API Reference google_api_network_connectivity v0.12.0

API client metadata for GoogleApi.NetworkConnectivity.V1.

API calls for all endpoints tagged Projects.

Handle Tesla connections for GoogleApi.NetworkConnectivity.V1.

The request for HubService.AcceptHubSpoke.

The response for HubService.AcceptHubSpoke.

The request for HubService.AcceptSpokeUpdate.

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

The auto-accept setting for a group controls whether proposed spokes are automatically attached to the hub. If auto-accept is enabled, the spoke immediately is attached to the hub and becomes part of the group. In this case, the new spoke is in the ACTIVE state. If auto-accept is disabled, the spoke goes to the INACTIVE state, and it must be reviewed and accepted by a hub administrator.

Associates members, or principals, with a role.

Allow the producer to specify which consumers can connect to it.

PSC connection details on consumer side.

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

Filter matches L4 traffic.

The request message for Operations.CancelOperation.

The response message for Operations.ListOperations.

This resource represents a long-running operation that is the result of a network API call.

Describes the cause of the error with structured details. Example of an error when contacting the "pubsub.googleapis.com" API when it is not enabled: { "reason": "API_DISABLED" "domain": "googleapis.com" "metadata": { "resource": "projects/123", "service": "pubsub.googleapis.com" } } This response indicates that the pubsub.googleapis.com API is not enabled. Example of an error that is returned when attempting to create a Spanner instance in a region that is out of stock: { "reason": "STOCKOUT" "domain": "spanner.googleapis.com", "metadata": { "availableRegions": "us-central1,us-east2" } }

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.

A group represents a subset of spokes attached to a hub.

A Network Connectivity Center hub is a global management resource to which you attach spokes. A single hub can contain spokes from multiple regions. However, if any of a hub's spokes use the site-to-site data transfer feature, the resources associated with those spokes must all be in the same VPC network. Spokes that do not use site-to-site data transfer can be associated with any VPC network in your project.

A hub status entry represents the status of a set of propagated Private Service Connect connections grouped by certain fields.

InterconnectAttachment that this route applies to.

The internal range resource for IPAM operations within a VPC network. Used to represent a private address range along with behavioral characteristics of that range (its usage and peering behavior). Networking resources can link to this range if they are created as belonging to it.

A collection of VLAN attachment resources. These resources should be redundant attachments that all advertise the same prefixes to Google Cloud. Alternatively, in active/passive configurations, all attachments should be capable of advertising the same prefixes.

Attributes

• excludeExportRanges (type: list(String.t), default: nil) - Optional. IP ranges encompassing the subnets to be excluded from peering.
• includeExportRanges (type: list(String.t), default: nil) - Optional. IP ranges allowed to be included from peering.
• network (type: String.t, default: nil) - Immutable. The URI of the Service Consumer VPC that the Producer VPC is peered with.
• peering (type: String.t, default: nil) - Immutable. The name of the VPC peering between the Service Consumer VPC and the Producer VPC (defined in the Tenant project) which is added to the NCC hub. This peering must be in ACTIVE state.
• producerNetwork (type: String.t, default: nil) - Output only. The URI of the Producer VPC.
• proposedExcludeExportRanges (type: list(String.t), default: nil) - Output only. The proposed exclude export IP ranges waiting for hub administration's approval.
• proposedIncludeExportRanges (type: list(String.t), default: nil) - Optional. The proposed include export IP ranges waiting for hub administration's approval.
• serviceConsumerVpcSpoke (type: String.t, default: nil) - Output only. The Service Consumer Network spoke.

A collection of router appliance instances. If you configure multiple router appliance instances to receive data from the same set of sites outside of Google Cloud, we recommend that you associate those instances with the same spoke.

An existing VPC network.

A collection of Cloud VPN tunnel resources. These resources should be redundant HA VPN tunnels that all advertise the same prefixes to Google Cloud. Alternatively, in a passive/active configuration, all tunnels should be capable of advertising the same prefixes.

Response for HubService.ListGroups method.

The response for HubService.ListHubSpokes.

Response for HubService.ListHubs method.

Response for InternalRange.ListInternalRanges

The response message for Locations.ListLocations.

Response for PolicyBasedRoutingService.ListPolicyBasedRoutes method.

Response for ListRegionalEndpoints.

Response for HubService.ListRouteTables method.

Response for HubService.ListRoutes method.

Response for ListServiceClasses.

Response for ListServiceConnectionMaps.

Response for ListServiceConnectionPolicies.

Response for ListServiceConnectionTokens.

The response for HubService.ListSpokes.

A resource that represents a Google Cloud location.

Metadata about locations

Specification for migration with source and target resource names.

A route next hop that leads to an interconnect attachment resource.

A route next hop that leads to a Router appliance instance.

A route next hop that leads to a VPN tunnel resource.

Attributes

• uri (type: String.t, default: nil) - The URI of the VPC network resource

Represents the metadata of the long-running operation.

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation.

Policy-based routes route L4 network traffic based on not just destination IP address, but also source IP address, protocol, and more. If a policy-based route conflicts with other types of routes, the policy-based route always takes precedence.

The PSC configurations on producer side.

Configuration used for Private Service Connect connections. Used when Infrastructure is PSC.

Information about a specific Private Service Connect connection.

The status of one or more propagated Private Service Connect connections in a hub.

The response for HubService.QueryHubStatus.

The RegionalEndpoint resource.

The request for HubService.RejectHubSpoke.

The response for HubService.RejectHubSpoke.

The request for HubService.RejectSpokeUpdate.

A route defines a path from VM instances within a spoke to a specific destination resource. Only VPC spokes have routes.

Attributes

• createTime (type: DateTime.t, default: nil) - Output only. The time the route table was created.
• description (type: String.t, default: nil) - An optional description of the route table.
• labels (type: map(), default: nil) - Optional labels in key-value pair format. For more information about labels, see Requirements for labels.
• name (type: String.t, default: nil) - Immutable. The name of the route table. Route table names must be unique. They use the following form: projects/{project_number}/locations/global/hubs/{hub}/routeTables/{route_table_id}
• state (type: String.t, default: nil) - Output only. The current lifecycle state of this route table.
• uid (type: String.t, default: nil) - Output only. The Google-generated UUID for the route table. This value is unique across all route table resources. If a route table is deleted and another with the same name is created, the new route table is assigned a different uid.
• updateTime (type: DateTime.t, default: nil) - Output only. The time the route table was last updated.

A router appliance instance is a Compute Engine virtual machine (VM) instance that acts as a BGP speaker. A router appliance instance is specified by the URI of the VM and the internal IP address of one of the VM's network interfaces.

RoutingVPC contains information about the VPC networks associated with the spokes of a Network Connectivity Center hub.

The ServiceClass resource.

The ServiceConnectionMap resource.

The ServiceConnectionPolicy resource.

The ServiceConnectionToken resource.

Request message for SetIamPolicy method.

A Network Connectivity Center spoke represents one or more network connectivity resources. When you create a spoke, you associate it with a hub. You must also identify a value for exactly one of the following fields: linked_vpn_tunnels linked_interconnect_attachments linked_router_appliance_instances linked_vpc_network

The number of spokes that are in a particular state and associated with a given hub.

The number of spokes in the hub that are inactive for this reason.

Summarizes information about the spokes associated with a hub. The summary includes a count of spokes according to type and according to state. If any spokes are inactive, the summary also lists the reasons they are inactive, including a count for each reason.

The number of spokes of a given type that are associated with a specific hub. The type indicates what kind of resource is associated with the spoke.

The reason a spoke is inactive.

Request message for TestIamPermissions method.

Response message for TestIamPermissions method.

VM instances that this policy-based route applies to.

Informational warning message.