View Source API Reference google_api_gke_hub v0.16.0
Modules
API client metadata for GoogleApi.GKEHub.V1.
API calls for all endpoints tagged Organizations.
API calls for all endpoints tagged Projects.
Handle Tesla connections for GoogleApi.GKEHub.V1.
Spec for App Dev Experience Feature.
State for App Dev Exp Feature.
ApplianceCluster contains information specific to GDC Edge Appliance Clusters.
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.
Associates members, or principals, with a role.
The request message for Operations.CancelOperation.
ClusterUpgrade: The configuration for the fleet-level ClusterUpgrade feature.
ClusterUpgrade: The state for the fleet-level ClusterUpgrade feature.
GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.
GKEUpgradeFeatureCondition describes the condition of the feature for GKE clusters at a certain point of time.
GKEUpgradeFeatureState contains feature states for GKE clusters in the scope.
Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.
GKEUpgradeState is a GKEUpgrade and its state at the scope and fleet level.
IgnoredMembership represents a membership ignored by the feature. A membership can be ignored because it was manually upgraded to a newer version than RC default.
ScopeGKEUpgradeState is a GKEUpgrade and its state per-membership.
Per-membership state for this feature.
Post conditional checks after an upgrade has been applied on all eligible clusters.
UpgradeStatus provides status information for each upgrade.
CommonFeatureSpec contains Fleet-wide configuration information
CommonFeatureState contains Fleet-wide Feature status information.
CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet
CompliancePostureConfig defines the settings needed to enable/disable features for the Compliance Posture.
Configuration for Config Sync
The state of ConfigSync's deployment on a cluster
Errors pertaining to the installation of Config Sync
State information for ConfigSync
Specific versioning information pertaining to ConfigSync's Pods
Model for a config file in the git repo with an associated Sync error
State of Policy Controller installation.
Git repo configuration for a single cluster.
A Kubernetes object's GVK
Configuration for Hierarchy Controller
Deployment state for Hierarchy Controller
State for Hierarchy Controller
Version for Hierarchy Controller
Errors pertaining to the installation of ACM
Anthos Config Management: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.
Anthos Config Management: State for a single cluster.
OCI repo configuration for a single cluster
State information for an ACM's Operator
Configuration for Policy Controller
State for the migration of PolicyController from ACM -> PoCo Hub.
PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
State for PolicyControllerState.
The build version of Gatekeeper Policy Controller is using.
An ACM created error representing a problem syncing configurations
State indicating an ACM's progress syncing configurations to a cluster
ConnectAgentResource represents a Kubernetes resource manifest for Connect Agent deployment.
Dataplane V2: Spec
DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.
EdgeCluster contains information specific to Google Edge Clusters.
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
Feature represents the settings and status of any Fleet Feature.
FeatureResourceState describes the state of a Feature resource in the GkeHub API. See FeatureState for the "running state" of the Feature in the Fleet and across Memberships.
FeatureState describes the high-level state of a Feature. It may be used to describe a Feature's state at the environ-level, or per-membershop, depending on the context.
Fleet contains the Fleet-wide metadata and configuration.
FleetLifecycleState describes the state of a Fleet resource.
All error details of the fleet observability feature.
Fleet Observability: The Hub-wide input for the FleetObservability feature.
FleetObservability: Hub-wide Feature for FleetObservability feature. state.
Base state for fleet observability feature.
Feature state for logging feature.
Feature state for monitoring feature.
LoggingConfig defines the configuration for different types of logs.
FleetObservability: The membership-specific input for FleetObservability feature.
FleetObservability: Membership-specific Feature state for fleetobservability.
RoutingConfig configures the behaviour of fleet logging feature.
GenerateConnectManifestResponse contains manifest information for installing/upgrading a Connect agent.
Response for GenerateRBACRoleBindingYAML.
GkeCluster contains information specific to GKE clusters.
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.
Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.
Configuration for the AzureAD Auth flow.
Configuration options for the AIS diagnostic interface.
Configuration for the Google Plugin Auth flow.
Contains the properties for locating and authenticating groups in the directory.
Holds non-protocol-related configuration options.
Configuration for the LDAP Auth flow.
Anthos Identity Service: Configuration for a single Membership.
Anthos Identity Service: State for a single Membership.
Configuration for OIDC Auth flow.
Configuration for the SAML Auth flow.
Server settings for the external LDAP server.
Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate.
The structure holds the LDAP simple binding credential.
Defines where users exist in the LDAP directory.
KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.
KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.
List of Memberships bound to a Scope.
Response message for the GkeHub.ListFeatures method.
Response message for the GkeHub.ListFleetsResponse method.
The response message for Locations.ListLocations.
List of MembershipBindings.
List of Membership RBACRoleBindings.
Response message for the GkeHub.ListMemberships method.
The response message for Operations.ListOperations.
List of permitted Scopes.
List of fleet namespaces.
List of Scope RBACRoleBindings.
List of Scopes.
A resource that represents a Google Cloud location.
Membership contains information about a member cluster.
MembershipBinding is a subresource of a Membership, representing what Fleet Scopes (or other, future Fleet resources) a Membership is bound to.
MembershipBindingLifecycleState describes the state of a Binding resource.
MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.
MembershipFeatureSpec contains configuration information for a single Membership.
MembershipFeatureState contains Feature status information for a single Membership.
MembershipState describes the state of a Membership resource.
MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.
MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.
Multi-cluster Ingress: The configuration for the MultiClusterIngress feature.
Namespace represents a namespace across the Fleet
NamespaceLifecycleState describes the state of a Namespace resource.
OnPremCluster contains information specific to GKE On-Prem clusters.
This resource represents a long-running operation that is the result of a network API call.
Represents the metadata of the long-running operation.
Origin defines where this MembershipFeatureSpec originated from.
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation.
Binauthz policy that applies to this cluster.
BundleInstallSpec is the specification configuration for a single managed bundle.
Configuration for Policy Controller
Policy Controller: Configuration for a single cluster. Intended to parallel the PolicyController CR.
Policy Controller: State for a single cluster.
MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
OnClusterState represents the state of a sub-component of Policy Controller.
PolicyContentSpec defines the user's desired content configuration on the cluster.
The state of the policy controller policy content
Deployment-specific configuration.
ResourceList contains container resource requirements.
ResourceRequirements describes the compute resource requirements.
The config specifying which default library templates to install.
Toleration of a node taint.
RBACRoleBinding represents a rbacrolebinding across the Fleet
RBACRoleBindingLifecycleState describes the state of a RbacRoleBinding resource.
ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
ResourceOptions represent options for Kubernetes resource generation.
Role is the type for Kubernetes roles
Scope represents a Scope in a Fleet.
ScopeFeatureSpec contains feature specs for a fleet scope.
ScopeFeatureState contains Scope-wide Feature status information.
ScopeLifecycleState describes the state of a Scope resource.
SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.
Condition being reported.
Status of control plane management.
Status of data plane management. Only reported per-member.
Service Mesh: Spec for a single Membership for the servicemesh feature
Service Mesh: State for a single Membership, as analyzed by the Service Mesh Hub Controller.
Structured and human-readable details for a status.
Request message for SetIamPolicy method.
Status specifies state for the subcomponent.
Request message for TestIamPermissions method.
Response message for TestIamPermissions method.
TypeMeta is the type information needed for content unmarshalling of Kubernetes resources in the manifest.