajEnrollmentState,omitempty"`
	// KmsSettings: Input only. Settings used to create a CMEK crypto key. When
	// set, a project with a KMS CMEK key is provisioned. This field is deprecated
	// as of Feb 28, 2022. In order to create a Keyring, callers should specify,
	// ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
	KmsSettings *GoogleCloudAssuredworkloadsV1WorkloadKMSSettings `json:"kmsSettings,omitempty"`
	// Labels: Optional. Labels applied to the workload.
	Labels map[string]string `json:"labels,omitempty"`
	// Name: Optional. The resource name of the workload. Format:
	// organizations/{organization}/locations/{location}/workloads/{workload}
	// Read-only.
	Name string `json:"name,omitempty"`
	// Partner: Optional. Partner regime associated with this workload.
	//
	// Possible values:
	//   "PARTNER_UNSPECIFIED"
	//   "LOCAL_CONTROLS_BY_S3NS" - Enum representing S3NS (Thales) partner.
	//   "SOVEREIGN_CONTROLS_BY_T_SYSTEMS" - Enum representing T_SYSTEM (TSI)
	// partner.
	//   "SOVEREIGN_CONTROLS_BY_SIA_MINSAIT" - Enum representing SIA_MINSAIT
	// (Indra) partner.
	//   "SOVEREIGN_CONTROLS_BY_PSN" - Enum representing PSN (TIM) partner.
	//   "SOVEREIGN_CONTROLS_BY_CNTXT" - Enum representing CNTXT (Kingdom of Saudi
	// Arabia) partner.
	//   "SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM" - Enum representing CNTXT (Kingdom of
	// Saudi Arabia) partner offering without EKM.
	Partner string `json:"partner,omitempty"`
	// PartnerPermissions: Optional. Permissions granted to the AW Partner SA
	// account for the customer workload
	PartnerPermissions *GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions `json:"partnerPermissions,omitempty"`
	// PartnerServicesBillingAccount: Optional. Billing account necessary for
	// purchasing services from Sovereign Partners. This field is required for
	// creating SIA/PSN/CNTXT partner workloads. The caller should have
	// 'billing.resourceAssociations.create' IAM permission on this
	// billing-account. The format of this string is
	// billingAccounts/AAAAAA-BBBBBB-CCCCCC
	PartnerServicesBillingAccount string `json:"partnerServicesBillingAccount,omitempty"`
	// ProvisionedResourcesParent: Input only. The parent resource for the
	// resources managed by this Assured Workload. May be either empty or a folder
	// resource which is a child of the Workload parent. If not specified all
	// resources are created under the parent organization. Format:
	// folders/{folder_id}
	ProvisionedResourcesParent string `json:"provisionedResourcesParent,omitempty"`
	// ResourceMonitoringEnabled: Output only. Indicates whether resource
	// monitoring is enabled for workload or not. It is true when Resource feed is
	// subscribed to AWM topic and AWM Service Agent Role is binded to AW Service
	// Account for resource Assured workload.
	ResourceMonitoringEnabled bool `json:"resourceMonitoringEnabled,omitempty"`
	// ResourceSettings: Input only. Resource properties that are used to customize
	// workload resources. These properties (such as custom project id) will be
	// used to create workload resources if possible. This field is optional.
	ResourceSettings []*GoogleCloudAssuredworkloadsV1WorkloadResourceSettings `json:"resourceSettings,omitempty"`
	// Resources: Output only. The resources associated with this workload. These
	// resources will be created when creating the workload. If any of the projects
	// already exist, the workload creation will fail. Always read only.
	Resources []*GoogleCloudAssuredworkloadsV1WorkloadResourceInfo `json:"resources,omitempty"`
	// SaaEnrollmentResponse: Output only. Represents the SAA enrollment response
	// of the given workload. SAA enrollment response is queried during GetWorkload
	// call. In failure cases, user friendly error message is shown in SAA details
	// page.
	SaaEnrollmentResponse *GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse `json:"saaEnrollmentResponse,omitempty"`
	// ViolationNotificationsEnabled: Optional. Indicates whether the e-mail
	// notification for a violation is enabled for a workload. This value will be
	// by default True, and if not present will be considered as true. This should
	// only be updated via updateWorkload call. Any Changes to this field during
	// the createWorkload call will not be honored. This will always be true while
	// creating the workload.
	ViolationNotificationsEnabled bool `json:"violationNotificationsEnabled,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "BillingAccount") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "BillingAccount") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1Workload: A Workload object for managing highly regulated workloads of cloud customers.

func (GoogleCloudAssuredworkloadsV1Workload) MarshalJSON

func (s GoogleCloudAssuredworkloadsV1Workload) MarshalJSON() ([]byte, error)

type GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus

type GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus struct {
	// AcknowledgedResourceViolationCount: Number of current resource violations
	// which are not acknowledged.
	AcknowledgedResourceViolationCount int64 `json:"acknowledgedResourceViolationCount,omitempty"`
	// AcknowledgedViolationCount: Number of current orgPolicy violations which are
	// acknowledged.
	AcknowledgedViolationCount int64 `json:"acknowledgedViolationCount,omitempty"`
	// ActiveResourceViolationCount: Number of current resource violations which
	// are acknowledged.
	ActiveResourceViolationCount int64 `json:"activeResourceViolationCount,omitempty"`
	// ActiveViolationCount: Number of current orgPolicy violations which are not
	// acknowledged.
	ActiveViolationCount int64 `json:"activeViolationCount,omitempty"`
	// ForceSendFields is a list of field names (e.g.
	// "AcknowledgedResourceViolationCount") to unconditionally include in API
	// requests. By default, fields with empty or default values are omitted from
	// API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g.
	// "AcknowledgedResourceViolationCount") to include in API requests with the
	// JSON null value. By default, fields with empty values are omitted from API
	// requests. See https://pkg.go.dev/google.golang.org/api#hdr-NullFields for
	// more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus: Represents the Compliance Status of this workload

func (GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus) MarshalJSON

type GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse

type GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse struct {
	// EkmProvisioningErrorDomain: Indicates Ekm provisioning error if any.
	//
	// Possible values:
	//   "EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED" - No error domain
	//   "UNSPECIFIED_ERROR" - Error but domain is unspecified.
	//   "GOOGLE_SERVER_ERROR" - Internal logic breaks within provisioning code.
	//   "EXTERNAL_USER_ERROR" - Error occurred with the customer not granting
	// permission/creating resource.
	//   "EXTERNAL_PARTNER_ERROR" - Error occurred within the partner's
	// provisioning cluster.
	//   "TIMEOUT_ERROR" - Resource wasn't provisioned in the required 7 day time
	// period
	EkmProvisioningErrorDomain string `json:"ekmProvisioningErrorDomain,omitempty"`
	// EkmProvisioningErrorMapping: Detailed error message if Ekm provisioning
	// fails
	//
	// Possible values:
	//   "EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED" - Error is unspecified.
	//   "INVALID_SERVICE_ACCOUNT" - Service account is used is invalid.
	//   "MISSING_METRICS_SCOPE_ADMIN_PERMISSION" - Iam permission
	// monitoring.MetricsScopeAdmin wasn't applied.
	//   "MISSING_EKM_CONNECTION_ADMIN_PERMISSION" - Iam permission
	// cloudkms.ekmConnectionsAdmin wasn't applied.
	EkmProvisioningErrorMapping string `json:"ekmProvisioningErrorMapping,omitempty"`
	// EkmProvisioningState: Indicates Ekm enrollment Provisioning of a given
	// workload.
	//
	// Possible values:
	//   "EKM_PROVISIONING_STATE_UNSPECIFIED" - Default State for Ekm Provisioning
	//   "EKM_PROVISIONING_STATE_PENDING" - Pending State for Ekm Provisioning
	//   "EKM_PROVISIONING_STATE_FAILED" - Failed State for Ekm Provisioning
	//   "EKM_PROVISIONING_STATE_COMPLETED" - Completed State for Ekm Provisioning
	EkmProvisioningState string `json:"ekmProvisioningState,omitempty"`
	// ForceSendFields is a list of field names (e.g. "EkmProvisioningErrorDomain")
	// to unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "EkmProvisioningErrorDomain") to
	// include in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse: External key management systems(EKM) Provisioning response

func (GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse) MarshalJSON

type GoogleCloudAssuredworkloadsV1WorkloadKMSSettings

type GoogleCloudAssuredworkloadsV1WorkloadKMSSettings struct {
	// NextRotationTime: Required. Input only. Immutable. The time at which the Key
	// Management Service will automatically create a new version of the crypto key
	// and mark it as the primary.
	NextRotationTime string `json:"nextRotationTime,omitempty"`
	// RotationPeriod: Required. Input only. Immutable. [next_rotation_time] will
	// be advanced by this period when the Key Management Service automatically
	// rotates a key. Must be at least 24 hours and at most 876,000 hours.
	RotationPeriod string `json:"rotationPeriod,omitempty"`
	// ForceSendFields is a list of field names (e.g. "NextRotationTime") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextRotationTime") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadKMSSettings: Settings specific to the Key Management Service.

func (GoogleCloudAssuredworkloadsV1WorkloadKMSSettings) MarshalJSON

type GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions

type GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions struct {
	// AccessTransparencyLogsSupportCaseViewer: Optional. Allow partner to view
	// support case details for an AXT log
	AccessTransparencyLogsSupportCaseViewer bool `json:"accessTransparencyLogsSupportCaseViewer,omitempty"`
	// AssuredWorkloadsMonitoring: Optional. Allow partner to view violation
	// alerts.
	AssuredWorkloadsMonitoring bool `json:"assuredWorkloadsMonitoring,omitempty"`
	// DataLogsViewer: Allow the partner to view inspectability logs and monitoring
	// violations.
	DataLogsViewer bool `json:"dataLogsViewer,omitempty"`
	// ServiceAccessApprover: Optional. Allow partner to view access approval logs.
	ServiceAccessApprover bool `json:"serviceAccessApprover,omitempty"`
	// ForceSendFields is a list of field names (e.g.
	// "AccessTransparencyLogsSupportCaseViewer") to unconditionally include in API
	// requests. By default, fields with empty or default values are omitted from
	// API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g.
	// "AccessTransparencyLogsSupportCaseViewer") to include in API requests with
	// the JSON null value. By default, fields with empty values are omitted from
	// API requests. See https://pkg.go.dev/google.golang.org/api#hdr-NullFields
	// for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions: Permissions granted to the AW Partner SA account for the customer workload

func (GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions) MarshalJSON

type GoogleCloudAssuredworkloadsV1WorkloadResourceInfo

type GoogleCloudAssuredworkloadsV1WorkloadResourceInfo struct {
	// ResourceId: Resource identifier. For a project this represents
	// project_number.
	ResourceId int64 `json:"resourceId,omitempty,string"`
	// ResourceType: Indicates the type of resource.
	//
	// Possible values:
	//   "RESOURCE_TYPE_UNSPECIFIED" - Unknown resource type.
	//   "CONSUMER_PROJECT" - Deprecated. Existing workloads will continue to
	// support this, but new CreateWorkloadRequests should not specify this as an
	// input value.
	//   "CONSUMER_FOLDER" - Consumer Folder.
	//   "ENCRYPTION_KEYS_PROJECT" - Consumer project containing encryption keys.
	//   "KEYRING" - Keyring resource that hosts encryption keys.
	ResourceType string `json:"resourceType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ResourceId") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ResourceId") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadResourceInfo: Represent the resources that are children of this Workload.

func (GoogleCloudAssuredworkloadsV1WorkloadResourceInfo) MarshalJSON

type GoogleCloudAssuredworkloadsV1WorkloadResourceSettings

type GoogleCloudAssuredworkloadsV1WorkloadResourceSettings struct {
	// DisplayName: User-assigned resource display name. If not empty it will be
	// used to create a resource with the specified name.
	DisplayName string `json:"displayName,omitempty"`
	// ResourceId: Resource identifier. For a project this represents project_id.
	// If the project is already taken, the workload creation will fail. For
	// KeyRing, this represents the keyring_id. For a folder, don't set this value
	// as folder_id is assigned by Google.
	ResourceId string `json:"resourceId,omitempty"`
	// ResourceType: Indicates the type of resource. This field should be specified
	// to correspond the id to the right project type (CONSUMER_PROJECT or
	// ENCRYPTION_KEYS_PROJECT)
	//
	// Possible values:
	//   "RESOURCE_TYPE_UNSPECIFIED" - Unknown resource type.
	//   "CONSUMER_PROJECT" - Deprecated. Existing workloads will continue to
	// support this, but new CreateWorkloadRequests should not specify this as an
	// input value.
	//   "CONSUMER_FOLDER" - Consumer Folder.
	//   "ENCRYPTION_KEYS_PROJECT" - Consumer project containing encryption keys.
	//   "KEYRING" - Keyring resource that hosts encryption keys.
	ResourceType string `json:"resourceType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "DisplayName") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "DisplayName") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadResourceSettings: Represent the custom settings for the resources to be created.

func (GoogleCloudAssuredworkloadsV1WorkloadResourceSettings) MarshalJSON

type GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse

type GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse struct {
	// SetupErrors: Indicates SAA enrollment setup error if any.
	//
	// Possible values:
	//   "SETUP_ERROR_UNSPECIFIED" - Unspecified.
	//   "ERROR_INVALID_BASE_SETUP" - Invalid states for all customers, to be
	// redirected to AA UI for additional details.
	//   "ERROR_MISSING_EXTERNAL_SIGNING_KEY" - Returned when there is not an EKM
	// key configured.
	//   "ERROR_NOT_ALL_SERVICES_ENROLLED" - Returned when there are no enrolled
	// services or the customer is enrolled in CAA only for a subset of services.
	//   "ERROR_SETUP_CHECK_FAILED" - Returned when exception was encountered
	// during evaluation of other criteria.
	SetupErrors []string `json:"setupErrors,omitempty"`
	// SetupStatus: Indicates SAA enrollment status of a given workload.
	//
	// Possible values:
	//   "SETUP_STATE_UNSPECIFIED" - Unspecified.
	//   "STATUS_PENDING" - SAA enrollment pending.
	//   "STATUS_COMPLETE" - SAA enrollment comopleted.
	SetupStatus string `json:"setupStatus,omitempty"`
	// ForceSendFields is a list of field names (e.g. "SetupErrors") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "SetupErrors") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse: Signed Access Approvals (SAA) enrollment response.

func (GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse) MarshalJSON

type GoogleLongrunningListOperationsResponse

type GoogleLongrunningListOperationsResponse struct {
	// NextPageToken: The standard List next-page token.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// Operations: A list of operations that matches the specified filter in the
	// request.
	Operations []*GoogleLongrunningOperation `json:"operations,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleLongrunningListOperationsResponse: The response message for Operations.ListOperations.

func (GoogleLongrunningListOperationsResponse) MarshalJSON

func (s GoogleLongrunningListOperationsResponse) MarshalJSON() ([]byte, error)

type GoogleLongrunningOperation

type GoogleLongrunningOperation struct {
	// Done: If the value is `false`, it means the operation is still in progress.
	// If `true`, the operation is completed, and either `error` or `response` is
	// available.
	Done bool `json:"done,omitempty"`
	// Error: The error result of the operation in case of failure or cancellation.
	Error *GoogleRpcStatus `json:"error,omitempty"`
	// Metadata: Service-specific metadata associated with the operation. It
	// typically contains progress information and common metadata such as create
	// time. Some services might not provide such metadata. Any method that returns
	// a long-running operation should document the metadata type, if any.
	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
	// Name: The server-assigned name, which is only unique within the same service
	// that originally returns it. If you use the default HTTP mapping, the `name`
	// should be a resource name ending with `operations/{unique_id}`.
	Name string `json:"name,omitempty"`
	// Response: The normal, successful response of the operation. If the original
	// method returns no data on success, such as `Delete`, the response is
	// `google.protobuf.Empty`. If the original method is standard
	// `Get`/`Create`/`Update`, the response should be the resource. For other
	// methods, the response should have the type `XxxResponse`, where `Xxx` is the
	// original method name. For example, if the original method name is
	// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
	Response googleapi.RawMessage `json:"response,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Done") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Done") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleLongrunningOperation: This resource represents a long-running operation that is the result of a network API call.

func (GoogleLongrunningOperation) MarshalJSON

func (s GoogleLongrunningOperation) MarshalJSON() ([]byte, error)

type GoogleProtobufEmpty

type GoogleProtobufEmpty struct {
	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
}

GoogleProtobufEmpty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

type GoogleRpcStatus

type GoogleRpcStatus struct {
	// Code: The status code, which should be an enum value of google.rpc.Code.
	Code int64 `json:"code,omitempty"`
	// Details: A list of messages that carry the error details. There is a common
	// set of message types for APIs to use.
	Details []googleapi.RawMessage `json:"details,omitempty"`
	// Message: A developer-facing error message, which should be in English. Any
	// user-facing error message should be localized and sent in the
	// google.rpc.Status.details field, or localized by the client.
	Message string `json:"message,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Code") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleRpcStatus: The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide (https://cloud.google.com/apis/design/errors).

func (GoogleRpcStatus) MarshalJSON

func (s GoogleRpcStatus) MarshalJSON() ([]byte, error)

type OrganizationsLocationsOperationsGetCall

type OrganizationsLocationsOperationsGetCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsOperationsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsOperationsGetCall) Do

Do executes the "assuredworkloads.organizations.locations.operations.get" call. Any non-2xx status code is an error. Response headers are in either *GoogleLongrunningOperation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsOperationsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsOperationsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsOperationsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type OrganizationsLocationsOperationsListCall

type OrganizationsLocationsOperationsListCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsOperationsListCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsOperationsListCall) Do

Do executes the "assuredworkloads.organizations.locations.operations.list" call. Any non-2xx status code is an error. Response headers are in either *GoogleLongrunningListOperationsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsOperationsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsOperationsListCall) Filter

Filter sets the optional parameter "filter": The standard list filter.

func (*OrganizationsLocationsOperationsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsOperationsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*OrganizationsLocationsOperationsListCall) PageSize

PageSize sets the optional parameter "pageSize": The standard list page size.

func (*OrganizationsLocationsOperationsListCall) PageToken

PageToken sets the optional parameter "pageToken": The standard list page token.

func (*OrganizationsLocationsOperationsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type OrganizationsLocationsOperationsService

type OrganizationsLocationsOperationsService struct {
	// contains filtered or unexported fields
}

func NewOrganizationsLocationsOperationsService

func NewOrganizationsLocationsOperationsService(s *Service) *OrganizationsLocationsOperationsService

func (*OrganizationsLocationsOperationsService) Get

Get: Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

- name: The name of the operation resource.

func (*OrganizationsLocationsOperationsService) List

List: Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.

- name: The name of the operation's parent resource.

type OrganizationsLocationsService

type OrganizationsLocationsService struct {
	Operations *OrganizationsLocationsOperationsService

	Workloads *OrganizationsLocationsWorkloadsService
	// contains filtered or unexported fields
}

func NewOrganizationsLocationsService

func NewOrganizationsLocationsService(s *Service) *OrganizationsLocationsService

type OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall

type OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) AssetTypes

AssetTypes sets the optional parameter "assetTypes": List of asset types to be analyzed, including and under the source resource. If empty, all assets are analyzed. The complete list of asset types is available here (https://cloud.google.com/asset-inventory/docs/supported-asset-types).

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.analyzeWorkloadMove" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse.ServerResponse.Head er or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) PageSize

PageSize sets the optional parameter "pageSize": Page size. If a value is not specified, the default value of 10 is used.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) PageToken

PageToken sets the optional parameter "pageToken": The page token from the previous response. It needs to be passed in the second and following requests.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

func (*OrganizationsLocationsWorkloadsAnalyzeWorkloadMoveCall) Project

Project sets the optional parameter "project": The source type is a project. Specify the project's relative resource name, formatted as either a project number or a project ID: "projects/{PROJECT_NUMBER}" or "projects/{PROJECT_ID}" For example: "projects/951040570662" when specifying a project number, or "projects/my-project-123" when specifying a project ID.

type OrganizationsLocationsWorkloadsCreateCall

type OrganizationsLocationsWorkloadsCreateCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsCreateCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsCreateCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.create" call. Any non-2xx status code is an error. Response headers are in either *GoogleLongrunningOperation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsCreateCall) ExternalId

ExternalId sets the optional parameter "externalId": A identifier associated with the workload and underlying projects which allows for the break down of billing costs for a workload. The value provided for the identifier will add a label to the workload and contained projects with the identifier as the value.

func (*OrganizationsLocationsWorkloadsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsCreateCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type OrganizationsLocationsWorkloadsDeleteCall

type OrganizationsLocationsWorkloadsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsDeleteCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsDeleteCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.delete" call. Any non-2xx status code is an error. Response headers are in either *GoogleProtobufEmpty.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsDeleteCall) Etag

Etag sets the optional parameter "etag": The etag of the workload. If this is provided, it must match the server's etag.

func (*OrganizationsLocationsWorkloadsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsDeleteCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type OrganizationsLocationsWorkloadsEnableResourceMonitoringCall

type OrganizationsLocationsWorkloadsEnableResourceMonitoringCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsEnableResourceMonitoringCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsEnableResourceMonitoringCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.enableResourceMonitoring" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse.ServerResponse .Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsEnableResourceMonitoringCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsEnableResourceMonitoringCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type OrganizationsLocationsWorkloadsGetCall

type OrganizationsLocationsWorkloadsGetCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsGetCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.get" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1Workload.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsWorkloadsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type OrganizationsLocationsWorkloadsListCall

type OrganizationsLocationsWorkloadsListCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsListCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsListCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.list" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1ListWorkloadsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsListCall) Filter

Filter sets the optional parameter "filter": A custom filter for filtering by properties of a workload. At this time, only filtering by labels is supported.

func (*OrganizationsLocationsWorkloadsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsWorkloadsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*OrganizationsLocationsWorkloadsListCall) PageSize

PageSize sets the optional parameter "pageSize": Page size.

func (*OrganizationsLocationsWorkloadsListCall) PageToken

PageToken sets the optional parameter "pageToken": Page token returned from previous request. Page token contains context from previous request. Page token needs to be passed in the second and following requests.

func (*OrganizationsLocationsWorkloadsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall

type OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.mutatePartnerPermissions" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1Workload.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type OrganizationsLocationsWorkloadsPatchCall

type OrganizationsLocationsWorkloadsPatchCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsPatchCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsPatchCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.patch" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1Workload.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsPatchCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsWorkloadsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. The list of fields to be updated.

type OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall

type OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.restrictAllowedResources" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse.ServerResponse .Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type OrganizationsLocationsWorkloadsService

type OrganizationsLocationsWorkloadsService struct {
	Violations *OrganizationsLocationsWorkloadsViolationsService
	// contains filtered or unexported fields
}

func NewOrganizationsLocationsWorkloadsService

func NewOrganizationsLocationsWorkloadsService(s *Service) *OrganizationsLocationsWorkloadsService

func (*OrganizationsLocationsWorkloadsService) AnalyzeWorkloadMove

AnalyzeWorkloadMove: Analyzes a hypothetical move of a source resource to a target workload to surface compliance risks. The analysis is best effort and is not guaranteed to be exhaustive.

  • target: The resource ID of the folder-based destination workload. This workload is where the source resource will hypothetically be moved to. Specify the workload's relative resource name, formatted as: "organizations/{ORGANIZATION_ID}/locations/{LOCATION_ID}/workloads/{WORKLOA D_ID}" For example: "organizations/123/locations/us-east1/workloads/assured-workload-2".

func (*OrganizationsLocationsWorkloadsService) Create

Create: Creates Assured Workload.

  • parent: The resource name of the new Workload's parent. Must be of the form `organizations/{org_id}/locations/{location_id}`.

func (*OrganizationsLocationsWorkloadsService) Delete

Delete: Deletes the workload. Make sure that workload's direct children are already in a deleted state, otherwise the request will fail with a FAILED_PRECONDITION error. In addition to assuredworkloads.workload.delete permission, the user should also have orgpolicy.policy.set permission on the deleted folder to remove Assured Workloads OrgPolicies.

  • name: The `name` field is used to identify the workload. Format: organizations/{org_id}/locations/{location_id}/workloads/{workload_id}.

func (*OrganizationsLocationsWorkloadsService) EnableResourceMonitoring

EnableResourceMonitoring: Enable resource violation monitoring for a workload.

  • name: The `name` field is used to identify the workload. Format: organizations/{org_id}/locations/{location_id}/workloads/{workload_id}.

func (*OrganizationsLocationsWorkloadsService) Get

Get: Gets Assured Workload associated with a CRM Node

  • name: The resource name of the Workload to fetch. This is the workloads's relative path in the API, formatted as "organizations/{organization_id}/locations/{location_id}/workloads/{workloa d_id}". For example, "organizations/123/locations/us-east1/workloads/assured-workload-1".

func (*OrganizationsLocationsWorkloadsService) List

List: Lists Assured Workloads under a CRM Node.

  • parent: Parent Resource to list workloads from. Must be of the form `organizations/{org_id}/locations/{location}`.

func (*OrganizationsLocationsWorkloadsService) MutatePartnerPermissions

func (r *OrganizationsLocationsWorkloadsService) MutatePartnerPermissions(name string, googlecloudassuredworkloadsv1mutatepartnerpermissionsrequest *GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest) *OrganizationsLocationsWorkloadsMutatePartnerPermissionsCall

MutatePartnerPermissions: Update the permissions settings for an existing partner workload. For force updates don't set etag field in the Workload. Only one update operation per workload can be in progress.

  • name: The `name` field is used to identify the workload. Format: organizations/{org_id}/locations/{location_id}/workloads/{workload_id}.

func (*OrganizationsLocationsWorkloadsService) Patch

Patch: Updates an existing workload. Currently allows updating of workload display_name and labels. For force updates don't set etag field in the Workload. Only one update operation per workload can be in progress.

  • name: Optional. The resource name of the workload. Format: organizations/{organization}/locations/{location}/workloads/{workload} Read-only.

func (*OrganizationsLocationsWorkloadsService) RestrictAllowedResources

func (r *OrganizationsLocationsWorkloadsService) RestrictAllowedResources(name string, googlecloudassuredworkloadsv1restrictallowedresourcesrequest *GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest) *OrganizationsLocationsWorkloadsRestrictAllowedResourcesCall

RestrictAllowedResources: Restrict the list of resources allowed in the Workload environment. The current list of allowed products can be found at https://cloud.google.com/assured-workloads/docs/supported-products In addition to assuredworkloads.workload.update permission, the user should also have orgpolicy.policy.set permission on the folder resource to use this functionality.

  • name: The resource name of the Workload. This is the workloads's relative path in the API, formatted as "organizations/{organization_id}/locations/{location_id}/workloads/{workloa d_id}". For example, "organizations/123/locations/us-east1/workloads/assured-workload-1".

type OrganizationsLocationsWorkloadsViolationsAcknowledgeCall

type OrganizationsLocationsWorkloadsViolationsAcknowledgeCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsViolationsAcknowledgeCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsViolationsAcknowledgeCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.violations.acknowledge" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse.ServerResponse.Hea der or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsViolationsAcknowledgeCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsViolationsAcknowledgeCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type OrganizationsLocationsWorkloadsViolationsGetCall

type OrganizationsLocationsWorkloadsViolationsGetCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsViolationsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsViolationsGetCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.violations.get" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1Violation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsViolationsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsViolationsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsWorkloadsViolationsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type OrganizationsLocationsWorkloadsViolationsListCall

type OrganizationsLocationsWorkloadsViolationsListCall struct {
	// contains filtered or unexported fields
}

func (*OrganizationsLocationsWorkloadsViolationsListCall) Context

Context sets the context to be used in this call's Do method.

func (*OrganizationsLocationsWorkloadsViolationsListCall) Do

Do executes the "assuredworkloads.organizations.locations.workloads.violations.list" call. Any non-2xx status code is an error. Response headers are in either *GoogleCloudAssuredworkloadsV1ListViolationsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OrganizationsLocationsWorkloadsViolationsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*OrganizationsLocationsWorkloadsViolationsListCall) Filter

Filter sets the optional parameter "filter": A custom filter for filtering by the Violations properties.

func (*OrganizationsLocationsWorkloadsViolationsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*OrganizationsLocationsWorkloadsViolationsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*OrganizationsLocationsWorkloadsViolationsListCall) IntervalEndTime

IntervalEndTime sets the optional parameter "interval.endTime": The end of the time window.

func (*OrganizationsLocationsWorkloadsViolationsListCall) IntervalStartTime

IntervalStartTime sets the optional parameter "interval.startTime": The start of the time window.

func (*OrganizationsLocationsWorkloadsViolationsListCall) PageSize

PageSize sets the optional parameter "pageSize": Page size.

func (*OrganizationsLocationsWorkloadsViolationsListCall) PageToken

PageToken sets the optional parameter "pageToken": Page token returned from previous request.

func (*OrganizationsLocationsWorkloadsViolationsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type OrganizationsLocationsWorkloadsViolationsService

type OrganizationsLocationsWorkloadsViolationsService struct {
	// contains filtered or unexported fields
}

func NewOrganizationsLocationsWorkloadsViolationsService

func NewOrganizationsLocationsWorkloadsViolationsService(s *Service) *OrganizationsLocationsWorkloadsViolationsService

func (*OrganizationsLocationsWorkloadsViolationsService) Acknowledge

Acknowledge: Acknowledges an existing violation. By acknowledging a violation, users acknowledge the existence of a compliance violation in their workload and decide to ignore it due to a valid business justification. Acknowledgement is a permanent operation and it cannot be reverted.

  • name: The resource name of the Violation to acknowledge. Format: organizations/{organization}/locations/{location}/workloads/{workload}/viol ations/{violation}.

func (*OrganizationsLocationsWorkloadsViolationsService) Get

Get: Retrieves Assured Workload Violation based on ID.

  • name: The resource name of the Violation to fetch (ie. Violation.name). Format: organizations/{organization}/locations/{location}/workloads/{workload}/viol ations/{violation}.

func (*OrganizationsLocationsWorkloadsViolationsService) List

List: Lists the Violations in the AssuredWorkload Environment. Callers may also choose to read across multiple Workloads as per AIP-159 (https://google.aip.dev/159) by using '-' (the hyphen or dash character) as a wildcard character instead of workload-id in the parent. Format `organizations/{org_id}/locations/{location}/workloads/-`

  • parent: The Workload name. Format `organizations/{org_id}/locations/{location}/workloads/{workload}`.

type OrganizationsService

type OrganizationsService struct {
	Locations *OrganizationsLocationsService
	// contains filtered or unexported fields
}

func NewOrganizationsService

func NewOrganizationsService(s *Service) *OrganizationsService

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Organizations *OrganizationsService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL