API Reference google_api_network_services v0.11.0

API client metadata for GoogleApi.NetworkServices.V1.

API calls for all endpoints tagged Projects.

Handle Tesla connections for GoogleApi.NetworkServices.V1.

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

AuthzExtension is a resource that allows traffic forwarding to a callout backend service to make an authorization decision.

Associates members, or principals, with a role.

The request message for Operations.CancelOperation.

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

A definition of a matcher that selects endpoints to which the policies should be applied.

The matcher that is based on node metadata presented by xDS clients.

Defines a name-pair value for a single label.

EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

A single extension chain wrapper that contains the match conditions and extensions to execute.

A single extension in the chain to execute for the matching request.

Conditions under which this chain is invoked for a request.

Gateway represents the configuration for a proxy, typically a load balancer. It captures the ip:port over which the services are exposed by the proxy, along with any policy configurations. Routes have reference to to Gateways to dictate how requests should be routed by this Gateway.

GatewayRouteView defines view-only resource for Routes to a Gateway

GrpcRoute is the resource defining how gRPC traffic routed by a Mesh or Gateway resource is routed.

The destination to which traffic will be routed.

The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced on a percentage of requests before sending those requests to the destination service. Similarly requests from clients can be aborted by for a percentage of requests.

Specification of how client requests are aborted as part of fault injection before being sent to a destination.

Specification of how client requests are delayed as part of fault injection before being sent to a destination.

A match against a collection of headers.

Specifies a match against a method.

The specifications for retries. Specifies one or more conditions for which this retry rule applies. Valid values are

Specifies how to route matched traffic.

Criteria for matching traffic. A RouteMatch will be considered to match when all supplied fields match.

Describes how to route traffic.

The specification for cookie-based stateful session affinity where the date plane supplies a “session cookie” with the name "GSSA" which encodes a specific destination host and each request containing that cookie will be directed to that host as long as the destination host remains up and healthy. The gRPC proxyless mesh library or sidecar proxy will manage the session cookie but the client application code is responsible for copying the cookie from each RPC in the session to the next.

HttpRoute is the resource defining how HTTP traffic should be routed by a Mesh or Gateway resource.

The Specification for allowing client side cross-origin requests.

Specifications of a destination to which the request should be routed to.

The specification for fault injection introduced into traffic to test the resiliency of clients to destination service failure. As part of fault injection, when clients send requests to a destination, delays can be introduced by client proxy on a percentage of requests before sending those requests to the destination service. Similarly requests can be aborted by client proxy for a percentage of requests.

Specification of how client requests are aborted as part of fault injection before being sent to a destination.

Specification of how client requests are delayed as part of fault injection before being sent to a destination.

Specifies how to select a route rule based on HTTP request headers.

Represents an integer value range.

The specification for modifying HTTP header in HTTP request and HTTP response.

Static HTTP response object to be returned.

Specifications to match a query parameter in the request.

The specification for redirecting traffic.

Specifies the policy on how requests are shadowed to a separate mirrored destination service. The proxy does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host/authority header is suffixed with -shadow.

The specifications for retries.

The specifications for routing traffic and applying associated policies.

RouteMatch defines specifications used to match requests. If multiple match types are set, this RouteMatch will match if ALL type of matches are matched.

Specifies how to match traffic and how to route traffic when traffic is matched.

The specification for cookie-based stateful session affinity where the date plane supplies a “session cookie” with the name "GSSA" which encodes a specific destination host and each request containing that cookie will be directed to that host as long as the destination host remains up and healthy. The gRPC proxyless mesh library or sidecar proxy will manage the session cookie but the client application code is responsible for copying the cookie from each RPC in the session to the next.

The specification for modifying the URL of the request, prior to forwarding the request to the destination.

LbRouteExtension is a resource that lets you control where traffic is routed to for a given request.

LbTrafficExtension is a resource that lets the extension service modify the headers and payloads of both requests and responses without impacting the choice of backend services or any other security policies associated with the backend service.

Message for response to listing AuthzExtension resources.

Response returned by the ListEndpointPolicies method.

Response returned by the ListGatewayRouteViews method.

Response returned by the ListGateways method.

Response returned by the ListGrpcRoutes method.

Response returned by the ListHttpRoutes method.

Message for response to listing LbRouteExtension resources.

Message for response to listing LbTrafficExtension resources.

The response message for Locations.ListLocations.

Response returned by the ListMeshRouteViews method.

Response returned by the ListMeshes method.

The response message for Operations.ListOperations.

Response returned by the ListServiceBindings method.

Response returned by the ListServiceLbPolicies method.

Response returned by the ListTcpRoutes method.

Response returned by the ListTlsRoutes method.

Response returned by the ListWasmPluginVersions method.

Response returned by the ListWasmPlugins method.

A resource that represents a Google Cloud location.

The configuration for Platform Telemetry logging for Eventarc Advanced resources.

Mesh represents a logical configuration grouping for workload to workload communication within a service mesh. Routes that point to mesh dictate how requests are routed within this logical mesh boundary.

MeshRouteView defines view-only resource for Routes to a Mesh

This resource represents a long-running operation that is the result of a network API call.

Represents the metadata of the long-running operation.

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation.

Attributes

• cryptoKeyName (type: String.t, default: nil) - The name of the crypto key to use for encrypting event data.

ServiceBinding can be used to: - Bind a Service Directory Service to be used in a BackendService resource. This feature will be deprecated soon. - Bind a Private Service Connect producer service to be used in consumer Cloud Service Mesh or Application Load Balancers.

ServiceLbPolicy holds global load balancing and traffic distribution configuration that can be applied to a BackendService.

Option to specify if an unhealthy IG/NEG should be considered for global load balancing and traffic routing.

Option to specify health based failover behavior. This is not related to Network load balancer FailoverPolicy.

Request message for SetIamPolicy method.

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.

TcpRoute is the resource defining how TCP traffic should be routed by a Mesh/Gateway resource.

The specifications for routing traffic and applying associated policies.

Describe the destination for traffic to be routed to.

RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. If no routeMatch field is specified, this rule will unconditionally match traffic.

Specifies how to match traffic and how to route traffic when traffic is matched.

Request message for TestIamPermissions method.

Response message for TestIamPermissions method.

TlsRoute defines how traffic should be routed based on SNI and other matching L3 attributes.

The specifications for routing traffic and applying associated policies.

Describe the destination for traffic to be routed to.

RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "AND"ed for evaluation.

Specifies how to match traffic and how to route traffic when traffic is matched.

Specification of a port-based selector.

WasmPlugin is a resource representing a service executing a customer-provided Wasm module.

Specifies the logging options for the activity performed by this plugin. If logging is enabled, plugin logs are exported to Cloud Logging.

Defines a resource that uses the WasmPlugin resource.

A single immutable version of a WasmPlugin resource. Defines the Wasm module used and optionally its runtime config.

Details of a WasmPluginVersion resource to be inlined in the WasmPlugin resource.